Planet GNU

Aggregation of development blogs from the GNU Project

June 22, 2018

FSF Blogs

About BLAG's removal from our list of endorsed distributions

We recently updated our list of free GNU/Linux distributions to add a "Historical" section. BLAG Linux and GNU, based on Fedora, joined the list many years ago. But the maintainers no longer believe they can keep things running at this time. As such, they requested that they be removed from our list. The list helps users to find operating systems that come with only free software and documentation, and that do not promote any nonfree software. Being added to the list means that a distribution has gone through a rigorous screening process, and is dedicated to diligently fixing any freedom issues that may arise.

Maintaining a distribution isn't an easy task, and making sure that no nonfree software makes its way onto the operating system takes real effort. The maintainers of these distributions take on a difficult but important task of creating and maintaining a system that users can trust. For many, that effort is taken on as a volunteer, and one for which we should all be grateful.

While it is always sad to see a free distribution close up shop, we can all still be thankful for the maintainers' work over the years, and that there are still many free distributions available. Users of BLAG should consider switching to another distro on our list to ensure that the security of their system is up to date.

22 June, 2018 09:30PM

June 21, 2018

foliot @ Savannah

GNU Foliot version 0.9.8

GNU Foliot version 0.9.8 is released (June 2018)

This is a maintenance release, which brings GNU Foliot up-to-date with Grip 0.2.0, upon which it
depends. In addition, the default installation locations changed, and there is a new configure option.

For a list of changes since the previous version, visit the NEWS file. For a complete description, consult the git summary and git log.

21 June, 2018 03:37AM by David Pirotte

June 20, 2018

parallel @ Savannah

GNU Parallel 20180622 ('Kim Trump') released

GNU Parallel 20180622 ('Kim Trump') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

GNU Parallel 實在太方便啦!!
Yucheng Chuang @yorkxin@twitter

New in this release:

  • Deal better with multibyte chars by forcing LC_ALL=C.
  • GNU Parallel was shown on Danish national news for 1.7 seconds: dr.dk
  • Bug fixes and man page updates.

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, April 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

20 June, 2018 10:00PM by Ole Tange

June 19, 2018

FSF Blogs

Friday Free Software Directory IRC meetup time: June 22nd starting at 12:00 p.m. EDT/16:00 UTC

Help improve the Free Software Directory by adding new entries and updating existing ones. Every Friday we meet on IRC in the #fsf channel on irc.freenode.org.

Tens of thousands of people visit directory.fsf.org each month to discover free software. Each entry in the Directory contains a wealth of useful information, from basic category and descriptions, to providing detailed info about version control, IRC channels, documentation, and licensing info that has been carefully checked by FSF staff and trained volunteers.

When a user comes to the Directory, they know that everything in it is free software, has only free dependencies, and runs on a free OS. With over 16,000 entries, it is a massive repository of information about free software.

While the Directory has been and continues to be a great resource to the world for many years now, it has the potential to be a resource of even greater value. But it needs your help! And since it's a MediaWiki instance, it's easy for anyone to edit and contribute to the Directory.

A few weeks back we launched a new Project Team to create a logo that packages can use to show off that they are included in the Directory. But at this time, we still haven't found a team captain for the project. This project could really help promote the Directory, as well as helping packages to demonstrate that they care about software freedom. This week, we'll be working to recruit a team captain, as well as trying to get the project off the ground.

If you are eager to help, and you can't wait or are simply unable to make it onto IRC on Friday, our participation guide will provide you with all the information you need to get started on helping the Directory today! There are also weekly Directory Meeting pages that everyone is welcome to contribute to before, during, and after each meeting. To see the meeting start time in your time zone, run this in GNU bash: date --date='TZ="America/New_York" 12:00 this Fri'

19 June, 2018 04:28PM

Riccardo Mottola

GNUMail + Pantomime 1.3.0

A new release for GNUmail (Mail User Agent for GNUstep and MacOS) and Pantomime (portable MIME Framework): 1.3.0!


Panomime APIs were update to have safer types: mostly count and sizes were transitioned to more Cocoa-like NSUinteger/NSInteger or size_t/ssize_t where appropriate.
This required a major release as 1.3.0 for both Pantomime and GNUMail. In several functions returning -1 was replaced by NSNotFound.

Note: When running the new GNUMail it will update your message cache to the new format. In case of problems, clean it (or in case of reverting to the old version). Message size is now encoded as unsigned instead of signed inside it.

Countless enhancements and bug fixes in both Pantomime and GNUMail should improve usability.
Previously there were issues of certain messages not loading when containing special characters and/or decoding personal part of Addresses.

Pantomime:

  • Correct signature detection as per RFC (caused issues when removing it during replies)
  • improved address and quoted parsing
  • generally improved header parsing
  • Encoding fixes
  • Serious iconv fix which could cause memory corruption due to realloc
  • Fixes for Local folders (should help fix #53063, #51852 and generally bugs with POP and Local accounts)
  • generally improved init methods to check for self, that may help avoid memory issues and debugging in the future
  • various code cleanup in Message loading for better readibility
  • more logging code for debug build, should help debugging

  • Possibility to create filters for To and CC directly in message context menu
  • Read/Unread and Flag/Unflag actions directly in the message context menu
  • Size status for Messages in bytes KiloBytes or MegaBytes depending on size
  • Spelling fixes
  • Improved Menu Validation
  • fix for #52817
  • generally improved init methods to check for self, that may help avoid memory issues and debugging in the future
  • GNUstep Only: Find Panel is now GORM based

19 June, 2018 01:10PM by Riccardo (noreply@blogger.com)

June 18, 2018

FSF Blogs

Free software is at risk in the EU -- take action now

Members of the European Parliament want to turn upload platforms like GitLab into "censorship machines" that require user-uploaded materials to be monitored and automatically filtered, a process which would prevent modified and reused code from being uploaded. This provision is covered under Article 13 of the Copyright Directive.

If Article 13, embedded within the proposal, becomes official policy, it will be impossible for developers to build off of one another's code -- which is not only a blow to the collaborative development of free software, but a push against the basic freedoms of free software. Software isn't free unless it can be modified and shared. Article 13 will affect all users of free software -- as development of free software suffers, the quality and availability of updates, new features, and new programs will also suffer.

What you can do

You can help turn the tide against Article 13. Contact your member of European Parliament (MEP) before June 20th.

Not sure what to say? You can try this sample email.

Dear MEP,

I am an EU citizen and I oppose Article 13 of the proposed Copyright Directive. Article 13 is harmful to the free, global development of software, including that which provides necessary infrastructure on an international scale. Please vote against the Copyright Directive.

Sincerely,
NAME

Need help finding your MEPs?

A complete list of MEPs is available online.

What to do next

After you contact your MEP, there is still more to do!

To learn more, you can check out the links below:

You can also support the work of the Free Software Foundation by become an Associate Member or making a donation today.

18 June, 2018 04:37PM

June 16, 2018

gdbm @ Savannah

Version 1.15

GDBM version 1.15 is available for download. Important changes in this release:

Extensive database consistency checking

GDBM tries to detect inconsistencies in input database files as early as possible. When an inconcistency is detected, a helpful diagnostics is returned and the database is marked as needing recovery. From this moment on, any GDBM function trying to access the database will immediately return error code (instead of eventually segfaulting as previous versions did). In order to reconstruct the database and return it to healthy state, the gdbm_recover function should be used.

Commands can be given to gdbmtool in the command line

The syntax is:

Multiple commands are separated by semicolon (take care to escape it), e.g.:

Fixed data conversion bugs in storing structured keys or content

== New member in the gdbm_recovery structure: duplicate_keys.==

Upon return from gdbm_recover, this member holds the number of keys that has not been recovered, because the same key had already been stored in the database. The actual number of stored keys is thus:

New error codes

The following new error codes are introduced:

  • GDBM_BAD_BUCKET (Malformed bucket header)
  • GDBM_BAD_HEADER (Malformed database file header)
  • GDBM_BAD_AVAIL (Malformed avail_block)
  • GDBM_BAD_HASH_TABLE (Malformed hash table)
  • GDBM_BAD_DIR_ENTRY (Invalid directory entry)

Removed gdbm-1.8.3 compatibility layer

16 June, 2018 04:52PM by Sergey Poznyakoff

June 15, 2018

FSF Blogs

Get the latest in libre from the FSF Bulletin

The biannual Free Software Foundation (FSF) Bulletin is now available online. We hope you find it enlightening and entertaining!

Your activism drives the free software movement. Together, we have been proactively building a future where computer users are in control, while also reacting to immediate threats to our digital freedoms. Our associate membership program provides crucial, ongoing support that ensures the FSF's financial stability, making our work possible. Will you take the next step and join us as an associate member or make a one-time donation today?

Free software activists count on the FSF to play a role no other organization can: we refuse to compromise our values, we directly support free software development via the GNU Project, and we defend copyleft in the form of the GNU General Public License (GPL). We, in turn, count on you to provide the energy and resources that drive us.

So far this year, your financial support:

  • amplified the voice of free software in public conversations about net neutrality, Facebook privacy abuses, and high profile security compromises;

  • fought Digital Restrictions Management (DRM) by storming the US Digital Millennium Copyright Act exemptions process to not only support every exemption but be the sole organization arguing for abolition of the whole charade;

  • made major improvements to the infrastructure powering hundreds of GNU and other free software projects;

  • funded important technical work to help free JavaScript on the Web;

  • enabled certification of two more products according to the standards of our Respects Your Freedom program, put dozens more in the pipeline, and advanced a plan to scale the program to its full potential; and

  • helped policymakers and companies embrace the GPL -- the state of California and the US Department of Defense have both made strong moves in this area, and we expect more to follow suit.

Our Associate Member program launched in 2002, as a way to provide long-term stability for the FSF's work, and to recognize and thank those who choose to give consistently. Today there are over 4600 Associate Members residing in 82 countries, with dues comprising nearly half of the FSF's funding. This funding allows us to stay independent, serving the free software community, not corporations or governments. Thank you for your continued support.

15 June, 2018 07:40PM

Riccardo Mottola

OresmeKit initial release: plotting for GNUstep and Cocoa

Finally a public release of OresmeKit.
Started many years ago, it has finally come the moment for a first public release, since I put together even a first draft of documentation. Stay tuned for improvements and new graph types.

Oresme is useful for plotting and graphing data both native on Cocoa/MacOS as on GNUstep.

OresmeKit is a framework which provides NSView subclasses that can display data. It is useful to easily embed charts and graphs in your applications, e.g. monitoring apps, dashboards and such.
OresmeKit supports both GNUstep and Cocoa/MacOS.

An initial API Documentation is also available as well as two example in the SVN repository.







15 June, 2018 02:41PM by Riccardo (noreply@blogger.com)

June 14, 2018

gsl @ Savannah

GNU Scientific Library 2.5 released

Version 2.5 of the GNU Scientific Library (GSL) is now available. GSL provides a large collection of routines for numerical computing in C.

This release introduces some new features and fixes several bugs. The full NEWS file entry is appended below. The file details for this release are:

ftp://ftp.gnu.org/gnu/gsl/gsl-2.5.tar.gz
ftp://ftp.gnu.org/gnu/gsl/gsl-2.5.tar.gz.sig

The GSL project homepage is http://www.gnu.org/software/gsl/

GSL is free software distributed under the GNU General Public License.

Thanks to everyone who reported bugs and contributed improvements.

Patrick Alken

14 June, 2018 07:02PM by Patrick Alken

June 13, 2018

FSF Blogs

Take action on the International Day Against DRM this September 18th

Join the Defective by Design crew and celebrate International Day Against DRM (IDAD) this September 18th!

Defective by Design (DbD) is a participatory and grassroots campaign run by the Free Software Foundation (FSF). DbD raises awareness about devices and media encumbered by Digital Restrictions Management (DRM), showing what they really are: Defective by Design. DRM is the practice of placing technological restrictions on digital media, and we're working together to eliminate it as a threat to freedom for computer users, as well as a threat to privacy for readers, viewers, and those making art, media, and more.

Imagine a world without DRM

DRM is an epidemic spreading across the Web, infiltrating our homes, classrooms, workplaces, and just about everywhere else we go. Tools, technologies, books, games, movies, and music are coming to us locked down with DRM -- whether they are streaming or claim to be locally hosted.

For 12 years, we've celebrated IDAD -- making, organizing, protesting, and taking action to support the demolition of DRM -- and 2018 is no different! This year we will continue the fight against DRM and celebrate the work of activists, artists, and technologists who create DRM-free media and technology. You can read more about past IDADs online.

For IDAD 2018, we want to demonstrate how great life without DRM can be -- and how pervasive DRM is. Join the Defective by Design coalition this Tuesday, September 18th as we go a day without using DRM.

Join us and challenge yourself and those around you to a Day Without DRM.

How to participate

IDAD 2018 is your opportunity to tell others why you resist DRM, and convince them to join you.

Whether you're an expert at being DRM-free or you've never considered what a day without DRM could look like, we want you to participate this IDAD. By joining with others on the same day, we send a powerful message: DRM's days are numbered.

Before September 18th, we'll be publishing a guide to help you plan your Day Without DRM. It will help you identify some less (and more) well-known places you may encounter DRM, better choices you can make throughout the day, and options for games, music, and other media to enjoy.

There are lots of other ways to participate -- as individuals or groups, online or in-person. Details, ideas, and information will be coming in the next few weeks.

We'll be using the hashtag #IDAD.

Keep up with IDAD! All future updates will go to our DRM Elimination Crew mailing list. Sign up for the mailing list on DefectiveByDesign.org to receive important IDAD news.

Are you an organization or project interested in supporting IDAD?

We're looking for vendors of DRM-free media, organizations that support the building of a DRM-free world, and those who believe in the mission of DbD to participate by offering sales, writing blog posts, organizing events, and sharing with your members about IDAD. Please contact us at info@defectivebydesign.org for more information.

Together we can build a future without DRM.

Want to support Defective by Design? You can make a donation or join the Free Software Foundation as an associate member.

Photo of protester by Karen Rustad Tรถlva CC-BY 2.0

13 June, 2018 06:50PM

June 12, 2018

FSF Events

Richard Stallman to speak in Amsterdam (We Make the City, Amsterdam, Netherlands)

Richard Stallman will be speaking twice at "Next Generation Cities - Strategies for Inclusive Digital Transformation," part of the festival We Make the City (2018-06-21).

He will take part in a panel:

  • What: panel - "Smart City, Spy City? Avenues for making a city 'smart' while respecting privacy and anonymity"
  • Abstract:
    For a free society, we must reduce the level of surveillance to below what the Soviet Union suffered. - a discussion between RMS, Marleen Stikker, and Francesca Bria on the need for free, fair and inclusive digital t echnology and infrastructures"
  • When: 10:15–10:45
  • Where: Q Factory, Atlantisplein 1, Amsterdam, Netherlands

and will give a speech:

  • What: speech - "How We Can Have Less Surveillance Than The USSR?"
  • Abstract:
    Digital technology has enabled governments to impose surveillance that Stalin could only dream of, making it next to impossible to talk with a reporter undetected. This puts democracy in danger. Stallman will present the absolute limit on general surveillance in a democracy, and suggest ways to design systems not to collect dossiers on all citizens.
  • When: 13:00–14:00
  • Where: Q Factory, Atlantisplein 1, Amsterdam, Netherlands

Please fill out our contact form, so that we can contact you about future events in and around Amsterdam.

12 June, 2018 10:50AM

June 11, 2018

libredwg @ Savannah

Major speedup for big DWG's

Thanks to David Bender and James Michael DuPont for convincing me that we need a hash table for really big DWGs. I got a DWG example with 42MB, which needed 2m to process and then 3m to free the dwg struct. I also had to fix a couple of internal problems.

We couldn't use David Bender's hashmap which he took from Android (Apache 2 licensed), and I didn't like it too much neither. So today I sat down and wrote a good int hashmap from scratch, with several performance adjustments, because we never get a key 0 and we won't need to delete keys.
So it's extremely small and simple, using cache-friendly open addressing, and I got it right at the second attempt.

Performance with this hash table now got down to 7 seconds.
Then I also removed the unneeded dwg_free calls from some cmdline apps, because the kernel does it much better then libc malloc/free. 3 minutes for free() is longer than the slowest garbage collector I've ever seen.
So now processing this 42MB dwg needs 7s.

While I was there I also had to adjust several hard coded limits used for testing our small test files. With realistic big DWG's they failed all over. There are still some minor problems, but the majority of the DWG's can be read.
And I pass through now all new error codes, with a bitmask of all occured uncritical and critical errors. On any critical error the library aborts, on some errors it just aborts for this particular object and some uncritical errors are just skipped over. See dwg.h or the docs for the error levels.

What's left is writing proper DXF's, which is apparently not that easy. With full precision mode as in newer acad's with subclass markers and all kind of internal handles, it's very strict, and I wasn't yet able to import any such DXF into acad. Should be possible though to import these into any other app.
So now I'm thinking of adding a third level of DXF: minimal, low and full (default). minimal are entities only, and are documented by acad. low would be new, the level of DXF other applications produce, such as libdxfrw or pythoncad. This is a basic DXF. Full is what teigha and acad produce.
In the end I want full, because I want to copy over parametric constraints from and to better modelers, full 3d data (3dsolid, surface) and full rendering and BIM data (Material, Sun, Lights, ...).

Reading DXF will have to wait for the next release, as I'm stuck with writing DXF's first. This needs to be elegant and maintainable, and not such a mess as with other libraries. I want to use the same code for reading and writing DXF, JSON (e.g. GeoJSON), and XML (e.g. OpenstreetMap, FreeCAD).

11 June, 2018 06:15PM by Reini Urban

unifont @ Savannah

Unifont 11.0.01 Released - Upgrade Recommended

Unifont 11.0.01 was released on 5 June 2018, coinciding with the formal release of Unicode 11.0.0 by The Unicode Consortium.

I wanted to check over this release before recommending that GNU/Linux distributions incorporate it. So far there only appears to be one new bug added: U+1C90 has an extra vertical line added to it, making the character double-width instead of single-width. This will be fixed in the next release. Unifont 10.0.x went through 7 updates in about half a year. I felt that was not stable enough for those trying to maintain GNU/Linux distributions, so I did not keep recommending that each update, with minor changes from one to the next, be propagated. I plan to have more stability in Unifont 11.0.x.

Unifont provides fonts with a glyph for each printable code point in the Unicode Basic Multilingual Plane, as well as wide coverage of the Supplemental Multilingual Plane and some ConScript Unicode Registry glyphs.

The Unifont package includes TrueType fonts for all of these ranges, and BDF and PCF fonts for the Unicode Basic Multilingual Plane. There is also a specialized PSF font for using GNU APL in console mode on GNU/Linux systems.

The web page for this project is https://savannah.gnu.org/projects/unifont/.

You can download the latest version from GNU mirror sites, accessible at http://ftpmirror.gnu.org/unifont/unifont-11.0.01. If the mirror site does not contain this latest version, you can download files directly from GNU at https://ftp.gnu.org/gnu/unifont/unifont-11.0.01/ or ftp://ftp.gnu.org/gnu/unifont/unifont-11.0.01/.

Highlights of this version:

Support for the brand new Unicode Copyleft glyph (U+01F12F), which was added in Unicode 11.0.0. This glyph is present in the Unifont package's TrueType fonts.

The addition of the space character (U+0020) to all Unifont package TrueType fonts, for more straightforward rendering of Unifont Upper (i.e., Unicode Plane 1) scripts that contain spaces.

The addition of several new scripts that were introduced in Unicode 11.0.0:

  • U+1C90..U+1CBF Georgian Extended
  • U+010D00..U+010D3F Hanifi Rohingya
  • U+010F00..U+010F2F Old Sogdian
  • U+010F30..U+010F6F Sogdian
  • U+011800..U+01184F Dogra
  • U+011D60..U+011DAF Gunjala Gondi
  • U+011EE0..U+011EFF Makasar
  • U+016E40..U+016E9F Medefaidrin
  • U+01D2E0..U+01D2FF Mayan Numerals
  • U+01EC70..U+01ECBF Indic Siyaq Numbers
  • U+01FA00..U+01FA6F Chess Symbols

Paul Hardy

GNU Unifont Maintainer

11 June, 2018 12:29PM by Paul Hardy

June 06, 2018

freedink @ Savannah

New FreeDink DFArc frontend 3.14 release

Here's a new release of DFArc, a frontend to run the GNU FreeDink game and manage its numerous add-on adventures or D-Mods :)
https://ftp.gnu.org/pub/gnu/freedink/dfarc-3.14.tar.gz

This release fixes CVE-2018-0496: Sylvain Beucler and Dan Walma discovered several directory traversal issues in DFArc (as well as in the RTsoft's Dink Smallwood HD / ProtonSDK version), allowing an attacker to overwrite arbitrary files on the user's system.

Also in this release:

- New Swedish and Friulian translations.

- Updated Catalan, Brazilian Portuguese and Spanish translations.

- Fix crash when clicking on 'Package' when there is no D-Mod present.

- Compilation fixes for OS X.

- Reproducible build process for Windows (as well as GNU/Linux depending on your distro) - see https://reproducible-builds.org/

A note about distros security support:

- Debian Security team graciously issued a CVE ID under 72h but declined both a security upload and a rationale on their choice; fix diverted to the next ~quarterly point release
- Fedora/RedHat security did not answer after 6 days; fortunately Fedora is flexible enough to allow package maintainers to upgrade DFArc in previous releases on their own
- Gentoo Security did not answer after 7 days
- FreeBSD ports and Mageia packagers were contacted but did not answer
- In Arch, package still stuck between orphaned and deleted state due to a 2017 bug

It seems security support for packages without large user base and/or games is delayed significantly at best.

About GNU FreeDink:

Dink Smallwood is an adventure/role-playing game, similar to Zelda, made by RTsoft. Besides twisted humor, it includes the actual game editor, allowing players to create hundreds of new adventures called Dink Modules or D-Mods for short.

GNU FreeDink is a new and portable version of the game engine, which runs the original game as well as its D-Mods, with close
compatibility, under multiple platforms.

DFArc is an integrated frontend, .dmod installer and .dmod archiver for the Dink Smallwood game engine.

06 June, 2018 07:03PM by Sylvain Beucler

Sylvain Beucler

Best GitHub alternative: us

Why try to choose the host that sucks less, when hosting a single-file (S)CGI gets you decentralized git-like + tracker + wiki?

Fossil

https://www.fossil-scm.org/

We gotta take the power back.

06 June, 2018 06:16PM

FSF Events

Richard Stallman - "Why we must drastically reduce surveillance" (Stuttgart, Germany)

Richard Stallman will be speaking remotely, via videoconference, at the 7th No-Spy Konferenz (2018-06-15–17). His speech will be nontechnical and the public is encouraged to attend.

Location: Literaturhaus Stuttgart, Breitscheidstr. 4, 70174 Stuttgart, Germany

Please fill out our contact form, so that we can contact you about future events in and around Stuttgart.

06 June, 2018 03:45PM

Richard Stallman - "El software libre en la ética y en la práctica" (Jaén, Spain)

Richard Stallman hablará sobre las metas y la filosofía del movimiento del Software Libre, y el estado y la historia del sistema operativo GNU, el cual junto con el núcleo Linux, es actualmente utilizado por decenas de millones de personas en todo el mundo.

Esa charla de Richard Stallman no será técnica y será abierta al público; todos están invitados a asistir.

Lugar: Aula Magna, Edificio C1, Universidad de Jaén, Campus Las Lagunillas s/n, 23071, Jaén, España

Favor de rellenar este formulario, para que podamos contactarle acerca de eventos futuros en la región de Jaén.

06 June, 2018 09:50AM

GNUnet News

GNUnet 0.11.0pre66

Platform: 
Source Code (TGZ)

We are pleased to announce the release of GNUnet 0.11.0pre66.

This is a pre-release to assist developers and downstream packagers to test the
package before the final release after four years of development.

06 June, 2018 07:20AM by Christian Grothoff

June 05, 2018

health @ Savannah

GNU Health patchset 3.2.10 released

Dear community

GNU Health 3.2.10 patchset has been released !

Priority: Medium

Table of Contents

  • About GNU Health Patchsets
  • Updating your system with the GNU Health control Center
  • Summary of this patchset
  • Installation notes
  • List of issues related to this patchset

About GNU Health Patchsets

We provide "patchsets" to stable releases. Patchsets allow applying bug fixes and updates on production systems. Always try to keep your production system up-to-date with the latest patches.

Patches and Patchsets maximize uptime for production systems, and keep your system updated, without the need to do a whole installation.

NOTE: Patchsets are applied on previously installed systems only. For new, fresh installations, download and install the whole tarball (ie, gnuhealth-3.2.10.tar.gz)

Updating your system with the GNU Health control Center

Starting GNU Health 3.x series, you can do automatic updates on the GNU Health and Tryton kernel and modules using the GNU Health control center program.

Please refer to the administration manual section ( https://en.wikibooks.org/wiki/GNU_Health/Control_Center )

The GNU Health control center works on standard installations (those done following the installation manual on wikibooks). Don't use it if you use an alternative method or if your distribution does not follow the GNU Health packaging guidelines.

Summary of this patchset

Patch 3.2.10 fixes issues related to the CalDAV functionality, updating the calDAV event after changing an appointment.

The gnuhealth-setup program has also been updated, including numpy for the latest pytools

Refer to the List of issues related to this patchset for a comprehensive list of fixed bugs.

Installation Notes

You must apply previous patchsets before installing this patchset. If your patchset level is 3.2.9, then just follow the general instructions.
You can find the patchsets at GNU Health main download site at GNU.org (https://ftp.gnu.org/gnu/health/)

In most cases, GNU Health Control center (gnuhealth-control) takes care of applying the patches for you.

Follow the general instructions at

After applying the patches, make a full update of your GNU Health database as explained in the documentation.

  • Restart the GNU Health Tryton server

List of issues and tasks related to this patchset

  • bug #54055: Caldav event does not update after changing the appointment

For detailed information about each issue, you can visit https://savannah.gnu.org/bugs/?group=health
For detailed information about each task, you can visit https://savannah.gnu.org/task/?group=health

For detailed information you can read about Patches and Patchsets

05 June, 2018 11:53AM by Luis Falcon

June 04, 2018

gnuastro @ Savannah

Gnuastro 0.6 released

The sixth release of Gnuastro is now ready for download. Please see the announcement for more details.

04 June, 2018 04:25PM by Mohammad Akhlaghi

libredwg @ Savannah

Enabled r2018 support

I finished now reading the remaining DWG formats r2010, r2013 and r2018.
The only DWG read limitations are now:

  • pre-R13: some entities, all blocks
  • r2010+ Some AEC EED (Autodesk Architectural Desktop) objects.
  • Untested: FIELDLIST, AcDbField, TABLECONTENT, TABLEGEOMETRY, GEODATA, WIPEOUTVARIABLE
  • Unhandled (i.e. passed through): MATERIAL, CELLSTYLEMAP, MULTILEADER, PROXY, PROXY_ENTITY, DBCOLOR, PLOTSETTINGS, TABLESTYLE, VBA_PROJECT, DIMASSOC, ACDBSECTIONVIEWSTYLE, ACDBDETAILVIEWSTYLE, ACDBASSOCNETWORK, ACDBASSOC2DCONSTRAINTGROUP, ACDBASSOCGEOMDEPENDENCY, ACDB_LEADEROBJECTCONTEXTDATA_CLASS, NPOCOLLECTION, EXACXREFPANELOBJECT, ARCALIGNEDTEXT (2000+), UNDERLAYDEFINITION (2 strings), OBJECTCONTEXTDATA, AcDbAnnotScaleObjectContextDatax

Writing is only done for r13-r2000 with r2000 being the default format. (I hope).

DXF support is coming. Writing DXF is done, but AutoCAD cannot import it yet, as I write all known fields, handles and references, unlike libdxfrw which only writes a limited set. You cannot map parametric constraints or advanced classes with that.

DXF reading is only planned, as I have to decide yet which strategy to use, with minimal maintenance. It should be a table driven parser, from the dwg.spec.

With the upcoming 0.5 release I"m only waiting on the fencepost permissions on GNU. You can get daily snapshots and windows binaries from the github release page: https://github.com/LibreDWG/libredwg/releases/

Reini Urban

04 June, 2018 08:40AM by Reini Urban

June 02, 2018

Sylvain Beucler

Reproducible Windows builds

I'm working again on making reproducible .exe-s. I thought I'd share my process:

Pros:

  • End users get a bit-for-bit reproducible .exe, known not to contain trojan and auditable from sources
  • Point releases can reuse the exact same build process and avoid introducing bugs

Steps:

  • Generate a source tarball (non reproducibly)
  • Debian Docker as a base, with fixed version + snapshot.debian.org sources.list
    • Dockerfile: install packaged dependencies and MXE(.cc) from a fixed Git revision
    • Dockerfile: compile MXE with SOURCE_DATE_EPOCH + fix-ups
  • Build my project in the container with SOURCE_DATE_EPOCH and check SHA256
  • Copy-on-release

Result:

git.savannah.gnu.org/gitweb/?p=freedink/dfarc.git;a=tree;f=autobuild/dfarc-w32-snapshot

Generate a source tarball (non reproducibly)

This is not reproducible due to using non-reproducible tools (gettext, automake tarballs, etc.) but it doesn't matter: only building from source needs to be reproducible, and the source is the tarball.

It would be better if the source tarball were perfectly reproducible, especially for large generated content (./configure, wxGlade-generated GUI source code...), but that can be a second step.

Debian Docker as a base

AFAIU the Debian Docker images are made by Debian developers but are in no way official images. That's a pity, and to be 100% safe I should start anew from debootstrap, but Docker is providing a very efficient framework to build images, notably with caching of every build steps, immediate fresh containers, and public images repository.

This means with a single:

sudo -g docker make

you get my project reproducibly built from scratch with nothing to setup at all.

I avoid using a :latest tag, since it will change, and also backports, since they can be updated anytime. Here I'm using stretch:9.4 and no backports.

Using snapshot.debian.org in sources.list makes sure the installed packaged dependencies won't change at next build. For a dot release however (not for a rebuild), they should be updated in case there was a security fix that has an effect on built software (rare, but exists).

Last but not least, APT::Install-Recommends "false"; for better dependency control.

MXE

mxe.cc is compilation environment to get MingGW (GCC for Windows) and selected dependencies rebuilt unattended with a single make. Doing this manually would be tedious because every other day, upstream breaks MinGW cross-compilation, and debugging an hour-long build process takes ages. Been there, done that.

MXE has a reproducible-boosted binutils with a patch for SOURCE_DATE_EPOCH that avoids getting date-based and/or random build timestamps in the PE (.exe/.dll) files. It's also compiled with --enable-deterministic-archives to avoid timestamp issues in .a files (but no automatic ordering).

I set SOURCE_DATE_EPOCH to the fixed Git commit date and I run MXE's build.

This does not apply to GCC however, so I needed to e.g. patch a __DATE__ in wxWidgets.

In addition, libstdc++.a has a file ordering issue (said ordering surprisingly stays stable between a container and a host build, but varies when using a different computer with the same distros and tools versions). I hence re-archive libstdc++.a manually.

It's worth noting that PE files don't have issues with build paths (and varying BuildID-s - unlike ELF... T_T).

Again, for a dot release, it makes sense to update the MXE Git revision so as to catch security fixes, but at least I have the choice.

Build project

With this I can start a fresh Docker container and run the compilation process inside, as a non-privileged user just in case.

I set SOURCE_DATE_EPOCH to the release date at 00:00UTC, or the Git revision date for snapshots.

This rebuild framework is excluded from the source tarball, so the latter stays stable during build tuning. I see it as a post-release tool, hence not part of the release (just like distros packaging).

The generated .exe is statically compiled which helps getting a stable result (only the few needed parts of dependencies get included in the final executable).

Since MXE is not itself reproducible differences may come from MXE itself, which may need fixes as explained above. This is annoying and hopefully will be easier once they ship GCC6. To debug I unzip the different .zip-s, upx -d my .exe-s, and run diffoscope.

I use various tricks (stable ordering, stable timestamping, metadata cleaning) to make the final .zip reproducible as well. Post-processing tools would be an alternative if they were fixed.

reprotest

Any process is moot if it can't be tested.

reprotest helps by running 2 successive compilations with varying factors (build path, file system ordering, etc.), and check that we get the exact same binary. As a trade-off, I don't run it on the full build environment, just on the project itself. I plugged reprotest to the Docker container by running a sshd on the fly. I have another Makefile target to run reprotest in my host system where I also installed MXE, so I can compare results and sometimes find differences (e.g. due to using a different filesystem). In addition this is faster for debugging since changing anything in the early Dockerfile steps means a full 1h rebuild.

Copy-on-release

At release time I make a copy of the directory that contains all the self-contained build scripts and the Dockerfile, and rename it after the new release version. I'll continue improving upon the reproducible build system in the 'snapshot' directory, but the versioned directory will stay as-is and can be used in the future to get the same bit-for-bit identical .exe anytime.

This is the technique I used in my Android Rebuilds project.

Other platforms

For now I don't control the build process for other platforms: distros have their own autobuilders, so does F-Droid. Their problem :P

I have plans to make reproducible GNU/Linux AppImage-based builds in the future though. I should be able to use a finer-grained, per-dependency process rather than the huge MXE-based chunk I currently do.

I hope this helps other projects provide reproducible binaries directly! Comments/suggestions welcome.

02 June, 2018 05:12PM

May 30, 2018

FSF News

Minifree Libreboot X200 Tablet now FSF-certified to Respect Your Freedom

Libreboot X200 tablet

This is the third device from Minifree Ltd to receive RYF certification. The Libreboot X200 Tablet is a fully free laptop/tablet hybrid that comes with Trisquel and Libreboot pre-installed. The device is similar to the previously certified Libreboot X200 laptop, but with a built-in tablet that enables users to draw, sign documents, or make handwritten notes. Like all devices from Minifree Ltd., purchasing the Libreboot X200 Tablet helps to fund development of Libreboot, the free boot firmware that currently runs on all RYF-certified laptops. It may be purchased at https://minifree.org/product/libreboot-x200-tablet/, and comes with free technical support included.

"We need RYF-certified laptops of all shapes, sizes, and form factors, and for them to be available from multiple sources around the world so users have options. This is a welcome expansion of those options, as well as an opportunity for people to help unlock future possibilities by funding Libreboot development," said the FSF's executive director, John Sullivan.

"The Libreboot X200 Tablet is another great addition to the line-up of freedom respecting devices from Minifree, which has a long history of developing the software and tools that make RYF-certifiable devices possible," said the FSF's licensing & compliance manager, Donald Robertson, III.

"I'm happy that the FSF is now endorsing yet another Minifree product. Minifree's mission is to provide affordable, libre systems that are easy to use and therefore accessible to the public. Minifree's purpose is to provide funding to the Libreboot project, supporting it fully, and I'm delighted to once again cooperate with the FSF on this most noble goal," said Leah Rowe, Founder & CEO, Minifree Ltd.

To learn more about the Respects Your Freedom certification program, including details on the certification of the Libreboot x200 Tablet, please visit https://fsf.org/ryf.

Hardware sellers interested in applying for certification can consult https://www.fsf.org/resources/hw/endorsement/criteria.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

About Minifree Ltd

Minifree Ltd, trading as Ministry of Freedom (formerly trading as Gluglug), is a UK supplier shipping worldwide that sells GNU/Linux-libre computers with the Libreboot firmware and Trisquel GNU/Linux-libre operating system pre-installed.

Libreboot is a free BIOS/UEFI replacement, offering faster boot speeds, better security, and many advanced features compared to most proprietary boot firmware.

Media Contacts

Donald Robertson, III
Licensing and Compliance Manager
Free Software Foundation
+1 (617) 542 5942
licensing@fsf.org

Leah Rowe
Founder & CEO
Minifree Ltd
+44 7442 425 835
info@gluglug.org.uk

Image Copyright 2018 Minifree Ltd, Licensed under Creative Commons Attribution-ShareAlike 4.0.

30 May, 2018 02:59PM

Parabola GNU/Linux-libre

Server outage

One of our servers, winston.parabola.nu, is currently offline for hardware reasons. It has been offline since 2018-05-30 00:15 UTC. Hang tight, it should be back online soon.

30 May, 2018 03:11AM by Luke Shumaker

May 28, 2018

bison @ Savannah

bison-3.0.5 released [stable]

28 May, 2018 05:04AM by Akim Demaille

May 26, 2018

GUIX Project news

Customize GuixSD: Use Stock SSH Agent Everywhere!

I frequently use SSH. Since I don't like typing my password all the time, I use an SSH agent. Originally I used the GNOME Keyring as my SSH agent, but recently I've switched to using the ssh-agent from OpenSSH. I accomplished this by doing the following two things:

  • Replace the default GNOME Keyring with a custom-built version that disables the SSH agent feature.

  • Start my desktop session with OpenSSH's ssh-agent so that it's always available to any applications in my desktop session.

Below, I'll show you in detail how I did this. In addition to being useful for anyone who wants to use OpenSSH's ssh-agent in GuixSD, I hope this example will help to illustrate how GuixSD enables you to customize your entire system to be just the way you want it!

The Problem: GNOME Keyring Can't Handle My SSH Keys

On GuixSD, I like to use the GNOME desktop environment. GNOME is just one of the various desktop environments that GuixSD supports. By default, the GNOME desktop environment on GuixSD comes with a lot of goodies, including the GNOME Keyring, which is GNOME's integrated solution for securely storing secrets, passwords, keys, and certificates.

The GNOME Keyring has many useful features. One of those is its SSH Agent feature. This feature allows you to use the GNOME Keyring as an SSH agent. This means that when you invoke a command like ssh-add, it will add the private key identities to the GNOME Keyring. Usually this is quite convenient, since it means that GNOME users basically get an SSH agent for free!

Unfortunately, up until GNOME 3.28 (the current release), the GNOME Keyring's SSH agent implementation was not as complete as the stock SSH agent from OpenSSH. As a result, earlier versions of GNOME Keyring did not support many use cases. This was a problem for me, since GNOME Keyring couldn't read my modern SSH keys. To make matters worse, by design the SSH agent for GNOME Keyring and OpenSSH both use the same environment variables (e.g., SSH_AUTH_SOCK). This makes it difficult to use OpenSSH's ssh-agent everywhere within my GNOME desktop environment.

Happily, starting with GNOME 3.28, GNOME Keyring delegates all SSH agent functionality to the stock SSH agent from OpenSSH. They have removed their custom implementation entirely. This means that today, I could solve my problem simply by using the most recent version of GNOME Keyring. I'll probably do just that when the new release gets included in Guix. However, when I first encountered this problem, GNOME 3.28 hadn't been released yet, so the only option available to me was to customize GNOME Keyring or remove it entirely.

In any case, I'm going to show you how I solved this problem by modifying the default GNOME Keyring from the Guix package collection. The same ideas can be used to customize any package, so hopefully it will be a useful example. And what if you don't use GNOME, but you do want to use OpenSSH's ssh-agent? In that case, you may still need to customize your GuixSD system a little bit. Let me show you how!

The Solution: ~/.xsession and a Custom GNOME Keyring

The goal is to make OpenSSH's ssh-agent available everywhere when we log into our GNOME desktop session. First, we must arrange for ssh-agent to be running whenever we're logged in.

There are many ways to accomplish this. For example, I've seen people implement shell code in their shell's start-up files which basically manages their own ssh-agent process. However, I prefer to just start ssh-agent once and not clutter up my shell's start-up files with unnecessary code. So that's what we're going to do!

Launch OpenSSH's ssh-agent in Your ~/.xsession

By default, GuixSD uses the SLiM desktop manager. When you log in, SLiM presents you with a menu of so-called "desktop sessions", which correspond to the desktop environments you've declared in your operating system declaration. For example, if you've added the gnome-desktop-service to your operating system declaration, then you'll see an option for GNOME at the SLiM login screen.

You can further customize your desktop session with the ~/.xsession file. The contract for this file in GuixSD is the same as it is for many GNU/Linux distributions: if it exists, then it will be executed. The arguments passed to it will be the command line invocation that would normally be executed to start the desktop session that you selected from the SLiM login screen. Your ~/.xsession is expected to do whatever is necessary to customize and then start the specified desktop environment. For example, when you select GNOME from the SLiM login screen, your ~/.xsession file will basically be executed like this (for the exact execution mechanism, please refer to the source code linked above):

$ ~/.xsession gnome-session

The upshot of all this is that the ~/.xsession is an ideal place to set up your SSH agent! If you start an SSH agent in your ~/.xsession file, you can have the SSH agent available everywhere, automatically! Check it out: Put this into your ~/.xsession file, and make the file executable:

#!/run/current-system/profile/bin/bash
exec ssh-agent "$@"

When you invoke ssh-agent in this way, it executes the specified program in an environment where commands like ssh-add just work. It does this by setting environment variables such as SSH_AUTH_SOCK, which programs like ssh-add find and use automatically. Because GuixSD allows you to customize your desktop session like this, you can use any SSH agent you want in any desktop environments that you want, automatically!

Of course, if you're using GNOME Keyring version 3.27 or earlier (like I was), then this isn't quite enough. In that case, the SSH agent feature of GNOME Keyring will override the environment variables set by OpenSSH's ssh-agent, so commands like ssh-add will wind up communicating with the GNOME Keyring instead of the ssh-agent you launched in your ~/.xsession. This is bad because, as previously mentioned, GNOME Keyring version 3.27 or earlier doesn't support as many uses cases as OpenSSH's ssh-agent.

How can we work around this problem?

Customize the GNOME Keyring

One heavy-handed solution would be to remove GNOME Keyring entirely. That would work, but then you would lose out on all the other great features that it has to offer. Surely we can do better!

The GNOME Keyring documentation explains that one way to disable the SSH agent feature is to include the --disable-ssh-agent configure flag when building it. Thankfully, Guix provides some ways to customize software in exactly this way!

Conceptually, we "just" have to do the following two things:

  • Customize the existing gnome-keyring package.

  • Make the gnome-desktop-service use our custom gnome-keyring package.

Create a Custom GNOME Keyring Package

Let's begin by defining a custom gnome-keyring package, which we'll call gnome-keyring-sans-ssh-agent. With Guix, we can do this in less than ten lines of code:

(define-public gnome-keyring-sans-ssh-agent
  (package
    (inherit gnome-keyring)
    (name "gnome-keyring-sans-ssh-agent")
    (arguments
     (substitute-keyword-arguments
         (package-arguments gnome-keyring)
       ((#:configure-flags flags)
        `(cons "--disable-ssh-agent" ,flags))))))

Don't worry if some of that code is unclear at first. I'll clarify it now!

In Guix, a <package> record like the one above is defined by a macro called define-record-type* (defined in the file guix/records.scm in the Guix source). It's similar to an SRFI-9 record. The inherit feature of this macro is very useful: it creates a new copy of an existing record, overriding specific fields in the new copy as needed.

In the above, we define gnome-keyring-sans-ssh-agent to be a copy of the gnome-keyring package, and we use inherit to change the name and arguments fields in that new copy. We also use the substitute-keyword-arguments macro (defined in the file guix/utils.scm in the Guix source) to add --disable-ssh-agent to the list of configure flags defined in the gnome-keyring package. The effect of this is to define a new GNOME Keyring package that is built exactly the same as the original, but in which the SSH agent is disabled.

I'll admit this code may seem a little opaque at first, but all code does when you first learn it. Once you get the hang of things, you can customize packages any way you can imagine. If you want to learn more, you should read the docstrings for the define-record-type* and substitute-keyword-arguments macros in the Guix source code. It's also very helpful to grep the source code to see examples of how these macros are used in practice. For example:

$ # Search the currently installed Guix for the current user.
$ grep -r substitute-keyword-arguments ~/.config/guix/latest
$ # Search the Guix Git repository, assuming you've checked it out here.
$ grep -r substitute-keyword-arguments ~/guix

Use the Custom GNOME Keyring Package

OK, we've created our own custom GNOME Keyring package. Great! Now, how do we use it?

In GuixSD, the GNOME desktop environment is treated as a system service. To make GNOME use our custom GNOME Keyring package, we must somehow customize the gnome-desktop-service (defined in the file gnu/services/desktop.scm) to use our custom package. How do we do customize a service? Generally, the answer depends on the service. Thankfully, many of GuixSD's services, including the gnome-desktop-service, follow a similar pattern. In this case, we "just" need to pass a custom <gnome-desktop-configuration> record to the gnome-desktop-service procedure in our operating system declaration, like this:

(operating-system

  ...

  (services (cons*
             (gnome-desktop-service
              #:config my-gnome-desktop-configuration)
             %desktop-services)))

Here, the cons* procedure just adds the GNOME desktop service to the %desktop-services list, returning the new list. For details, please refer to the the Guile manual.

Now the question is: what should my-gnome-desktop-configuration be? Well, if we examine the definition of this record type in the Guix source, we see the following:

(define-record-type* <gnome-desktop-configuration> gnome-desktop-configuration
  make-gnome-desktop-configuration
  gnome-desktop-configuration
  (gnome-package gnome-package (default gnome)))

The gnome package referenced here is a "meta" package: it exists only to aggregate many GNOME packages together, including gnome-keyring. To see its definition, we can simply invoke guix edit gnome, which opens the file where the package is defined:

(define-public gnome
  (package
    (name "gnome")
    (version (package-version gnome-shell))
    (source #f)
    (build-system trivial-build-system)
    (arguments '(#:builder (mkdir %output)))
    (propagated-inputs
     ;; TODO: Add more packages according to:
     ;;       <https://packages.debian.org/jessie/gnome-core>.
     `(("adwaita-icon-theme"        ,adwaita-icon-theme)
       ("baobab"                    ,baobab)
       ("font-cantarell"            ,font-cantarell)
       [... many packages omitted for brevity ...]
       ("gnome-keyring"             ,gnome-keyring)
       [... many packages omitted for brevity ...]
    (synopsis "The GNU desktop environment")
    (home-page "https://www.gnome.org/")
    (description
     "GNOME is the graphical desktop for GNU.  It includes a wide variety of
applications for browsing the web, editing text and images, creating
documents and diagrams, playing media, scanning, and much more.")
    (license license:gpl2+)))

Apart from being a little long, this is just a normal package definition. We can see that gnome-keyring is included in the list of propagated-inputs. So, we need to create a replacement for the gnome package that uses our gnome-keyring-sans-ssh-agent instead of gnome-keyring. The following package definition accomplishes that:

(define-public gnome-sans-ssh-agent
  (package
    (inherit gnome)
    (name "gnome-sans-ssh-agent")
    (propagated-inputs
     (map (match-lambda
            ((name package)
             (if (equal? name "gnome-keyring")
                 (list name gnome-keyring-sans-ssh-agent)
                 (list name package))))
          (package-propagated-inputs gnome)))))

As before, we use inherit to create a new copy of the gnome package that overrides the original name and propagated-inputs fields. Since Guix packages are just defined using good old scheme, we can use existing language features like map and match-lambda to manipulate the list of propagated inputs. The effect of the above is to create a new package that is the same as the gnome package but uses gnome-keyring-sans-ssh-agent instead of gnome-keyring.

Now that we have gnome-sans-ssh-agent, we can create a custom <gnome-desktop-configuration> record and pass it to the gnome-desktop-service procedure as follows:

(operating-system

  ...

  (services (cons*
             (gnome-desktop-service
              #:config (gnome-desktop-configuration
                        (gnome-package gnome-sans-ssh-agent)))
             %desktop-services)))

Wrapping It All Up

Finally, you need to run the following commands as root to create and boot into the new system generation (replace MY-CONFIG with the path to the customized operating system configuration file):

# guix system reconfigure MY-CONFIG
# reboot

After you log into GNOME, any time you need to use SSH, the stock SSH agent from OpenSSH that you started in your ~/.xsession file will be used instead of the GNOME Keyring's SSH agent. It just works! Note that it still works even if you select a non-GNOME desktop session (like XFCE) at the SLiM login screen, since the ~/.xsession is not tied to any particular desktop session,

In the unfortunate event that something went wrong and things just aren't working when you reboot, don't worry: with GuixSD, you can safely roll back to the previous system generation via the usual mechanisms. For example, you can run this from the command line to roll back:

# guix system roll-back
# reboot

This is one of the great benefits that comes from the fact that Guix follows the functional software deployment model. However, note that because the ~/.xsession file (like many files in your home directory) is not managed by Guix, you must manually undo the changes that you made to it in order to roll back fully.

Conclusion

I hope this helps give you some ideas for how you can customize your own GuixSD system to make it exactly what you want it to be. Not only can you customize your desktop session via your ~/.xsession file, but Guix also provides tools for you to modify any of the default packages or services to suit your specific needs.

Happy hacking!

Notices

CC0

To the extent possible under law, Chris Marusich has waived all copyright and related or neighboring rights to this article, "Customize GuixSD: Use Stock SSH Agent Everywhere!". This work is published from: United States.

The views expressed in this article are those of Chris Marusich and do not necessarily reflect the views of his past, present, or future employers.

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64 and armv7 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

26 May, 2018 03:00PM by Chris Marusich

health @ Savannah

openSUSE donates more Raspberry Pis to the GNU Health project

Dear community:

Today, in the context of the openSUSE conference 2018, oSC18, openSUSE donated 10 Raspberry Pis to the GNU health project.

GNU Health embedded, is a project that delivers GNU Health in single board machines, like raspberry pi.

The #GNUHealthEmbedded project delivers a ready-to-run, full blown installation of GNU Health. From the GNUHealth kernel, the database and even a demo database that can be installed.

The user only needs to point the client to the the server address.

The new Raspberry Pis will include:

  • Latest openSUSE Leap 15
  • GNU Health 3.4 server
  • Offline documentation
  • Lab interfaces

It will also include the Federation related packages, so it could act as a relay or as a node in the distributed, federated model.

Thank you so much to openSUSE for their generous donation, and commitment to the GNUHealth project, as an active member and as an sponsor !

Main news from openSUSE portal:
https://news.opensuse.org/2018/05/26/opensuse-donates-10-more-raspberry-pis-to-gnu-health/

26 May, 2018 01:02PM by Luis Falcon

May 25, 2018

Sylvain Beucler

Testing GNU FreeDink in your browser

Ever wanted to try this weird GNU FreeDink game, but never had the patience to install it?
Today, you can play it with a single click :)

Play GNU FreeDink

This is a first version that can be polished further but it works quite well.
This is the original C/C++/SDL2 code with a few tweaks, cross-compiled to WebAssembly (and an alternate version in asm.js) with emscripten.
Nothing brand new I know, but things are getting smoother, and WebAssembly is definitely a performance boost.

I like distributed and autonomous tools, so I'm generally not inclined to web-based solutions.
In this case however, this is a local version of the game. There's no server side. Savegames are in your browser local storage. Even importing D-Mods (game add-ons) is performed purely locally in the in-memory virtual FS with a custom .tar.bz2 extractor cross-compiled to WebAssembly.
And you don't have to worry about all these Store policies (and Distros policies^W^W^W.

I'm interested in feedback on how well these works for you in your browsers and devices:

I'm also interested in tips on how to place LibreJS tags - this is all free JavaScript.

25 May, 2018 11:46PM

May 23, 2018

GNUnet News

May 22, 2018

parallel @ Savannah

GNU Parallel 20180522 ('Great March of Return') released

GNU Parallel 20180522 ('Great March of Return') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

Gnu parallel seems to work fine.
Sucking up the life out of all cores, poor machine ahahahahah
-- osxreverser

New in this release:

  • --tty allows for more programs accessing /dev/tty in parallel. Some programs require tty access without using it.
  • env_parallel --session will record names in current environment in $PARALLEL_IGNORED_NAMES and exit. It is only used with env_parallel, and can work like --record-env but in a single session.
  • Bug fixes and man page updates.

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, April 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 May, 2018 10:57PM by Ole Tange

May 21, 2018

Andy Wingo

correct or inotify: pick one

Let's say you decide that you'd like to see what some other processes on your system are doing to a subtree of the file system. You don't want to have to change how those processes work -- you just want to see what files those processes create and delete.

One approach would be to just scan the file-system tree periodically, enumerating its contents. But when the file system tree is large and the change rate is low, that's not an optimal thing to do.

Fortunately, Linux provides an API to allow a process to receive notifications on file-system change events, called inotify. So you open up the inotify(7) manual page, and are greeted with this:

With careful programming, an application can use inotify to efficiently monitor and cache the state of a set of filesystem objects. However, robust applications should allow for the fact that bugs in the monitoring logic or races of the kind described below may leave the cache inconsistent with the filesystem state. It is probably wise to do some consistency checking, and rebuild the cache when inconsistencies are detected.

It's not exactly reassuring is it? I mean, "you had one job" and all.

Reading down a bit farther, I thought that with some "careful programming", I could get by. After a day of trying, I am now certain that it is impossible to build a correct recursive directory monitor with inotify, and I am not even sure that "good enough" solutions exist.

pitfall the first: buffer overflow

Fundamentally, inotify races the monitoring process with all other processes on the system. Events are delivered to the monitoring process via a fixed-size buffer that can overflow, and the monitoring process provides no back-pressure on the system's rate of filesystem modifications. With inotify, you have to be ready to lose events.

This I think is probably the easiest limitation to work around. The kernel can let you know when the buffer overflows, and you can tweak the buffer size. Still, it's a first indication that perfect is not possible.

pitfall the second: now you see it, now you don't

This one is the real kicker. Say you get an event that says that a file "frenemies.txt" has been created in the directory "/contacts/". You go to open the file -- but is it still there? By the time you get around to looking for it, it could have been deleted, or renamed, or maybe even created again or replaced! This is a TOCTTOU race, built-in to the inotify API. It is literally impossible to use inotify without this class of error.

The canonical solution to this kind of issue in the kernel is to use file descriptors instead. Instead of or possibly in addition to getting a name with the file change event, you get a descriptor to a (possibly-unlinked) open file, which you would then be responsible for closing. But that's not what inotify does. Oh well!

pitfall the third: race conditions between inotify instances

When you inotify a directory, you get change notifications for just that directory. If you want to get change notifications for subdirectories, you need to open more inotify instances and poll on them all. However now you have N2 problems: as poll and the like return an unordered set of readable file descriptors, each with their own ordering, you no longer have access to a linear order in which changes occurred.

It is impossible to build a recursive directory watcher that definitively says "ok, first /contacts/frenemies.txt was created, then /contacts was renamed to /peeps, ..." because you have no ordering between the different watches. You don't know that there was ever even a time that /contacts/frenemies.txt was an accessible file name; it could have been only ever openable as /peeps/frenemies.txt.

Of course, this is the most basic ordering problem. If you are building a monitoring tool that actually wants to open files -- good luck bubster! It literally cannot be correct. (It might work well enough, of course.)

reflections

As far as I am aware, inotify came out to address the needs of desktop search tools like the belated Beagle (11/10 good pupper just trying to get his pup on). Especially in the days of spinning metal, grovelling over the whole hard-drive was a real non-starter, especially if the search database should to be up-to-date.

But after looking into inotify, I start to see why someone at Google said that desktop search was in some ways harder than web search -- I mean we all struggle to find files on our own machines, even now, 15 years after the whole dnotify/inotify thing started. Part of it is that the given the choice between supporting reliable, fool-proof file system indexes on the one hand, and overclocking the IOPS benchmarks on the other, the kernel gave us inotify. I understand it, but inotify still sucks.

I dunno about you all but whenever I've had to document such an egregious uncorrectable failure mode as any of the ones in the inotify manual, I have rewritten the software instead. In that spirit, I hope that some day we shall send inotify to the pet cemetery, to rest in peace beside Beagle.

21 May, 2018 02:29PM by Andy Wingo

nano @ Savannah

GNU nano 2.9.7 was released

Accumulated changes over the last five releases include: the ability to bind a key to a string (text and/or escape sequences), a default color of bright white on red for error messages, an improvement to the way the Scroll-Up and Scroll-Down commands work, and the new --afterends option to make Ctrl+Right (next word) stop at the end of a word instead of at the beginning. Check it out.

21 May, 2018 10:36AM by Benno Schulenberg

May 18, 2018

FSF Events

Richard Stallman - "We must legislate to block collection of personal data" (HOPE, New York, NY)

Richard Stallman will be speaking at The Circle of HOPE (2018-07-22–24).

We must legislate to block collection of personal data" With surveillance so pervasive, weak measures can only nibble around the edges. To restore privacy, we need strong measures. Companies are so adept at manufacturing users' consent that the requirement hardly hampers their surveillance, so now what we need nowadays is to put strict limits on what data systems can collect.

Richard Stallman's speech will be nontechnical and the public is encouraged to attend.

Location: 18th floor, Hotel Pennsylvania, 401 Seventh Avenue at 33rd Street (15 Penn Plaza), New York, NY 10001

Please fill out our contact form, so that we can contact you about future events in and around New York City.

18 May, 2018 01:35PM

May 17, 2018

Richard Stallman estará en La Plata, Argentina

Esa charla de Richard Stallman no será técnica y será abierta al público; todos están invitados a asistir.

El título será determinado.

Lugar: Facultad de informática de la Universidad Nacional de La Plata (calle 50 y 120), La Plata, Argentina

Favor de rellenar este formulario, para que podamos contactarle acerca de eventos futuros en la región de Buenos Aires.

17 May, 2018 07:40PM

May 16, 2018

Andy Wingo

lightweight concurrency in lua

Hello, all! Today I'd like to share some work I have done recently as part of the Snabb user-space networking toolkit. Snabb is mainly about high-performance packet processing, but it also needs to communicate with management-oriented parts of network infrastructure. These communication needs are performed by a dedicated manager process, but that process has many things to do, and can't afford to make blocking operations.

Snabb is written in Lua, which doesn't have built-in facilities for concurrency. What we'd like is to have fibers. Fortunately, Lua's coroutines are powerful enough to implement fibers. Let's do that!

fibers in lua

First we need a scheduling facility. Here's the smallest possible scheduler: simply a queue of tasks and a function to run those tasks.

local task_queue = {}

function schedule_task(thunk)
   table.insert(task_queue, thunk)
end

function run_tasks()
   local queue = task_queue
   task_queue = {}
   for _,thunk in ipairs(queue) do thunk() end
end

For our purposes, a task is just a function that will be called with no arguments.

Now let's build fibers. This is easier than you might think!

local current_fiber = false

function spawn_fiber(fn)
   local fiber = coroutine.create(fn)
   schedule_task(function () resume_fiber(fiber) end)
end

function resume_fiber(fiber, ...)
   current_fiber = fiber
   local ok, err = coroutine.resume(fiber, ...)
   current_fiber = nil
   if not ok then
      print('Error while running fiber: '..tostring(err))
   end
end

function suspend_current_fiber(block, ...)
   -- The block function should arrange to reschedule
   -- the fiber when it becomes runnable.
   block(current_fiber, ...)
   return coroutine.yield()
end

Here, a fiber is simply a coroutine underneath. Suspending a fiber suspends the coroutine. Resuming a fiber runs the coroutine. If you're unfamiliar with coroutines, or coroutines in Lua, maybe have a look at the lua-users wiki page on the topic.

The difference between a fibers facility and just coroutines is that with fibers, you have a scheduler as well. Very much like Scheme's call-with-prompt, coroutines are one of those powerful language building blocks that should rarely be used directly; concurrent programming needs more structure than what Lua offers.

If you're following along, it's probably worth it here to think how you would implement yield based on these functions. A yield implementation should yield control to the scheduler, and resume the fiber on the next scheduler turn. The answer is here.

communication

Once you have fibers and a scheduler, you have concurrency, which means that if you're not careful, you have a mess. Here I think the Go language got the essence of the idea exactly right: Do not communicate by sharing memory; instead, share memory by communicating.

Even though Lua doesn't support multiple machine threads running concurrently, concurrency between fibers can still be fraught with bugs. Tony Hoare's Communicating Sequential Processes showed that we can avoid a class of these bugs by treating communication as a first-class concept.

Happily, the Concurrent ML project showed that it's possible to build these first-class communication facilities as a library, provided the language you are working in has threads of some kind, and fibers are enough. Last year I built a Concurrent ML library for Guile Scheme, and when in Snabb we had a similar need, I ported that code over to Lua. As it's a new take on the problem in a different language, I think I've been able to simplify things even more.

So let's take a crack at implementing Concurrent ML in Lua. In CML, the fundamental primitive for communication is the operation. An operation represents the potential for communication. For example, if you have a channel, it would have methods to return "get operations" and "put operations" on that channel. Actually receiving or sending a message on a channel occurs by performing those operations. One operation can be performed many times, or not at all.

Compared to a system like Go, for example, there are two main advantages of CML. The first is that CML allows non-deterministic choice between a number of potential operations in a generic way. For example, you can construct a operation that, when performed, will either get on one channel or wait for a condition variable to be signalled, whichever comes first. In Go, you can only select between operations on channels.

The other interesting part of CML is that operations are built from a uniform protocol, and so users can implement new kinds of operations. Compare again to Go where all you have are channels, and nothing else.

The CML operation protocol consists three related functions: try which attempts to directly complete an operation in a non-blocking way; block, which is called after a fiber has suspended, and which arranges to resume the fiber when the operation completes; and wrap, which is called on the result of a successfully performed operation.

In Lua, we can call this an implementation of an operation, and create it like this:

function new_op_impl(try, block, wrap)
   return { try=try, block=block, wrap=wrap }
end

Now let's go ahead and write the guts of CML: the operation implementation. We'll represent an operation as a Lua object with two methods. The perform method will attempt to perform the operation, and return the resulting value. If the operation can complete immediately, the call to perform will return directly. Otherwise, perform will suspend the current fiber and arrange to continue only when the operation completes.

The wrap method "decorates" an operation, returning a new operation that, if and when it completes, will "wrap" the result of the completed operation with a function, by applying the function to the result. It's useful to distinguish the sub-operations of a non-deterministic choice from each other.

Here our new_op function will take an array of operation implementations and return an operation that, when performed, will synchronize on the first available operation. As you can see, it already has the equivalent of Go's select built in.

function new_op(impls)
   local op = { impls=impls }
   
   function op.perform()
      for _,impl in ipairs(impls) do
         local success, val = impl.try()
         if success then return impl.wrap(val) end
      end
      local function block(fiber)
         local suspension = new_suspension(fiber)
         for _,impl in ipairs(impls) do
            impl.block(suspension, impl.wrap)
         end
      end
      local wrap, val = suspend_current_fiber(block)
      return wrap(val)
   end

   function op.wrap(f)
      local wrapped = {}
      for _, impl in ipairs(impls) do
         local function wrap(val)
            return f(impl.wrap(val))
         end
         local impl = new_op_impl(impl.try, impl.block, wrap)
         table.insert(wrapped, impl)
      end
      return new_op(wrapped)
   end

   return op
end

There's only one thing missing there, which is new_suspension. When you go to suspend a fiber because none of the operations that it's trying to do can complete directly (i.e. all of the try functions of its impls returned false), at that point the corresponding block functions will publish the fact that the fiber is waiting. However the fiber only waits until the first operation is ready; subsequent operations becoming ready should be ignored. The suspension is the object that manages this state.

function new_suspension(fiber)
   local waiting = true
   local suspension = {}
   function suspension.waiting() return waiting end
   function suspension.complete(wrap, val)
      assert(waiting)
      waiting = false
      local function resume()
         resume_fiber(fiber, wrap, val)
      end
      schedule_task(resume)
   end
   return suspension
end

As you can see, the suspension's complete method is also the bit that actually arranges to resume a suspended fiber.

Finally, just to round out the implementation, here's a function implementing non-deterministic choice from among a number of sub-operations:

function choice(...)
   local impls = {}
   for _, op in ipairs({...}) do
      for _, impl in ipairs(op.impls) do
         table.insert(impls, impl)
      end
   end
   return new_op(impls)
end

on cml

OK, I'm sure this seems a bit abstract at this point. Let's implement something concrete in terms of these primitives: channels.

Channels expose two similar but different kinds of operations: put operations, which try to send a value, and get operations, which try to receive a value. If there's a sender already waiting to send when we go to perform a get_op, the operation continues directly, and we resume the sender; otherwise the receiver publishes its suspension to a queue. The put_op case is similar.

Finally we add some synchronous put and get convenience methods, in terms of their corresponding CML operations.

function new_channel()
   local ch = {}
   -- Queues of suspended fibers waiting to get or put values
   -- via this channel.
   local getq, putq = {}, {}

   local function default_wrap(val) return val end
   local function is_empty(q) return #q == 0 end
   local function peek_front(q) return q[1] end
   local function pop_front(q) return table.remove(q, 1) end
   local function push_back(q, x) q[#q+1] = x end

   -- Since a suspension could complete in multiple ways
   -- because of non-deterministic choice, it could be that
   -- suspensions on a channel's putq or getq are already
   -- completed.  This helper removes already-completed
   -- suspensions.
   local function remove_stale_entries(q)
      local i = 1
      while i <= #q do
         if q[i].suspension.waiting() then
            i = i + 1
         else
            table.remove(q, i)
         end
      end
   end

   -- Make an operation that if and when it completes will
   -- rendezvous with a receiver fiber to send VAL over the
   -- channel.  Result of performing operation is nil.
   function ch.put_op(val)
      local function try()
         remove_stale_entries(getq)
         if is_empty(getq) then
            return false, nil
         else
            local remote = pop_front(getq)
            remote.suspension.complete(remote.wrap, val)
            return true, nil
         end
      end
      local function block(suspension, wrap)
         remove_stale_entries(putq)
         push_back(putq, {suspension=suspension, wrap=wrap, val=val})
      end
      return new_op({new_op_impl(try, block, default_wrap)})
   end

   -- Make an operation that if and when it completes will
   -- rendezvous with a sender fiber to receive one value from
   -- the channel.  Result is the value received.
   function ch.get_op()
      local function try()
         remove_stale_entries(putq)
         if is_empty(putq) then
            return false, nil
         else
            local remote = pop_front(putq)
            remote.suspension.complete(remote.wrap)
            return true, remote.val
         end
      end
      local function block(suspension, wrap)
         remove_stale_entries(getq)
         push_back(getq, {suspension=suspension, wrap=wrap})
      end
      return new_op({new_op_impl(try, block, default_wrap)})
   end

   function ch.put(val) return ch.put_op(val).perform() end
   function ch.get()    return ch.get_op().perform()    end

   return ch
end

a wee example

You might be wondering what it's like to program with channels in Lua, so here's a little example that shows a prime sieve based on channels. It's not a great example of concurrency in that it's not an inherently concurrent problem, but it's cute to show computations in terms of infinite streams.

function prime_sieve(count)
   local function sieve(p, rx)
      local tx = new_channel()
      spawn_fiber(function ()
         while true do
            local n = rx.get()
            if n % p ~= 0 then tx.put(n) end
         end
      end)
      return tx
   end

   local function integers_from(n)
      local tx = new_channel()
      spawn_fiber(function ()
         while true do
            tx.put(n)
            n = n + 1
         end
      end)
      return tx
   end

   local function primes()
      local tx = new_channel()
      spawn_fiber(function ()
         local rx = integers_from(2)
         while true do
            local p = rx.get()
            tx.put(p)
            rx = sieve(p, rx)
         end
      end)
      return tx
   end

   local done = false
   spawn_fiber(function()
      local rx = primes()
      for i=1,count do print(rx.get()) end
      done = true
   end)

   while not done do run_tasks() end
end

Here you also see an example of running the scheduler in the last line.

where next?

Let's put this into perspective: in a couple hundred lines of code, we've gone from minimal Lua to a language with lightweight multitasking, extensible CML-based operations, and CSP-style channels; truly a delight.

There are a number of possible ways to extend this code. One of them is to implement true multithreading, if the language you are working in supports that. In that case there are some small protocol modifications to take into account; see the notes on the Guile CML implementation and especially the Manticore Parallel CML project.

The implementation above is pleasantly small, but it could be faster with the choice of more specialized data structures. I think interested readers probably see a number of opportunities there.

In a library, you might want to avoid the global task_queue and implement nested or multiple independent schedulers, and of course in a parallel situation you'll want core-local schedulers as well.

The implementation above has no notion of time. What we did in the Snabb implementation of fibers was to implement a timer wheel, inspired by Juho Snellman's Ratas, and then add that timer wheel as a task source to Snabb's scheduler. In Snabb, every time the equivalent of run_tasks() is called, a scheduler asks its sources to schedule additional tasks. The timer wheel implementation schedules expired timers. It's straightforward to build CML timeout operations in terms of timers.

Additionally, your system probably has other external sources of communication, such as sockets. The trick to integrating sockets into fibers is to suspend the current fiber whenever an operation on a file descriptor would block, and arrange to resume it when the operation can proceed. Here's the implementation in Snabb.

The only difficult bit with getting nice nonblocking socket support is that you need to be able to suspend the calling thread when you see the EWOULDBLOCK condition, and for coroutines that is often only possible if you implemented the buffered I/O yourself. In Snabb that's what we did: we implemented a compatible replacement for Lua's built-in streams, in Lua. That lets us handle EWOULDBLOCK conditions in a flexible manner. Integrating epoll as a task source also lets us sleep when there are no runnable tasks.

Likewise in the Snabb context, we are also working on a TCP implementation. In that case you want to structure TCP endpoints as fibers, and arrange to suspend and resume them as appropriate, while also allowing timeouts. I think the scheduler and CML patterns are going to allow us to do that without much trouble. (Of course, the TCP implementation will give us lots of trouble!)

Additionally your system might want to communicate with fibers from other threads. It's entirely possible to implement CML on top of pthreads, and it's entirely possible as well to support communication between pthreads and fibers. If this is interesting to you, see Guile's implementation.

When I talked about fibers in an earlier article, I built them in terms of delimited continuations. Delimited continuations are fun and more expressive than coroutines, but it turns out that for fibers, all you need is the expressive power of coroutines -- multi-shot continuations aren't useful. Also I think the presentation might be more straightforward. So if all your language has is coroutines, that's still good enough.

There are many more kinds of standard CML operations; implementing those is also another next step. In particular, I have found semaphores and condition variables to be quite useful. Also, standard CML supports "guards", invoked when an operation is performed, and "nacks", invoked when an operation is definitively not performed because a choice selected some other operation. These can be layered on top; see the Parallel CML paper for notes on "primitive CML".

Also, the choice operator above is left-biased: it will prefer earlier impls over later ones. You might want to not always start with the first impl in the list.

The scheduler shown above is the simplest thing I could come up with. You may want to experiment with other scheduling algorithms, e.g. capability-based scheduling, or kill-safe abstractions. Do it!

Or, it could be you already have a scheduler, like some kind of main loop that's already there. Cool, you can use it directly -- all that fibers needs is some way to schedule functions to run.

godspeed

In summary, I think Concurrent ML should be better-known. Its simplicity and expressivity make it a valuable part of any concurrent system. Already in Snabb it helped us solve some longstanding gnarly issues by making the right solutions expressible.

As Adam Solove says, Concurrent ML is great, but it has a branding problem. Its ideas haven't penetrated the industrial concurrent programming world to the extent that they should. This article is another attempt to try to get the word out. Thanks to Adam for the observation that CML is really a protocol; I'm sure the concepts could be made even more clear, but at least this is a step forward.

All the code in this article is up on a gitlab snippet along with instructions for running the example program from the command line. Give it a go, and happy hacking with CML!

16 May, 2018 03:17PM by Andy Wingo

GUIX Project news

Tarballs, the ultimate container image format

A year ago we introduced guix pack, a tool that allows you to create “application bundles” from a set of Guix package definitions. On your Guix machine, you run:

guix pack -S /opt/gnu/bin=bin guile gnutls guile-json

and you get a tarball containing your favorite programming language implementation and a couple of libraries, where /opt/gnu/bin is a symlink to the bin directory containing, in this case, the guile command. Add -f docker and, instead of a tarball, you get an image in the Docker format that you can pass to docker load on any machine where Docker is installed. Overall that’s a relatively easy way to share software stacks with machines that do not run Guix.

The tarball format is plain and simple, it’s the one we know and love, and it’s been there “forever” as its name suggests. The tarball that guix pack produces can be readily extracted on another machine, one that doesn’t run Guix, and you’re done. The problem though, is that you’ll need to either unpack the tarball in the root file system or to play tricks with the unshare command, as we saw in the previous post. Why can’t we just extract such a tarball in our home directory and directly run ./opt/gnu/bin/guile for instance?

Relocatable packages

The main issue is that, except in the uncommon case where developers went to great lengths to make it possible (as with GUB, see the *-reloc*.patch files), packages built for GNU/Linux are not relocatable. ELF files embed things like the absolute file name of the dynamic linker, directories where libraries are to be search for (they can be relative file names with $ORIGIN but usually aren’t), and so on; furthermore, it’s very common to embed things like the name of the directory that contains locale data or other application-specific data. For Guix-built software, all these are absolute file names under /gnu/store so Guix-built binaries won’t run unless those /gnu/store files exist.

On machines where support for “user namespaces” is enabled, we can easily “map” the directory where users unpacked the tarball that guix pack produced to /gnu/store, as shown in the previous post:

$ tar xf /path/to/pack.tar.gz
$ unshare -mrf chroot . /opt/gnu/bin/guile --version
guile (GNU Guile) 2.2.0

It does the job but remains quite tedious. Can’t we automate that?

guix pack --relocatable

The --relocatable (or -R) option of guix pack, which landed a few days ago, produces tarballs with automatically relocatable binaries. Back to our earlier example, let’s say you produce a tarball with this new option:

guix pack --relocatable -S /bin=bin -S /etc=etc guile gnutls guile-json

You can send the resulting tarball to any machine that runs the kernel Linux (it doesn’t even have to be GNU/Linux) with user namespace support—which, unfortunately, is disabled by default on some distros. There, as a regular user, you can run:

$ tar xf /path/to/pack.tar.gz
$ source ./etc/profile    # define ’GUILE_LOAD_PATH’, etc.
$ ./bin/guile
guile: warning: failed to install locale
GNU Guile 2.2.3
Copyright (C) 1995-2017 Free Software Foundation, Inc.

Guile comes with ABSOLUTELY NO WARRANTY; for details type `,show w'.
This program is free software, and you are welcome to redistribute it
under certain conditions; type `,show c' for details.

Enter `,help' for help.
scheme@(guile-user)> ,use(json)
scheme@(guile-user)> ,use(gnutls)

We were able to run Guile and to use our Guile libraries since sourcing ./etc/profile augmented the GUILE_LOAD_PATH environment variable that tells Guile where to look for libraries. Indeed we can see it by inspecting the value of %load-path at the Guile prompt:

scheme@(guile-user)> %load-path
$1 = ("/gnu/store/w9xd291967cvmdp3m0s7739icjzgs8ns-profile/share/guile/site/2.2" "/gnu/store/b90y3swxlx3vw2yyacs8cz59b8cbpbw5-guile-2.2.3/share/guile/2.2" "/gnu/store/b90y3swxlx3vw2yyacs8cz59b8cbpbw5-guile-2.2.3/share/guile/site/2.2" "/gnu/store/b90y3swxlx3vw2yyacs8cz59b8cbpbw5-guile-2.2.3/share/guile/site" "/gnu/store/b90y3swxlx3vw2yyacs8cz59b8cbpbw5-guile-2.2.3/share/guile")

Wait, it’s all /gnu/store! As it turns out, guix pack --relocatable created a wrapper around guile that populates /gnu/store in the mount namespace of the process. Even though /gnu/store does not exist on that machine, our guile process “sees” our packages under /gnu/store:

scheme@(guile-user)> ,use(ice-9 ftw)
scheme@(guile-user)> (scandir "/gnu/store")
$2 = ("." ".." "0249nw8c7z626fw1fayacm160fpd543k-guile-json-0.6.0R" "05dvazr5wfh7lxx4zi54zfqnx6ha8vxr-bash-static-4.4.12" "0jawbsyafm93nxf4rcmkf1rsk7z03qfa-libltdl-2.4.6" "0z1r7ai6syi2qnf5z8w8n25b1yv8gdr4-info-dir" "1n59wjm6dbvc38b320iiwrxra3dg7yv8-libunistring-0.9.8" "2fg01r58vv9w41kw6drl1wnvqg7rkv9d-libtasn1-4.12" "2ifmksc425qcysl5rkxkbv6yrgc1w9cs-gcc-5.5.0-lib" "2vxvd3vls7c8i9ngs881dy1p5brc7p85-gmp-6.1.2" "4sqaib7c2dfjv62ivrg9b8wa7bh226la-glibc-2.26.105-g0890d5379c" "5kih0kxmipzjw10c53hhckfzkcs7c8mm-gnutls-3.5.13" "8hxm8am4ll05sa8wlwgdq2lj4ddag464-zlib-1.2.11" "90vz0r78bww7dxhpa7vsiynr1rcqhyh4-nettle-3.4" "b90y3swxlx3vw2yyacs8cz59b8cbpbw5-guile-2.2.3" "c4jrwbv7qckvnqa7f3h7bd1hh8rbg72y-libgc-7.6.0" "f5lw5w4nxs6p5gq0c2nb3jsrxc6mmxbi-libgc-7.6.0" "hjxic0k4as384vn2qp0l964isfkb0blb-guile-json-0.6.0" "ksyja5lbwy0mpskvn4rfi5klc00c092d-libidn2-2.0.4" "l15mx9lrwdflyvmb4a05va05v5yqizg5-libffi-3.2.1" "mm0zclrzj3y7rj74hzyd0f224xly04fh-bash-minimal-4.4.12" "vgmln3b639r68vvy75xhcbi7d2w31mx1-pkg-config-0.29.2" "vz3zfmphvv4w4y7nffwr4jkk7k4s0rfs-guile-2.2.3" "w9xd291967cvmdp3m0s7739icjzgs8ns-profile" "x0jf9ckd30k3nhs6bbhkrxsjmqz8phqd-nettle-3.4" "x8z6cr7jggs8vbyh0xzfmxbid63z6y83-guile-2.2.3R" "xbkl3nx0fqgpw2ba8jsjy0bk3nw4q3i4-gnutls-3.5.13R" "xh4k91vl0i8nlyrmvsh01x0mz629w5a9-gmp-6.1.2" "yx12x8v4ny9f6fipk8285jgfzqavii83-manual-database" "zksh1n0p9x903kqbvswgwy2vsk2b7255-libatomic-ops-7.4.8")

The wrapper is a small statically-linked C program. (Scheme would be nice and would allow us to reuse call-with-container, but it would also take up more space.) All it does is create a child process with separate mount and user namespaces, which in turn mounts the tarball’s /gnu/store to /gnu/store, bind-mounts other entries from the host root file system, and chroots into that. The result is a binary that sees everything a “normal” program sees on the host, but with the addition of /gnu/store, with minimal startup overhead.

In a way, it’s a bit of a hack: for example, what gets bind-mounted in the mount namespace of the wrapped program is hard-coded, which is OK, but some flexibility would be welcome (things like Flatpak’s sandbox permissions, for instance). Still, that it Just Works is a pretty cool feature.

Tarballs vs. Snap, Flatpak, Docker, & co.

Come to think of it: if you’re a developer, guix pack is probably one of the easiest ways to create an “application bundle” to share with your users; and as a user, these relocatable tarballs are about the simplest thing you can deal with since you don’t need anything but tar—well, and user namespace support. Plus, since they are bit-reproducible, anyone can rebuild them to ensure they do not contain malware or to check the provenance and licensing of its contents.

Application bundles cannot replace full-blown package management, which allows users to upgrade, get security updates, use storage and memory efficiently, and so on. For the purposes of quickly sharing packages with users or with Guix-less machines, though, you might find Guix packs to be more convenient than Snap, Flatplak, or Docker. Give it a spin and let us know!

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64 and armv7 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

16 May, 2018 09:00AM by Ludovic Courtès

May 15, 2018

FSF News

Zerocat Chipflasher "board-edition-1" now FSF-certified to Respect Your Freedom

chipflasher in action

This is the first device under The Zerocat Label to receive RYF certification. The Chipflasher enables users to flash devices such as laptops, allowing them to replace proprietary software with free software like Libreboot. While users are able to purchase RYF-certified laptops that already come with Libreboot pre-loaded, for the first time ever they are capable of freeing their own laptops using an RYF-certified device. The Zerocat Chipflasher board-edition-1 is now available for purchase as a limited edition at http://www.zerocat.org/shop-en.html. These first ten limited edition boards are signed by Kai Mertens, chief developer of The Zerocat Label, and will help to fund additional production and future development of RYF-certified devices.

"The certification of the Zerocat Chipflasher is a big step forward for the Respects Your Freedom program. Replacing proprietary boot firmware is one of the first tasks for creating a laptop that meets RYF's criteria, and now anyone can do so for their own devices with a flasher that is itself RYF-certified," said the FSF's executive director, John Sullivan.

An RYF-certified flashing device could also help to grow the number of laptops available via the RYF program.

"When someone sets out to start their own business selling RYF-certified devices, they now have a piece of hardware they can trust to help them with that process. We hope to see even more laptops made available under the program, and having those laptops flashed with a freedom-respecting device will help to set those retailers on the right path from the start," said the FSF's licensing & compliance manager, Donald Robertson, III.

"Free software tools carry the inherent message 'Let’s help our neighbors!', as this is basically the spirit of the licenses that these tools are shipped with. From a global perspective, we are all 'neighbors,' no matter which country. And from this point of view, I would be happy if the flasher will be regarded as a contribution towards worldwide cooperation and friendship," said Mertens.

To learn more about the Respects Your Freedom device certification program, including details on the certification of all these devices, please visit https://fsf.org/ryf.

Hardware sellers interested in applying for certification can consult https://www.fsf.org/resources/hw/endorsement/criteria.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at and , are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

About The Zerocat Label

The Zerocat Label has been set up in order to direct the focus on free design hardware development.

The development of free designs for hardware has many benefits. One of the most important is probably its capacity to conserve the Earth’s resources, and those of people. When we share knowledge, we work towards global solutions instead of individual profits.

Our current approach is to check which free design computer chips are available today, and to start creating something useful with them, even if bigger goals remain out of reach at this time. Creating tools in a modular manner allows us to combine them and to achieve complex solutions in the future.

Our next tasks are to find an answer to questions like “What free-design tools do we need?” and “What are we able to accomplish right now?” We hope to be able to build other free-design tools of wide interest by answering those questions. It is an experimental endeavor.

Media Contacts

Donald Robertson, III Licensing and Compliance Manager Free Software Foundation +1 (617) 542 5942 licensing@fsf.org

Kai Mertens Chief Developer The Zerocat Label zerocat@posteo.de

Image Copyright 2018 Kai Mertens, Licensed under Creative Commons Attribution-ShareAlike 4.0.

15 May, 2018 02:05PM

May 12, 2018

German Arias

New release of eiffel-iup

It is already available a new version of eiffel-iup, a Liberty Eiffel wrapper to IUP toolkit. So you can build your graphical application from Eiffel using Liberty Eiffel, the GNU implementation of Eiffel language. So happy hacking.

12 May, 2018 01:16AM by Germán Arias

May 11, 2018

librejs @ Savannah

LibreJS 7.14 released

GNU LibreJS aims to address the JavaScript problem described in Richard Stallman's article The JavaScript Trap. LibreJS is a free add-on for GNU IceCat and other Mozilla-based browsers. It blocks nonfree nontrivial JavaScript while allowing JavaScript that is free and/or trivial. https://www.gnu.org/philosophy/javascript-trap.en.html

The source tarball for this release can be found at:
http://ftp.gnu.org/gnu/librejs/librejs-7.14.tar.gz
http://ftp.gnu.org/gnu/librejs/librejs-7.14.tar.gz.sig

The installable extension file (compatible with Mozilla-based browsers version >= v57) is available here:
http://ftp.gnu.org/gnu/librejs/librejs-7.14.xpi
http://ftp.gnu.org/gnu/librejs/librejs-7.14.xpi.sig

GPG key:05EF 1D2F FE61 747D 1FC8 27C3 7FAC 7D26 472F 4409
https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=librejs

Version 7.14 is an extensive bugfix release that builds on the work done by Nathan Nichols, Nyk Nyby and Zach Wick to port LibreJS to the new WebExtensions format, and previously on the contributions by Loic Duros and myself among others.

Changes since version 7.13 (excerpt from the git changelog):

  • Check global licenses for pages
  • Enable legacy license matching and hash whitelist matching
  • Refactor whitelisting of domains
  • Generalize comment styles for license matching
  • Use multi-part fetch mechanism for read_script
  • Improved system that prevents parsing non-html documents
  • Do not process non-javascript scripts (json, templates, etc)
  • Do not run license_read on whitelisted scripts
  • Prevent parsing inline scripts if there is a global license
  • Prevent evaluation of external scripts, as they are always nontrivial
  • Avoid parsing empty whitespace sections
  • Correct tab and badge initialization to prevent race conditions
  • Generalize gpl-3.0 license text
  • Improved logging
  • Disable whitelisted and blacklisted sections on display panel for now
  • Hide per-script action buttons until functionality works
  • Fixes to the CSS plus showing links instead of hashes

11 May, 2018 10:28PM by Ruben Rodriguez

FSF News

Contract opportunity: JavaScript Developer for GNU LibreJS

The Free Software Foundation (FSF), a Massachusetts 501(c)(3) charity with a worldwide mission to protect computer user freedom, seeks a contract JavaScript Developer to work on GNU LibreJS, a free browser add-on that addresses the problem of nonfree JavaScript described in Richard Stallman's article The JavaScript Trap. This is a temporary, paid contract opportunity, with specific deliverables, hours, term, and payment to be determined with the selected candidate. We anticipate the contract being approximately 80 hours of full-time work, with the possibility of extension depending on results and project status.

Reporting to our technical team, the contractor will work to implement important missing features in the LibreJS extension. We are looking for someone with experience in backend JavaScript development, WebExtensions, and NodeJS/Browserify. Experience with software licensing is a plus. This is an urgent priority; we are seeking someone who is able to start now. Contractors can be based anywhere, but must be able to attend telephone meetings during Eastern Daylight Time business hours.

Examples of deliverables include, but are not limited to:

  • Web Labels support, plus Web Labels in JSON format
  • SPDX support
  • Unit and functional testing
  • User interface improvements
  • New and updated documentation

LibreJS is a critical component of the FSF's campaign for user freedom on the Web, and freeing JavaScript specifically. Building on past contributions, this is an opportunity to help unlock a world where users can better protect their freedom as they browse, and collaborate with each other to make and share modified JavaScript to use.

Reference documentation

Proposal instructions

Proposals must be submitted via email to hiring@fsf.org. The email must contain the subject line "LibreJS Developer." A complete application should include:

  • Letter of interest
  • CV / portfolio with links to any previous work online, especially browser extensions
  • At least two recent client references

All materials must be in a free format. Email submissions that do not follow these instructions will probably be overlooked. No phone calls, please.

Proposals will be reviewed on a rolling basis until the contract is filled. To guarantee consideration, submit your proposal by Friday, May 18, 2018.

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at fsf.org and gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. We are based in Boston, MA, USA.

11 May, 2018 02:18PM

May 09, 2018

GUIX Project news

Paper on reproducible bioinformatics pipelines with Guix

I’m happy to announce that the bioinformatics group at the Max Delbrück Center that I’m working with has released a preprint of a paper on reproducibility with the title Reproducible genomics analysis pipelines with GNU Guix.

We built a collection of bioinformatics pipelines called "PiGx" ("Pipelines in Genomix") and packaged them as first-class packages with GNU Guix. Then we looked at the degree to which the software achieves bit-reproducibility, analysed sources of non-determinism (e.g. time stamps), discussed experimental reproducibility at runtime (e.g. random number generators, the interface provided by the kernel and the GNU C library, etc) and commented on the practice of using “containers” (or application bundles) instead.

Reproducible builds is a crucial foundation for computational experiments. We hope that PiGx and the reproducibility analysis we presented in the paper can serve as a useful case study demonstrating the importance of a principled approach to computational reproducibility and the effectiveness of Guix in the pursuit of reproducible software management.

09 May, 2018 10:00AM by Ricardo Wurmus

May 08, 2018

libredwg @ Savannah

Smokers and mirrors

I've setup continuous integration testing for all branches and pull requests at https://travis-ci.org/LibreDWG/libredwg/builds for GNU/Linux, and at https://ci.appveyor.com/project/rurban/libredwg for windows, which also generates binaries (a dll) automatically.

There's also an official github mirror at https://github.com/LibreDWG/libredwg
where pull requests are accepted. This repo drives the CI's.
See https://github.com/LibreDWG/libredwg/releases for the nightly windows builds.

The first alpha release should be in June, when all the new permissions are finalized.

08 May, 2018 04:13PM by Reini Urban

May 05, 2018

Parabola GNU/Linux-libre

[From Arch] js52 52.7.3-2 upgrade requires intervention

Due to the SONAME of /usr/lib/libmozjs-52.so not matching its file name, ldconfig created an untracked file /usr/lib/libmozjs-52.so.0. This is now fixed and both files are present in the package.

To pass the upgrade, remove /usr/lib/libmozjs-52.so.0 prior to upgrading.

05 May, 2018 06:35AM by Omar Vega Ramos

May 02, 2018

guile-cv @ Savannah

Guile-CV version 0.1.9

Guile-CV version 0.1.9 is released! (Mai 2018)
Changes since the previous version

For a list of changes since the previous version, visit the NEWS file. For
a complete description, consult the git summary and git log

02 May, 2018 04:11AM by David Pirotte

April 26, 2018

GUIX Project news

Guix welcomes Outreachy, GSoC, and Guix-HPC interns

We are thrilled to announce that five people will join Guix as interns over the next few months! As part of Google’s Summer of Code (GSoC), under the umbrella of the GNU Project, three people are joining us:

  • Tatiana Sholokhova will work on a Web interface for the Guix continuous integration (CI) tool, Cuirass, similar in spirit to that of Hydra. Cuirass was started as part of GSoC 2016.
  • uniq10 will take over the build daemon rewrite in Scheme, a project started as part of last year's GSoC by reepca. The existing code lives in the guile-daemon branch. Results from last year already got us a long way towards a drop-in replacement of the current C++ code base.
  • Ioannis P. Koutsidis will work on implementing semantics similar to that of systemd unit files in the Shepherd, the “init system” (PID 1) used on GuixSD.

Through Outreachy, the inclusion program for groups underrepresented in free software and tech, one person will join:

Finally, we are welcoming one intern as part of the Guix-HPC effort:

  • Pierre-Antoine Rouby arrived a couple of weeks ago at Inria for a four-month internship on improving the user experience of Guix in high-performance computing (HPC) and reproducible scientific workflows. Pierre-Antoine has already contributed a couple of HPC package definitions and will next look at tools such as hpcguix-web, guix pack, and more.

Gábor Boskovits, Ricardo Wurmus, and Ludovic Courtès will be their primary mentors, and the whole Guix crowd will undoubtedly help and provide guidance as it has always done. Welcome to all of you!

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64 and armv7 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

26 April, 2018 03:00PM by Ludovic Courtès

April 24, 2018

Guix on Android!

Last year I thought to myself: since my phone is just a computer running an operating system called Android (or Replicant!), and that Android is based on a Linux kernel, it's just another foreign distribution I could install GNU Guix on, right? It turned out it was absolutely the case. Today I was reminded on IRC of my attempt last year at installing GNU Guix on my phone. Hence this blog post. I'll try to give you all the knowledge and commands required to install it on your own Android device.

Requirements

First of all, you will need an Android or Replicant device. Just like any installation of GNU Guix, you will need root access on that device. Unfortunately, in the Android world this is not very often the case by default. Then, you need a cable to connect your computer to your phone. Once the hardware is in place, you will need adb (the Android Debugging Bridge):

guix package -i adb

Exploring the device

Every Android device has its own partioning layout, but basically it works like this:

  1. A boot partition for booting the device
  2. A recovery partition for booting the device in recovery mode
  3. A data partition for user data, including applications, the user home, etc
  4. A system partition with the base system and applications. This is the place where phone companies put their own apps so you can't remove them
  5. A vendor partition for drivers
  6. Some other partitions

During the boot process, the bootloader looks for the boot partition. It doesn't contain a filesystem, but only a gzipped cpio archive (the initramfs) and the kernel. The bootloader loads them in memory and the kernel starts using the initramfs. Then, the init system from this initramfs loads partitions in their respective directories: the system partition in /system, the vendor partition in /vendor and the data partition in /data. Other partitions may be loaded.

And that's it. Android's root filesystem is actually the initramfs so any modification to its content will be lost after a reboot. Thankfully(?), Android devices are typically not rebooted often.

Another issue is the Android C library (libc), called Bionic: it has less functionality and works completely differently from the GNU libc. Since Guix is built with the Glibc, we will need to do something to make it work on our device.

Installing the necessary files

We will follow the binary installation guide. My hardware is aarch64, so I download the corresponding binary release.

Now it's time to start using adb. Connect your device and obtain root priviledges for adb. You may have to authorize root access to the computer from your phone:

adb root

Now, we will transfer some necessary files:

adb push guix-binary-* /data

# Glibc needs these two files for networking.
adb push /etc/protocols /system/etc/
adb push /etc/services /system/etc/

# ‌ and this one to perform DNS queries.  You probably need
# to change nameservers if you use mobile data.
adb push /etc/resolv.conf /system/etc/

Note that some devices may not have /system/etc available. In that case, /etc may be available. If none is available, create the directory by using adb shell to get a shell on your device, then push the files to that new directory.

Installing Guix itself

Now all the necessary files are present on the device, so we can connect to a shell on the device:

adb shell

From that shell, we will install Guix. The root filesystem is mounted read-only as it doesn't make sense to modify it. Remember: it's a RAM filesystem. Remount-it read-write and create necessary directories:

mount -o remount,rw /
mkdir /gnu /var
mount -o remount,ro /

Now, we can't just copy the content of the binary archive to these folders because the initramfs has a limited amount of space. Guix complains when /gnu or /gnu/store is a symlink. One solution consists in installing the content of the binary tarball on an existing partition (because you can't modify the partition layout easily) that has enough free space, typically the data partition. Then this partition is mounted on /var and /gnu.

Before that, you will need to find out what the data partition is in your system. Simply run mount | grep /data to see what partition was mounted.

We mount the partition, extract the tarball and move the contents to their final location:

mount /dev/block/bootdevice/by-name/userdata /gnu
mount /dev/block/bootdevice/by-name/userdata /var
cd /data
tar xf guix-binary-...
mv gnu/store .
mv var/guix .
rmdir gnu
rmdir var

Finally, we need to create users and groups for Guix to work properly. Since Bionic doesn't use /etc/passwd or /etc/group to store the users, we need to create them from scratch. Note the addition of the root user and group, as well as the nobody user.

# create guix users and root for glibc
cat > /etc/passwd << EOF
root:x:0:0:root:/data:/sbin/sh
nobody:x:99:99:nobody:/:/usr/bin/nologin
guixbuilder01:x:994:994:Guix build user 01:/var/empty:/usr/bin/nologin
guixbuilder02:x:993:994:Guix build user 02:/var/empty:/usr/bin/nologin
guixbuilder03:x:992:994:Guix build user 03:/var/empty:/usr/bin/nologin
guixbuilder04:x:991:994:Guix build user 04:/var/empty:/usr/bin/nologin
guixbuilder05:x:990:994:Guix build user 05:/var/empty:/usr/bin/nologin
guixbuilder06:x:989:994:Guix build user 06:/var/empty:/usr/bin/nologin
guixbuilder07:x:988:994:Guix build user 07:/var/empty:/usr/bin/nologin
guixbuilder08:x:987:994:Guix build user 08:/var/empty:/usr/bin/nologin
guixbuilder09:x:986:994:Guix build user 09:/var/empty:/usr/bin/nologin
guixbuilder10:x:985:994:Guix build user 10:/var/empty:/usr/bin/nologin
EOF

cat > /etc/group << EOF
root:x:0:root
guixbuild:x:994:guixbuilder01,guixbuilder02,guixbuilder03,guixbuilder04,guixbuilder05,guixbuilder06,guixbuilder07,guixbuilder08,guixbuilder09,guixbuilder10
EOF

Running Guix

First, we install the root profile somewhere:

export HOME=/data
ln -sf /var/guix/profiles/per-user/root/guix-profile \
         $HOME/.guix-profile

Now we can finally run the Guix daemon. Chrooting is impossible on my device so I had to disable it:

export PATH="$HOME/.guix-profile/bin:$HOME/.guix-profile/sbin:$PATH"
guix-daemon --build-users-group=guixbuild --disable-chroot &

To finish with, it's a good idea to allow substitutes from hydra:

mkdir /etc/guix
guix archive --authorize < \
  $HOME/.guix-profile/share/guix/hydra.gnu.org.pub

Enjoy!

guix pull

Mobile phone running 'guix pull'.

Future work

So, now we can enjoy the Guix package manager on Android! One of the drawbacks is that after a reboot we will have to redo half of the steps: recreate /var and /gnu, mount the partitions to them. Everytime you launch a shell, you will have to export the PATH to be able to run guix. You will have to run guix-daemon manually. To solve all of these problems at once, you should modify the boot image. That's tricky and I already put some effort to it, but the phone always ends up in a boot loop after I flash a modified boot image. The nice folks at #replicant suggested that I soldered some cable to access a serial console where debug messages may be dropped. Let's see how many fingers I burn before I can boot a custom boot image!

About GNU Guix

GNU Guix is a transactional package manager for the GNU system. The Guix System Distribution or GuixSD is an advanced distribution of the GNU system that relies on GNU Guix and respects the user's freedom.

In addition to standard package management features, Guix supports transactional upgrades and roll-backs, unprivileged package management, per-user profiles, and garbage collection. Guix uses low-level mechanisms from the Nix package manager, except that packages are defined as native Guile modules, using extensions to the Scheme language. GuixSD offers a declarative approach to operating system configuration management, and is highly customizable and hackable.

GuixSD can be used on an i686, x86_64 and armv7 machines. It is also possible to use Guix on top of an already installed GNU/Linux system, including on mips64el and aarch64.

24 April, 2018 08:00AM by Julien Lepiller

April 22, 2018

parallel @ Savannah

GNU Parallel 20180422 ('Tiangong-1') released

GNU Parallel 20180422 ('Tiangong-1') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

Today I discovered GNU Parallel, and I don’t know what to do with all this spare time.
--Ryan Booker

New in this release:

  • --csv makes GNU Parallel parse the input sources as CSV. When used with --pipe it only passes full CSV-records.
  • Time in --bar is printed as 1d02h03m04s.
  • Optimization of --tee: It spawns a process less per value.
  • Bug fixes and man page updates.

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2018): GNU Parallel 2018, April 2018, https://doi.org/10.5281/zenodo.1146014.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 April, 2018 09:19PM by Ole Tange

April 20, 2018

Parabola GNU/Linux-libre

[From Arch] glibc 2.27-2 and pam 1.3.0-2 may require manual intervention

The new version of glibc removes support for NIS and NIS+. The default /etc/nsswitch.conf file provided by filesystem package already reflects this change. Please make sure to merge pacnew file if it exists prior to upgrade.

NIS functionality can still be enabled by installing libnss_nis package. There is no replacement for NIS+ in the official repositories.

pam 1.3.0-2 no longer ships pam_unix2 module and pam_unix_*.so compatibility symlinks. Before upgrading, review PAM configuration files in the /etc/pam.d directory and replace removed modules with pam_unix.so. Users of pam_unix2 should also reset their passwords after such change. Defaults provided by pambase package do not need any modifications.

20 April, 2018 03:18PM by David P.

April 19, 2018

remotecontrol @ Savannah

April 08, 2018

mcron @ Savannah

GNU Mcron 1.1.1 released

We are pleased to announce the release of GNU Mcron 1.1.1,
representing 48 commits, by 1 person over 3 weeks.

About

GNU Mcron is a complete replacement for Vixie cron. It is used to run
tasks on a schedule, such as every hour or every Monday. Mcron is
written in Guile, so its configuration can be written in Scheme; the
original cron format is also supported.

https://www.gnu.org/software/mcron/

Download

Here are the compressed sources and a GPG detached signature[*]:
https://ftp.gnu.org/gnu/mcron/mcron-1.1.1.tar.gz
https://ftp.gnu.org/gnu/mcron/mcron-1.1.1.tar.gz.sig

Use a mirror for higher download bandwidth:
https://ftpmirror.gnu.org/mcron/mcron-1.1.1.tar.gz
https://ftpmirror.gnu.org/mcron/mcron-1.1.1.tar.gz.sig

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify mcron-1.1.1.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 0ADEE10094604D37

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
Autoconf 2.69
Automake 1.16.1
Makeinfo 6.5
Help2man 1.47.5

NEWS

  • Noteworthy changes in release 1.1.1 (2018-04-08) [stable]
    • Bug fixes

The "--disable-multi-user" configure variable is not reversed anymore.
'cron' and 'crontab' are now installed unless this option is used.

The programs now sets the GUILE_LOAD_PATH and GUILE_LOAD_COMPILED_PATH
environment variables with the location of the installed Guile modules.

'next-year-from', 'next-year', 'next-month-from', 'next-month',
'next-day-from', 'next-day', 'next-hour-from', 'next-hour',
'next-minute-from', 'next-minute', 'next-second-from', and 'next-second' no
longer crashes when passing an optional argument.
[bug introduced in mcron-1.1]

    • Improvements

Some basic tests for the installed programs can be run after 'make install'
with 'make installcheck'.

The configuration files are now processed using a deterministic order.

The test suite code coverage for mcron modules is now at 66.8% in term of
number of lines (mcron-1.1 was at 23.7%).

08 April, 2018 03:46PM by Mathieu Lirzin

April 05, 2018

Trisquel GNU/Linux

Trisquel 8.0 LTS Flidas

Trisquel 8.0, codename "Flidas" is finally here! This release will be supported with security updates until April 2021. The first thing to acknowledge is that this arrival has been severely delayed, to the point where the next upstream release (Ubuntu 18.04 LTS) will soon be published. The good news is that the development of Trisquel 9.0 will start right away, and it should come out closer to the usual release schedule of "6 months after upstream release".

But this is not to say that we shouldn't be excited about Trisquel 8.0, quite the contrary! It comes with many improvements over Trisquel 7.0, and its core components (kernel, graphics drivers, web browser and e-mail client) are fully up to date and will receive continuous upgrades during Flidas' lifetime.

Trisquel 8.0 has benefited from extensive testing, as many people have been using the development versions as their main operating system for some time. On top of that, the Free Software Foundation has been using it to run the Libreplanet conference since last year, and it has been powering all of its new server infrastructure as well!

What's new?

The biggest internal change to the default edition is the switch from GNOME to MATE 1.12. The main reason for this change was that GNOME dropped support for their legacy desktop, which retained the GNOME 2.x user experience and didn't require 3D composition -- a feature that in many computers would still need non-free software to run at full speed. MATE provides a perfect drop-in replacement, it is very light and stable and it retains all the user experience design that we are used to from previous Trisquel releases.

The next most important component is Abrowser 59 (based on Mozilla Firefox), which is not only fully-featured and quite faster than before, it has also been audited and tweaked to maximize the user's privacy without compromising on usability. Abrowser will not start any network connections on its own (most popular web browsers connect for extension updates, telemetry, geolocation and other data-collection as soon as you open them, even if you haven't even typed an address yet!) and it has a list of easy to set, privacy-enhancing settings that the user can opt-in depending on their needs. As a companion to it, and based on Mozilla Thunderbird, the IceDove mail client is also fully updated and set up for privacy.

Trisquel 8.0 also comes with the following preinstalled packages:

  • Linux-libre 4.4 by default, 4.13 available (and newer versions will be published as an optional rolling release)
  • Xorg 7.7 with optional rolling-release updates
  • LibreOffice 5.1.4
  • VLC 2.2.2

Trisquel-mini (the light edition based on LXDE) uses the Midori web browser, Sylpheed email client, Abiword text editor, and GNOME-Mplayer media player as its main preinstalled components. We also have the Trisquel TOAST edition, based on the Sugar learning environment v112, and complete with a selection of educational activities for k12 and beyond. And of course, available from our repositories and mirrors are over 25,000 more free software packages you can run, study, improve and share.

Support our effort

Trisquel is a non-profit project, you can contribute by becoming a member, donating or buying from our store.

The MATE desktop
Boot menu
Installer
Privacy settings in Abrowser
Sugar environment
Trisquel mini with Midori web browser

05 April, 2018 03:10AM by quidam

April 04, 2018

Jose E. Marchesi

Rhhw Friday 1 June 2018 - Sunday 3 June 2018 @ Stockholm

The Rabbit Herd will be meeting the weekend from 1 June to 3 June 2018.

04 April, 2018 12:00AM

April 01, 2018

sed @ Savannah

sed-4.5 released [stable]

01 April, 2018 02:18AM by Jim Meyering

March 26, 2018

foliot @ Savannah

GNU Foliot version 0.9.7

GNU Foliot version 0.9.7 is released!

This is a maintenance release, which brings GNU Foliot up-to-date with Guile-2.2, which introduced an incompatible module - goops related - change.

For a list of changes since the previous version, visit the NEWS file. For a complete description, consult the git summary and git log.

26 March, 2018 02:52AM by David Pirotte

March 24, 2018

FSF News

Public Lab and Karen Sandler are 2017 Free Software Awards winners

CAMBRIDGE, Massachusetts, USA – Saturday, March 24, 2018 – The Free Software Foundation (FSF) today announced the winners of the 2017 Free Software Awards at a ceremony held during the LibrePlanet 2018 conference at the Massachusetts Institute of Technology (MIT). FSF president Richard M. Stallman presented the Award for Projects of Social Benefit and the Award for the Advancement of Free Software.

The Award for Projects of Social Benefit is presented to a project or team responsible for applying free software, or the ideas of the free software movement, to intentionally and significantly benefit society. This award stresses the use of free software in service to humanity.

This year, Public Lab received the award, which was accepted by Liz Barry, Public Lab co-founder, organizer, and director of community development, and Jeff Warren, Public Lab co-founder and research director, on behalf of the entire Public Lab community.

Public Lab is a community and non-profit organization with the goal of democratizing science to address environmental issues. Their community-created tools and techniques utilize free software and low-cost devices to enable people at any level of technical skill to investigate environmental concerns.

Stallman noted how crucial Public Lab's work is to the global community, and also how their use of free software is crucial to their mission, saying that "the environmental and social problems caused by global heating are so large that they cannot rationally be denied. When studies concerning the causes and the effects of global heating, or the environmental impact of pollution, industry, and policy choices, are conducted using proprietary software, that is a gratuitous obstacle to replicating them.

"Public Lab gets the tools to study and protect the world into the hands of everyone -- and since they are free (libre) software, they respect both the people who use them, and the community that depends on the results."

Jeff Warren, speaking on behalf of the Public Lab community, added that using free software is part of their larger mission to take science out of the hands of the experts and allow everyday people to participate: "At Public Lab, we believe that generating knowledge is a powerful thing. We aim to open research from the exclusive hands of scientific experts. By doing so, communities facing environmental justice issues are able to own the science and advocate for the changes they want to see.

"Building free software, hardware, and open data is fundamental to our work in the Public Lab community, as we see it as a key part of our commitment to equity in addressing environmental injustice."

Public Lab folks with award

The Award for the Advancement of Free Software goes to an individual who has made a great contribution to the progress and development of free software, through activities that accord with the spirit of free software.

This year, it was presented to Karen Sandler, the Executive Director of the Software Freedom Conservancy, as well as a perennial LibrePlanet speaker and friend to the FSF. She is known for her advocacy for free software, particularly in relation to the software on medical devices: she led an initiative advocating for free software on implantable medical devices after exploring the issues surrounding the software on her own implanted medical device (a defibrillator), which regulates an inherited heart condition. Sandler has served as the Executive Director of the GNOME Foundation, where she now serves on the Board of Directors, and before that, she was General Counsel of the Software Freedom Law Center. Finally, she co-organizes Outreachy, the award-winning outreach program that organizes paid internships in free software for people who are typically underrepresented in these projects.

Stallman praised Sandler's dedication to free software, emphasizing how sharing her personal experience has provided a window into the importance of free software for a broader audience: "Her vivid warning about backdoored nonfree software in implanted medical devices has brought the issue home to people who never wrote a line of code.

"Her efforts, usually not in the public eye, to provide pro bono legal advice to free software organizations and to organize infrastructure for free software projects and copyleft defense, have been equally helpful."

Sandler explained that her dedication to promoting free software was inevitable, given her personal experience: "Coming to terms with a dangerous heart condition should never have cost me fundamental control over the technology that my life relies on," she said. "The twists and turns of my own life, including my professional work at Conservancy, led me to understand how software freedom is essential to society. This issue is personal not just for me but for anyone who relies on software, and today that means every single person."

Karen Sandler with award

About the Free Software Foundation

The Free Software Foundation, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://my.fsf.org/donate. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contacts

John Sullivan

Executive Director

Free Software Foundation

+1 (617) 542 5942

campaigns@fsf.org

24 March, 2018 10:50PM

March 23, 2018

health @ Savannah

Red Cross (Cruz Roja) implements GNU Health !

We are very happy and proud to announce that Red Cross, Cruz Roja Mexicana has implemented GNU Health in Mexico.

The implementation covers over 850 patients per day, and the following functionality has been implemented :

  • Social Medicine and Primary Care,
  • Health records and history,
  • Hospital Management,
  • Laboratory management,
  • Imaging Diagnostics,
  • Emergency and Ambulance management
  • Pharmacy
  • Human Resources
  • Financial Management

It has been implemented in three locations: Veracruz - Boca del Rio, Ver. Mexico. Congratulations to Cruz Roja and Soluciones de Mercado for the fantastic job !

---

Estamos orgullosos de anunciar que Cruz Roja Mexicana ha implementado GNU Health !

La implementación atiende a una población diaria de más de 850 pacientes, con la siguiente funcionalidad :

  • Medicina Social y Atención Primaria
  • Expediente médico
  • Gestión hospitalaria
  • Laboratorio
  • Diagnóstico por imágenes
  • Gestión de Emergencias y ambulancias
  • Farmacia
  • Recursos Humanos
  • Gestión Fianciera

Ha sido instalado en tres localidades : Veracruz - Boca del Río, Ver. Mexico. Enhorabuena a la Cruz Roja y a los colegas de Soluciones de Mercado por el excelente trabajo !!

23 March, 2018 02:48PM by Luis Falcon

March 22, 2018

parallel @ Savannah

GNU Parallel 20180322 ('Hawking') released

GNU Parallel 20180322 ('Hawking') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

Quote of the month:

If you aren’t nesting
gnu parallel calls in gnu parallel calls
I don’t know how you have fun.
-- Ernest W. Durbin III EWDurbin@twitter

New in this release:

  • niceload -p can now take multiple pids separated by comma
  • --timeout gives a warning when killing processes
  • --embed now uses the same code for all supported shells
  • --delay can now take arguments like 1h12m07s
  • Parallel. Straight from your command line https://medium.com/@alonisser/parallel-straight-from-your-command-line-feb6db8b6cee
  • Bug fixes and man page updates.

GNU Parallel - For people who live life in the parallel lane.

About GNU Parallel

GNU Parallel is a shell tool for executing jobs in parallel using one or more computers. A job can be a single command or a small script that has to be run for each of the lines in the input. The typical input is a list of files, a list of hosts, a list of users, a list of URLs, or a list of tables. A job can also be a command that reads from a pipe. GNU Parallel can then split the input and pipe it into commands in parallel.

If you use xargs and tee today you will find GNU Parallel very easy to use as GNU Parallel is written to have the same options as xargs. If you write loops in shell, you will find GNU Parallel may be able to replace most of the loops and make them run faster by running several jobs in parallel. GNU Parallel can even replace nested loops.

GNU Parallel makes sure output from the commands is the same output as you would get had you run the commands sequentially. This makes it possible to use output from GNU Parallel as input for other programs.

You can find more about GNU Parallel at: http://www.gnu.org/s/parallel/

You can install GNU Parallel in just 10 seconds with: (wget -O - pi.dk/3 || curl pi.dk/3/) | bash

Watch the intro video on http://www.youtube.com/playlist?list=PL284C9FF2488BC6D1

Walk through the tutorial (man parallel_tutorial). Your commandline will love you for it.

When using programs that use GNU Parallel to process data for publication please cite:

O. Tange (2011): GNU Parallel - The Command-Line Power Tool, ;login: The USENIX Magazine, February 2011:42-47.

If you like GNU Parallel:

  • Give a demo at your local user group/team/colleagues
  • Post the intro videos on Reddit/Diaspora*/forums/blogs/ Identi.ca/Google+/Twitter/Facebook/Linkedin/mailing lists
  • Get the merchandise https://gnuparallel.threadless.com/designs/gnu-parallel
  • Request or write a review for your favourite blog or magazine
  • Request or build a package for your favourite distribution (if it is not already there)
  • Invite me for your next conference

If you use programs that use GNU Parallel for research:

  • Please cite GNU Parallel in you publications (use --citation)

If GNU Parallel saves you money:

About GNU SQL

GNU sql aims to give a simple, unified interface for accessing databases through all the different databases' command line clients. So far the focus has been on giving a common way to specify login information (protocol, username, password, hostname, and port number), size (database and table size), and running queries.

The database is addressed using a DBURL. If commands are left out you will get that database's interactive shell.

When using GNU SQL for a publication please cite:

O. Tange (2011): GNU SQL - A Command Line Tool for Accessing Different Databases Using DBURLs, ;login: The USENIX Magazine, April 2011:29-32.

About GNU Niceload

GNU niceload slows down a program when the computer load average (or other system activity) is above a certain limit. When the limit is reached the program will be suspended for some time. If the limit is a soft limit the program will be allowed to run for short amounts of time before being suspended again. If the limit is a hard limit the program will only be allowed to run when the system is below the limit.

22 March, 2018 08:06AM by Ole Tange

March 20, 2018

FSF News

LibrePlanet free software conference celebrates 10th anniversary, this weekend at MIT, March 24-25

CAMBRIDGE, Massachusetts, USA -- Tuesday, March 20, 2018 -- This weekend, the Free Software Foundation (FSF) and the Student Information Processing Board (SIPB) at the Massachusetts Institute of Technology (MIT) present the tenth annual LibrePlanet free software conference in Cambridge, March 24-25, 2018, at MIT. LibrePlanet is an annual conference for people who care about their digital freedoms, bringing together software developers, policy experts, activists, and computer users to learn skills, share accomplishments, and tackle challenges facing the free software movement. LibrePlanet 2018 will feature sessions for all ages and experience levels.

LibrePlanet's tenth anniversary theme is "Freedom Embedded." Embedded systems are everywhere, in cars, digital watches, traffic lights, and even within our bodies. We've come to expect that proprietary software's sinister aspects are embedded in software, digital devices, and our lives, too: we expect that our phones monitor our activity and share that data with big companies, that governments enforce digital restrictions management (DRM), and that even our activity on social Web sites is out of our control. This year's talks and workshops will explore how to defend user freedom in a society reliant on embedded systems.

Keynote speakers include Benjamin Mako Hill, social scientist, technologist, free software activist, and FSF board member, examining online collaboration and free software; Electronic Frontier Foundation senior staff technologist Seth David Schoen, discussing engineering tradeoffs and free software; Deb Nicholson, community outreach director for the Open Invention Network, talking about the key to longevity for the free software movement; and Free Software Foundation founder and president Richard Stallman, looking at current threats to and opportunities for free software, with a focus on embedded systems.

This year's LibrePlanet conference will feature over 50 sessions, such as The battle to free the code at the Department of Defense, Freedom, devices, and health, and Standardizing network freedom, as well as workshops on free software and photogrammetry, digital music making, and desktops for kids.

"For ten years, LibrePlanet has brought together free software enthusiasts and newcomers from around the world to exchange ideas, collaborate, and take on challenges to software freedom," said Georgia Young, program manager of the FSF. "But the conference is not purely academic -- it works to build the free software community, offering opportunities for those who cannot attend to participate remotely by watching a multi-channel livestream and joining the conversation online. And this year, we're proud to offer several kid-friendly workshops, encouraging earlier engagement with fun, ethical free software!"

Advance registration is closed, but attendees may register in person at the event. Admission is gratis for FSF Associate Members and students. For all other attendees, the cost of admission is $60 for one day, $90 for both days, and includes admission to the conference's social events. For those who cannot attend, this year's sessions will be streamed at https://libreplanet.org/2018/live/, and recordings will be available after the event at https://media.libreplanet.org/.

Anthropologist and author Gabriella Coleman was scheduled to give the opening keynote at LibrePlanet 2018, but was forced to cancel.

About LibrePlanet

LibrePlanet is the annual conference of the Free Software Foundation, and is co-produced by MIT's Student Information Processing Board. What was once a small gathering of FSF members has grown into a larger event for anyone with an interest in the values of software freedom. LibrePlanet is always gratis for associate members of the FSF and students. Sign up for announcements about the LibrePlanet conference here.

LibrePlanet 2017 was held at MIT from March 25-26, 2017. About 400 attendees from all over the world came together for conversations, demonstrations, and keynotes centered around the theme of "The Roots of Freedom." You can watch videos from past conferences at https://media.libreplanet.org, including keynotes by Kade Crockford of the ACLU of Massachusetts and Cory Doctorow, author and special consultant to the Electronic Frontier Foundation.

About the Free Software Foundation

The FSF, founded in 1985, is dedicated to promoting computer users' right to use, study, copy, modify, and redistribute computer programs. The FSF promotes the development and use of free (as in freedom) software -- particularly the GNU operating system and its GNU/Linux variants -- and free documentation for free software. The FSF also helps to spread awareness of the ethical and political issues of freedom in the use of software, and its Web sites, located at https://fsf.org and https://gnu.org, are an important source of information about GNU/Linux. Donations to support the FSF's work can be made at https://donate.fsf.org. Its headquarters are in Boston, MA, USA.

More information about the FSF, as well as important information for journalists and publishers, is at https://www.fsf.org/press.

Media Contact

Georgia Young
Program Manager
Free Software Foundation
+1 (617) 542 5942
campaigns@fsf.org

20 March, 2018 02:39PM

March 19, 2018

mcron @ Savannah

GNU Mcron 1.1 released

We are pleased to announce the release of GNU Mcron 1.1,
representing 124 commits, by 3 people over 4 years.

Download

Here are the compressed sources and a GPG detached signature[*]:
https://ftp.gnu.org/gnu/mcron/mcron-1.1.tar.gz
https://ftp.gnu.org/gnu/mcron/mcron-1.1.tar.gz.sig

Use a mirror for higher download bandwidth:
https://ftpmirror.gnu.org/mcron/mcron-1.1.tar.gz
https://ftpmirror.gnu.org/mcron/mcron-1.1.tar.gz.sig

[*] Use a .sig file to verify that the corresponding file (without the
.sig suffix) is intact. First, be sure to download both the .sig file
and the corresponding tarball. Then, run a command like this:

gpg --verify mcron-1.1.tar.gz.sig

If that command fails because you don't have the required public key,
then run this command to import it:

gpg --keyserver keys.gnupg.net --recv-keys 0ADEE10094604D37

and rerun the 'gpg --verify' command.

This release was bootstrapped with the following tools:
Autoconf 2.69
Automake 1.16.1

NEWS

Noteworthy changes in release 1.1 (2018-03-19) [stable]
    • New features

The 'job' procedure has now a '#:user' keyword argument which allows
specifying a different user that will run it.

Additional man pages for 'cron(8)' and 'crontab(1)' are now generated using
GNU Help2man.

    • Bug fixes

Child process created when executing a job are now properly cleaned even
when execution fails by using 'dynamic-wind' construct.

    • Improvements

GNU Guile 2.2 is now supported.

Some procedures are now written using functional style and include a
docstring. 'def-macro' usages are now replaced with hygienic macros.

Compilation is now done using a non-recursive Makefile, supports out of tree
builds, and use silent rules by default.

Guile object files creation don't rely on auto-compilation anymore and are
installed in 'site-ccache' directory.

Jobs are now internally represented using SRFI-9 records instead of vectors.

Changelog are generated from Git logs when generating the tarball using
Gnulib gitlog-to-changelog script.

A test suite is now available and can be run with 'make check'.

    • Changes in behavior

The "--enable-debug" configure variable has been removed and replaced with
MCRON_DEBUG environment variable.

The "--disable-multi-user" configure variable is now used to not build and
install the 'cron' and 'crontab' programs. It has replaced the
"--enable-no-vixie-clobber" which had similar effect.

(mcron core) module is now deprecated and has been superseeded by
(mcron base).

Please report bugs to bug-mcron@gnu.org.

19 March, 2018 12:37AM by Mathieu Lirzin