Planet GNU

Aggregation of development blogs from the GNU Project

October 20, 2019

Applied Pokology

Styled output in Poke programs

I just committed support for styling in printf. Basically, it uses the libtextstyle approach of having styling classes that the user can customize in a .css file.

20 October, 2019 11:53PM

GNUnet News

GNUnet project invited to ICANN66

2019-10-20: GNUnet project invited to ICANN66

We are delighted to announce that ICANN has invited the GNUnet project to speak at the next ICANN Annual General Meeting. We have been invited to join a panel discussion on Emerging Internet Identifier Technologies in order to share our ideas and work on the GNU Name System (GNS). ICANN generously offered to cover travel and accomodation.

The meeting will take place in Montreal between 2 - 7 November. The panel will tentatively be help on November 6th.

20 October, 2019 12:00AM

October 19, 2019

Parabola GNU/Linux-libre

[From Arch] Required update to recent libarchive

The compression algorithm zstd brings faster compression and decompression, while maintaining a compression ratio comparable with xz. This will speed up package installation with pacman, without further drawbacks.

The imminent release of pacman 5.2 brings build tools with support for compressing packages with zstd. To install these packages you need libarchive with support for zstd, which entered the repositories in September 2018. In order for zstd compressed packages to be distributed, we require all users to have updated to at least libarchive 3.3.3-1. You have had a year, so we expect you already did update. Hurry up if you have not.

If you use custom scripts make sure these do not rely on hardcoded file extensions. The zstd package file extension will be .pkg.tar.zst.

19 October, 2019 02:27PM by David P.

remotecontrol @ Savannah

October 18, 2019

Applied Pokology

Dealing with alternatives - Unions in Poke

The Poke type definitions can be seen as a sort of declarative specifications for decoding and encoding procedures. You specify the structure of the data you want to operate on, and poke uses that information to automatically decode and encode the data for you. Under this perspective, struct types correspond to sequences of instructions, array types to repetitions (or loops), and union types to conditionals.

18 October, 2019 12:00AM

October 17, 2019

GNU Guix

Insecure permissions on profile directory (CVE-2019-18192)

We have become aware of a security issue for Guix on multi-user systems that we have just fixed (CVE-2019-18192). Anyone running Guix on a multi-user system is encouraged to upgrade guix-daemon—see below for instructions.

Context

The default user profile, ~/.guix-profile, points to /var/guix/profiles/per-user/$USER. Until now, /var/guix/profiles/per-user was world-writable, allowing the guix command to create the $USER sub-directory.

On a multi-user system, this allowed a malicious user to create and populate that $USER sub-directory for another user that had not yet logged in. Since /var/…/$USER is in $PATH, the target user could end up running attacker-provided code. See the bug report for more information.

This issue was initially reported by Michael Orlitzky for Nix (CVE-2019-17365).

Fix

The fix consists in letting guix-daemon create these directories on behalf of users and removing the world-writable permissions on per-user.

For cluster setups where clients connect to the daemon over TCP (thanks to the --listen option of guix-daemon), the fix requires guix-daemon to be able to resolve user names so that it can create /var/…/per-user/$USER with the right ownership. Note also that the guix command prior to this fix would not communicate the user name it’s running under to the daemon, thereby preventing it from creating that directory on its behalf.

Upgrading

On multi-user systems, we recommend upgrading the daemon now.

To upgrade the daemon On Guix System, run:

guix pull
sudo guix system reconfigure /etc/config.scm
sudo herd restart guix-daemon

On other distros, run something along these lines:

sudo guix pull
sudo systemctl restart guix-daemon.service

Once you’ve run guix build hello or any other guix command, you should see that /var/guix/profiles/per-user is no longer world-writable:

$ ls -ld /var/guix/profiles/per-user
drwxr-xr-x 5 root root 4096 Jun 23  2017 /var/guix/profiles/per-user

Please report any issues you may have to guix-devel@gnu.org. See the security web page for information on how to report security issues.

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the kernel Linux, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

17 October, 2019 08:37PM by Ludovic Courtès

FSF Blogs

November 2: Save the date! EmacsConf is coming to Boston

The Free Software Foundation (FSF) is happy to announce our office in Boston as the next official EmacsConf satellite! Join us on Saturday, November 2 for an all-day event on everyone's favorite self-documenting, customizable, and extensible editor: GNU Emacs! The FSF will join ZĂźrich, Switzerland as the second physical satellite to EmacsConf, which will be held online this year.

Beginning at 9:00 a.m. EDT, we will be gathering at the FSF office to watch both remote and in-person talks on Emacs and Emacs Lisp. A light breakfast and dinner will be provided by the FSF, and three lucky attendees will come away with some official Emacs merchandise from the GNU Press.

A tentative schedule of the conference is as follows:

  • 9:00 a.m. EDT: Conference begins with keynotes from Amin Bandali, Sacha Chua, and Emacs maintainer John Wiegley.
  • 9:30 a.m. EDT: "User-related" conference track begins, with talks from Sachin Patil, Parham Doustdar, and Marcin Swieczkowski in addition to the lightning talks.
  • 12:00 p.m. EDT: "Development" conference track begins, with talks from Jonathan Chu, Howard Abrams, Damien Cassou, and Matt Ray.
  • 4:00 p.m. EDT: "Future" conference track begins, with talks from Greg Farough and Perry Metzger.
  • 4:50 p.m. EDT: Closing remarks, with dinner provided by the FSF.

A small raffle will be conducted after the conclusion of each conference track, and Emacs stickers will be free for all attendees!

Although attendance is gratis, space is very limited, so please be sure to send an RSVP to campaigns@fsf.org as soon as possible to secure your spot.

17 October, 2019 02:11PM

October 15, 2019

Gary Benson

Building GDB on a freshly installed machine FAQ

So you just installed Fedora, RHEL or CentOS and now you want to build GDB from source.

  1. How do you make sure everything you need to build it is installed?
    # dnf builddep gdb
  2. Did it say, No such command: builddep? Do this, then try again:
    # dnf install dnf-plugins-core
  3. Did it say, dnf: command not found…? You’re using yum, try this:
    # yum-builddep gdb
  4. Did it say, yum-builddep: command not found…? Do this, then try again:
    # yum install yum-utils

Thank you, you’re welcome.

15 October, 2019 01:35PM by gbenson

October 11, 2019

Python hacking

Python‘s had this handy logging module since July 2003. A lot of things use it, so if you’re trying to understand or debug some Python code then a handy snippet to insert somewhere is:

import logging
logging.basicConfig(level=1)

Those two lines cause all loggers to log everything to the console. Check out the logging.basicConfig docs to see what else you could do.

11 October, 2019 12:06PM by gbenson

parted @ Savannah

parted-3.3 released [stable]

Parted 3.3 has been released.  This release includes many bug fixes and new features.

Here is Parted's home page:

    http://www.gnu.org/software/parted/

For a summary of all changes and contributors, see:
  https://git.savannah.gnu.org/cgit/parted.git/log/?h=v3.3

or run this command from a git-cloned parted directory:
  git shortlog v3.2..v3.3 (appended below)

Here are the compressed sources and a GPG detached signature[*]:
  http://ftp.gnu.org/gnu/parted/parted-3.3.tar.xz
  http://ftp.gnu.org/gnu/parted/parted-3.3.tar.xz.sig

Use a mirror for higher download bandwidth:
  http://ftpmirror.gnu.org/parted/parted-3.3.tar.xz
  http://ftpmirror.gnu.org/parted/parted-3.3.tar.xz.sig

[*] Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact.  First, be sure to download both the .sig file and the corresponding tarball.  Then, run a command like this:

  gpg --verify parted-3.3.tar.xz.sig

If that command fails because you don't have the required public key, then run this command to import it:

  gpg --keyserver keys.gnupg.net --recv-keys 117E8C168EFE3A7F

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
  Autoconf 2.69
  Automake 1.16.1
  Gettext 0.19.8.1
  Gnulib commit 6430babe47ece6953cf18ef07c1d8642c8588e89
  Gperf 3.1

NEWS

A considerable number of patches have been made since the last release, see the git log if you want all the gory details.

A huge thank you to everyone who has contributed to this release.

================================================================
Here is a log of the commits since parted 3.2

A. Wilcox (1):
      libparted: Fix endian bug in bsd.c

Alexander Todorov (3):
      tests: Fall back to C.UTF-8 if no en_US.utf8 available
      merge HACKING and README-hacking
      Fwd: [PATCH 2/2] add verbose test documentation

Amarnath Valluri (3):
      UI: Avoid memory leaks.
      libparted: Fix memory leaks
      libparted: Fix possible memory leaks

Arnout Vandecappelle (Essensium/Mind) (1):
      libparted/labels: link with libiconv if needed

Arvin Schnell (1):
      libparted: set swap flag on GPT partitions

Brian C. Lane (73):
      tests: Change minimum size to 256MiB
      tests: Add a test for device-mapper partition sizes
      libparted: device mapper uses 512b sectors
      Update manpage NAME so whatis will work
      doc: Fix url for LWN article
      tests: Make sure the extended partition length is correct (#1135493)
      libparted: BLKPG_RESIZE_PARTITION uses bytes, not sectors (#1135493)
      parted: Fix crash with name command and no disklabel (#1226067)
      libparted: Stop converting . in sys path to /
      libparted: Fix misspelling in hfs exception string
      libparted: Use read only when probing devices on linux (#1245144)
      tests: Use wait_for_dev_to_ functions
      Add libparted-fs-resize.pc
      docs: Add list of filesystems for fs-type (#1311596)
      parted: Display details of partition alignment failure (#726856)
      libparted: Remove fdasd geometry code from alloc_metadata (#1244833)
      libparted: Fix probing AIX disks on other arches
      tests: t3310-flags.sh skip pc98 when sector size != 512
      tests: Add udevadm settle to wait_for_ loop (#1260664)
      tests: Add wait to t9042 (#1257415)
      tests: Fix t1700 failing on a host with a 4k xfs filesystem (#1260664)
      doc: Cleanup mkpart manpage entry (#1183077)
      doc: Add information about quoting
      tests: Set optimal blocks to 64 for scsi_debug devices
      partprobe: Open the device once for probing
      tests: Stop timing t9040 (#1172675)
      tests: Update t0220 and t0280 for the swap flag.
      Increase timeout for rmmod scsi_debug and make it a framework failure
      tests/t1701-rescue-fs wait for the device to appear.
      libparted: Fix udev cookie leak in _dm_resize_partition
      libparted: Fix udev cookie leak in _dm_resize_partition
      atari.c: Drop xlocale.h (#1476934)
      Modify gpt-header-move and msdos-overlap to work with py2 or py3
      Fix the length of several strncpy calls
      parted.c: Always free peek_word
      parted.c: Make sure dev_name is freed
      t6100-mdraid-partitions: Use v0.90 metadata for the test
      Add udf to t1700-probe-fs and to the manpage
      docs: Update GNU License version in parted .text files
      parted: Remove PED_ASSERT from ped_partition_set_name
      Fix align-check help output
      README-release: Updating the release instructions
      configure.ac: Remove default -Werror flag
      Remove unnecessary if before free checks
      Remove trailing whitespace
      Fix syntax-check complaints about tests
      Update syntax-check NEWS hash to cover 3.2 release notes.
      Fix double semi-colons
      Change 'time stamp' to 'timestamp'
      atari.c: Align the AtariRawTable on a 16bit boundary
      dos.c: Fix cast alignment error in maybe_FAT
      Adjust the gcc warnings to recognize FALLTHROUGH
      dvh.c: Use memcpy instead of strncpy
      gpt.c: Align _GPTDiskData to 8 byte boundary
      gpt.c: Drop cast of efi_guid_t to unsigned char *
      sun.c: Aligned _SunRawLabel to 16bit boundary
      Add gcc malloc attribute to ped_alloc and ped_calloc
      bsd.c: Rewrite disklabel code to prevent gcc warnings
      po: Add argmatch.h
      Turn off c_prohibit_gnu_make_extensions
      dist-check.mk: Remove empty .deps directories
      doc: Create po directory if missing
      libparted: Fix bug in bsd.c alpha_bootblock_checksum
      maint: Update to latest gnulib
      maint: Update bootstrap script from latest gnulib
      maint: Bump library REVISION number for release
      maint: Update copyright statements to 2019
      maint: Move NEWS template to line 3
      version 3.2.153
      maint: post-release administrivia
      README-release: Add link to upload registration page
      NEWS: Note the fix for the s390 bug
      version 3.3

Colin Watson (2):
      parted: fix build error on s390
      build: Remove unused traces of dynamic loading

Curtis Gedak (1):
      lib-fs-resize: Fix recognition of FAT file system after resizing

David Cantrell (1):
      Use BLKSSZGET to get device sector size in _device_probe_geometry()

Felix Janda (2):
      libparted/arch/linux.c: Compile without ENABLE_DEVICE_MAPPER
      libparted/fs/xfs/platform_defs.h: Include <fcntl.h> for loff_t

Gareth Randall (1):
      docs: Improve partition description in parted.texi

Gustavo Zacarias (1):
      bug #17883: [PATCH] configure.ac: uclinux is also linux

Hans-Joachim Baader (1):
      Added support for Windows recovery partition (WINRE) on MBR

Heiko Becker (1):
      libparted: also link to UUID_LIBS

John Paul Adrian Glaubitz (2):
      libparted:tests: Move get_sector_size() to common.c
      libparted: Add support for atari partition tables

Laurent Vivier (1):
      libparted: Fix MacOS boot support

Max Staudt (1):
      libparted/fs/amiga/affs.c: Remove printf() to avoid confusion

Michael Small (2):
      Avoid sigsegv in case 2nd nilfs2 superblock magic accidently found.
      Tests case for sigsegv when false nilfs2 superblock detected.

Mike Fleetwood (13):
      lib-fs-resize: Prevent crash resizing FAT16 file systems
      tests: t3000-resize-fs.sh: Add FAT16 resizing test
      tests: t3000-resize-fs.sh: Add requirement on mkfs.vfat
      lib-fs-resize: Prevent crash resizing FAT with very deep directories
      tests: t3000-resize-fs.sh: Add very deep directory
      tests: t3310-flags.sh: Query libparted for all flags to be tested
      tests: t3310-flags.sh: Stop excluding certain flags from being tested
      tests: t3310-flags.sh: Add test for bsd table flags
      libparted: Fix to report success when setting lvm flag on bsd table
      libparted: Remove commented local variable from bsd_partition_set_flag()
      tests: t3310-flags.sh: Add test for mac table flags
      tests: t3310-flags.sh: Add test for dvh table flags
      tests: t3310-flags.sh: Add tests for remaining table types

Niklas Hambüchen (1):
      mkpart: Allow negative start value when FS-TYPE is not given

Pali Rohár (1):
      libparted: Add support for MBR id, GPT GUID and detection of UDF filesystem

Petr Uzel (3):
      Add support for NVMe devices
      libparted: only IEC units are treated as exact
      libparted: Fix starting CHS in protective MBR

Phillip Susi (11):
      maint: post-release administrivia
      parted: don't crash in disk_set when disk label not found
      parted: fix the rescue command
      Add NEWS entry for fat resize fix
      Fix crash when localized
      Fix make check
      tests: fix t6100-mdraid-partitions
      Fix set and disk_set to not crash when no flags are supported
      Fix resizepart iec unit end sector
      Lift 512 byte restriction on fat resize
      Fix atari label false positives

Richard W.M. Jones (1):
      linux: Include <sys/sysmacros.h> for major() macro.

Sebastian Parschauer (3):
      libparted: Don't warn if no HDIO_GET_IDENTITY ioctl
      Add support for RAM drives
      Add support for NVDIMM devices

Sebastian Rasmussen (1):
      libparted: Fix typo in hfs error message

Sergei Antonov (1):
      mac: copy partition type and name correctly

Shin'ichiro Kawasaki (4):
      configure.ac: Check ABI against ABI version 2
      libparted/labels/pt-tools.c: Fix gperf generated function attribute
      include/parted/unit.in.h: Specify const attribute to ped_unit_get_name()
      libparted: Replace abs() with llabs()

Simon Xu (1):
      Fix potential command line buffer overflow

Steven Lang (1):
      Use disk geometry as basis for ext2 sector sizes.

Ulrich Müller (1):
      libparted: Fix ending CHS address in PMBR.

Viktor Mihajlovski (4):
      fdasd: geometry handling updated from upstream s390-tools
      dasd: enhance device probing
      fdasd.c: Safeguard against geometry misprobing
      libparted/s390: Re-enabled virtio-attached DASD heuristics

Wang Dong (13):
      libparted/dasd: correct the offset where the first partition begins
      libparted/dasd: unify vtoc handling for cdl/ldl
      libparted/dasd: update and improve fdasd functions
      libparted/dasd: add new fdasd functions
      libparted/dasd: add test cases for the new fdasd functions
      parted: fix crash due to improper partition number input
      parted: fix wrong error label jump in mkpart
      clean the disk information when commands fail in interactive mode.
      parted: check the name of partition first when to name a partition
      parted/ui: remove unneccesary information of command line
      libpartd/dasd: improve flag processing for DASD-LDL
      libparted/dasd: add an exception for changing DASD-LDL partition table
      libparted/dasd: add test cases for the new fdasd functions

dann frazier (3):
      ped_unit_get_name: Resolve conflicting attributes 'const' and 'pure'
      Fix warnings from GCC 7's -Wimplicit-fallthrough
      Read NVMe model names from sysfs

11 October, 2019 12:18AM by Brian C. Lane

October 10, 2019

FSF Blogs

IDAD 2019: Join us on October 12th, and use this special dust jacket to uphold the right to read

Photo of IDAD 2019 dust jacket cover.

Each year we stage the International Day Against DRM (IDAD) to help others learn about the dangers of Digital Restrictions Management (DRM). For this year's IDAD on October 12th, we are focusing in particular on the increasing and disturbing amount of DRM present in ebooks and other online educational materials. Having so thoroughly invaded our leisure time, the digital infection known as DRM should not be allowed to spread into the classroom. Joining us in the fight for IDAD 2019 are the Electronic Frontier Foundation, Creative Commons, and The Document Foundation, among ten other participating organizations we are privileged to have standing with us in the fight against DRM.

In a bid to become the "Netflix of textbooks," and like many other publishers, Pearson is doing the opposite of what anyone committed to education should do: severely restricting a student's access to the materials they need for their courses through arbitrary page limits, "rented" books that disappear, and many which require a constant Internet connection.

Publishers like Pearson should not be allowed to decide the rigidly specific conditions under which a student can learn. No book should spy on your reading habits or simply "disappear" after you have had it for too long. In the digital age, it is unacceptable for a publisher to impose the same principles of scarcity that would apply to a physical product to a digital file. The computing revolution was caused by files being shared, not merely rented. Imposing these limitations on digital media is an attack on user freedom, no matter how much corporate PR may spin the story. It's our aim to let the world know that we support the rights of readers. You could say that for IDAD 2019, Defective by Design has you covered.

We have developed a dust jacket you can slip over any "dead tree" book that you are reading to warn others about the looming threat of DRM. Whether in school, in a coffee shop, or on the subway, it is an easy conversation starter about the insidious nature of DRM. We encourage all readers to use them, whether on the latest hardcover bestseller or the textbook you use in class (while you still have one).

Defective by Design will be printing high quality versions of the dust jacket for every book shipped from our friends at the GNU Press while supplies permit. And true to our mission, we are also releasing the source files to these designs so that others may do the same. They are fully editable and shareable in Scribus v1.5+, so feel free to print, share, translate, and give away your own printed copies to readers and anti-DRM activists in your area.

Using ebooks for educational purposes is far from a bad thing: in fact, we will be bringing together the global Defective by Design community to help improve the fully shareable and editable works like those published by our friends at FLOSS Manuals. We're excited to be promoting an opposition to "locked-down" learning by staging a global hackathon on free culture works in the #dbd channel on Freenode, or our own in-person meeting to help edit these ethical alternatives at our offices in Boston.

Activists all over the world come together on the International Day Against DRM to resist Digital Restrictions Management's massive and aggressive encroachment on our real digital rights.

This year, we're confident that we can show major book publishers like Pearson that putting a lock on learning is unacceptable. Join us on October 12th and beyond in our double-fronted attack to tell others about the evils of DRM, and to eliminate unethical digital publishing by contributing to free and ethical alternatives.

Spread the message

  • Print and share these covers as widely as you can, leaving them as freebies in libraries, coffee shops, and wherever books are appreciated. Snap a photo of your campaigning in action, and share it to social media with the tags #idad, #dbd, or #DefectivebyDesign.

  • To help us coordinate year-round actions against DRM, join the DRM Elimination Crew mailing list.

  • If you would like to translate the dust jacket into your language, please email campaigns@fsf.org and we will be happy to include it on the official Defective by Design site. We're currently offering them in English, Spanish, and German.

IDAD actions

10 October, 2019 08:40PM

October 09, 2019

FSF Events

Meet the FSF staff in Raleigh, NC on October 15

On Tuesday, October 15th, the Free Software Foundation (FSF) staff would like to meet you at a social event at Raleigh's Whiskey Kitchen!

Executive director John Sullivan, licensing and compliance manager Donald R. Robertson, III, copyright and licensing associate Craig Topham, and program manager ZoĂŤ Kooyman, will all be in Raleigh, NC on October 15th, in anticipation of this year's licensing seminar on GPL Enforcement and Legal Ethics.

We look forward to hosting this informal meetup to show our appreciation for your support of the FSF's work. We'll share some bites and drinks while giving you the opportunity to meet other FSF associate members and supporters while learning about what the FSF is currently working on. We are curious to hear your thoughts, and would love to answer any questions you may have.

This is a social meetup for anyone who is interested in participating in the free software community or wants to learn more about the FSF. You don't have to be a current associate member to attend. We will be providing appetizers, including vegan/vegetarian friendly items. Your RSVP is helpful to us for notifying the venue of the amount of people to expect, but we still welcome people who have not planned ahead.

You are receiving this message because you have joined one of our email lists and have indicated that you live near the location of this event.

We look forward to meeting you in person!

09 October, 2019 09:20PM

LibrePlanet 2020 IRC CFS Office Hours

The LibrePlanet call for sessions is open now and will be open until November 20 and we want to hear from you!

Speaking at a conference, and even submitting a proposal, can be intimidating or hard. Luckily, some great, experienced speakers are volunteering their time to help out during the CFS Office Hours.

Whether you want to propose a talk and want feedback on your idea, proposal wording, talk title, or just advice on how to deal with nerves, there are three office hours slots scheduled over the next few weeks.

Join #libreplanet on Freenode IRC on any of the following dates:

  • Thursday, October 10th from 13:00 - 14:00 (EDT)
  • Thursday, October 17th from 13:00 - 14:00 (EDT)
  • Thursday, October 24th from 13:00 - 14:00 (EDT)
  • Thursday, October 31st from 13:00 - 14:00 (EDT)
  • Thursday, November 7th from 13:00 - 14:00 (EST)
  • Thursday, November 14th from 13:00 - 14:00 (EST)

If you do not have an IRC client, you can log onto Freenode IRC here, and connect to the channel #libreplanet.

If you can't make an office hours meeting, feel free to email campaigns@fsf.org with questions.

09 October, 2019 08:47PM

Gary Benson

“Reformat the filesystem to enable support”

Apparently it’s been a while since I ran containers on my office computer—and by a while, I mean, since November 2016—because if your initial install was RHEL or CentOS 7.2 or older then neither Docker nor Podman will work:

# yum -q -y install podman skopeo buildah
# podman pull registry.access.redhat.com/ubi7/ubi
Error: could not get runtime: kernel does not support overlay fs: overlay: the backing xfs filesystem is formatted without d_type support, which leads to incorrect behavior. Reformat the filesystem with ftype=1 to enable d_type support. Running without d_type is not supported.: driver not supported

So… ugh. I didn’t have any disks it’d work on either:

# for i in $(awk '{ if ($3 == "xfs") print $2 }' /etc/mtab); do xfs_info $i; done | grep ftype
naming   =version 2              bsize=4096   ascii-ci=0 ftype=0
naming   =version 2              bsize=4096   ascii-ci=0 ftype=0
naming   =version 2              bsize=4096   ascii-ci=0 ftype=0
naming   =version 2              bsize=4096   ascii-ci=0 ftype=0

I didn’t reformat anything though. podman pull wants overlayFS on /var/run/containers/storage, and buildah bud wants it on /var/lib/containers/storage. I made loopback disks for them both:

  1. Find/make space somewhere, then create a directory to put the images in:
    # mkdir -p /store/containers
  2. Create a big file, whatever size you want, for the disk image. I made mine 20GiB. It took a couple minutes, my disks are slow:
    # dd if=/dev/zero of=/store/containers/var_lib_containers.img bs=1M count=20K
  3. Find a free loop device and associate the file to it:
    # losetup -f
    /dev/loop1
    # losetup /dev/loop1 /store/containers/var_lib_containers.img 
    
  4. Format the “device”, then detach it from the file:
    # mkfs -t xfs -n ftype=1 /dev/loop1
    # losetup -d /dev/loop1
  5. Mount the “disk”, and see if it worked:
    # mount -oloop /store/containers/var_lib_containers.img /var/lib/containers
    # df -h /var/lib/containers
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/loop1       20G   33M   20G   1% /var/lib/containers
  6. It worked? Make it permanent:
    # echo "/store/containers/var_lib_containers.img /var/lib/containers xfs defaults,loop 1 2" >> /etc/fstab

Rinse and repeat for the other drive it needed. Then try again:

# podman pull registry.access.redhat.com/ubi7/ubi
Trying to pull registry.access.redhat.com/ubi7/ubi...Getting image
source signatures
Copying blob bff3b73cbcc4 done
Copying blob 7b1c937e0f67 done
Copying config 6fecccc91c done
Writing manifest to image destination
Storing signatures
6fecccc91c83e11ae4fede6793e9410841221d4779520c2b9e9fb7f7b3830264

#victorydanceđŸ˜

09 October, 2019 12:32PM by gbenson

October 08, 2019

health @ Savannah

GNU Health HMIS 3.6 Release Candidate 1 is out !

Dear community

We are pleased to announce the initial release candidate for the upcoming GNU Health HMIS server !

Please download and test the following files:

  • gnuhealth-3.6RC1.tar.gz: Server with the 45 packages
  • gnuhealth-client-3.6RC1.tar.gz  : The GH HMIS GTK client
  • gnuhealth-client-plugins-3.6RC1.tar.gz : The Federation Resource Locator; the GNU Health Camera and the crypto plugin

Remember that all the components of the 3.6 series run in Python 3.

You can download the RC tarballs from the development dir:

https://www.gnuhealth.org/downloads/development/unstable/

Time to test, report bugs and translate :)

All the best
Luis

08 October, 2019 09:44PM by Luis Falcon

Andy Wingo

thoughts on rms and gnu

Yesterday, a collective of GNU maintainers publicly posted a statement advocating collective decision-making in the GNU project. I would like to expand on what that statement means to me and why I signed on.

For many years now, I have not considered Richard Stallman (RMS) to be the head of the GNU project. Yes, he created GNU, speaking it into existence via prophetic narrative and via code; yes, he inspired many people, myself included, to make the vision of a GNU system into a reality; and yes, he should be recognized for these things. But accomplishing difficult and important tasks for GNU in the past does not grant RMS perpetual sovereignty over GNU in the future.

ontological considerations

More on the motivations for the non serviam in a minute. But first, a meta-point: the GNU project does not exist, at least not in the sense that many people think it does. It is not a legal entity. It is not a charity. You cannot give money to the GNU project. Besides the manifesto, GNU has no by-laws or constitution or founding document.

One could describe GNU as a set of software packages that have been designated by RMS as forming part, in some way, of GNU. But this artifact-centered description does not capture movement: software does not, by itself, change the world; it lacks agency. It is the people that maintain, grow, adapt, and build the software that are the heart of the GNU project -- the maintainers of and contributors to the GNU packages. They are the GNU of whom I speak and of whom I form a part.

wasted youth

Richard Stallman describes himself as the leader of the GNU project -- the "chief GNUisance", he calls it -- but this position only exists in any real sense by consent of the people that make GNU. So what is he doing with this role? Does he deserve it? Should we consent?

To me it has been clear for many years that to a first approximation, the answer is that RMS does nothing for GNU. RMS does not write software. He does not design software, or systems. He does hold a role of accepting new projects into GNU; there, his primary criteria is not "does this make a better GNU system"; it is, rather, "does the new project meet the minimum requirements".

By itself, this seems to me to be a failure of leadership for a software project like GNU. But unfortunately when RMS's role in GNU isn't neglect, more often as not it's negative. RMS's interventions are generally conservative -- to assert authority over the workings of the GNU project, to preserve ways of operating that he sees as important. See for example the whole glibc abortion joke debacle as an example of how RMS acts, when he chooses to do so.

Which, fair enough, right? I can hear you saying it. RMS started GNU so RMS decides what it is and what it can be. But I don't accept that. GNU is about practical software freedom, not about RMS. GNU has long outgrown any individual contributor. I don't think RMS has the legitimacy to tell this group of largely volunteers what we should build or how we should organize ourselves. Or rather, he can say what he thinks, but he has no dominion over GNU; he does not have majority sweat equity in the project. If RMS actually wants the project to outlive him -- something that by his actions is not clear -- the best thing that he could do for GNU is to stop pretending to run things, to instead declare victory and retire to an emeritus role.

Note, however, that my personal perspective here is not a consensus position of the GNU project. There are many (most?) GNU developers that still consider RMS to be GNU's rightful leader. I think they are mistaken, but I do not repudiate them for this reason; we can work together while differing on this and other matters. I simply state that I, personally, do not serve RMS.

selective attrition

Though the "voluntary servitude" questions are at the heart of the recent joint statement, I think we all recognize that attempts at self-organization in GNU face a grave difficulty, even if RMS decided to retire tomorrow, in the way that GNU maintainers have selected themselves.

The great tragedy of RMS's tenure in the supposedly universalist FSF and GNU projects is that he behaves in a way that is particularly alienating to women. It doesn't take a genius to conclude that if you're personally driving away potential collaborators, that's a bad thing for the organization, and actively harmful to the organization's goals: software freedom is a cause that is explicitly for everyone.

We already know that software development in people's free time skews towards privilege: not everyone has the ability to devote many hours per week to what is for many people a hobby, and it follows of course that those that have more privilege in society will be more able to establish a position in the movement. And then on top of these limitations on contributors coming in, we additionally have this negative effect of a toxic culture pushing people out.

The result, sadly, is that a significant proportion of those that have stuck with GNU don't see any problems with RMS. The cause of software freedom has always run against the grain of capitalism so GNU people are used to being a bit contrarian, but it has also had the unfortunate effect of creating a cult of personality and a with-us-or-against-us mentality. For some, only a traitor would criticise the GNU project. It's laughable but it's a thing; I prefer to ignore these perspectives.

Finally, it must be said that there are a few GNU people for whom it's important to check if the microphone is on before making a joke about rape culture. (Incidentally, RMS had nothing to say on that issue; how useless.)

So I honestly am not sure if GNU as a whole effectively has the demos to make good decisions. Neglect and selective attrition have gravely weakened the project. But I stand by the principles and practice of software freedom, and by my fellow GNU maintainers who are unwilling to accept the status quo, and I consider attempts to reduce GNU to founder-loyalty to be mistaken and without legitimacy.

where we're at

Given this divided state regarding RMS, the only conclusion I can make is that for the foreseeable future, GNU is not likely to have a formal leadership. There will be affinity groups working in different ways. It's not ideal, but the differences are real and cannot be papered over. Perhaps in the medium term, GNU maintainers can reach enough consensus to establish a formal collective decision-making process; here's hoping.

In the meantime, as always, happy hacking, and: no gods! No masters! No chief!!!

08 October, 2019 03:34PM by Andy Wingo

GNU Guix

Guix Reduces Bootstrap Seed by 50%

We are delighted to announce that the first reduction by 50% of the Guix bootstrap binaries has now been officially released!

This is a very important step because the ~250MB seed of binary code was practically non-auditable, which makes it hard to establish what source code produced them.

Every unauditable binary also leaves us vulnerable to compiler backdoors as described by Ken Thompson in the 1984 paper Reflections on Trusting Trust and beautifully explained by Carl Dong in his Bitcoin Build System Security talk.

It is therefore equally important that we continue towards our final goal: A Full Source bootstrap; removing all unauditable binary seeds.

Guix’ Rigorous Regular Bootstrap

GNU Guix takes a rigorous approach to bootstrapping. Bootstrapping in this context refers to how the distribution gets built from nothing.

The GNU system is primarily made of C code, with glibc at its core. The GNU build system itself assumes the availability of a Bourne shell and command-line tools provided by the Core GNU Utilities and Awk, Grep, Make, Sed, and some others.

The build environment of a package is a container that contains nothing but the package’s declared inputs. To be able to build anything at all in this container, Guix needs pre-built binaries of Guile, GCC, Binutils, glibc, and the other tools mentioned above.

So there is an obvious chicken-and-egg problem: How does the first package get built? How does the first compiler get compiled?

                            gcc-final
                                ^
                                |
                          cross-gcc-boot
                                ^
                                |
                        gcc-boot0 (5.5.0)
                                ^
                                |
                 binutils-boot0, libstdc++-boot0
                                ^
                                |
           diffutils-boot0, findutils-boot0, file-boot0
                                ^
                                |
                           make-boot0
                                ^
                                |
                                *
        bootstrap-binutils, bootstrap-gcc, bootstrap-glibc (~130MB)
      bootstrap-bash, bootstrap-coreutils&co, bootstrap-guile (~120MB)

full graph

The answer to this starts with bootstrap binaries. The first package that gets built with these bootstrap binaries is make, next are diffutils, findutils, and file. Eventually a gcc-final is built: the compiler used to build regular packages.

i686/x86_64 Reduced Binary Seed bootstrap

The Guix development branch we just merged introduces a reduced binary seed bootstrap for x86_64 and i686, where the bottom of the dependency graph looks like this:

                         gcc-mesboot (4.9.4)
                                ^
                                |
                        glibc-mesboot (2.16.0)
                                ^
                                |
                         gcc-mesboot1 (4.7.4)
                                ^
                                |
                        binutils-mesboot (2.20.1a)
                                ^
                                |
                         gcc-mesboot0 (2.95.3)
                                ^
                                |
                         glibc-mesboot0 (2.2.5)
                                ^
                                |
                        gcc-core-mesboot (2.95.3)
                                ^
                                |
    make-mesboot0, diffutils-mesboot, binutils-mesboot0 (2.20.1a)
                                ^
                                |
                            tcc-boot
                                ^
                                |
                            tcc-boot0
                                ^
                                |
                            mes-boot
                                ^
                                |
                                *
              bootstrap-mescc-tools, bootstrap-mes (~10MB)
      bootstrap-bash, bootstrap-coreutils&co, bootstrap-guile (~120MB)

full graph

The new Reduced Binary Seed bootstrap removes Binutils, GCC, and glibc and replaces them by GNU Mes and MesCC Tools. This reduces the trusted binary seed by ~120MB - half of it!

As a user, it means your package manager has a formal description of how to build all your applications, in a reproducible way, starting from nothing but this ~120MB seed. It means you can rebuild any of those software artifacts locally without trusting a single binary provider.

For comparison, traditional distros often have an informally specified bootstrap story, usually relying on much bigger binary seeds. We estimate those seeds to weigh in at ~550MB (the size of debootstrap --arch=i386 --include=build-essential,dpkg-dev,debhelper,gcc,libc6-dev,make,texinfo bullseye ./bullseye-chroot http://deb.debian.org/debian, with bullseye-chroot/var/cache/apt/archives removed) in the case of Debian—ignoring cycles that show up higher in the graph.

These bootstrap binaries can now be re-created by doing

    guix build bootstrap-binaries

Work started three years ago with a simple LISP-1.5 interpreter.

A year later, Mes 0.5 had become a tiny Scheme interpreter written in simple subset of C that came with a simple C compiler in Scheme. And yes, these were mutual self-hosting.

The next step was to find a path towards compiling Guix’s default GCC (5.5.0). Sadly, bootstrapping GCC compilers has been becoming increasingly difficult over the years. We looked at GCC 1.42: not easy to bootstrap (100,000 LOC) and it depends on Bison. Reluctantly, we started looking for non-GNU alternatives 8cc, pcc, cc500 but finally settled on TinyCC. TinyCC (TCC) can compile GCC (4.7.4) which is currently the most recent release of GCC that can be built without a C++ compiler.

Another year later, Mes 0.13 has grown its own tiny C library and compiles a heavily patched and simplified TCC. This looked very promising and we suggested for TinyCC to help our bootstrapping effort by moving towards a simplified C subset. Instead we were encouraged to make MesCC a full blown C99 compliant compiler. That felt as a setback but it gave us the perspective of removing TCC from the bootstrap later on. Using Nyacc, the amazing parser framework with C99 parser by Matt Wette, has even made that a feasible perspective.

It took only half a year to mature into Mes 0.19 so that building TinyCC (25,000 LOC) now only takes ~8min instead of the initial 5h.

With a bootstrapped TCC we tried building some versions of GCC (1.4, 2.6.3, 2.95.3, 3.0, 3.1, 3.2.3, 3.4.0, 3.4.6, 4.1.1, 4.1.2) to try to build some versions of glibc (1.06.4, 1.09.1, 2.0.1. 2.1.3, 2.3, 2.3.6, 2.2.5, 2.12.2, 2.15, 2.16.0, 2.28) using slightly less versions of Binutils (1.9, 2.5.1, 2.5.2, 2.6, 2.7, 2.10.1, 2.14, 2.14a, 2.15a, 2.17a, 2.18a, 2.20.1a, 2.23.2, 2.25, 2.28). There were many interesting dependencies, tradeoffs, patching of generated Autotools outputs, especially if you are using your own tiny C library and headers.

Typically, newer versions of the tool chain fix all kinds of bugs in the build system and C code compliance, which is great. However, simultaneously new features are introduced or dependencies are added that are not necessary for bootstrapping, increasing the bootstrap hurdle. Sometimes, newer tools are more strict or old configure scripts do not recognise newer tool versions.

Also, can you spot the triplets of tool versions that combine into integral versions of the tool chain? ;-)

Scheme-only Bootstrap

Our next target will be another reduction by ~50%; the Scheme-only bootstrap will replace the Bash, Coreutils, etc. binaries by Gash and Gash Core Utils.

Gash is a work-in-progress implementation of a POSIX shell in Scheme, that is already capable-enough to interpret Autoconf-generated configure scripts. It can run on Guile but it is designed to also run on Mes, meaning that we can use it early on during bootstrap.

We are excited that the Nlnet Foundation is now sponsoring this work!

Creating a GNU Tool Chain Bootstrap Story

The Reduced Binary Seed bootstrap starts by building ancient GNU software, notably GCC (2.95.3), glibc (2.2.5).

This amazing achievement is mirrored only by its terrible clumsiness. Is this really how we want to secure the bootstrap of our GNU system?

                         gcc-mesboot (4.6.4)
                                ^
                                |
                            tcc-boot
                                ^
                                |
                            mes-boot
                                ^
                                |
                                *

Maybe if we could go straight from TinyCC to GCC (4.6.4) we need no longer depend on an ancient GNU tool chain and have a somewhat more modern and more maintainable bootstrap path.

Now that we have shown it can be done, we think it is time for GNU tool chain developers to step in and help create a better version of our tool chain bootstrap story.

Towards a Full Source Bootstrap

We expect many interesting challenges before we approach this lofty target.

The stage0 project by Jeremiah Orians starts everything from ~512 bytes; virtually nothing. Have a look at this incredible project if you haven’t already done so.

Jeremiah is also leading the Mes-M2 effort that is about bootstrapping Mes from stage0. The Mes Scheme interpreter is being rewritten in an even more simple subset of C, without preprocessor macros even. That C-like language is called M2-Planet, after its transpiler.

About Bootstrappable Builds and GNU Mes

Software is bootstrappable when it does not depend on a binary seed that cannot be built from source. Software that is not bootstrappable - even if it is free software - is a serious security risk for a variety of reasons. The Bootstrappable Builds project aims to reduce the number and size of binary seeds to a bare minimum.

GNU Mes is closely related to the Bootstrappable Builds project. Mes aims to create an entirely source-based bootstrapping path for the Guix System and other interested GNU/Linux distributions. The goal is to start from a minimal, easily inspectable binary (which should be readable as source) and bootstrap into something close to R6RS Scheme.

Currently, Mes consists of a mutual self-hosting scheme interpreter and C compiler. It also implements a C library. Mes, the scheme interpreter, is written in about 5,000 lines of code of simple C. MesCC, the C compiler, is written in scheme. Together, Mes and MesCC can compile a lightly patched TinyCC that is self-hosting. Using this TinyCC and the Mes C library, it is possible to bootstrap the entire Guix System for i686-linux and x86_64-linux.

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the kernel Linux, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

08 October, 2019 12:00AM by Jan Nieuwenhuizen

October 07, 2019

Joint statement on the GNU Project

We, the undersigned GNU maintainers and developers, owe a debt of gratitude to Richard Stallman for his decades of important work in the free software movement. Stallman tirelessly emphasized the importance of computer user freedom and laid the foundation for his vision to become a reality by starting the development of the GNU operating system. For that we are truly grateful.

Yet, we must also acknowledge that Stallman’s behavior over the years has undermined a core value of the GNU project: the empowerment of all computer users. GNU is not fulfilling its mission when the behavior of its leader alienates a large part of those we want to reach out to.

We believe that Richard Stallman cannot represent all of GNU. We think it is now time for GNU maintainers to collectively decide about the organization of the project. The GNU Project we want to build is one that everyone can trust to defend their freedom.

  1. Ludovic Courtès (GNU Guix, GNU Guile)

  2. Ricardo Wurmus (GNU Guix, GNU GWL)

  3. Matt Lee (GNU Social)

  4. Andreas Enge (GNU MPC)

  5. Samuel Thibault (GNU Hurd, GNU libc)

  6. Carlos O'Donell (GNU libc)

  7. Andy Wingo (GNU Guile)

  8. Jordi Gutiérrez Hermoso (GNU Octave)

  9. Mark Wielaard (GNU Classpath)

  10. Ian Lance Taylor (GCC, GNU Binutils)

  11. Werner Koch (GnuPG)

  12. Daiki Ueno (GNU gettext, GNU libiconv, GNU libunistring)

  13. Christopher Lemmer Webber (GNU MediaGoblin)

  14. Jan Nieuwenhuizen (GNU Mes, GNU LilyPond)

  15. John Wiegley (GNU Emacs)

  16. Tom Tromey (GCC, GDB)

  17. Jeff Law (GCC, Binutils — not signing on behalf of the GCC Steering Committee)

  18. Han-Wen Nienhuys (GNU LilyPond)

  19. Joshua Gay (GNU and Free Software Speaker)

  20. Ian Jackson (GNU adns, GNU userv)

  21. Tobias Geerinckx-Rice (GNU Guix)

  22. Andrej Shadura (GNU indent)

  23. Zack Weinberg (developer on GCC, GNU libc, GNU Binutils)

  24. John W. Eaton (GNU Octave)

  25. Jonathan Wakely (developer on GCC)

  26. Siddhesh Poyarekar (developer on GNU libc)

  27. Damian Rouson (developer on GFortran)

  28. David Malcolm (developer on GCC)

  29. Maciej W. Rozycki (developer on GCC, GDB, GNU Binutils, GNU libc)

07 October, 2019 04:15PM by A collective of GNU maintainers

FSF News

FSF and GNU

The Free Software Foundation (FSF) and the GNU Project were both started by Richard M. Stallman (RMS), and he served until recently as the head of both. Because of that, the relationship between the FSF and GNU has been fluid.

As part of our commitment to supporting the development and distribution of fully free operating systems, the FSF provides GNU with services like fiscal sponsorship, technical infrastructure, promotion, copyright assignment, and volunteer management.

GNU decision-making has largely been in the hands of GNU leadership. Since RMS resigned as president of the FSF, but not as head of GNU ("Chief GNUisance"), the FSF is now working with GNU leadership on a shared understanding of the relationship for the future. As part of that, we invite comments from free software community members at fsf-and-gnu@fsf.org.

Update 2019-10-10: Messages sent to fsf-and-gnu@fsf.org and gnu-and-fsf@gnu.org will be privately shared between the FSF and GNU leadership as part of this process.

Update 2019-10-07: GNU leadership has also published a statement. The contact address for sending comments to GNU is gnu-and-fsf@gnu.org.

07 October, 2019 02:45AM

October 06, 2019

libredwg @ Savannah

libredwg-0.9 released

This is a major release, the first beta,
adding the new dxf importer, and dxf2dwg (experimental),
the first usage of the new dynapi and the encoder.

More here: https://www.gnu.org/software/libredwg/ and http://git.savannah.gnu.org/cgit/libredwg.git/tree/NEWS

Here are the compressed sources:
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.9.tar.gz   (10.2MB)
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.9.tar.xz   (4.3MB)

Here are the GPG detached signatures[*]:
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.9.tar.gz.sig
  http://ftp.gnu.org/gnu/libredwg/libredwg-0.9.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

Here are more binaries:
  https://github.com/LibreDWG/libredwg/releases/tag/0.9

Here are the SHA256 checksums:
e39ac35bc174fe8d0b05fc800970c685692714daacd6026a4e4f0f4d0ddb08e0  libredwg-0.9.tar.gz
954f74753860315eb313a3bbb83bf7e5ad03e84bd10408cc629ff2e4e4b3fd46  libredwg-0.9.tar.xz

[*] Use a .sig file to verify that the corresponding file (without the .sig suffix) is intact.  First, be sure to download both the .sig file and the corresponding tarball.  Then, run a command like this:

  gpg --verify libredwg-0.9.tar.gz.sig

If that command fails because you don't have the required public key, then run this command to import it:

  gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414

and rerun the 'gpg --verify' command.

06 October, 2019 03:21PM by Reini Urban

Parabola GNU/Linux-libre

[From Arch] `base` group replaced by mandatory `base` package - manual intervention required

The base group has been replaced by a metapackage of the same name. We advise users to install this package (pacman -Syu base), as it is effectively mandatory from now on.

Users requesting support are expected to be running a system with the base package.

Addendum: Be aware that base as it stands does not currently contain:

  • A kernel

  • An editor

... and other software that you might expect. You will have to install these separately on new installations.

06 October, 2019 12:00AM by David P.

Applied Pokology

Values of the world, unite! - Offsets in Poke

Early in the design of what is becoming GNU poke I was struck by a problem that, to my surprise, would prove not easy to overcome in a satisfactory way: would I make a byte-oriented program, or a bit-oriented program? Considering that the program in question was nothing less than an editor for binary data, this was no petty dilemma.

06 October, 2019 12:00AM

October 05, 2019

GNU Guix

GNU Guix maintainer collective expands

In July, we—Ricardo Wurmus and Ludovic Courtès—called for volunteers to join us in maintaining Guix. We are thrilled to announce that three brave hackers responded and that they’re now officially co-maintainers! The Guix maintainer collective now consists of Marius Bakke, Maxim Cournoyer, and Tobias Geerinckx-Rice, in addition to Ricardo and Ludovic. You can reach us all by email at guix-maintainers@gnu.org, a private alias.

So what does it mean to be a maintainer? There are some duties:

  1. Enforcing GNU and Guix policies, such as the project’s commitment to be released under a copyleft free software license (GPLv3+) and to follow the Free System Distribution Guideline (FSDG).

  2. Enforcing our code of conduct: maintainers are the contact point for anyone who wants to report abuse.

  3. Making decisions, about code or anything, when consensus cannot be reached. We’ve probably never encountered such a situation before, though!

Maintainers should have a good idea of what’s going on, but the other responsibilities can (and should! :-)) be delegated. Maybe you, dear reader, can help on one of them? Here are some examples:

  • Making releases. Any experienced developer can take this responsibility for some time.

  • Dealing with development and its everyday issues as well as long-term roadmaps, branch merges, code review, bug triage, all that.

  • Participating in Outreachy and Google Summer of Code (GSoC).

  • Organizing the Guix Days before FOSDEM and our presence at FOSDEM and other conferences.

  • Taking care of Guix money kindly donated by dozens of people and held at the FSF. A Spending Committee currently consisting of Tobias, Ricardo, and Ludovic, is responsible for deciding on, well, what to spend money on. Maintainers should also keep in touch with the “Guix Europe” non-profit registered in France, currently spearheaded by Manolis Ragkousis and Andreas Enge, and which has been providing financial support for hardware and events.

  • Keeping the build farm infrastructure up and running, extending it, thinking about hosting issues, etc.

  • Keeping the web site up-to-date.

  • Looking after people: making sure to promote people who are very involved in leadership position; dubbing new committers, new maintainers, new members of the spending committee. Supporting new initiatives. Generally trying to make sure everyone’s happy. :-)

With now five people on-board, we’ll probably be able to improve some of our processes and be able to scale better. You’re welcome to share your ideas on guix-devel@gnu.org or directly at guix-maintainers@gnu.org!

More generally, we think rotating responsibilities is a great way to bring new ideas and energy into the project. We are super happy and grateful that Maxim, Marius, and Tobias are taking on this challenge—thank you folks!

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the kernel Linux, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

05 October, 2019 02:30PM by Ludovic Courtès, Ricardo Wurmus

October 04, 2019

GNUnet News

GNS Technical Specification Milestone 1/4

2019-10-04: GNS Technical Specification Milestone 1/4

We are happy to announce the completion of the first milestone for the GNS Specification. The objective is to provide a detailed and comprehensive guide for implementors of the GNU Name System. The initial milestone consists of documenting the cryptographic principles of GNS data structures. This includes the specification of the GNS record wire and serialization formats as well as internationalization. The draft specification LSD001 can be found at:

The next milestone will bring the resolver logic specification.

This work is generously funded by NLnet as part of their Search and discovery fund.

04 October, 2019 12:00AM

October 03, 2019

FSF Events

Sign-making party at the FSF office to prepare for IDAD 2019!

The International Day against DRM(IDAD), organized yearly by the Defective by Design campaign, is promising to be an exciting day of protest against Digital Restrictions Management (DRM). This year we are standing up for readers' rights against the restrictive behavior of DRM-encumbered textbooks and digital learning environments from groups like Pearson, and our protestors will collect at the Pearson Education offices in Boston on October 12th, 2019.

The day's success is dependent on the amount of people showing up, and, of course, on the visuals that we provide to supplement our message. And so, we're inviting you to our sign-making party at 17:30 on October 9th, at the Free Software Foundation (FSF) office in downtown Boston! We will provide a light dinner, art materials, and instructions to make your own protest signs, so all you have to do is join in the fun!

Volunteering at the sign-making party is a great way to meet new community members and to contribute to the fight against DRM. We are also still looking for people to join us in our Boston IDAD protest on October 12 at noon, as well as an evening hackathon, or collaboration session, on unrestricted and truly shareable educational materials in the FSF offices from 17:00 onward.

Please visit the Defective by Design Web site or our page on LibrePlanet for more information.

If you have any questions, please feel free to email info@defectivebydesign.org

03 October, 2019 09:25PM

October 02, 2019

Applied Pokology

Array boundaries and closures in Poke

Poke arrays are rather peculiar. One of their seemingly bizarre characteristics is the fact that the expressions calculating their boundaries (when they are bounded) evaluate in their own lexical environment, which is captured. In other words: the expressions denoting the boundaries of Poke arrays conform closures. Also, the way they evaluate may be surprising. This is no capricious.

02 October, 2019 10:53PM

October 01, 2019

screen @ Savannah

GNU Screen v.4.7.0

I'm announcing availability of GNU Screen v.4.7.0

This release
  * Adds support for SGR (1006) mouse mode
  * Adds support for OSC 11
  * Updates Unicode ambiguous and wide tables to 12.1.0
  * Fixes:
  - cross-compilation support (bug #43223)
  - a lot of manpage fixes and cleanups

Release is available for download at:
https://ftp.gnu.org/gnu/screen/
or your closest mirror (may have some delay)
https://ftpmirror.gnu.org/screen/

Please report any bugs or regressions.

01 October, 2019 10:47PM by Amadeusz Sławiński

GNU Guix

Join GNU Guix through Outreachy

We are happy to announce that for the third time GNU Guix offers a three-month internship through Outreachy, the inclusion program for groups traditionally underrepresented in free software and tech. We currently propose two subjects to work on:

  1. Create Netlink bindings in Guile
  2. Improve internationalization support for the Guix Data Service

If you’d like to contribute to computing freedom, Scheme, functional programming, or operating system development, now is a good time to join us. Let’s get in touch on the mailing lists and on the #guix channel on the Freenode IRC network!

Last year we had the pleasure to welcome Laura Lazzati as an Outreachy intern working on documentation video creation.

About GNU Guix

GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the kernel Linux, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. When used as a standalone GNU/Linux distribution, Guix offers a declarative, stateless approach to operating system configuration management. Guix is highly customizable and hackable through Guile programming interfaces and extensions to the Scheme language.

01 October, 2019 06:00PM by Gábor Boskovits

Christopher Allan Webber

Updates: ActivityPub Conference, and more

NOTE: This update also appeared on my Patreon account. If you're reading the below and it sounds like I'm doing a lot of useful work, consider becoming a patron!

Hello all! It's been a couple of months since I've gotten out an update; much has happened.

First of all, ActivityPub Conf happened and was a big success! The video team got things recorded an uploaded so you can watch talks from the event, including my keynote (the audio quality is a bit messed up on this one, the others are better) and Mark Miller's keynote. The other talks were all also very excellent; I'm not going to iterate them all here because you can already go watch them! I think you will find there are many thematic threads between the videos.

We had about 40 people at the event; the first day was spent on talks and the second day was an "unconference" where groups self-organized to discuss various topics of mutual interest. One common thread was about the kinds of directions I've been pushing for in Spritely: distributed encrypted storage (Datashards, with Serge Wroclawski leading the conversation on that), object capabilities (OcapPub), stamps, etc. It was interesting to watch from the start to the end of the unconference day; particularly, the Pleroma folks were there and gave a lot of feedback. Towards the start of the day I think there was much more skepticism, but towards the end we were hearing belief and interest that these kinds of things could and should be implemented and would be of real use to fediverse participants. Lain of Pleroma in particular expressed that it helped to realize that even though I'm presenting all these ideas, they don't need to be implemented all at once; we can take them on piecemeal, and incrementalism is a perfectly valid approach. (Also "OcapPub" sounds like a new protocol, whereas it's really just a way-to-use ActivityPub mostly as it already exists. Maybe time for a new name for that?)

Anyway, ActivityPub Conf was a massive success; thank you everyone who came and participated. It's clear after APConf to me just how much of a difference getting folks together can make. For those who couldn't make it, let's thank the video team (DeeAnn Little, Sebastian Lasse, Markus Feilner) for getting those videos up!

On the topic of Datashards, we have a website and a nice logo now (courtesy of mray, who also made the ActivityPub logo). Serge Wroclawski (co-host with myself of Libre Lounge) has been increasingly helping with the project; before ActivityPub Conference and Rebooting Web of Trust we worked to make sure both of our implementations could talk to each other (Serge's Python implementation and my Racket implementation). At RWoT we showed a demo where I "beamed" the death star plans to Serge's computer. (We used the same content storage server, I uploaded the death star plans, rendered the QR code on my laptop, Serge scanned the QR code from his laptop, downloaded the file and showed off the plans from his computer... with the storage server having no idea about the contents of the data we were storing there!) People really liked that demo; we have had conversations about whether Datashards may serve as a foundational system for some other tools being made in that space; more later. In the meanwhile, I'm happy we have two applications in two different languages successfully being able to read and write each others' immutable datashards updates; the next step is making sure that mutability works the same.

Rebooting Web of Trust was also a very interesting event; the highlight being that I am now collaborating with some great folks on a secure user interfaces paper. We are taking the existing Mastodon web user interface and retooling it to reduce risks such as phishing, and open the path for more peer to peer systems (very timely, since that's the direction we want to take things). Unfortunately the amount of work to do on the paper is rather huge; it may take a while until the paper is complete. In the meanwhile, the Petnames paper has turned out to be a pre-requisite for the secure UIs one; that paper has been nearly complete for some time so I guess I have to finish the work. I recently added some new UI mockups to it, but there is still more to do.

Now that these conferences are over, I am putting time towards Spritely's core vision again: distributed virtual worlds. The foundational layer for that is Spritely Goblins, an ocap-secure distributed programming environment on top of Racket. I really enjoy hacking on this and I am happy to get time back to working on it. A topic of discussion came up between myself and Mark Miller at Rebooting Web of Trust though; am I unnecessarily duplicating effort between myself and the Agoric folks? In particular, they are building something equivalent (and arguably more featureful) to Spritely Goblins named SwingSet. This would run on top of Javascript rather than Racket/Lisp/Scheme. I have found that in the past I have been not very happy when working with Javascript, but Mark suggested I take a look at Agoric's Jessie subset of Javascript, which Mark described as "closer to Scheme" (not syntactically, but in terms of language-cleanliness). It does seem nicer than Javascript; when I admitted to Mark that I am addicted to parenthetical syntax, Mark posed the question about whether building a parenthetical version of Jessie would be less work than reproducing all the other things that Agoric is doing. It's a good point; I don't know. I'm unhappy with the idea of pivoting, but I do feel like it's probably true that due diligence suggests I should consider it carefully. It is true at least that I would probably reach a broader userbase more quickly with the option of Javascript syntax; it's hard for me to deny that. I will probably explore it with some smaller tests of Agoric's stuff. But in the meanwhile, I currently plan to release a very small version of the game demo using the toolkit I already am building while testing Agoric's infrastructure in parallel. I suspect we'll see the first user-visible outputs of this in early 2020.

There have been four new Libre Lounge episodes since my last update. That's still quite a few episodes to listen to, but slower than we previously were updating; all the travel is to blame. However that is settling down and I think we'll be updating more frequently soon. Even so, we have been updating!

In addition to all this, I suspect there will be at least two major announcements in the coming months; stay tuned. Work has already occured on both, but I can only say so much right now.

Thanks to everyone who has supported my work. I work much more than full time in the cause of advancing user freedom; it's not easy to fund this work. I appreciate all of you who are giving what you can.

Now, back to work!

01 October, 2019 05:54PM by Christopher Lemmer Webber

FSF Blogs

Join us in Boston to fight DRM and get crafty! October 9 & 12

The International Day against DRM (IDAD), organized yearly by the Defective by Design campaign, is promising to be an exciting day of protest against Digital Restrictions Management (DRM). This year we are standing up for readers' rights against the restrictive behavior of DRM-encumbered textbooks and digital learning environments from groups like Pearson, and our protestors will collect at the Pearson Education offices in Boston on October 12th, 2019.

The day's success is dependent on the amount of people showing up, and, of course, on the visuals that we provide to supplement our message. And so, we're inviting you to our sign-making party at 17:30 on October 9th, at the Free Software Foundation (FSF) office in downtown Boston! We will provide a light dinner, art materials, and instructions to make your own protest signs, so all you have to do is join in the fun!

Volunteering at the sign-making party is a great way to meet new community members and to contribute to the fight against DRM. We are also still looking for people to join us in our Boston IDAD protest on October 12 at noon, as well as an evening hackathon, or collaboration session, on unrestricted and truly shareable educational materials in the FSF offices from 17:00 onwards.

When and how can I help?:

  • October 9, 17:30: Sign-making party at the FSF office at 51 Franklin Street (dinner included)
  • October 12, 12:00: Morning protest of Pearson Education. We'll be gathering at the FSF office at noon before heading down to the Pearson building on 501 Boylston St. (refreshments included)
  • October 12, 17:00: Hackathon at the FSF office at 51 Franklin Street (dinner included)

Please email campaigns@fsf.org to confirm you will be there for any of these dates, or for more information.

01 October, 2019 04:20PM

Daniel Martin Gomez: Hacking GNU for the first time

Intern standing at a podium speaking into a microphone

Hi, my name is Daniel. I'm from Spain, where I'm currently studying baccalaureate in sciences before entering university next fall. I was first introduced to GNU/Linux and free software when I was in primary school, and since my last year there I've been using only GNU/Linux distributions on my computer. I started learning programming (a bit of Python) about five years ago, but I quickly moved to C. I had worked on some of my own projects before I joined the FSF this September.

This fall, as part of my internship, I've been contributing to GNU Wget2, a reimplementation of GNU Wget, working on different tasks, most of them from the issues list of the wget2 repository at GitLab. I started with some issues marked as "Junior" in order to get used to the source code, and after some weeks, I went to more difficult tasks like adding some features from wget1.x, such as the speed reporting support to the progress bar or the --use-askpass option (I simply ported the original source code) which calls an extern application given by the user, for instance ssh-askpass, that requests for a username and password. In this way, sensible data is hidden from the command line and the ps output.

I have also been working in new additions like a command line option (named --filter-mime-type) that allows the users to specify the list of MIME types, which may contain shell wildcards, that will be accepted during the download process (or that will be rejected if they begin with '!'; this is quite useful to deal with exceptions).

To end, I would like to thank the people of wget2 (Tim, Darshit and Avinash) and the FSF staff (Andrew, Ian and Ruben) for everything during these months. Happy hacking!

01 October, 2019 02:27PM

Applied Pokology

Nomenclature: poke, Poke and pickles

GNU poke is a pretty new program and it introduces many a new concept. As people are starting to join the development, I think it is a good idea to clarify how I call things. The idea is for everyone to use the same nomenclature when referring to pokeish thingies. Otherwise its gonna get very confusing very soon!

01 October, 2019 12:00AM

September 30, 2019

Sylvain Beucler

RenPyWeb - one year

One year ago I posted a little entry in Ren'Py Jam 2018, which was the first-ever Ren'Py game directly playable in the browser :)

The Question Tutorial

Big thanks to Ren'Py's author who immediately showed full support for the project, and to all the other patrons who joined the effort!

One year later, RenPyWeb is officially integrated in Ren'Py with a one-click build, performances improved, countless little fixes to the Emscripten technology stack provided stability, and more than 60 games of all sizes were published for the web.

RenPyWeb

What's next? I have plans to download resources on-demand (rather than downloading the whole game on start-up), to improve support for mobile browsers, and of course to continue the myriad of little changes that make RenPyWeb more and more robust. I'm also wondering about making our web stack more widely accessible to Pygame, so as to bring more devs in the wonderful world of python-in-the-browser and improve the tech ecosystem - let me know if you're interested.

Hoping to see great new Visual Novels on the web this coming year :)

30 September, 2019 05:01PM

September 26, 2019

FSF Blogs

Submit a session proposal for LibrePlanet 2020 conference: Free the Future by Nov. 20

The Free Software Foundation (FSF) invites activists, hackers, law professionals, artists, students, developers, young people, policymakers, tinkerers, newcomers to free software, and anyone looking for technology that aligns with their ideals, to submit a proposal for a session at our twelfth annual social justice and technology LibrePlanet conference. Potential talks should examine free software through the lens of this year's theme, and can focus on software development, copyleft, community, or other related issues.

Submissions to the call for sessions are being accepted through Wednesday, November 20, 2019 at 12:00pm Eastern Standard time (17:00 UTC).

Over the last decade, LibrePlanet has blossomed from a small gathering of FSF associate members into a vibrant multi-day event that attracts a broad audience of anyone interested in the values of software freedom. LibrePlanet 2019 had almost a thousand people participate around the world, both online and in-person, for workshops and talks centered around the theme of "Trailblazing Free Software." To stay up to date about everything LibrePlanet 2020, visit https://www.libreplanet.org/2020.

Many picture the future of software bringing about a dystopian world because of the daily encroachments on user rights. Even in our own homes, we are not shielded from technology companies listening to every word we say through their proprietary "smart" personal assistants. The thirst for user data gleaned through nonfree software and unethical network services like Amazon and Facebook seems to be unquenchable, and they require strong resistance.

Surveillance developments are becoming more and more unsettling because of the use of facial recognition by state and county agencies. The FBI is planning to actively monitor our social media activity in the name of "safety." Can free software help defend our rights?

Education also needs our attention. The recent introduction of Pearson's "Netflix of textbooks" model inhibits students' rights to education by digitally constraining their learning environment. With our 2019 International Day Against Digital Restrictions Management (DRM), we are exposing our rapidly diminishing authority over our technology, as exemplified by Pearson. Steps like these set a dangerous precedent for all readers, no matter their age or location.

These are just some of the many examples that come to mind when contemplating the direction technology is taking us. For each new convenience that we gain, it seems we lose even more in the process, exchanging intangible but vital rights to freedom and privacy for the latest new gadget. But there is resistance, and it doesn't have to be this way. The free software community has continuously defied the pressure to use nonfree software and provided a means of escape. We are in the unique position to offer solutions to these problems by combining our technical abilities and educational skills with our ethical dedication to envision a future free from the clutches of nonfree software and network services that mistreat their users. In short, 2020 will be the year we "Free the Future."

About LibrePlanet

LibrePlanet is an annual conference for free software users and anyone who cares about the intersection of technology and social justice. For more than a decade, LibrePlanet has brought together thousands of diverse voices and knowledge bases, including free software developers, policy experts, activists, hackers, students, and people who have just begun to learn about free software. If you want to learn more about the FSF's yearly free software conference, you can explore the presentations and videos from previous years.

From a LibrePlanet visitor: "Seeing so many people together who care about the role of software in society gives me renewed conviction to advocate for software freedom. My first LibrePlanet certainly raised my awareness of the social side of software."

What kind of sessions are we looking for?

  • Examine free software through this year's theme, "Free the Future," in the broader spheres of education, licensing, medicine, government, business, art, or social movements

  • Share an update on your free software project

  • Present strategies for strengthening the free software community

  • Explore current topics in free software licensing and copyleft, or give a great licensing tutorial

  • Host a workshop on how to use a free software tool, free software program, or free hardware project

  • Explore a free software concept in an interactive session

  • Lead a project "sprint" (a group work session)

It's important to us to provide sessions that are friendly to newcomers, as well as those that help experienced hackers push their technical skills. Whatever your experience level or the experience level of your audience, we want to include your session! (As a corollary of this, we also welcome sessions for kids or teens.) If you're new to the community, or looking for inspiration, check out last year's conference site and session videos.

Need help attending LibrePlanet?

The FSF is able to offer a limited amount of funding to bring conference participants to LibrePlanet from all around the world. You can submit your travel fund application together with your session proposal. You can also donate and help others attend.

Office hours on IRC

This year we will be holding office hours on IRC. Those will be designated times where the LibrePlanet team, and experienced community volunteers, will be available to help potential speakers prepare their session proposals for LibrePlanet. Office hours are on Thursdays, and start October 3rd on the #LibrePlanet IRC channel on Freenode. They will continue every Thursday until the call for sessions closes on November 20th.

Times are the following:

  • October 3rd - October 31: from 13:00 - 14:00 Eastern Daylight time (17:00 UTC)

  • November 7th - November 14th: 13:00 - 14:00 Eastern Standard time (18:00 UTC)

Video coverage and remote participation

The FSF's technical team uses only free software to livestream and record LibrePlanet. Unless speakers opt out, scheduled talks will be streamed live over the Internet for anyone not physically able to attend, and recordings will be published online after the event, along with presentation slides and papers whenever available. We encourage participation for anyone not physically able to attend. Anyone interested can connect to people in their area via the LibrePlanet wiki and organize a viewing party or open a discussion via IRC. If you need any help with organization or connecting, or have a brilliant idea that we should know about, please contact us at campaigns@fsf.org or visit our #LibrePlanet IRC channel on Freenode.

Sponsor LibrePlanet

LibrePlanet depends on community support. By becoming a sponsor, you directly invest in strengthening the free software community. Among other things, it allows the FSF to offer gratis participation and accommodation to a select group of applicants that would not be able to attend otherwise.

For information on how your company can sponsor LibrePlanet or have a table in our exhibit hall, please email campaigns@fsf.org.

26 September, 2019 08:20PM

September 25, 2019

FSF News

Free Software Wireless-N Mini Router v2 from ThinkPenguin, Inc. now FSF-certified to Respect Your Freedom

ThinkPenguin mini-routers

BOSTON, Massachusetts, USA -- Wednesday, September 25th, 2019 -- The Free Software Foundation (FSF) today awarded Respects Your Freedom (RYF) certification to the Free Software Wireless-N Mini Router v2 (TPE-R1200) from ThinkPenguin, Inc. The RYF certification mark means that these products meet the FSF's standards in regard to users' freedom, control over the product, and privacy.

This is ThinkPenguin's fourteenth device to receive RYF certification in 2019. The FSF announced certification of seven devices from ThinkPenguin on March 21st, as well as announcing six additional certifications on May 16th. ThinkPenguin continues to expand their collection of RYF-certified devices, already the largest collection of any RYF retailer. This is the first wireless router to receive RYF certification since the Free Software Wireless-N Mini Router (TPE-R1100) in 2016. This latest addition offers users several improvements over previously certified devices.

"The TPE-R1200 is a more powerful version of a previously RYF-certified router and ships with some new features, including two external RP-SMA antennas that provide for a greater wireless range. For those looking to hack on the router, there is a new, more powerful CPU, as well as significantly more NAND, NOR, and RAM," said Christopher Waid, founder and CEO of ThinkPenguin.

As with previous routers from ThinkPenguin, the Free Software Wireless-N Mini Router v2 ships with an FSF-endorsed fully free embedded GNU/Linux distribution called libreCMC. It also comes with a custom flavor of the U-Boot boot loader, assembled by the maintainer of libreCMC and former FSF intern Robert Call. The router enables users to run multiple devices on a network through a VPN service, helping to simplify the process of keeping their communications secure and private. While ThinkPenguin offers a VPN service, users are not required to purchase a subscription, and the device comes with detailed instructions on how to use the router with a wide variety of VPN providers.

"Protecting privacy is more important than ever. It's exciting to have an updated option for users seeking to shield their networks and their personal data," said the FSF's executive director, John Sullivan.

The first Free Software Wireless-N Mini Router served as an example case study in excellent free software license compliance for devices in Copyleft and the GNU General Public License: A Comprehensive Tutorial and Guide.

"ThinkPenguin continues its tradition of exemplary work with the latest edition of the router. It's great to have an organization like ThinkPenguin showing the world what is possible when it comes to offering freedom-respecting devices. They continue to raise the bar in terms of their dedication to offering products that meet the stringent criteria of the Respects Your Freedom certification program," said the FSF's licensing and compliance manager, Donald Robertson, III.

To learn more about the Respects Your Freedom certification program, including details on the certification of these ThinkPenguin devices, please visit https://fsf.org/ryf.

Retailers interested in applying for certification can consult https://www.fsf.org/resources/hw/endorsement/criteria.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

About ThinkPenguin, Inc.

Started by Christopher Waid, founder and CEO, ThinkPenguin, Inc. is a consumer-driven company with a mission to bring free software to the masses. At the core of the company is a catalog of computers and accessories with broad support for GNU/Linux. The company provides technical support for end-users and works with the community, distributions, and upstream projects to make GNU/Linux all that it can be.

Media Contacts

Donald Robertson, III
Licensing and Compliance Manager
Free Software Foundation
+1 (617) 542 5942
licensing@fsf.org

ThinkPenguin, Inc.
+1 (888) 39 THINK (84465) x703
media@thinkpenguin.com

25 September, 2019 08:25PM

Gary Benson

Resetting the Root Password on Fedora

Yesterday I made a Fedora 30 VM on my RHEL 7 box, and for some reason I couldn’t log in as root after the installation finished. Well, it’s been a while, so I had to look it up, and following the instructions didn’t work either—I finally managed to get a shell, but the terminal was corrupted. Because it was a VM? Because the instructions were out of date? I’ve no idea. Anyway, here’s what I did, with the stuff that wasn’t in the instructions underlined:

  1. Reboot and wait for the GRUB menu to appear.
  2. In the menu, highlight any entry and press e to edit it.
  3. Find the line beginning with linux. Remove the rhgb and quiet options, then add init=/bin/sh at the end of the line.
  4. Press Ctrl-X to boot with those options. After a while you should get a root shell. The prompt was sh-5.0# on my system, not sh-4.2# like the instructions say, but it doesn’t matter.
  5. Run the commands in the instructions:
    /usr/sbin/load_policy -i
    mount -o remount,rw /
    passwd root
    mount -o remount,ro /
  6. The instructions say to reboot now, but none of the commands to reboot the system worked at this point. Probably they expected systemd. No problem, I hit “Force Reset” in Virtual Machine Manager. I probably should have run a sync or two beforehand, but I didn’t think to.

Ta-da, working systemđŸ˜

25 September, 2019 02:56PM by gbenson

September 24, 2019

texinfo @ Savannah

Texinfo 6.7 released

We have released version 6.7 of Texinfo, the GNU documentation format.

It's available via a mirror (xz is much smaller than gz, but gz is available too just in case):

http://ftpmirror.gnu.org/texinfo/texinfo-6.7.tar.xz
http://ftpmirror.gnu.org/texinfo/texinfo-6.7.tar.gz

Please send any comments to bug-texinfo@gnu.org.

Full announcement: https://lists.gnu.org/archive/html/info-gnu/2019-09/msg00007.html

24 September, 2019 01:45PM by Gavin D. Smith

September 22, 2019

parallel @ Savannah

GNU Parallel 20190922 ('Stallman') released

GNU Parallel 20190922 ('Stallman') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17.

See https://www.gnu.org/software/parallel/10-years-anniversary.html

Quote of the month:

  IMHO, SQLite and GNU Parallel are among the world's great software.
    -- singe@reddit

New in this release:

  • --nice is now inherited by the nice level that GNU Parallel is started at. So 'nice -n10 parallel' will also cause remote jobs to be run at nice level 10.
  • --delay is now accurate to within 5 ms.
  • Bug fixes and man page updates.

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

For example you can run this to convert all jpeg files into png and gif files and have a progress bar:

  parallel --bar convert {1} {1.}.{2} ::: *.jpg ::: png gif

Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:

  find . -name '*.jpg' |
    parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: - ::: 50 100 200

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with:

    $ (wget -O - pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ || \
       fetch -o - http://pi.dk/3 ) > install.sh
    $ sha1sum install.sh | grep 3374ec53bacb199b245af2dda86df6c9
    12345678 3374ec53 bacb199b 245af2dd a86df6c9
    $ md5sum install.sh | grep 029a9ac06e8b5bc6052eac57b2c3c9ca
    029a9ac0 6e8b5bc6 052eac57 b2c3c9ca
    $ sha512sum install.sh | grep f517006d9897747bed8a4694b1acba1b
    40f53af6 9e20dae5 713ba06c f517006d 9897747b ed8a4694 b1acba1b 1464beb4
    60055629 3f2356f3 3e9c4e3c 76e3f3af a9db4b32 bd33322b 975696fc e6b23cfb
    $ bash install.sh

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 September, 2019 04:30PM by Ole Tange

September 18, 2019

lightning @ Savannah

GNU lightning 2.1.3 released!

GNU lightning is a library to aid in making portable programs
that compile assembly code at run time.

Development:
http://git.savannah.gnu.org/cgit/lightning.git

Download release:
ftp://ftp.gnu.org/gnu/lightning/lightning-2.1.3.tar.gz

  2.1.3 main features are the new RISC-V port, currently supporting
only Linux 64 bit, and a major rewrite of the register live and
unknown state logic, so that a long standing issue with a live
register not accessed for several consecutive blocks could be
incorrectly assumed dead.

The matrix of built and tested environments is:
aarch64 Linux (Linaro, Foundation_v8pkg)
alpha Linux (QEMU)
armv7l Linux (QEMU)
armv7hl Linux (QEMU)
hppa Linux (32 bit, QEMU)
i686 Linux and Cygwin
ia64 Linux
mips Linux (32 bit)
powerpc32 Linux
powerpc64 Linux and AIX
powerpc64le Linux
riscv Linux (64 bit, QEMU)
s390 Linux (Hercules)
s390x Linux (Hercules)
sparc Linux (QEMU)
sparc64 Linux (QEMU)
x32 Linux (QEMU)
x86_64 Linux and Cygwin

------------------------------------------------------------------------

aarch64:
 o Correct immediate checks on aarch64.

alpha:
 o Always set the t12 register to the address of the called function.

hppa:
 o Correct wrong regarg_p check.

mips:
 o Correct issues with 32 bit big endian mips abis.
 o Use JALR to get the same effect as JR.

powerpc:
 o Update powerpc 32 bit port for the SYSV abi.

x86_64:
 o Properly mark %r12 as callee save in x86_64.

generic:
 o Correct logic error with the return register on several ports.
 o Redesign the live and unknown register logic.
 o Correct assertion on jit_unget_reg when there is a carry register.
 o Update check/qalu.inc for more consistent verifications.
 o Create lightning.h.in to remove dependency on config.h.
 o Add wrapper to jit_live() to check/lightning test tool.
 o Allow patching jit_ldi and jit_sti the same way as jit_movi.
 o Correct doc/printf example to call jit_prepare.

18 September, 2019 08:57PM by Paulo César Pereira de Andrade

September 17, 2019

FSF News

Richard M. Stallman resigns

The board will be conducting a search for a new president, beginning immediately. Further details of the search will be published on fsf.org.

For questions, contact FSF executive director John Sullivan at johns@fsf.org.

17 September, 2019 02:10AM

September 14, 2019

remotecontrol @ Savannah

bison @ Savannah

Bison 3.4.2 released [stable]

Bison 3.4.2 is a bug fix release of the 3.4 series.  It fixes a number of
hard-to-find bugs, mostly discovered by fuzzing.

In Bison 3.4 a particular focus was put on improving the diagnostics, which
are now colored by default, and accurate with multibyte input.  Their format
was also changed, and is now similar to GCC 9's diagnostics.

Users of the default backend (yacc.c) can use the new %define variable
api.header.include to avoid duplicating the content of the generated header
in the generated parser.  There are two new examples installed, including a
reentrant calculator which supports recursive calls to the parser and
Flex-generated scanner.

See below for more details.

==================================================================

Bison is a general-purpose parser generator that converts an annotated
context-free grammar into a deterministic LR or generalized LR (GLR) parser
employing LALR(1) parser tables.  Bison can also generate IELR(1) or
canonical LR(1) parser tables.  Once you are proficient with Bison, you can
use it to develop a wide range of language parsers, from those used in
simple desk calculators to complex programming languages.

Bison is upward compatible with Yacc: all properly-written Yacc grammars
work with Bison with no change.  Anyone familiar with Yacc should be able to
use Bison with little trouble.  You need to be fluent in C, C++ or Java
programming in order to use Bison.

Here is the GNU Bison home page:
   https://gnu.org/software/bison/

==================================================================

Here are the compressed sources:
  https://ftp.gnu.org/gnu/bison/bison-3.4.2.tar.gz   (4.1MB)
  https://ftp.gnu.org/gnu/bison/bison-3.4.2.tar.xz   (3.1MB)

Here are the GPG detached signatures[*]:
  https://ftp.gnu.org/gnu/bison/bison-3.4.2.tar.gz.sig
  https://ftp.gnu.org/gnu/bison/bison-3.4.2.tar.xz.sig

Use a mirror for higher download bandwidth:
  https://www.gnu.org/order/ftp.html

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact.  First, be sure to download both the .sig file
and the corresponding tarball.  Then, run a command like this:

  gpg --verify bison-3.4.2.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

  gpg --keyserver keys.gnupg.net --recv-keys 0DDCAA3278D5264E

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
  Autoconf 2.69
  Automake 1.16.1
  Flex 2.6.4
  Gettext 0.19.8.1
  Gnulib v0.1-2844-g03add7eb9

==================================================================

NEWS

* Noteworthy changes in release 3.4.2 (2019-09-08) [stable]

** Bug fixes

  In some cases, when warnings are disabled, bison could emit tons of white
  spaces as diagnostics.

  When running out of memory, bison could crash (found by fuzzing).

  When defining twice the EOF token, bison would crash.

  New warnings from recent compilers have been addressed in the generated
  parsers (yacc.c, glr.c, glr.cc).

  When lone carriage-return characters appeared in the input file,
  diagnostics could hang forever.

* Noteworthy changes in release 3.4.1 (2019-05-22) [stable]

** Bug fixes

  Portability fixes.

* Noteworthy changes in release 3.4 (2019-05-19) [stable]

** Deprecated features

  The %pure-parser directive is deprecated in favor of '%define api.pure'
  since Bison 2.3b (2008-05-27), but no warning was issued; there is one
  now.  Note that since Bison 2.7 you are strongly encouraged to use
  '%define api.pure full' instead of '%define api.pure'.

** New features

*** Colored diagnostics

  As an experimental feature, diagnostics are now colored, controlled by the
  new options --color and --style.

  To use them, install the libtextstyle library before configuring Bison.
  It is available from

    https://alpha.gnu.org/gnu/gettext/

  for instance

    https://alpha.gnu.org/gnu/gettext/libtextstyle-0.8.tar.gz

  The option --color supports the following arguments:
    - always, yes: Enable colors.
    - never, no: Disable colors.
    - auto, tty (default): Enable colors if the output device is a tty.

  To customize the styles, create a CSS file similar to

    /* bison-bw.css */
    .warning   { }
    .error     { font-weight: 800; text-decoration: underline; }
    .note      { }

  then invoke bison with --style=bison-bw.css, or set the BISON_STYLE
  environment variable to "bison-bw.css".

*** Disabling output

  When given -fsyntax-only, the diagnostics are reported, but no output is
  generated.

  The name of this option is somewhat misleading as bison does more than
  just checking the syntax: every stage is run (including checking for
  conflicts for instance), except the generation of the output files.

*** Include the generated header (yacc.c)

  Before, when --defines is used, bison generated a header, and pasted an
  exact copy of it into the generated parser implementation file.  If the
  header name is not "y.tab.h", it is now #included instead of being
  duplicated.

  To use an '#include' even if the header name is "y.tab.h" (which is what
  happens with --yacc, or when using the Autotools' ylwrap), define
  api.header.include to the exact argument to pass to #include.  For
  instance:

    %define api.header.include {"parse.h"}

  or

    %define api.header.include {<parser/parse.h>}

*** api.location.type is now supported in C (yacc.c, glr.c)

  The %define variable api.location.type defines the name of the type to use
  for locations.  When defined, Bison no longer defines YYLTYPE.

  This can be used in programs with several parsers to factor their
  definition of locations: let one of them generate them, and the others
  just use them.

** Changes

*** Graphviz output

  In conformance with the recommendations of the Graphviz team, if %require
  "3.4" (or better) is specified, the option --graph generates a *.gv file
  by default, instead of *.dot.

*** Diagnostics overhaul

  Column numbers were wrong with multibyte characters, which would also
  result in skewed diagnostics with carets.  Beside, because we were
  indenting the quoted source with a single space, lines with tab characters
  were incorrectly underlined.

  To address these issues, and to be clearer, Bison now issues diagnostics
  as GCC9 does.  For instance it used to display (there's a tab before the
  opening brace):

    foo.y:3.37-38: error: $2 of ‘expr’ has no declared type
     expr: expr '+' "number"        { $$ = $1 + $2; }
                                         ^~
  It now reports

    foo.y:3.37-38: error: $2 of ‘expr’ has no declared type
        3 | expr: expr '+' "number" { $$ = $1 + $2; }
          |                                     ^~

  Other constructs now also have better locations, resulting in more precise
  diagnostics.

*** Fix-it hints for %empty

  Running Bison with -Wempty-rules and --update will remove incorrect %empty
  annotations, and add the missing ones.

*** Generated reports

  The format of the reports (parse.output) was improved for readability.

*** Better support for --no-line.

  When --no-line is used, the generated files are now cleaner: no lines are
  generated instead of empty lines.  Together with using api.header.include,
  that should help people saving the generated files into version control
  systems get smaller diffs.

** Documentation

  A new example in C shows an simple infix calculator with a hand-written
  scanner (examples/c/calc).

  A new example in C shows a reentrant parser (capable of recursive calls)
  built with Flex and Bison (examples/c/reccalc).

  There is a new section about the history of Yaccs and Bison.

** Bug fixes

  A few obscure bugs were fixed, including the second oldest (known) bug in
  Bison: it was there when Bison was entered in the RCS version control
  system, in December 1987.  See the NEWS of Bison 3.3 for the previous
  oldest bug.

14 September, 2019 07:01AM by Akim Demaille

September 12, 2019

FSF News

International Day Against DRM (IDAD): Defending the right to read on Oct. 12

BOSTON, Massachusetts, USA -- Thursday, September 12th, 2019 -- A global community of students, teachers, and activists are taking part in the Defective by Design campaign's 13th annual International Day Against DRM. Though from different backgrounds, countries, and perspectives, participants in the campaign share the common cause of opposing Digital Restrictions Management (DRM), a widespread technology that places heavy restrictions on how people access digital media.

On Saturday, October 12th, there will be two events held in Boston: a protest outside of the Pearson Education offices at 501 Boylston Street, followed by an evening "hackathon," or collaboration session, on unrestricted and truly shareable educational materials at the offices of the Free Software Foundation (FSF) at 51 Franklin Street.

Typically, DRM is used to restrict a user's access to music, films, and software. It is embedded in both physical and digital media, such as the "copy protection" on a Blu-ray disc or the mechanism that prevents recording (or even taking screenshots) from services like Netflix. Increasingly, however, it has been extending into the realm of education. Pearson Education and similar publishers' move to a "digital-first" method of textbook distribution is an example of this. This new method of educational publishing forces students away from the reliability of a paper book, moving them instead to a temporarily "rented" text that can only be accessed under strictly specific conditions and for a limited amount of time. In many cases systems like these also require a constant Internet connection for authentication purposes, to make sure the reader is authorized to access their book, and additionally collects telemetric data based on their reading habits.

"DRM is about more than just 'bad' file formats or streaming services. It is more than just an inconvenience. DRM is a concerted attack on free society," said Greg Farough, campaigns manager at the FSF. "It isn't just that DRM is an ineffective method of protecting copyright, or that it undermines historic preservation of digital media. It is fundamentally unethical and anti-education. The International Day Against DRM is one way we can empower people to take a strong stance against DRM, and educate others on its importance. I'm very glad that this year we will be able to voice our dissent against DRM, as well as demonstrate that it is possible to envision a world without it."

Now in its 13th year, Defective by Design has a long history of campaigning for a user's rights to control their media and the devices they use to interact with it. Likewise, being the anti-DRM campaign of the FSF, it is inspired by the spirit and community of the global movement for user freedom. This year, Defective by Design is not only encouraging people to protest against Pearson, but is also sponsoring local and remote "hackathons" on collaboratively edited and shareable textbooks like those produced by FLOSSManuals and Wikibooks.

The campaign is encouraging people to participate in a variety of online and in-person actions, coordinated through the Web site dedicated to the anti-DRM cause at DefectivebyDesign.org. To be part of Defective by Design's year-round anti-DRM campaigns, supporters can join the low-volume Action Alerts email list. Those interested in more active participation in the fight against DRM are invited to join the FSF's LibrePlanet wiki to document the new developments and threats DRM poses to user freedom worldwide.

Along with blockchain technologies, artificial intelligence, and algorithms, DRM has been a hot issue this year, and has been reported on widely in the press:

  • Reacting to Microsoft's announcement that they would be closing down their ebook store (and with it, the forcible deletion of many of its users ebook libraries), Wired wrote a popular article on the "ebook apocalypse" users of the service faced.

  • The MIT Press issued a landmark study on the use of DRM in streaming media services, analyzing both the technical and ethical implications of the popularity of Spotify and its ability to leverage DRM-restricted media to gather data and even psychologically manipulate its users. During their work on Spotify Teardown: Inside the Black Box of Streaming Music, the authors received a cease and desist notice from the company.

  • Writing for Locus Magazine, author and technologist Cory Doctorow wrote on the "broken promise" of DRM, calling the shift from a user's "owning" a piece of digital media to "licensing" it a return to feudalism.

  • An article addressing the shutdown of the digital video service UltraViolet appeared in Forbes, highlighting it as a Hollywood failure to control the flow of digital media.

The campaign is inviting other organizations to participate, by contacting info@defectivebydesign.org to have their names added to a list of supporters, and to discuss possible actions. In 2018, organizations like the Electronic Frontier Foundation, Creative Commons, iFixIt, and the Document Foundation were partners.

About Defective By Design

Defective by Design is the Free Software Foundation's campaign against Digital Restrictions Management (DRM). DRM is the practice of imposing technological restrictions that control what users can do with digital media, creating a product that is defective by design. DRM requires the use of proprietary software, and is a major threat to computer user freedom. It often spies on users as well. The campaign, based at https://defectivebydesign.org, organizes anti-DRM activists for in-person and online actions, and challenges powerful media and technology interests promoting DRM. Supporters can donate to the campaign at https://crm.fsf.org/civicrm/contribute/transact?reset=1&id=40.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

Media Contact

Greg Farough
Campaigns Manager
Free Software Foundation
(617) 542-5942
campaigns@fsf.org

12 September, 2019 03:40PM

September 10, 2019

FSF Events

Freedom Embedded: Why privacy, security, and user rights depend on software freedom

Please join us for a presentation this Thursday in Somerville! Free Software Foundation (FSF) campaigns manager Greg Farough and copyright and licensing associate Craig Topham will be giving a presentation entitled "Freedom Embedded: Why privacy, security, and user rights depend on software freedom" at 18:30 at:

  Artisan's Asylum
  10 Tyler Street
  Somerville, Massachusetts, 02143

The event is free to members of Artisan's Asylum, with a $10 suggested donation from the public at the door.

10 September, 2019 04:15PM

September 09, 2019

Parabola GNU/Linux-libre

ATTN: bleachbit users

there is a subtlety to note with the packaging of bleachbit-2.2.2 - if you have ever previously run bleachbit with su privilidges, you will be unable to upgrade to bleachbit-2.2.2 - you must run this command first:

# rm -rf /usr/share/bleachbit

09 September, 2019 02:30PM by bill auger

September 05, 2019

FSF Events

International Day Against DRM (IDAD) 2019

Defective by Design is calling on you to stand up against Digital Restrictions Management (DRM) on the International Day Against DRM (IDAD) on October 12th, 2019. This year we will be focusing specifically on everyone's right to read, particularly by urging publishers to free students and educators from the unnecessary and cumbersome restrictions that make their access to necessary course materials far more difficult.

For thirteen years, we have used IDAD to mobilize actions that stand up for the freedom of users everywhere. This year, we'll be continuing the fight by bringing in a round of in-person actions, guest bloggers, organizing tips, and a few surprises that you won't want to miss. Follow along with us at the Defective by Design Web site, join the DRM Elimination Crew mailing list, and read about our past actions, such as last year's IDAD, and our protest of the W3C's decision to embed DRM into the core framework of the Internet.

How to participate

  • The easiest way to participate is to join us in going a Day Without DRM, and resolve to spend an entire day (or longer!) without Netflix, Hulu, and other restricted services to show your support of the movement. Document your experiences on social media using the tags "#idad" or "#dbd," and let us know at info@defectivebydesign.org if you have a special story you'd like us to share.

  • Even more effective is to join up with others to make your voice louder. We'll be providing activists around the world with support on how they can stage their own local in-person event, as well as how to join us online while we help improve the free and ethical alternatives to educational materials restricted by DRM.

  • In Boston, we'll be leading the way with our own demonstration on October 12th, 2019 at Pearson Education's corporate offices, followed by an evening hackathon on collaborative, freely licensed educational materials.

  • Follow us on GNU social or Twitter (with caveats) to stay posted on all the events we have planned, in addition to more news items on how you can resist DRM.

  • If you're IRC-inclined, join us in the #dbd channel on the Freenode network for real-time chat and collaboration on DRM-related actions.

  • Join and take part in discussions on the DRM Elimination Crew mailing list, where we'll be sending all of the information about this year's campaign.

  • Are you an organization or project interested in supporting IDAD? We're looking for vendors of DRM-free media, organizations that support the building of a DRM-free world, and those who believe in the mission of DbD to participate by offering sales, writing blog posts, organizing events, and sharing information with your members about IDAD. Please contact us at info@defectivebydesign.org for more information.

05 September, 2019 10:00PM

August 29, 2019

FSF News

Early registration open for FSF's licensing seminar on Oct 16 in Raleigh, NC

The CLE seminar is a regular program from the FSF, where a select a group of experts and experienced instructors in the free software community provide a comprehensive overview of current affairs in GPL Enforcement and Legal Ethics. We invite legal professionals, law students, free software developers, and anyone interested in licensing and compliance topics to join. While registration is open to the public, this seminar is a special opportunity for legal professionals and law students who can potentially earn continuing legal education (CLE) credits for participating (approval pending). The program will be available shortly on the event page.

registration for this event is now closed.

Attendees of the full day seminar will learn about copyleft and other important concepts in the GNU family of licenses, best practices in the free software licensing enforcement process, ethical considerations important to any lawyer working with clients involved in free software, and other current topics in free software licensing.

We are also opening up the event for potential sponsorships; offering a unique opportunity to align with the FSF and the professional ethics considerations in free software. Sponsors will receive complimentary passes to this event, as well as additional benefits. For more information, you can contact us at zoe@fsf.org.

The sessions will be led by experts and respected leaders in the free software community, including:

  • John Sullivan, Free Software Foundation executive director;

  • Justin C. Colannino, JD, attorney at Microsoft;

  • Marc Jones, JD, in-house counsel and compliance engineer at CivicActions; and

  • Pamela Chestek, JD, principal of Chestek Legal.

  • Donald R. Robertson, III, JD, licensing and compliance manager of the Free Software Foundation.

FSF program manager will also be giving introductory and closing remarks.

A detailed agenda, as well as curriculum materials, will soon be posted on the event page. If you have any questions, or if you would like to sponsor this event, please contact licensing@fsf.org.

Thanks in advance for helping us spread the word, and we hope to see you at the event.

Registration for this event is now closed

Event page

29 August, 2019 07:35PM

August 26, 2019

Parabola GNU/Linux-libre

[From Arch] astyle>=3.1-2 update requires manual intervention

The astyle package prior to version 3.1-2 was missing a soname link. This has been fixed in 3.1-2, so the upgrade will need to overwrite the untracked soname link created by ldconfig. If you get an error

astyle: /usr/lib/libastyle.so.3 exists in filesystem

when updating, use

pacman -Suy --overwrite usr/lib/libastyle.so.3

to perform the upgrade.

26 August, 2019 12:00AM by David P.

August 25, 2019

GNU Guile

GNU Guile 2.9.4 (beta) released

We are delighted to announce GNU Guile 2.9.4, the fourth beta release in preparation for the upcoming 3.0 stable series. See the release announcement for full details and a download link.

This release enables inlining of references to top-level definitions within a compilation unit, speeding up some programs by impressive amounts. It also improves compilation of floating-point routines like sin, implements the Ghuloum/Dybvig "Fixing Letrec (reloaded)" algorithm, and allows mixed definitions and expressions within lexical contours, as is the case at the top level. Try it out, it's good times!

GNU Guile 2.9.4 is a beta release, and as such offers no API or ABI stability guarantees. Users needing a stable Guile are advised to stay on the stable 2.2 series.

Experience reports with GNU Guile 2.9.4, good or bad, are very welcome; send them to guile-devel@gnu.org. If you know you found a bug, please do send a note to bug-guile@gnu.org. Happy hacking!

25 August, 2019 08:25PM by Andy Wingo (guile-devel@gnu.org)

August 22, 2019

parallel @ Savannah

GNU Parallel 20190822 ('Jesper Svarre') released [stable]

GNU Parallel 20190822 ('Jesper Svarre') [stable] has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

No new functionality was introduced so this is a good candidate for a stable release.

GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17.

See https://www.gnu.org/software/parallel/10-years-anniversary.html

Quote of the month:

  It is, beyond absolutely any doubt whatsoever, the single most
  important tool I use in making me a productive bioinformatician.
    -- A-N-Other@reddit.com

New in this release:

  • Bug fixes and man page updates.

Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

For example you can run this to convert all jpeg files into png and gif files and have a progress bar:

  parallel --bar convert {1} {1.}.{2} ::: *.jpg ::: png gif

Or you can generate big, medium, and small thumbnails of all jpeg files in sub dirs:

  find . -name '*.jpg' |
    parallel convert -geometry {2} {1} {1//}/thumb{2}_{1/} :::: - ::: 50 100 200

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with:

    $ (wget -O - pi.dk/3 || lynx -source pi.dk/3 || curl pi.dk/3/ || \
       fetch -o - http://pi.dk/3 ) > install.sh
    $ sha1sum install.sh | grep 3374ec53bacb199b245af2dda86df6c9
    12345678 3374ec53 bacb199b 245af2dd a86df6c9
    $ md5sum install.sh | grep 029a9ac06e8b5bc6052eac57b2c3c9ca
    029a9ac0 6e8b5bc6 052eac57 b2c3c9ca
    $ sha512sum install.sh | grep f517006d9897747bed8a4694b1acba1b
    40f53af6 9e20dae5 713ba06c f517006d 9897747b ed8a4694 b1acba1b 1464beb4
    60055629 3f2356f3 3e9c4e3c 76e3f3af a9db4b32 bd33322b 975696fc e6b23cfb
    $ bash install.sh

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your command line will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, March 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 August, 2019 09:09PM by Ole Tange

August 21, 2019

freeipmi @ Savannah

FreeIPMI 1.6.4 Released

https://ftp.gnu.org/gnu/freeipmi/freeipmi-1.6.4.tar.gz

o In libfreeipmi, add additional workarounds for packets that are
  re-ordered during sensor bridging.
o In libfreeipmi, add additional sensor / event interpretations.
o In libfreeipmi, fix error return value on bridging requests.
o Add workaround in ipmi-sel for QuantaPlex T42D-2U motherboard,
  whichlists a SDR record that makes no sense.
o Add workaround for Dell Poweredge FC830, which have an error
  when reading the last SDR record on a motherboard.
o Support Supermicro X10 OEM dimm events.

21 August, 2019 11:47PM by Albert Chu

August 20, 2019

gsl @ Savannah

GNU Scientific Library 2.6 released

Version 2.6 of the GNU Scientific Library (GSL) is now available. GSL provides a large collection of routines for numerical computing in C.

This release introduces major performance improvements to common linear algebra matrix factorizations, as well as numerous new features and bug fixes. The full NEWS file entry is appended below.

The file details for this release are:

ftp://ftp.gnu.org/gnu/gsl/gsl-2.6.tar.gz
ftp://ftp.gnu.org/gnu/gsl/gsl-2.6.tar.gz.sig

The GSL project homepage is http://www.gnu.org/software/gsl/

GSL is free software distributed under the GNU General Public License.

Thanks to everyone who reported bugs and contributed improvements.

Patrick Alken

-------------------------------

  • What is new in gsl-2.6:
    • add BLAS calls for the following functions:

     - gsl_vector_memcpy
     - gsl_vector_scale
     - gsl_matrix_memcpy
     - gsl_matrix_transpose_memcpy
     - gsl_matrix_tricpy
     - gsl_matrix_transpose_tricpy

    • deprecated functions gsl_linalg_complex_householder_hm and

   gsl_linalg_complex_householder_mh

    • add unit tests for gsl_linalg_symmtd and gsl_linalg_hermtd
    • multilarge TSQR algorithm has been converted to use the new Level 3 QR decomposition
    • nonlinear least squares Cholesky solver now uses the new Level 3 BLAS

   method; the old modified Cholesky solver is still available under
   gsl_multifit_nlinear_solver_mcholesky and gsl_multilarge_nlinear_solver_mcholesky

    • implemented Level 3 BLAS versions of several linear algebra routines:

     - Triangular matrix inversion
     - Cholesky decomposition and inversion (real and complex)
     - LU decomposition and inversion (real and complex)
     - QR decomposition (courtesy of Julien Langou)
     - Generalized symmetric/hermitian eigensystem reduction to standard form

    • removed deprecated function gsl_linalg_hessenberg()
    • renamed gsl_interp2d_eval_e_extrap() to gsl_interp2d_eval_extrap_e()

   to match documentation (reported by D. Lebrun-Grandie)

    • renamed some of the gsl_sf_hermite functions to be more consistent

   with rest of the library, and deprecated old function names

    • updated gsl_sf_hermite_func() to use a newer algorithm

   due to B. Bunck which is more stable for large x; also added
   gsl_sf_hermite_func_fast() which uses the faster Cauchy integral
   algorithm in the same paper by Bunck

    • add gsl_vector_axpby()
    • add un-pivoted LDLT decomposition and its banded

   variant (gsl_linalg_ldlt_* and gsl_linalg_ldlt_band_*)

    • add binary search tree module (gsl_bst); based on GNU libavl
    • remove -u flag to gsl-histogram
    • updated spmatrix module

   - added routines and data structures for all types (float,uint,char,...)
   - added gsl_spmatrix_scale_columns() and gsl_spmatrix_scale_rows()
   - added gsl_spmatrix_add_to_dense()
   - more efficient reallocation of COO/triplet matrices (no longer rebuilds binary tree)
   - enhanced test suite
   - added gsl_spmatrix_min_index()

    • add routines for banded Cholesky decomposition (gsl_linalg_cholesky_band_*)
    • documented gsl_linalg_LQ routines and added gsl_linalg_LQ_lssolve()

20 August, 2019 07:52PM by Patrick Alken

August 11, 2019

unifont @ Savannah

Unifont 12.1.03 Released

11 August 2019 Unifont 12.1.03 is now available. Significant changes in this version include the replacement of the Jiskan glyphs in the Japanese version, unifont_jp, with Izumi public domain glyphs.  Also, modifications to Limbu, Buginese, Tai Tham, Adlam, and Mayan Numerals, plus a redrawn Indian Rupee Sign.  Full details are in the ChangeLog file.

Download this release at:

https://ftpmirror.gnu.org/unifont/unifont-12.1.03/

or if that fails,

https://ftp.gnu.org/gnu/unifont/unifont-12.1.03/

or, as a last resort,

ftp://ftp.gnu.org/gnu/unifont/unifont-12.1.03/

11 August, 2019 08:53PM by Paul Hardy

August 07, 2019

Christopher Allan Webber

ActivityPub Conf 2019 Speakers

Good news everyone! The speaker list for ActivityPub Conf 2019 is here! (In this document, below, but also in ODT and PDF formats.)

(Bad news everyone: registration is closed! We're now at 40 people registered to attend. However, we do aim to be posting recordings of the event afterwards if you couldn't register in time.)

But, just in case you'd rather see the list of speakers on a webpage rather than download a document, here you go:

Keynote: Mark Miller, “Architectures of Robust Openness”

Description coming soon! But we're very excited about Mark Miller keynoting.

Keynote: Christopher Lemmer Webber, “ActivityPub: past, present, future”

This talk gives an overview of ActivityPub: how did we get to this point? Where are we now? Where do we need to go? We'll paint a chart from past to a hopeful future with better privacy, richer interactions, and more security and control for our users.

Matt Baer, “Federated Blogging with WriteFreely”

We're building out one idea of what federated blogging could look like with separate ActivityPub-powered platforms, WriteFreely and Read.as -- one for writing and and one for reading. Beyond the software, we're also offering hosting services and helping new instances spring up to make community-building more accessible, and get ActivityPub-powered software into more hands. In this talk I'll go over our approach so far and where we're headed next.

Caleb James DeLisle, “The case for the unattributed message”

Despite it's significant contribution to internet culture, the archetype of the anonymous image board has been largely ignored by protocol designers. Perhaps the reason for this is because it's all too easy to conflate unattributed speech with unmoderated speech, which has shown itself to be a dead end. But as we've seen from Twitter and Facebook, putting a name on everything hasn't actually worked that well at improving the quality of discourse, but what it does do is put already marginalized people at greater risk.

What I credit as one of the biggest breakthroughs of the fediverse has been the loose federation which allows a person to choose their moderator, completely side stepping the question of undemocratic censorship vs. toxic free speech. Now I want to start a conversation about how we might marry this powerful moderation system to a forum which divorces the expression of thought from all forms of identity.

Cristina DeLisle, “OSS compliance with privacy by default and design”

Privacy is becoming more and more central in shaping the future of tech and the data protection legislation has contributed significantly to making this happen. Privacy by default and design are core principles that are fundamental to how software should be envisioned. The GDPR that came into the spotlight has a strong case to become a standard even outside European borders, influencing the way we protect personal data. However its impact might be, its implementation is still in its infancy. OSS has found itself facing the situation and one aspect which is particularly interesting on the tech side is how to incorporate the principles of privacy by default and design into the software that we build.

This talk is going to be an overview of how the GDPR has impacted FOSS communities, what do we mean by privacy by default and by design, how could we envision them applied in our OSS. It will bring examples from which we might find something interesting to learn from, regardless if we are looking at them as mistakes, best practices or just ways of doing things.

Michael Demetriou, “I don't know what I'm talking about: a newbie's introduction to ActivityPub”

I have just started my development journey in ActivityPubLand and I hope to have a first small application ready before ActivityPubConf. I was thinking that since I have close to zero experience with ActivityPub development, I could document my first month of experience, describe the onboarding process and point out useful resources and common pitfalls. In the end I can showcase what I've done during this period.

Luc Didry, “Advice to new fediverse administrators and developers”

Hosting an ActivityPub service is not like hosting another service… and it's the same for developing ActivityPub software. Here is some advice based on Framasoft's experience (we host a Mastodon instance and develop two ActivityPub software: PeerTube and Mobilizon – the last one is not yet out), errors and observations.

Maloki, “Is ActivityPub paving the way to web 3.0?”

A talk about how we're walking away from Web 2.0, and paving the way to Web 3.0 with ActivityPub development. We'll discuss what this could mean for the future of the web, we'll look at some of the history of the web, and also consider the social implications moving forward.

Pukkamustard, “The Semantic Social Network”

ActivityPub uses JSON-LD as serialization. This means @context field all over the place. But really there is more behind this: ActivityPub speaks Linked Data. In this talk we would like to show what this means and how this can be used to do cool things. We might even convince you that the Fediverse is a huge distributed graph that could be queried in very interesting ways - that the Fediverse is a Semantic Social Network.

Schmittlauch, “Decentralised Hashtag Search and Subscription in Federated Social Networks”

Hashtags have become an important tool for organising topic-related posts in all major social networks, even having managed to spark social movements like #MeToo. In federated social networks, unfortunately so far the view on all posts of a hashtag is fragmented between instances.

For a student research paper I came up with an architecture for search and subscription of hashtag-posts in federated social networks. This additional backend for instances augments the Fediverse with a little bit of P2P technology.

As this architecture is still at a conceptual stage, after presenting my work I'd like to gather ideas and feedback from various Fediverse stakeholders: What do global hashtags mean for marginalised people and moderation, are they more a tool of empowerment or of harassment? How can this concept be represented in the ActivityPub protocol? And what stories do server devs have to tell about common attack scenarios?

Serge Wroclawski, “Keeping Unwanted Messages off the Fediverse”

Spam, scams and harassment pose a threat to all social networks, including the Fediverse. In this talk, we discuss a multilayered approach to mitigating these threats. We explore spam mitigation techniques of the past as well as new techniques such as OcapPub and Postage.

07 August, 2019 03:15PM by Christopher Lemmer Webber

August 03, 2019

GNU Guile

GNU Guile 2.9.3 (beta) released

We are delighted to announce GNU Guile 2.9.3, the third beta release in preparation for the upcoming 3.0 stable series. See the release announcement for full details and a download link.

This release improves the quality of the just-in-time (JIT) native code generation, resulting in up to 50% performance improvements on some workloads. See the article "Fibs, lies, and benchmarks" for an in-depth discussion of some of the specific improvements.

GNU Guile 2.9.3 is a beta release, and as such offers no API or ABI stability guarantees. Users needing a stable Guile are advised to stay on the stable 2.2 series.

Experience reports with GNU Guile 2.9.3, good or bad, are very welcome; send them to guile-devel@gnu.org. If you know you found a bug, please do send a note to bug-guile@gnu.org. Happy hacking!

03 August, 2019 02:20PM by Andy Wingo (guile-devel@gnu.org)

gnuastro @ Savannah

Gnuastro 0.10 released

The 10th release of GNU Astronomy Utilities (Gnuastro) is now available. Please see the announcement for more.

03 August, 2019 02:16AM by Mohammad Akhlaghi

August 01, 2019

libc @ Savannah

The GNU C Library version 2.30 is now available

The GNU C Library
=================

The GNU C Library version 2.30 is now available.

The GNU C Library is used as the C library in the GNU system and
in GNU/Linux systems, as well as many other systems that use Linux
as the kernel.

The GNU C Library is primarily designed to be a portable
and high performance C library.  It follows all relevant
standards including ISO C11 and POSIX.1-2017.  It is also
internationalized and has one of the most complete
internationalization interfaces known.

The GNU C Library webpage is at http://www.gnu.org/software/libc/

Packages for the 2.30 release may be downloaded from:
        http://ftpmirror.gnu.org/libc/
        http://ftp.gnu.org/gnu/libc/

The mirror list is at http://www.gnu.org/order/ftp.html

NEWS for version 2.30
=====================

Major new features:

  • Unicode 12.1.0 Support: Character encoding, character type info, and

  transliteration tables are all updated to Unicode 12.1.0, using
  generator scripts contributed by Mike FABIAN (Red Hat).

  • The dynamic linker accepts the --preload argument to preload shared

  objects, in addition to the LD_PRELOAD environment variable.

  • The twalk_r function has been added.  It is similar to the existing

  twalk function, but it passes an additional caller-supplied argument
  to the callback function.

  • On Linux, the getdents64, gettid, and tgkill functions have been added.
  • Minguo (Republic of China) calendar support has been added as an

  alternative calendar for the following locales: zh_TW, cmn_TW, hak_TW,
  nan_TW, lzh_TW.

  • The entry for the new Japanese era has been added for ja_JP locale.
  • Memory allocation functions malloc, calloc, realloc, reallocarray, valloc,

  pvalloc, memalign, and posix_memalign fail now with total object size
  larger than PTRDIFF_MAX.  This is to avoid potential undefined behavior with
  pointer subtraction within the allocated object, where results might
  overflow the ptrdiff_t type.

  • The dynamic linker no longer refuses to load objects which reference

  versioned symbols whose implementation has moved to a different soname
  since the object has been linked.  The old error message, symbol
  FUNCTION-NAME, version SYMBOL-VERSION not defined in file DSO-NAME with
  link time reference, is gone.

  • Add new POSIX-proposed pthread_cond_clockwait, pthread_mutex_clocklock,

  pthread_rwlock_clockrdlock, pthread_rwlock_clockwrlock and sem_clockwait
  functions.  These behave similarly to their "timed" equivalents, but also
  accept a clockid_t parameter to determine which clock their timeout should
  be measured against.  All functions allow waiting against CLOCK_MONOTONIC
  and CLOCK_REALTIME.  The decision of which clock to be used is made at the
  time of the wait (unlike with pthread_condattr_setclock, which requires
  the clock choice at initialization time).

  • On AArch64 the GNU IFUNC resolver call ABI changed: old resolvers still

  work, new resolvers can use a second argument which can be extended in
  the future, currently it contains the AT_HWCAP2 value.

Deprecated and removed features, and other changes affecting compatibility:

  • The copy_file_range function fails with ENOSYS if the kernel does not

  support the system call of the same name.  Previously, user space
  emulation was performed, but its behavior did not match the kernel
  behavior, which was deemed too confusing.  Applications which use the
  copy_file_range function can no longer rely on glibc to provide a fallback
  on kernels that do not support the copy_file_range system call, and if
  this function returns ENOSYS, they will need to use their own fallback.
  Support for copy_file_range for most architectures was added in version
  4.5 of the mainline Linux kernel.

  • The functions clock_gettime, clock_getres, clock_settime,

  clock_getcpuclockid, clock_nanosleep were removed from the librt library
  for new applications (on architectures which had them).  Instead, the
  definitions in libc will be used automatically, which have been available
  since glibc 2.17.

  • The obsolete and never-implemented XSI STREAMS header files <stropts.h>

  and <sys/stropts.h> have been removed.

  • Support for the "inet6" option in /etc/resolv.conf and the RES_USE_INET6

  resolver flag (deprecated in glibc 2.25) have been removed.

  • The obsolete RES_INSECURE1 and RES_INSECURE2 option flags for the DNS stub

  resolver have been removed from <resolv.h>.

  • With --enable-bind-now, installed programs are now linked with the

  BIND_NOW flag.

  • Support for the PowerPC SPE ISA extension (powerpc-*-*gnuspe*

  configurations) has been removed, following the deprecation of this
  subarchitecture in version 8 of GCC, and its removal in version 9.

  • On 32-bit Arm, support for the port-based I/O emulation and the <sys/io.h>

  header have been removed.

  • The Linux-specific <sys/sysctl.h> header and the sysctl function have been

  deprecated and will be removed from a future version of glibc.
  Application should directly access /proc instead.  For obtaining random
  bits, the getentropy function can be used.

Changes to build and runtime requirements:

  • GCC 6.2 or later is required to build the GNU C Library.

  Older GCC versions and non-GNU compilers are still supported when
  compiling programs that use the GNU C Library.

Security related changes:

  CVE-2019-7309: x86-64 memcmp used signed Jcc instructions to check
  size.  For x86-64, memcmp on an object size larger than SSIZE_MAX
  has undefined behavior.  On x32, the size_t argument may be passed
  in the lower 32 bits of the 64-bit RDX register with non-zero upper
  32 bits.  When it happened with the sign bit of RDX register set,
  memcmp gave the wrong result since it treated the size argument as
  zero.  Reported by H.J. Lu.

  CVE-2019-9169: Attempted case-insensitive regular-expression match
  via proceed_next_node in posix/regexec.c leads to heap-based buffer
  over-read.  Reported by Hongxu Chen.

The following bugs are resolved with this release:

  [2872] locale: Transliteration Cyrillic -> ASCII fails
  [6399] libc: gettid() should have a wrapper
  [16573] malloc: mtrace hangs when MALLOC_TRACE is defined
  [16976] glob: fnmatch unbounded stack VLA for collating symbols
  [17396] localedata: globbing for locale by [[.collating-element.]]
  [18035] dynamic-link: pldd does no longer work, enters infinite loop
  [18465] malloc: memusagestat is built using system C library
  [18830] locale: iconv -c -f ascii with >buffer size worth of input before
    invalid input drops valid char
  [20188] nptl: libpthread IFUNC resolver for vfork can lead to crash
  [20568] locale: Segfault with wide characters and setlocale/fgetwc/UTF-8
  [21897] localedata: Afar locales: Fix mon, abmon, and abday
  [22964] localedata: The Japanese Era name will be changed on May 1, 2019
  [23352] malloc: __malloc_check_init still defined in public header
    malloc.h.
  [23403] nptl: Wrong alignment of TLS variables
  [23501] libc: nftw() doesn't return dangling symlink's inode
  [23733] malloc: Check the count before calling tcache_get()
  [23741] malloc: Missing _attribute_alloc_size_ in many allocation
    functions
  [23831] localedata: nl_NL missing LC_NUMERIC thousands_sep
  [23844] nptl: pthread_rwlock_trywrlock results in hang
  [23983] argparse: Missing compat versions of argp_failure and argp_error
    for long double = double
  [23984] libc: Missing compat versions of err.h and error.h functions for
    long double = double
  [23996] localedata: Dutch salutations
  [24040] libc: riscv64: unterminated call chain in __thread_start
  [24047] network: libresolv should use IP_RECVERR/IPV6_RECVERR to avoid
    long timeouts
  [24051] stdio: puts and putchar ouput to _IO_stdout instead of stdout
  [24059] nss: nss_files: get_next_alias calls fgets_unlocked without
    checking for NULL.
  [24114] regex: regexec buffer read overrun in "grep -i
    '\(\(\)*.\)*\(\)\(\)\1'"
  [24122] libc: Segfaults if 0 returned from la_version
  [24153] stdio: Some input functions do not react to stdin assignment
  [24155] string: x32 memcmp can treat positive length as 0 (if sign bit in
    RDX is set) (CVE-2019-7309)
  [24161] nptl: __run_fork_handlers self-deadlocks in malloc/tst-mallocfork2
  [24164] libc: Systemtap probes need to use "nr" constraint on 32-bit Arm,
    not the default "nor"
  [24166] dynamic-link: Dl_serinfo.dls_serpath[1] in dlfcn.h causes UBSAN
    false positives, change to modern flexible array
  [24180] nptl: pthread_mutex_trylock does not use the correct order of
    instructions while maintaining the robust mutex list due to missing
    compiler barriers.
  [24194] librt: Non-compatibility symbols for clock_gettime etc. cause
    unnecessary librt dependencies
  [24200] localedata: Revert first_weekday removal in en_IE locale
  [24211] nptl: Use-after-free in Systemtap probe in pthread_join
  [24215] nptl: pthread_timedjoin_np should be a cancellation point
  [24216] malloc: Check for large bin list corruption when inserting
    unsorted chunk
  [24228] stdio: old x86 applications that use legacy libio crash on exit
  [24231] dynamic-link: [sparc64] R_SPARC_H34 implementation falls through
    to R_SPARC_H44
  [24293] localedata: Missing Minguo calendar support for TW locales
  [24296] localedata: Orthographic mistakes in 'day' and 'abday' sections in
    tt_RU (Tatar) locale
  [24307] localedata: Update locale data to Unicode 12.0.0
  [24323] dynamic-link: dlopen should not be able open PIE objects
  [24335] build: "Obsolete types detected" with Linux 5.0 headers
  [24369] localedata: Orthographic mistakes in 'mon' and 'abmon' sections in
    tt_RU (Tatar) locale
  [24370] localedata: Add lang_name for tt_RU locale
  [24372] locale: Binary locale files are not architecture independent
  [24394] time: strptime %Ey mis-parses final year of era
  [24476] dynamic-link: __libc_freeres triggers bad free in libdl if dlerror
    was not used
  [24506] dynamic-link: FAIL: elf/tst-pldd with --enable-hardcoded-path-in-
    tests
  [24531] malloc: Malloc tunables give tcache assertion failures
  [24532] libc: conform/arpa/inet.h failures due to linux kernel 64-bit
    time_t changes
  [24535] localedata: Update locale data to Unicode 12.1.0
  [24537] build: nptl/tst-eintr1 test case can hit task limits on some
    kernels and break testing
  [24544] build: elf/tst-pldd doesn't work if you install with a --prefix
  [24556] build: [GCC 9] error: ‘%s’ directive argument is null
    [-Werror=format-overflow=]
  [24570] libc: alpha: compat msgctl uses __IPC_64
  [24584] locale: Data race in __wcsmbs_clone_conv
  [24588] stdio: Remove codecvt vtables from libio
  [24603] math: sysdeps/ieee754/dbl-64/branred.c is slow when compiled with
    -O3 -march=skylake
  [24614] localedata: nl_NL LC_MONETARY doesn't match CLDR 35
  [24632] stdio: Old binaries which use freopen with default stdio handles
    crash
  [24640] libc: __ppc_get_timebase_freq() always return 0 when using static
    linked glibc
  [24652] localedata: szl_PL spelling correction
  [24695] nss: nss_db: calling getpwent after endpwent crashes
  [24696] nss: endgrent() clobbers errno=ERRNO for 'group: db files' entry
    in /etc/nsswitch.conf
  [24699] libc: mmap64 with very large offset broken on MIPS64 n32
  [24740] libc: getdents64 type confusion
  [24741] dynamic-link: ld.so should not require that a versioned symbol is
    always implemented in the same library
  [24744] libc: Remove copy_file_range emulation
  [24757] malloc: memusagestat is linked against system libpthread
  [24794] libc: Partial test suite run builds corrupt test-in-container
    testroot

Release Notes
=============

https://sourceware.org/glibc/wiki/Release/2.30

Contributors
============

This release was made possible by the contributions of many people.
The maintainers are grateful to everyone who has contributed
changes or bug reports.  These include:

Adam Maris
Adhemerval Zanella
Alexandra Hájková
Andreas K. Hüttel
Andreas Schwab
Anton Youdkevitch
Aurelien Jarno
Carlos O'Donell
DJ Delorie
Daniil Zhilin
David Abdurachmanov
David Newall
Dmitry V. Levin
Egor Kobylkin
Felix Yan
Feng Xue
Florian Weimer
Gabriel F. T. Gomes
Grzegorz Kulik
H.J. Lu
Jan Kratochvil
Jim Wilson
Joseph Myers
Maciej W. Rozycki
Mao Han
Mark Wielaard
Matthew Malcomson
Mike Crowe
Mike FABIAN
Mike Frysinger
Mike Gerow
PanderMusubi
Patsy Franklin
Paul A. Clarke
Paul Clarke
Paul Eggert
Paul Pluzhnikov
Rafal Luzynski
Richard Henderson
Samuel Thibault
Siddhesh Poyarekar
Stan Shebs
Stefan Liebler
Szabolcs Nagy
TAMUKI Shoichi
Tobias Klauser
Tulio Magno Quites Machado Filho
Uros Bizjak
Vincent Chen
Vineet Gupta
Wilco Dijkstra
Wolfram Sang
Yann Droneaud
Zack Weinberg
mansayk
marxin

01 August, 2019 08:12PM by Carlos O'Donell

July 28, 2019

stow @ Savannah

GNU Stow 2.3.1 released

This release improves ease of installation by dropping some module dependencies which were introduced in 2.3.0.  It also fixes an issue with the test suite, and improves the release procedure.  See http://git.savannah.gnu.org/cgit/stow.git/tree/NEWS for more details.

Also note that 2.3.0 was released last month (June 2019) and announced on the mailing lists but not here on savannah.

28 July, 2019 01:43PM by Adam Spiers

July 24, 2019

Christopher Allan Webber

Mark S. Miller keynoting at ActivityPub Conf 2019

I am extremely pleased to announce that Mark S. Miller is keynoting at ActivityPub Conf 2019!

It's hard for me to understate how huge this is. Mark S. Miller works at Agoric which is leading the way on modern application of object capabilities, which is convenient, since exploration of how to apply object capabilities to federated social networks is a major topic of interest on the fediverse.

But just leaving it at that would be leaving out too much. We can trace Mark's work back the Agoric papers in 1988 which laid out the vision for a massive society and economy of computing agents. (And yes, that's where the Agoric company got its name from.)

For 30 years Mark has been working towards that vision, and social networks continued to intersect with its work. In the late 1990s Mark was involved in a company working on the game Electric Communities Habitat (it's hard to find information on it, but here's a rare video of it in action). (Although Mark Miller didn't work on it, Electric Communities Habitat has its predecessor in Lucasfilm's Habitat, which it turns out was a graphical multiplayer game which ran on the Commodore 64!(!!!) You can see the entertaining trailer for this game... keep in mind, this was released in 1986!)

People who have read my blog before may know that I've talked about building secure social spaces as virtual worlds: part of the reason I know it is possible is that Electric Communities Habitat for the large part built it and proved the ideas possible. Electric Communities the company did not survive, but the ideas lived on in the E programming language, which I like to describe as "the most interesting and important programming language you may have never heard of".

While the oldschool design of the website may give you the impression that the ideas there are out of date, time and time again I've found that the answers to my questions about how to build things have all been found on erights.org and in Mark Miller's dissertation.

Mark's work hasn't stopped there. Many good ideas in Javascript (such as its promises system) were largely inspired from Mark's work on the E programming language (Mark joined the standardization process of Javascript to make it be possible to build ocap-safe systems on it), and... well, I can go on and on.

Instead, I'm going to pause and say that I'm extremely excited that Mark has agreed to come to ActivityPub Conf to help introduce the community to the ideas in object capabilities. I hope the history I laid out above helps make it clear that the work to coordinate cooperative behavior amongst machines overlaps strongly with our work in the federated social web of establishing cooperative behavior amongst communities of human beings. I look forward to Mark helping us understand how to apply these ideas to our space.

Has this post got you excited? At the time of me writing this, there's still space at ActivityPub Conf 2019, and there's still time (until Monday July 29th) to submit talks. See the conference announcement for more details, and hope to see you there!

EDIT: I incorrectly cited Mark Miller originally as being involved in Lucasfilm's Habitat; fixed and better explained its history.

24 July, 2019 04:00PM by Christopher Lemmer Webber

Jose E. Marchesi

Rhhw July 2019 @ Frankfurt am Main

The Rabbit Herd will be meeting the weekend from 26 July to 28 July 2019, in Frankfurt. If you are in the nearby and in the mood for some hacking, feel free to join us!

24 July, 2019 12:00AM