![[Valid RSS]](images/valid-rss-rogers.png "Valid RSS")
This is a valid RSS feed.
This feed is valid, but interoperability with the widest range of feed readers could be improved by implementing the following recommendations.
line 297, column 0: (2 occurrences) [help]
<div class="w-100"><img alt="The " data-zoo ...
line 314, column 0: (11 occurrences) [help]
<div class="highlight"><pre class="chroma" tabi ...
line 607, column 0: (7 occurrences) [help]
<div class="lazyload" data-noscript="">
line 864, column 62: (2 occurrences) [help]
<title>St&eacute;phane Graber: Incus and Ubuntu 24.04 LTS</title>
^
line 1019, column 0: (2 occurrences) [help]
<figure class="wp-block-video"><video controls="cont ...
line 1293, column 0: (6 occurrences) [help]
<p id="block-fcdac755-cc4d-48d7-b423-e5093ab4df49">Under the ...
line 1492, column 0: (4 occurrences) [help]
<p>One package that is exempt to backporting is Ardour. To help suppor ...
line 2552, column 0: (2 occurrences) [help]
<description><figure class="wp-block-image aligncenter size-large i ...
line 2552, column 0: (2 occurrences) [help]
<description><figure class="wp-block-image aligncenter size-large i ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
line 3146, column 0: (12 occurrences) [help]
<figure class="aligncenter size-full"><a href="https ...
</channel>
<?xml version="1.0"?><rss version="2.0"> <channel> <title>Planet Ubuntu</title> <link>http://planet.ubuntu.com/</link> <language>en</language> <description>Planet Ubuntu - http://planet.ubuntu.com/</description> <item> <title>Faizul "Piju" 9M2PJU: Empower Your Cybersecurity Journey with Linux: Why Ubuntu is the Perfect Starting Point</title> <guid isPermaLink="false">https://hamradio.my/?p=2647</guid> <link>https://hamradio.my/empower-your-cybersecurity-journey-with-linux-why-ubuntu-is-the-perfect-starting-point/</link> <description><p>In the ever-evolving landscape of cybersecurity, staying ahead of potential threats is paramount. With the proliferation of digital technologies and the increasing interconnectedness of our world, the need for robust cybersecurity measures has never been more pressing. And in this digital battleground, one platform stands out as a powerful ally: Linux.</p> <p>Linux, with its open-source nature and inherent security features, has long been favored by cybersecurity professionals and enthusiasts alike. Among the myriad of Linux distributions available, Ubuntu shines as an excellent choice for those looking to dive into the world of cybersecurity. But why Ubuntu, and how does it contribute to empowering cybersecurity efforts?</p> <h3 class="wp-block-heading">Ubuntu: The Gateway to Linux</h3> <p>Ubuntu, known for its user-friendly interface and extensive community support, serves as the perfect gateway to the world of Linux. Whether you’re a seasoned cybersecurity expert or a novice eager to learn, Ubuntu’s accessibility makes it an ideal starting point. Its intuitive design and vast repository of software packages make it easy to get started, even for those with limited technical expertise.</p> <h3 class="wp-block-heading">Building Your Arsenal: Penetration Testing and Beyond</h3> <p>While specialized penetration testing Linux distributions exist, such as Kali Linux, there’s immense value in learning how to tailor your own cybersecurity toolkit using Ubuntu. By understanding the underlying principles of Linux and its ecosystem, you gain the flexibility to customize your environment to suit your specific needs.</p> <p>With Ubuntu as your foundation, you can explore a plethora of cybersecurity tools and techniques, ranging from network scanning and vulnerability assessment to intrusion detection and digital forensics. Whether you’re delving into ethical hacking, threat hunting, or incident response, Ubuntu provides the framework upon which you can build your expertise.</p> <h3 class="wp-block-heading">The Power of Linux in Cybersecurity</h3> <p>In today’s cybersecurity landscape, proficiency in Linux is no longer merely advantageous—it’s essential. Many of the most powerful and widely-used cybersecurity tools are developed specifically for Linux environments. From industry-standard tools like Wireshark and Nmap to specialized frameworks like Metasploit and Snort, Linux serves as the platform of choice for cybersecurity professionals worldwide.</p> <p>Moreover, Linux’s robust security features, including granular access controls, robust privilege separation, and mandatory access controls, make it inherently more secure than many other operating systems. By mastering Linux, you not only gain access to a vast array of cybersecurity tools but also develop a deeper understanding of core security principles.</p> <h3 class="wp-block-heading">Conclusion: Empowering Your Cybersecurity Journey</h3> <p>In the realm of cybersecurity, knowledge is power. And when it comes to mastering the tools and techniques necessary to safeguard digital assets and mitigate cyber threats, Linux reigns supreme. Ubuntu, with its user-friendly interface and extensive support, provides the perfect entry point for aspiring cybersecurity professionals to explore the world of Linux.</p> <p>By harnessing the power of Linux, you not only equip yourself with the tools needed to defend against cyber threats but also gain invaluable insights into the inner workings of digital security. So, whether you’re just starting your cybersecurity journey or seeking to expand your skill set, embrace Linux, empower yourself, and fortify your defenses in the ever-escalating battle against cyber adversaries.</p><p>The post <a href="https://hamradio.my/empower-your-cybersecurity-journey-with-linux-why-ubuntu-is-the-perfect-starting-point/">Empower Your Cybersecurity Journey with Linux: Why Ubuntu is the Perfect Starting Point</a> appeared first on <a href="https://hamradio.my">9M2PJU - Malaysian Ham Radio Operator</a> by <a href="https://hamradio.my/author/9m2pju/">9M2PJU</a>.</p></description> <pubDate>Sun, 05 May 2024 06:42:25 +0000</pubDate></item><item> <title>Faizul "Piju" 9M2PJU: Embrace Ubuntu: A Financially Savvy Guide to Ditching Microsoft Windows and Prioritizing Security, Privacy, and Savings</title> <guid isPermaLink="false">https://hamradio.my/?p=2644</guid> <link>https://hamradio.my/embrace-ubuntu-a-financially-savvy-guide-to-ditching-microsoft-windows-and-prioritizing-security-privacy-and-savings/</link> <description><p>In an era where digital empowerment and financial prudence are increasingly intertwined, the decision to transition from Microsoft Windows to Ubuntu Linux and open-source alternatives isn’t just about embracing a new operating system; it’s about making a strategic choice for your wallet, your digital security, and your privacy. In this blog post, we’ll explore how you can seamlessly replace Microsoft Windows and its top applications with Ubuntu Linux and open-source alternatives while reaping significant financial benefits and enhancing your security and privacy.</p> <h3 class="wp-block-heading">Understanding the Financial Impact</h3> <p>The financial implications of operating systems and software choices extend far beyond the upfront costs of licenses and subscriptions. Hidden expenses such as upgrade fees, maintenance costs, and vendor lock-in can quickly add up, draining resources and limiting financial flexibility. By migrating to Ubuntu Linux and open-source applications, individuals and organizations can unlock a myriad of financial advantages while prioritizing security and privacy:</p> <ol><li><strong>Cost Savings</strong>: Ubuntu Linux is free to download, install, and use, offering a compelling alternative to the costly licensing fees associated with Microsoft Windows. Moreover, open-source applications typically come with no upfront costs, enabling significant savings over time.</li> <li><strong>Reduced Hardware Requirements</strong>: Ubuntu Linux and many open-source applications are optimized for performance and efficiency, meaning they can run smoothly on older or less powerful hardware. This can extend the lifespan of existing devices, postponing the need for costly hardware upgrades.</li> <li><strong>No Vendor Lock-In</strong>: Proprietary software often comes with vendor lock-in, making it difficult and expensive to switch to alternative solutions. Ubuntu Linux and open-source applications, on the other hand, offer vendor-neutral platforms, giving users greater freedom and flexibility to choose the tools that best suit their needs without fear of being trapped in a closed ecosystem.</li> <li><strong>Lower Maintenance Costs</strong>: Ubuntu Linux and open-source applications are known for their stability, security, and ease of maintenance. With a vibrant community of developers and users actively contributing to their improvement, these software solutions often require fewer updates, patches, and troubleshooting efforts, reducing IT support costs in the long run.</li></ol> <h3 class="wp-block-heading">Prioritizing Security and Privacy</h3> <p>Beyond financial considerations, Ubuntu Linux and open-source alternatives offer robust security and privacy features that can help individuals and organizations safeguard their digital assets and personal information:</p> <ol><li><strong>Built-in Security Features</strong>: Ubuntu Linux is renowned for its strong security architecture, including built-in firewall, disk encryption, and secure boot capabilities. Additionally, the open-source nature of the platform allows for continuous security audits and rapid response to vulnerabilities, minimizing the risk of cyber attacks and data breaches.</li> <li><strong>Privacy by Design</strong>: Unlike proprietary software, which often comes bundled with hidden trackers and data collection mechanisms, open-source applications prioritize user privacy and transparency. By using open-source alternatives for email clients, web browsers, and communication tools, individuals can regain control over their digital footprint and protect their personal information from unauthorized access and surveillance.</li> <li><strong>Community Support and Transparency</strong>: The open-source community values transparency, accountability, and collaboration, creating a fertile ground for security research, knowledge sharing, and best practices. Users can leverage community forums, security mailing lists, and bug bounty programs to stay informed about emerging threats and implement effective countermeasures to mitigate risks.</li></ol> <h3 class="wp-block-heading">Transitioning to Ubuntu Linux and Open-Source Alternatives</h3> <p>Making the switch from Microsoft Windows and proprietary software to Ubuntu Linux and open-source alternatives may seem daunting at first, but with proper planning and guidance, the transition can be smooth and rewarding. Here’s a step-by-step guide to help you get started:</p> <ol><li><strong>Evaluate Your Needs</strong>: Identify the essential applications and workflows that are critical to your productivity and operations. Research open-source alternatives for each proprietary software you currently use, keeping in mind compatibility, feature parity, and user experience.</li> <li><strong>Test Compatibility</strong>: Before making the full transition, test Ubuntu Linux and open-source applications in a controlled environment to ensure compatibility with your hardware and workflows. Many open-source solutions offer live CDs or virtual machine images for easy testing.</li> <li><strong>Plan the Migration</strong>: Develop a comprehensive migration plan outlining the steps, timelines, and resources required to transition from Microsoft Windows to Ubuntu Linux and open-source applications. Consider factors such as data migration, user training, and technical support to minimize disruptions during the transition period.</li> <li><strong>Provide Training and Support</strong>: Invest in user training and technical support to help your team adapt to the new operating system and software environment. Leverage online tutorials, documentation, and community forums to empower users with the knowledge and skills they need to thrive on Ubuntu Linux.</li> <li><strong>Monitor and Optimize</strong>: Continuously monitor the performance, security, and user satisfaction metrics after the migration to Ubuntu Linux and open-source applications. Solicit feedback from users and stakeholders to identify areas for improvement and optimization, ensuring a seamless transition and maximum ROI.</li></ol> <h3 class="wp-block-heading">Conclusion: Empowerment Through Financial Prudence, Security, and Privacy</h3> <p>The decision to replace Microsoft Windows and its top applications with Ubuntu Linux and open-source alternatives isn’t just about embracing a new operating system; it’s about making a strategic choice for your financial well-being, your digital security, and your privacy. By leveraging the cost savings, flexibility, and performance advantages of Ubuntu Linux and open-source software, individuals and organizations can unlock a world of possibilities while safeguarding their financial future and protecting their digital assets. Let us embark on this journey together and embrace the transformative power of open source for a more prosperous, secure, and private digital future.</p><p>The post <a href="https://hamradio.my/embrace-ubuntu-a-financially-savvy-guide-to-ditching-microsoft-windows-and-prioritizing-security-privacy-and-savings/">Embrace Ubuntu: A Financially Savvy Guide to Ditching Microsoft Windows and Prioritizing Security, Privacy, and Savings</a> appeared first on <a href="https://hamradio.my">9M2PJU - Malaysian Ham Radio Operator</a> by <a href="https://hamradio.my/author/9m2pju/">9M2PJU</a>.</p></description> <pubDate>Sun, 05 May 2024 06:16:11 +0000</pubDate></item><item> <title>Stuart Langridge: The Pastry Box Project archaeology</title> <guid isPermaLink="false">tag:www.kryogenix.org,2024-05-03:/days/2024/05/03/the-pastry-box-project-archaeology/</guid> <link>https://www.kryogenix.org/days/2024/05/03/the-pastry-box-project-archaeology/</link> <description><p>Many years ago (2012!) I was invited to be part of “The Pastry Box Project”, which described itself thus:</p><blockquote>Each year, The Pastry Box Project gathers 30 people who are each influential in their field and asks them to share thoughts regarding what they do. Those thoughts are then published every day throughout the year at a rate of one per day, starting January 1st and ending December 31st.</blockquote> <p>It was interesting. Sadly, it’s dropped off the web (as has its curator, Alex Duloz, as far as I can tell), but thankfully <a href="https://archive.org">the Wayback Machine</a> comes to the rescue once again.<sup id="sf-the-pastry-box-project-archaeology-1-back"><a class="simple-footnote" href="http://feeds.feedburner.com/kryogenix#sf-the-pastry-box-project-archaeology-1" title="Also, the writing is all archived at Github!">1</a></sup> I was quietly proud of some of the things I wrote there (and I was recently asked for a reference to a thing I said which the questioner couldn’t find, which is what made me realise that the site’s not around any more), so I thought I’d republish the stuff I wrote there, here, for ease of finding. This was all written in 2012, and the world has moved on in a few ways since then, a dozen years ago at time of writing, but… I think I’d still stand by most of this stuff. The posts are <a href="https://web.archive.org/web/20140709052954/https://the-pastry-box-project.net/baker/stuart-langridge">still at archive.org</a> and you can get to and read other people’s posts from there too, some of which are really good and worth your time. But here are mine, so I don’t lose them again.</p><h2>Tuesday, 18 December 2012</h2><p>My daughter’s got a smartphone, because, well, everyone has. It has <span class="caps">GPS</span> on it, because, well, every one does. What this means is that she will never understand the concept of being lost.</p><p>Think about that for a second. <em>She won’t ever even know what it <strong>means</strong> to be lost.</em></p><p>Every argument I have in the pub now goes for about ten minutes before someone says, right, we’ve spent long enough arguing now, someone look up the correct answer on Wikipedia. My daughter won’t ever understand the concept of not having a bit of information available, of being confused about a matter of fact.</p><p>A while back, it was decreed that telephone directories are not subject to copyright, that a list of phone numbers is “information alone without a minimum of original creativity” and therefore held no right of ownership.</p><p>What instant access to information has provided us is a world where all the simple matters of fact are now yours; free for the asking. Putting data on the internet is not a skill; it is drudgery, a mechanical task for robots. Ask yourself: why do you buy technical books? It’s not for the information inside: there is no tech book anywhere which actually reveals something which isn’t on the web already. It’s about the voice; about the way it’s written; about how interesting it is. And that <em>is</em> a skill. Matters of fact are not interesting — they’re useful, right enough, but not interesting. Making those facts available to everyone frees up authors, creators, makers to do authorial creative things. You don’t have to spend all your time collating stuff any more: now you can be Leonardo da Vinci all the time. Be beautiful. Appreciate the people who do things well, rather than just those who manage to do things at all. Prefer those people who make you laugh, or make you think, or make you throw your laptop out of a window with annoyance: who give you a strong reaction to their writing, or their speaking, or their work. Because information wanting to be free is what creates a world of creators. Next time someone wants to build a wall around their little garden, ask yourself: is what you’re paying for, with your time or your money or your personal information, something creative and wonderful? Or are they just mechanically collating information? I hope to spend 2013 enjoying the work of people who do something more than that.</p><h2>Wednesday, 31 October 2012</h2><p>Not everyone who works with technology loves technology. No, really, it’s true! Most of the people out there building stuff with web tech don’t attend conferences, don’t talk about WebGL in the pub, don’t write a blog with <span class="caps">CSS3</span> “experiments” in it, don’t like what they do. It’s a job: come in at 9, go home at 5, don’t think about <span class="caps">HTML</span> outside those hours. Apparently 90% of the stuff in the universe is “dark matter”: undetectable, doesn’t interact with other matter, can’t be seen even with a really big telescope. Our “dark matter developers”, who aren’t part of the community, who barely even know that the community exists… how are we to help them? You can write all the <em>A List Apart</em> articles you like but dark matter developers don’t read it. And so everyone’s intranet is horrid and Internet-Explorer-specific and so the <span class="caps">IE</span> team have to maintain backwards compatibility with that and that hurts the web. What can we do to reach this huge group of people? Everyone’s written a book about web technologies, and books help, but books are dying. We want to get the word out about all the amazing things that are now possible to everyone: do we know how? Do we even have to care? The theory is that this stuff will “trickle down”, but that doesn’t work for economics: I’m not sure it works for <code>@-moz-keyframes</code> either. </p><h2>Monday, 8 October 2012</h2><p>The web moves really fast. How many times have you googled for a tutorial on or an example of something and found that the results, written six months or a year or two years ago, no longer work? The syntax has changed, or there’s a better way now, or it never worked right to begin with. You’ll hear people bemoaning this: trying to stop the web moving so quickly in order that knowledge about it doesn’t go out of date. But that ship’s sailed. This is the world we’ve built: it moves fast, and we have to just hat up and deal with it. So, how? How can we make sure that old and wrong advice doesn’t get found? It’s a difficult question, and I don’t think anyone’s seriously trying to answer it. We should try and think of a way. </p><h2>Tuesday, 18 September 2012</h2><p>Software isn’t always a solution to problems. If you’re a developer, everything generally looks like a nail: a nail which is solved by making a new bit of code. I’ve got half-finished mobile apps done for tracking my running with <span class="caps">GPS</span>, for telling me when to switch between running and walking, and… I’m still fat, because I’m writing software instead of <em>going running</em>. One of the big ideas behind computers was to automate repetitive and boring tasks, certainly, which means that it should work like this: identify a thing that needs doing, do it for a while, think “hm, a computer could do this more easily”, write a bit of software to do it. However, there’s too much premature optimisation going on, so it actually looks like this: identify a thing that needs doing, think “hm, I’m sure a computer would be able to do this more easily”, write a bit of software to do it. See the difference? If the software never gets finished, then in the first approach the thing <em>still gets done</em>. Don’t always reach for the keyboard: sometimes it’s better to reach for Post-It notes, or your running shoes. </p><h2>Saturday, 18 August 2012</h2><p>Changing the world is within your grasp.</p><p>This is not necessarily a good thing.</p><p>If you go around and talk to normal people, it becomes clear that, weirdly, they don’t ever imagine how to get ten million dollars. They don’t think about new ways to redesign a saucepan or the buttons in their car. They don’t contemplate why sending a parcel is slow and how it could be a slicker process. They don’t think about <em>ways to change the world</em>.</p><p>I find it hard to talk to someone who doesn’t think like that.</p><p>To an engineer, the world is a toy box full of sub-optimized and feature-poor toys, as Scott Adams once put it. To a designer, the world is full of bad design. And to both, it is not only possible but at a high level <em>obvious</em> how to (a) fix it (b) for everyone (c) and make a few million out of doing so.</p><p>At first, this seems a blessing: you can see how the world could be better! And make it happen!</p><p>Then it’s a curse. Those normal people I mentioned? Short of winning the lottery or Great Uncle Brewster dying, there’s no possibility of becoming a multi-millionaire, and so they’re not thinking about it. Doors that have a handle on them but say “Push” are not a source of distress. Wrong kerning in signs is not like sandpaper on <em>their</em> nerves.</p><p>The curse of being able to change the world is… the frustration that you have so far failed to do so.</p><p>Perhaps there is a Zen thing here. Some people have managed it. Maybe you have. So the world is better, and that’s a good thing all by itself, right? </p><h2>Friday, 27 July 2012</h2><p>The best systems are built by people who can accept that no-one will ever know how hard it was to do, and who therefore don’t seek validation by explaining to everyone how hard it was to do.</p><h2>Tuesday, 12 June 2012</h2><p>The most poisonous idea in the world is when you’re told that something which achieved success through lots of hard work actually got there just because it was excellent.</p><h2>Friday, 18 May 2012</h2><p>Ever notice how the things you slave over and work crushingly hard on get less attention, sometimes, than the amusing things you threw together in a couple of evenings?</p><p>I can’t decide whether this is a good thing or not.</p><h2>Thursday, 5 April 2012</h2><p>It’s <span class="caps">OK</span> to not want to build websites for everybody and every browser. Making something which is super-dynamic in Chrome 18 and also works excellently in w3m is jolly hard work, and a lot of the time you might well be justified in thinking it’s not worth it. If your site stats, or your belief, or your prediction of the market’s direction, or your favourite pundit tell you that the best use of your time is to only support browsers with <code>querySelector</code>, or only support browsers with JavaScript, or only support WebKit, or only support iOS Safari, then that’s a reasonable decision to make; don’t let anyone else tell you what your relationship with your users and customers and clients is, because you know better than them.</p><p>Just don’t confuse what you’re doing with supporting “the web”. State your assumptions up front. Own your decisions, and be prepared to back them up, for your project. If you’re building something which doesn’t work in <span class="caps">IE6</span>, that requires JavaScript, that requires mobile WebKit, that requires Opera Mobile, then you <em>are</em> letting some people down. That’s <span class="caps">OK</span>; you’ve decided to do that. But your view’s no more valid than theirs, for a project you didn’t build. Make your decisions, and state what the axioms you worked from were, and then everyone else can judge whether what you care about is what they care about. Just don’t push your view as being what everyone else should do, and we’ll all be fine.</p><h2>Sunday, 18 March 2012</h2><p>Publish and be damned, said the Duke of Wellington; these days, in between starting wars in France and being sick of everyone repeating the jokes about his name from Blackadder, he’d probably say that we should publish <em>or</em> be damned. If you’re anything like me, you’ve got folders full of little experiments that you never got around to finishing or that didn’t pan out. Put ’em up somewhere. These things are useful.</p><p>Twitter, autobiographies, collections of letters from authors, all these have shown us that the minutiae can be as fascinating as carefully curated and sieved and measured writings, and who knows what you’ll inspire the next person to do from the germ of one of your ideas?</p><h2>Monday, 27 February 2012</h2><p>There’s a lot to think about when you’re building something on the web. Is it accessible? How do I handle translations of the text? Is the design <span class="caps">OK</span> on a 320px-wide screen? On a 2320px-wide screen? Does it work in <span class="caps">IE8</span>? In Android 4.0? In Opera Mini? Have I minimized the number of <span class="caps">HTTP</span> requests my page requires? Is my JavaScript minified? Are my images responsive? Is Google Analytics hooked up properly? AdSense? Am I handling Unicode text properly? Avoiding <span class="caps">CSRF</span>? <span class="caps">XSS</span>? Have I encoded my videos correctly? Crushed my pngs? Made a print stylesheet?</p><p>We’ve come a long way since:</p><pre><code>&lt;HEADER&gt;&lt;TITLE&gt;The World Wide Web project&lt;/TITLE&gt;&lt;NEXTID N="55"&gt;&lt;/HEADER&gt;&lt;BODY&gt;&lt;H1&gt;World Wide Web&lt;/H1&gt;The WorldWideWeb (W3) is a wide-area&lt;ANAME=0 HREF="WhatIs.html"&gt;hypermedia&lt;/A&gt; information retrievalinitiative aiming to give universalaccess to a large universe of documents.</code></pre> <p>Look at <a href="http://html5boilerplate.com/">http://html5boilerplate.com/</a>—a base level page which helps you to cover some (nowhere near all) of the above list of things to care about (and the rest of the things you need to care about too, which are the other 90% of the list). A year in development, 900 sets of changes and evolutions from the initial version, seven separate files. That’s not over-engineering; that’s what you need to know to build things these days.</p><p>The important point is: one of the skills in our game is knowing what you don’t need to do right now but still leaving the door open for you to do it later. If you become the next Facebook then you will have to care about all these things; initially you may not. You don’t have to build them all on day one: that <em>is</em> over-engineering. But you, designer, developer, translator, evangelist, web person, do have to understand what they all mean. And you do have to be able to layer them on later without having to tear everything up and start again. Feel guilty that you’re not addressing all this stuff in the first release if necessary, but you should feel a lot guiltier if you didn’t think of some of it.</p><h2>Wednesday, 18 January 2012</h2><p>Don’t be creative. Be a creat<em>or</em>. No one ever looks back and wishes that they’d given the world less stuff.</p><ol class="simple-footnotes"><li id="sf-the-pastry-box-project-archaeology-1">Also, the writing is all <a href="https://github.com/the-pastry-box-project">archived at Github!</a> <a class="simple-footnote-back" href="http://feeds.feedburner.com/kryogenix#sf-the-pastry-box-project-archaeology-1-back">↩</a></li></ol></description> <pubDate>Fri, 03 May 2024 18:08:00 +0000</pubDate></item><item> <title>Colin Watson: Playing with rich</title> <guid isPermaLink="false">tag:www.chiark.greenend.org.uk,2024-05-03:/~cjwatson/blog/playing-with-rich.html</guid> <link>https://www.chiark.greenend.org.uk/~cjwatson/blog/playing-with-rich.html</link> <description><p>One of the things I do as a side project for Freexian is to work on variousbits of business automation: accounting tools, programs to help contributorsreport their hours, invoicing, that kind of thing. While it’s not quite myusual beat, this makes quite a good side project as the tools involved aremostly rather sensible and easy to deal with (Python, git,<a href="https://ledger-cli.org/">ledger</a>, that sort of thing) and it’s the kind ofthing where I can dip into it for a day or so a week and feel like I’mmaking useful contributions. The logic can be quite complex, but there’svery little friction in the tools themselves.</p><p>A recent case where I did run into some friction in the tools was with somecommands that need to present small amounts of tabular data on the terminal,using <a href="https://gist.github.com/egmontkob/eb114294efbcd5adb1944c9f3cb5feda"><span class="caps">OSC</span>8</a>hyperlinks if the terminal supports them: think customer-related informationwith some links to issues. One of my colleagues had previously done thisusing a <a href="https://github.com/foutaise/texttable/issues/87">hack</a> on top of<a href="https://pypi.org/project/texttable/">texttable</a>, which was perfectly fineas far as it went. However, now I wanted to be able to add multiple linksin a single table cell in some cases, and that was really going to stretchthe limits of that approach: working out the width of the displayed text inthe cell was going to take an annoying amount of bookkeeping.</p><p>I started looking around to see whether any other approaches might beeasier, without too much effort (remember that “a day or so a week” bitabove). <a href="https://pypi.org/project/ansiwrap/">ansiwrap</a> looked somewhatpromising, but it isn’t currently packaged in Debian, and it would havestill left me with the problem of figuring out how to integrate it into<code>texttable</code>, which looked like it would be quite complicated. Then Iremembered that I’d heard good things about<a href="https://pypi.org/project/rich/">rich</a>, and thought I’d take a look.</p><p><code>rich</code> turned out to be exactly what I wanted. Instead of something likethis based on the <code>texttable</code> hack above:</p><div class="highlight"><pre><span></span><code><span class="kn">import</span> <span class="nn">shutil</span><span class="kn">from</span> <span class="nn">pyxian.texttable</span> <span class="kn">import</span> <span class="n">UrlTable</span> <span class="n">termsize</span> <span class="o">=</span> <span class="n">shutil</span><span class="o">.</span><span class="n">get_terminal_size</span><span class="p">((</span><span class="mi">80</span><span class="p">,</span> <span class="mi">25</span><span class="p">))</span><span class="n">table</span> <span class="o">=</span> <span class="n">UrlTable</span><span class="p">(</span><span class="n">max_width</span><span class="o">=</span><span class="n">termsize</span><span class="o">.</span><span class="n">columns</span><span class="p">)</span><span class="n">table</span><span class="o">.</span><span class="n">set_deco</span><span class="p">(</span><span class="n">UrlTable</span><span class="o">.</span><span class="n">HEADER</span><span class="p">)</span><span class="n">table</span><span class="o">.</span><span class="n">set_cols_align</span><span class="p">([</span><span class="s2">"l"</span><span class="p">])</span><span class="n">table</span><span class="o">.</span><span class="n">set_cols_dtype</span><span class="p">([</span><span class="s2">"u"</span><span class="p">])</span><span class="n">table</span><span class="o">.</span><span class="n">add_row</span><span class="p">([</span><span class="s2">"Issue"</span><span class="p">])</span><span class="n">table</span><span class="o">.</span><span class="n">add_row</span><span class="p">([(</span><span class="n">issue_url</span><span class="p">,</span> <span class="sa">f</span><span class="s2">"#</span><span class="si">{</span><span class="n">issue_id</span><span class="si">}</span><span class="s2">"</span><span class="p">)]</span><span class="nb">print</span><span class="p">(</span><span class="n">table</span><span class="o">.</span><span class="n">draw</span><span class="p">())</span></code></pre></div> <p>… now I can do this instead:</p><div class="highlight"><pre><span></span><code><span class="kn">import</span> <span class="nn">rich</span><span class="kn">from</span> <span class="nn">rich</span> <span class="kn">import</span> <span class="n">box</span><span class="kn">from</span> <span class="nn">rich.table</span> <span class="kn">import</span> <span class="n">Table</span> <span class="n">table</span> <span class="o">=</span> <span class="n">Table</span><span class="p">(</span><span class="n">box</span><span class="o">=</span><span class="n">box</span><span class="o">.</span><span class="n">SIMPLE</span><span class="p">)</span><span class="n">table</span><span class="o">.</span><span class="n">add_column</span><span class="p">(</span><span class="s2">"Issue"</span><span class="p">)</span><span class="n">table</span><span class="o">.</span><span class="n">add_row</span><span class="p">(</span><span class="sa">f</span><span class="s2">"[link=</span><span class="si">{</span><span class="n">issue_url</span><span class="si">}</span><span class="s2">]#</span><span class="si">{</span><span class="n">issue_id</span><span class="si">}</span><span class="s2">[/link]"</span><span class="p">)</span><span class="n">rich</span><span class="o">.</span><span class="n">print</span><span class="p">(</span><span class="n">table</span><span class="p">)</span></code></pre></div> <p>While this is a little shorter, the real bonus is that I can now just putmultiple <code>[link]</code> tags in a single string, and it all just works. Noceremony. In fact, once the relevant bits of code passed type-checking(since the real code is a bit more complex than the samples above), itworked first time. It’s a pleasure to work with a library like that.</p><p>It looks like I’ve only barely scratched the surface of <code>rich</code>, but I expectI’ll reach for it more often now.</p></description> <pubDate>Fri, 03 May 2024 15:09:53 +0000</pubDate></item><item> <title>Nobuto Murata: No, you can't downgrade T14 Gen 3 AMD's UEFI BIOS even when Secure Rollback Prevention is turned off</title> <guid isPermaLink="true">https://nobuto-m.github.io/post/2024/no-you-can-t-downgrade-t14-gen-3-amd-s-uefi-bios-even-when-secure-rollback-prevention-is-turned-off/</guid> <link>https://nobuto-m.github.io/post/2024/no-you-can-t-downgrade-t14-gen-3-amd-s-uefi-bios-even-when-secure-rollback-prevention-is-turned-off/</link> <description><figure id="figure-the-secure-rollback-prevention-entry-in-the-uefi-bios-configuration"> <div class="d-flex justify-content-center"> <div class="w-100"><img alt="The " data-zoomable="" height="570" src="https://nobuto-m.github.io/post/2024/no-you-can-t-downgrade-t14-gen-3-amd-s-uefi-bios-even-when-secure-rollback-prevention-is-turned-off/featured_hu98a07cb948a4aa5ce68d8a190753e9dc_450211_3cb9670871c00c22c40ea3757e48b4ee.webp" width="760" /></div> </div>&lt;figcaption&gt; The “Secure Rollback Prevention” entry in the UEFI BIOS configuration &lt;/figcaption&gt;</figure> <p>The bottom line is that there is a new configuration called “AMD Secure <strong>Processor</strong> Rollback protection” on recent AMD systems in addition to “Secure Rollback Prevention” (BIOS rollback protection). If it’s enabled by a vendor, you cannot downgrade the UEFI BIOS revisions once you install a one with security vulnerability fixes.</p><p><a href="https://fwupd.github.io/libfwupdplugin/hsi.html#org.fwupd.hsi.Amd.RollbackProtection" rel="noopener" target="_blank">https://fwupd.github.io/libfwupdplugin/hsi.html#org.fwupd.hsi.Amd.RollbackProtection</a></p><blockquote><p>This feature prevents an attacker from loading an older firmware onto the part after a security vulnerability has been fixed.<br />[…]<br />End users are not able to directly modify rollback protection, this is controlled by the manufacturer.</p></blockquote><p>Previously I installed the revision 1.49 (R23ET73W) but it’s gone from <a href="https://pcsupport.lenovo.com/us/en/products/laptops-and-netbooks/thinkpad-t-series-laptops/thinkpad-t14-gen-3-type-21cf-21cg/21cf/21cfcto1ww/downloads/driver-list/component?name=BIOS%2FUEFI" rel="noopener" target="_blank">Lenovo’s official page</a> with the notice below. I’ve been annoyed by a symptom which is likely from a firmware so I wanted to try multiple revisions for bisecting, and also I thought I should downgrade it to the latest official revision as 1.40 (R23ET70W) since the withdrawal clearly indicates that there is something wrong with 1.49.</p><blockquote><p>This BIOS version R23UJ73W is reported Lenovo cloud not working issue, hence it has been withdrawn from support site.</p></blockquote><p>First, I turned off <code>Secure Rollback Prevention</code> and tried downgrading it with <code>fwupdmgr</code> like the following. However, it failed to be applied with <code>Secure Flash Authentication Failed</code> when rebooted.</p><div class="highlight"><pre class="chroma" tabindex="0"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ fwupdmgr downgrade</span></span><span class="line"><span class="cl">0. Cancel</span></span><span class="line"><span class="cl">1. b0fb0282929536060857f3bd5f80b319233340fd <span class="o">(</span>Battery<span class="o">)</span></span></span><span class="line"><span class="cl">2. 6fd62cb954242863ea4a184c560eebd729c76101 <span class="o">(</span>Embedded Controller<span class="o">)</span></span></span><span class="line"><span class="cl">3. 0d5d05911800242bb1f35287012cdcbd9b381148 <span class="o">(</span>Prometheus<span class="o">)</span></span></span><span class="line"><span class="cl">4. 3743975ad7f64f8d6575a9ae49fb3a8856fe186f <span class="o">(</span>SKHynix HFS256GDE9X081N<span class="o">)</span></span></span><span class="line"><span class="cl">5. d77c38c163257a2c2b0c0b921b185f481d9c1e0c <span class="o">(</span>System Firmware<span class="o">)</span></span></span><span class="line"><span class="cl">6. 6df01b2df47b1b08190f1acac54486deb0b4c645 <span class="o">(</span>TPM<span class="o">)</span></span></span><span class="line"><span class="cl">7. 362301da643102b9f38477387e2193e57abaa590 <span class="o">(</span>UEFI dbx<span class="o">)</span></span></span><span class="line"><span class="cl">Choose device <span class="o">[</span>0-7<span class="o">]</span>: <span class="m">5</span></span></span><span class="line"><span class="cl">0. Cancel</span></span><span class="line"><span class="cl">1. 0.1.46</span></span><span class="line"><span class="cl">2. 0.1.41</span></span><span class="line"><span class="cl">3. 0.1.38</span></span><span class="line"><span class="cl">4. 0.1.36</span></span><span class="line"><span class="cl">5. 0.1.23</span></span><span class="line"><span class="cl">Choose release <span class="o">[</span>0-5<span class="o">]</span>: </span></span></code></pre></div><p>Next, I tried their ISO image <code>r23uj70wd.iso</code>, but no luck with another error.</p><blockquote><p>Error</p><p>The system program file is not correct for this system.</p></blockquote><p>Also, Windows failed to apply it so I became convinced it was impossible. However, I didn’t have a clear idea why at that point and bumped into a handy command in <code>fwupdmgr</code>.</p><div class="highlight"><pre class="chroma" tabindex="0"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ fwupdmgr security</span></span><span class="line"><span class="cl">Host Security ID: HSI:1! <span class="o">(</span>v1.9.16<span class="o">)</span></span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">HSI-1</span></span><span class="line"><span class="cl">✔ BIOS firmware updates: Enabled</span></span><span class="line"><span class="cl">✔ Fused platform: Locked</span></span><span class="line"><span class="cl">✔ Supported CPU: Valid</span></span><span class="line"><span class="cl">✔ TPM empty PCRs: Valid</span></span><span class="line"><span class="cl">✔ TPM v2.0: Found</span></span><span class="line"><span class="cl">✔ UEFI bootservice variables: Locked</span></span><span class="line"><span class="cl">✔ UEFI platform key: Valid</span></span><span class="line"><span class="cl">✔ UEFI secure boot: Enabled</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">HSI-2</span></span><span class="line"><span class="cl">✔ SPI write protection: Enabled</span></span><span class="line"><span class="cl">✔ IOMMU: Enabled</span></span><span class="line"><span class="cl">✔ Platform debugging: Locked</span></span><span class="line"><span class="cl">✔ TPM PCR0 reconstruction: Valid</span></span><span class="line"><span class="cl">✘ BIOS rollback protection: Disabled</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">HSI-3</span></span><span class="line"><span class="cl">✔ SPI replay protection: Enabled</span></span><span class="line"><span class="cl">✔ CET Platform: Supported</span></span><span class="line"><span class="cl">✔ Pre-boot DMA protection: Enabled</span></span><span class="line"><span class="cl">✔ Suspend-to-idle: Enabled</span></span><span class="line"><span class="cl">✔ Suspend-to-ram: Disabled</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">HSI-4</span></span><span class="line"><span class="cl">✔ Processor rollback protection: Enabled</span></span><span class="line"><span class="cl">✔ Encrypted RAM: Encrypted</span></span><span class="line"><span class="cl">✔ SMAP: Enabled</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">Runtime Suffix -!</span></span><span class="line"><span class="cl">✔ fwupd plugins: Untainted</span></span><span class="line"><span class="cl">✔ Linux kernel lockdown: Enabled</span></span><span class="line"><span class="cl">✔ Linux kernel: Untainted</span></span><span class="line"><span class="cl">✘ CET OS Support: Not supported</span></span><span class="line"><span class="cl">✘ Linux swap: Unencrypted</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">This system has HSI runtime issues.</span></span><span class="line"><span class="cl"> » https://fwupd.github.io/hsi.html#hsi-runtime-suffix</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">Host Security Events</span></span><span class="line"><span class="cl"> 2024-05-01 15:06:29: ✘ BIOS rollback protection changed: Enabled → Disabled</span></span></code></pre></div><p>As you can see, the <code>BIOS rollback protection</code> in the HSI-2 section is “Disabled” as intended. But <code>Processor rollback protection</code> in HSI-4 is “Enabled”. I found a commit suggesting that there was a system with the config disabled and it was able to be enabled when <code>OS Optimized Defaults</code> is turned on.</p><p><a href="https://github.com/fwupd/fwupd/commit/52d6c3cb78ab8ebfd432949995e5d4437569aaa6" rel="noopener" target="_blank">https://github.com/fwupd/fwupd/commit/52d6c3cb78ab8ebfd432949995e5d4437569aaa6</a></p><blockquote><p>Update documentation to indicate that loading “OS Optimized Defaults”</p><p>may enable security processor rollback protection on Lenovo systems.</p></blockquote><p>I hoped that <code>Processor rollback protection</code> might be disabled by turning off <code>OS Optimized Defaults</code> instead.</p> <figure id="figure-tried-os-optimized-defaults-turned-off-but-no-luck"> <div class="d-flex justify-content-center"> <div class="w-100"><img alt="Tried OS Optimized Defaults turned off but no luck" data-zoomable="" height="428" src="https://nobuto-m.github.io/post/2024/no-you-can-t-downgrade-t14-gen-3-amd-s-uefi-bios-even-when-secure-rollback-prevention-is-turned-off/os-optimized-defaults_hu503de795b087b91d9dac387047c8e5d4_262087_653d6e7f1be4a9f7ce5da4ac4224f907.webp" width="760" /></div> </div>&lt;figcaption&gt; Tried OS Optimized Defaults turned off but no luck &lt;/figcaption&gt;</figure> <div class="highlight"><pre class="chroma" tabindex="0"><code class="language-bash" data-lang="bash"><span class="line"><span class="cl">$ fwupdmgr security</span></span><span class="line"><span class="cl">Host Security ID: HSI:1! <span class="o">(</span>v1.9.16<span class="o">)</span></span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">...</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">✘ BIOS rollback protection: Disabled</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">...</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">HSI-4</span></span><span class="line"><span class="cl">✔ Processor rollback protection: Enabled</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">...</span></span><span class="line"><span class="cl"></span></span><span class="line"><span class="cl">Host Security Events</span></span><span class="line"><span class="cl"> 2024-05-02 03:24:45: ✘ Kernel lockdown disabled</span></span><span class="line"><span class="cl"> 2024-05-02 03:24:45: ✘ Secure Boot disabled</span></span><span class="line"><span class="cl"> 2024-05-02 03:24:45: ✘ Pre-boot DMA protection is disabled</span></span><span class="line"><span class="cl"> 2024-05-02 03:24:45: ✘ Encrypted RAM changed: Encrypted → Not supported</span></span></code></pre></div><p>Some configurations were overridden, but the <code>Processor rollback protection</code> stayed the same. It’s confirmed that it’s really impossible to downgrade the firmware with vulnerability fixes. I learned the hard way that there was a clear difference between “a vendor doesn’t support downgrading” and “it can’t be downgraded” as per the release notes.</p><p><a href="https://download.lenovo.com/pccbbs/mobiles/r23uj73wd.txt" rel="noopener" target="_blank">https://download.lenovo.com/pccbbs/mobiles/r23uj73wd.txt</a></p><blockquote><p>CHANGES IN THIS RELEASE</p><p>Version 1.49 (UEFI BIOS)1.32 (ECP)</p><p>[Important updates]</p><ul><li>Notice that BIOS can’t be downgraded to older BIOS version after upgrade to r23uj73w(1.49).</li></ul><p>[New functions or enhancements]</p><ul><li>Enhancement to address security vulnerability, CVE-2023-5058,LEN-123535,LEN-128083,LEN-115697,LEN-123534,LEN-118373,LEN-119523,LEN-123536.</li><li>Change to permit fan rotation after fan error happen.</li></ul></blockquote><p>I have to wait for a new and better firmware.</p></description> <pubDate>Fri, 03 May 2024 03:20:51 +0000</pubDate></item><item> <title>Podcast Ubuntu Portugal: E297 Framboesa 3.1416</title> <guid isPermaLink="false">https://media.blubrry.com/ubuntupt/archive.org/download/pup-e297/e297.mp3</guid> <link>https://podcastubuntuportugal.org/e297/</link> <description><p>Depois da catástrofe de Alderaan, a princesa Leia no exílio veio falar connosco e passámos um bom bocado a falar de Raspberry Pi, as tendências genocidas do Império Galáctico, o papel de jornalistas e developers místicos e como fazer parte dos Rebeldes usando Tor. Abordámos brevemente o drama dos debs no Noble Numbat, dramas na comunidade de Nix e o drama de não fazer backups. E ainda houve tempo para partilhar experiências no Centro Linux, dizer mal do Linkedin e rever a agenda para os próximos meses.</p><p>Já sabem: oiçam, subscrevam e partilhem!</p><ul><li><p><a href="https://www.bertrand.pt/livro/os-tres-d-dos-media-jose-nuno-matos/25461378">https://www.bertrand.pt/livro/os-tres-d-dos-media-jose-nuno-matos/25461378</a></p></li><li><p><a href="https://www.torproject.org/">https://www.torproject.org/</a></p></li><li><p><a href="https://raspberrytips.com/install-tor-browser-on-raspberry-pi/">https://raspberrytips.com/install-tor-browser-on-raspberry-pi/</a></p></li><li><p><a href="https://ciberlandia.pt/@per_sonne/112342621071193602">https://ciberlandia.pt/@per_sonne/112342621071193602</a></p></li><li><p><a href="https://flathub.org/apps/com.github.huluti.Curtail">https://flathub.org/apps/com.github.huluti.Curtail</a></p></li><li><p><a href="https://mastodon.social/@eugenialoli/112358645417203659">https://mastodon.social/@eugenialoli/112358645417203659</a></p></li><li><p><a href="https://aux.computer/">https://aux.computer/</a></p></li><li><p><a href="https://thegeomob.com/post/may-8th-2024-geomoblx-details">https://thegeomob.com/post/may-8th-2024-geomoblx-details</a></p></li><li><p><a href="https://drupaliberia.eu/">https://drupaliberia.eu/</a></p></li><li><p><a href="https://lisbon.globalappsec.org/">https://lisbon.globalappsec.org/</a></p></li><li><p><a href="https://developer.ogc.org/sprints/">https://developer.ogc.org/sprints/</a></p></li><li><p><a href="https://2024.europe.foss4g.org/">https://2024.europe.foss4g.org/</a></p></li><li><p><a href="https://www.wearedevelopers.com/world-congress">https://www.wearedevelopers.com/world-congress</a></p></li><li><p><a href="https://2024.foss4g.org/">https://2024.foss4g.org/</a></p></li><li><p><a href="https://loco.ubuntu.com/teams/ubuntu-pt/">https://loco.ubuntu.com/teams/ubuntu-pt/</a></p></li><li><p><a href="https://shop.nitrokey.com/shop?aff_ref=3">https://shop.nitrokey.com/shop?aff_ref=3</a></p></li><li><p><a href="https://masto.pt/@pup">https://masto.pt/@pup</a></p></li><li><p><a href="https://youtube.com/PodcastUbuntuPortugal">https://youtube.com/PodcastUbuntuPortugal</a></p></li></ul><h3 id="apoios">Apoios</h3><p>Podem apoiar o podcast usando os links de afiliados do Humble Bundle, porque ao usarem esses links para fazer uma compra, uma parte do valor que pagam reverte a favor do Podcast Ubuntu Portugal.E podem obter tudo isso com 15 dólares ou diferentes partes dependendo de pagarem 1, ou 8.Achamos que isto vale bem mais do que 15 dólares, pelo que se puderem paguem mais um pouco mais visto que têm a opção de pagar o quanto quiserem.Se estiverem interessados em outros bundles não listados nas notas usem o link <a href="https://www.humblebundle.com/?partner=PUP">https://www.humblebundle.com/?partner=PUP</a> e vão estar também a apoiar-nos.</p><h3 id="atribuição-e-licenças">Atribuição e licenças</h3><p>Este episódio foi produzido por Diogo Constantino, Miguel e Tiago Carrondo e editado pelo <a href="https://senhorpodcast.pt/">Senhor Podcast</a>.O website é produzido por Tiago Carrondo e o <a href="https://gitlab.com/podcastubuntuportugal/website">código aberto</a> está licenciado nos termos da <a href="https://gitlab.com/podcastubuntuportugal/website/main/LICENSE">Licença MIT</a>.A música do genérico é: “Won’t see it comin’ (Feat Aequality &amp; N’sorte d’autruche)”, por Alpha Hydrae e está licenciada nos termos da <a href="https://creativecommons.org/publicdomain/zero/1.0/">CC0 1.0 Universal License</a>.Este episódio e a imagem utilizada estão licenciados nos termos da licença: <a href="https://creativecommons.org/licenses/by-nc-nd/4.0/">Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)</a>, <a href="https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode">cujo texto integral pode ser lido aqui</a>. Estamos abertos a licenciar para permitir outros tipos de utilização, <a href="https://podcastubuntuportugal.org/contactos">contactem-nos</a> para validação e autorização.</p></description> <pubDate>Thu, 02 May 2024 00:00:00 +0000</pubDate> <enclosure url="https://media.blubrry.com/ubuntupt/archive.org/download/pup-e297/e297.mp3" length="28368142" type="audio/mpeg"/></item><item> <title>Colin Watson: Free software activity in April 2024</title> <guid isPermaLink="false">tag:www.chiark.greenend.org.uk,2024-05-01:/~cjwatson/blog/activity-2024-04.html</guid> <link>https://www.chiark.greenend.org.uk/~cjwatson/blog/activity-2024-04.html</link> <description><p>My Debian contributions this month were all<a href="https://www.freexian.com/about/debian-contributions/">sponsored</a> by Freexian.</p><ul><li>I’m trying to get back into bugs.debian.org administration, so I spent some time catching up on my <code>owner@bugs.debian.org</code> mailbox and answering a number of support requests there.</li><li>I fixed a regression I’d introduced last year where groff’s <span class="caps">PDF</span> output had invalid date headers, both <a href="https://git.savannah.gnu.org/cgit/groff.git/commit/?id=0815e503dba8d5c05921d68c6c718fe8f8440ee8">upstream</a> and <a href="https://bugs.debian.org/1069902">in Debian</a>.</li><li>I released <a href="https://lists.nongnu.org/archive/html/man-db-announce/2024-04/msg00000.html">man-db 2.12.1</a>.</li><li>openssh:<ul><li>I did a little more testing of Luca Boccassi’s <a href="https://bugzilla.mindrot.org/show_bug.cgi?id=2641#c23">modifications</a> to upstream’s inline systemd notification patch.</li><li>I did an extensive <a href="https://lists.debian.org/debian-devel/2024/04/msg00044.html">review</a> of some of the choices in Debian’s OpenSSH packaging, in light of last month’s <a href="https://tukaani.org/xz-backdoor/">xz-utils backdoor</a>.</li><li>I fixed a build failure on ppc64el, <a href="https://bugzilla.mindrot.org/show_bug.cgi?id=3673#c2">forwarded upstream</a>.</li><li>I <a href="https://bugs.debian.org/1068311">proposed</a> reducing shared library linkage in tcp-wrappers; its maintainer accepted this by disabling <span class="caps">NIS</span> support.</li><li>I applied a <a href="https://bugs.debian.org/1069706">suggestion</a> to improve ordering of systemd services in relation to <code>nss-user-lookup.target</code>.</li></ul></li><li>I updated putty to 0.81.</li><li>Python team:<ul><li>I fixed build/autopkgtest failures in <a href="https://bugs.debian.org/1069360">cytoolz</a> (<a href="https://github.com/pytoolz/cytoolz/pull/205">upstream <span class="caps">PR</span></a>), nbconvert (due to <a href="https://bugs.debian.org/1042699">sphinx</a> and <a href="https://bugs.debian.org/1068349">lxml-html-clean</a> changes), <a href="https://bugs.debian.org/1069816">python-argcomplete</a>, <a href="https://bugs.debian.org/1069817">python-exceptiongroup</a>, <a href="https://bugs.debian.org/1069756">readability</a>, <a href="https://bugs.debian.org/1069818">toolz</a> (<a href="https://github.com/pytoolz/toolz/pull/578">upstream <span class="caps">PR</span></a>), and <a href="https://bugs.debian.org/1069608">topplot</a>.</li><li>I made a <a href="https://salsa.debian.org/science-team/pyferret/-/merge_requests/3">merge request</a> to fix a <a href="https://bugs.debian.org/1058888">build failure</a> in pyferret.</li><li>I fixed a <a href="https://salsa.debian.org/python-team/packages/python-ecdsa/-/commit/3a95d8623d28d73c8c7877e6c3ddd5ee43e33ca4">mistake</a> in a Debian patch to python-ecdsa, noticed while updating jsonpickle.</li><li>I updated cachelib, dnsdiag, feedparser, jsonpickle, pywavelets (fixing a <a href="https://bugs.debian.org/1068805">distutils dependency</a>), python-aiohttp-session, python-avro, python-rstr, vine (including an <a href="https://github.com/celery/vine/pull/109">upstream packaging tweak</a>, and wtforms to new upstream versions.</li></ul></li><li>I did some inconclusive investigation of <a href="https://bugs.debian.org/1057562">flaky tests in gcr4</a>. More work is needed there.</li><li>I proposed a patch for a build failure in gyoto, both <a href="https://github.com/gyoto/Gyoto/pull/17">upstream</a> and <a href="https://bugs.debian.org/1066788">in Debian</a>.</li></ul><p>You can support my work directly via<a href="https://liberapay.com/cjwatson">Liberapay</a>.</p></description> <pubDate>Wed, 01 May 2024 11:34:15 +0000</pubDate></item><item> <title>Salih Emin: Ucaresystem 24.05.0 released with Flatpak support</title> <guid isPermaLink="false">http://utappiablog.wordpress.com/?p=49673</guid> <link>https://utappiablog.wordpress.com/2024/05/01/ucaresystem-24-05-0-released-with-flatpak-support/</link> <description>The previous release of uCareSystem, version 24.04.0, introduced enhanced maintenance and cleanup capabilities for Ubuntu and its derivatives. The fresh new release 24.05, is introduced with support for flatpak maintenance. This new version includes: Where can I download uCareSystem ? As always, I want to express my gratitude for your support over the past 15 […]</description> <pubDate>Wed, 01 May 2024 10:30:13 +0000</pubDate></item><item> <title>Ubuntu Blog: Canonical releases Landscape 24.04 LTS</title> <guid isPermaLink="true">https://ubuntu.com//blog/canonical-releases-landscape-24-04-lts</guid> <link>https://ubuntu.com//blog/canonical-releases-landscape-24-04-lts</link> <description><h3 class="wp-block-heading">With 12 years of support, Landscape 24.04 LTS adds snap and repository management controls to a modernised systems management web portal and API.</h3><figure class="wp-block-image size-full"><div class="lazyload" data-noscript="">&lt;noscript&gt;&lt;img alt="" height="868" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_1799,h_868/https://ubuntu.com/wp-content/uploads/6d1a/Screenshot-from-2024-03-26-08-24-25.png" width="1799" /&gt;&lt;/noscript&gt;</div>Screenshot of the new Landscape Dashboard</figure><p><strong>London, 30 April 2024.</strong></p><p>Today Canonical announced the availability of <a href="https://ubuntu.com/landscape">Landscape’s</a> first LTS release. Landscape 24.04 LTS features a new versioned API, a new web portal with accessibility and performance in mind, and intuitive controls for software distribution. Landscape 24.04 LTS comprises Landscape Server and Landscape Client. With a modernised backend and web portal in place, engineering teams can work efficiently, focusing on patches and new features.</p><h2 class="wp-block-heading">Predictable release cadence and 12 years of support for LTS versions</h2><p>Building on Canonical’s commitment to reliability, Landscape releases going forward will align with Ubuntu LTS and interim releases for predictable security coverage, feature patches, and bug fixes.</p><p>Landscape Server 24.04 can be installed on Ubuntu 22.04 LTS and Ubuntu 24.04 LTS releases with Ubuntu Pro. <a href="https://ubuntu.com/landscape/docs/self-hosted-landscape">Landscape Server 24.04 is compatible</a> with the previous four Ubuntu LTS releases (Ubuntu 16.04 LTS onwards), and will manage future Ubuntu releases including Ubuntu 26.04 LTS.</p><p>Like Ubuntu 24.04 LTS, this Landscape release gets a 12 year commitment for security maintenance and support. Landscape 24.04 LTS will get five years of bug fixes and incremental feature patches until August 2029. Ubuntu Pro subscribers can continue using Landscape 24.04 LTS after these 5 years for a total of 12 years, with the <a href="https://ubuntu.com/blog/canonical-expands-long-term-support-to-12-years-starting-with-ubuntu-14-04-lts">Legacy Support add-on</a>.</p><h2 class="wp-block-heading">A new web portal built with Canonical’s Vanilla Framework</h2><p><a href="https://vanillaframework.io">Vanilla Framework</a> provides consistent and uniform design patterns across Canonical’s products. Landscape joins MAAS, LXD UI, and others with a responsive React JS driven user interface. This web portal is built using a new versioned API serving JSON data. This API enhancement ensures seamless integration for developers, offering a forward-looking assurance that applications developed with a particular API version will remain robust and reliable, regardless of future updates to Landscape and its accompanying API endpoints.</p><p>The Monitoring feature from the legacy Landscape web portal has not yet been migrated to Landscape 24.04 LTS, yet. Monitoring will arrive as an incremental patch for Landscape 24.04 LTS with a modern charting library, a monitoring API, and companion documentation.</p><p>Lastly, the web portal provides a significant improvement in Lighthouse scores for Accessibility. The dashboard’s accessibility scores as measured by Lighthouse improved from 70% to 95%. Landscape 24.04 LTS has a web portal which is accessible to users with deficiencies in colour vision, complete colour blindness, and other visual impairments.</p><h2 class="wp-block-heading">Save terabytes in storage and bandwidth with point-in-time repository snapshots</h2><figure class="wp-block-image size-large is-resized"><div class="lazyload" data-noscript="">&lt;noscript&gt;&lt;img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://assets.ubuntu.com/v1/3f95a534-repo.gif" width="720" /&gt;&lt;/noscript&gt;</div>An overview of the repository management experience in the new Landscape web portal.</figure><p>Landscape’s new web portal includes an intuitive point-and-click repository mirroring experience, and the repository snapshot service is available as a source when mirroring repositories. In late 2023, Canonical became the first Linux provider to integrate a repository snapshot service with Microsoft Azure’s update mechanisms. Landscape 24.04 LTS brings this simplified and safe deployment practice capability on-premises, and to mixed and hybrid cloud environments.</p><p>Benefits of Landscape’s repository snapshot service include predictable updates, consistency across deployments, and simplified repository mirroring, providing improved resilience and security for Ubuntu workloads.</p><p>Beyond the conveniences afforded to system administrators, the repository snapshots implementation also saves over 100 terabytes of disk space and network throughput, for organisations making complete repository mirrors every week. Canonical’s on-demand repository snapshot capability extends back to February 2023 for non-ESM (Expanded Security Maintenance) repositories. This innovation frees storage and network resources, because scheduled mirroring and archival of these mirrors becomes unnecessary.</p><h2 class="wp-block-heading">Snap management for Ubuntu and Ubuntu Core</h2><p>Beyond managing Ubuntu interim and LTS releases, Landscape 24.04 LTS also manages Ubuntu Core, Canonical’s snap based, immutable and strictly-confined operating system. A strictly confined Landscape Client snap package provides snap package management, remote script execution, monitoring and inventory capabilities to Ubuntu, for anyone interested in consuming the latest Landscape Client as a snap package.</p><p>Snap management capabilities also exist in the Landscape Client Debian package, available in the Main repository for Ubuntu 24.04 LTS, and in <a href="https://launchpad.net/~landscape/+archive/ubuntu/self-hosted-24.04">ppa:landscape/self-hosted-24.04</a> for previous versions of Ubuntu.</p><p>Distribution of updated snap revisions is controlled through the Snap Store, which organisations can self-host as a snap store proxy, or as a brand store if there is a need to distribute proprietary non-public snaps within the organisation. Snap management in Landscape 24.04 LTS can add, remove, update, and pause updates from Snap Store, snap store proxy, and brand stores.</p><p>Landscape has historically provided fine grained management of Debian packages installed through the apt package manager. With Landscape 24.04 LTS, similar management capabilities arrive for snap packages, with consideration for revisions and channels, which are specific to the snap ecosystem. By default, snap packages self-update through transactional over-the-air updates, and have the ability to rollback automatically if the upgrade fails. Organisations and individuals interested in uniformity across machines can pin revisions of a snap to machines, and ensure consistency between machines that must be uniformly configured.</p><h2 class="wp-block-heading">Next steps</h2><ul><li><a href="https://pages.ubuntu.com/rs/066-EOV-335/images/Landscape%20DS%20v3%205.4.2024.pdf?version=0">Read the Landscape datasheet</a></li><li><a href="https://ubuntu.com/landscape/install">Install Landscape 24.04 LTS on Ubuntu Server, using Ubuntu 20.04 LTS or later</a></li><li><a href="https://www.youtube.com/watch?feature=shared&amp;v=Yq4Grp__qqM">Learn to enrol Ubuntu 24.04 LTS instances with Landscape, using Pro Client</a></li></ul><h2 class="wp-block-heading">About Canonical</h2><p>Canonical, the publisher of Ubuntu, provides open source security, support and services. Our portfolio covers critical systems, from the smallest devices to the largest clouds, from the kernel to containers, from databases to AI. With customers that include top tech brands, emerging startups, governments and home users, Canonical delivers trusted open source for everyone.</p><p>Learn more at <a href="https://canonical.com/">canonical.com</a>.</p></description> <pubDate>Wed, 01 May 2024 02:31:58 +0000</pubDate></item><item> <title>Santiago Zarate: RuPerl - Rust with embedded Perl</title> <guid isPermaLink="false">https://foursixnine.io//blog/perl/rust/software/c/2024/05/01/ruperlrustwithembeddedperl</guid> <link>https://foursixnine.io//blog/perl/rust/software/c/2024/05/01/ruperlrustwithembeddedperl.html</link> <description><p>Thanks to a colleague who introduced me to Nim during last week’s <a href="https://www.youtube.com/@suselabs6148/videos">SUSE Labs conference</a>, I became a man with a dream, and after fiddling with compiler flagsand obviously not reading documentation, I finally made it.</p> <p>This is something that shouldn’t exist; from the list of ideas that should never have happened.</p> <blockquote> <p>But it does.It’s a Perl interpreter embedded in Rust.Get over it.</p></blockquote> <p>Once cloned, you can run the following commands to see it in action:</p> <ul> <li><code class="language-plaintext highlighter-rouge">cargo run --verbose -- hello.pm showtime</code></li> <li><code class="language-plaintext highlighter-rouge">cargo run --verbose -- hello.pm get_quick_headers</code></li></ul> <h2 id="how-it-works">How it works</h2> <p>There is a lot of autogenerated code, mainly for two things:</p> <ul> <li><code class="language-plaintext highlighter-rouge">bindings.rs</code> and <code class="language-plaintext highlighter-rouge">wrapper.h</code>; I made a lot of assumptions and <code class="language-plaintext highlighter-rouge">perlxsi.c</code> may or may not be necessary in the future (see <code class="language-plaintext highlighter-rouge">main::xs_init_rust</code>), depends on how bad or terrible my <code class="language-plaintext highlighter-rouge">C</code> knowledge is by the time you’re reading this.</li> <li><code class="language-plaintext highlighter-rouge">xs_init_rust</code> function is the one that does the magic, as far as my understanding goes, by hooking up <code class="language-plaintext highlighter-rouge">boot_DynaLoader</code> to <a href="https://metacpan.org/pod/DynaLoader">DynaLoader</a> in Perl via ffi.</li></ul> <p>With those two bits in place, and thanks to the magic of the <code class="language-plaintext highlighter-rouge">bindgen</code> crate, and after some initialization, I decided to use <code class="language-plaintext highlighter-rouge">Perl_call_argv</code>, do note that <code class="language-plaintext highlighter-rouge">Perl_</code> in this case comes from bindgen, I might change later the convention to <code class="language-plaintext highlighter-rouge">ruperl</code> or something to avoid confusion between that a and <code class="language-plaintext highlighter-rouge">perl_parse</code> or <code class="language-plaintext highlighter-rouge">perl_alloc</code> which (if I understand correctly) are exposed directly by the ffi interface.</p> <p>What I ended up doing, is passing the same list of arguments (for now, or at least for this PoC), directly to <code class="language-plaintext highlighter-rouge">Perl_call_argv</code>, which will in turn, take the third argument and pass it verbatim as the <a href="https://perldoc.perl.org/perlcall#Using-call_argv">call_argv</a></p> <div class="language-plaintext highlighter-rouge"><div class="highlight"><pre class="highlight"><code> Perl_call_argv(myperl, perl_sub, flags_ptr, perl_parse_args.as_mut_ptr());</code></pre></div></div> <p>Right now hello.pm defines two sub routines, one to open a file, write something and print the time to stdout, and a second one that will query my blog, and show the headers. This is only example code, but enoughto demostrate that the DynaLoader works, and that the embedding also works :)</p> <p><img alt="itsalive" src="https://media.giphy.com/media/v1.Y2lkPTc5MGI3NjExd3pkbzJweGl3aG8waG0xeHJpZDU5bXQ4bnRqdjlmdGNjdXA1eXRteCZlcD12MV9pbnRlcm5hbF9naWZfYnlfaWQmY3Q9Zw/tze1mGedykiuk/giphy.gif" /></p> <p>I got most of this working by following the <a href="https://perldoc.perl.org/perlembed">perlembed</a> guide.</p> <h2 id="why">Why?</h2> <blockquote> <p>Why not?.</p></blockquote> <p>I want to see if I can embed also python in the same binary, so I can call native perl, from native python and see how I can fiddle all that into <a href="https://github.com/os-autoinst/os-autoinst">os-autoinst</a></p> <h2 id="where-to-find-the-code">Where to find the code?</h2> <p>On github: https://github.com/foursixnine/ruperl or under https://crates.io/crates/ruperl</p></description> <pubDate>Wed, 01 May 2024 00:00:00 +0000</pubDate></item><item> <title>Dougie Richardson: Ubuntu 24.04 LTS OneDrive</title> <guid isPermaLink="false">https://dougiewougie.com/?p=2759</guid> <link>https://dougiewougie.com/2024/04/30/ubuntu-24-04-lts-onedrive/</link> <description><p>I’ve not had much time to play around with the latest release but this is cool – OneDrive Nautilus integration.</p> <p>Settings &gt; Online Accounts &gt; Microsoft 365, leave everything blank and hit “Sign in…”. Web page opens to authenticate and then you can mount OneDrive in Nautilus.</p> <p><img alt="" /></p></description> <pubDate>Tue, 30 Apr 2024 20:22:53 +0000</pubDate></item><item> <title>Ubuntu Blog: The biggest use cases for AI in Automotive (that aren’t just self-driving cars)</title> <guid isPermaLink="true">https://ubuntu.com//blog/the-biggest-use-cases-for-ai-in-automotive-that-arent-just-self-driving-cars</guid> <link>https://ubuntu.com//blog/the-biggest-use-cases-for-ai-in-automotive-that-arent-just-self-driving-cars</link> <description><p>A study of 4 major use cases of AI in cars</p><p>In this fast-paced age of technological evolution, Artificial Intelligence (AI) emerges as the key catalyst driving profound shifts in the automotive sector. From smart vehicle design to customised in-car interactions, AI is reshaping every aspect of transportation, ensuring safer, more effective, and environmentally friendly journeys for both drivers and passengers.</p><p>In this blog, we’ll have a look at the four most promising use cases for AI in the automotive industry.</p><h1 class="wp-block-heading">Intelligent vehicle lifecycle management</h1><h2 class="wp-block-heading">Innovative vehicle design, material use, and manufacturing processes</h2><p>AI-powered generative design algorithms are <a href="https://ubuntu.com/blog/ai-and-automotive-navigating-the-roads-of-tomorrow">transforming how vehicles are conceptualised</a> and engineered, pushing the boundaries of creativity and efficiency. These algorithms optimise vehicle structures for performance, safety, and sustainability by analysing vast datasets and exploring numerous design iterations. </p><p>Moreover, AI is revolutionising material selection: manufacturers are harnessing its capabilities to identify the most suitable materials for each component, balancing strength, weight, and environmental impact. This results in vehicles that are lighter, more fuel efficient, more technologically advanced, and more sustainable to produce — contributing to a greener industry and future.</p><h2 class="wp-block-heading">Predictive maintenance and diagnostics</h2><p>AI is reshaping the landscape of vehicle maintenance through predictive maintenance systems that redefine how issues are identified and addressed.</p><p>Some cars have over 100 embedded sensors, tracking everything from engine fuel-oxygen mixes and tyre pressure, to component temperatures and orientation. AI algorithms can use the data from these sensors to predict mechanical and electrical faults before they happen, opening up the door for proactive, preventative maintenance.</p><figure class="wp-block-image"><div class="lazyload" data-noscript="">&lt;noscript&gt;&lt;img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh7-us.googleusercontent.com/96XKUUtCB7XsG0Avd-6dYrtiNjeLyR-PmuacC62ap2rLF7-8-qj20DaVXXEI7j1v1Z-VhiQP_WA086yIkWyDxue8uWSQAnMK3Rcn4ti5f0KcCTugP9dXxZvSR_KnADC3T6QRvR0ROOOsPsig5h__Y-Q" width="720" /&gt;&lt;/noscript&gt;</div></figure><p>As a result, vehicle downtime is minimised, maintenance costs are reduced, and overall reliability is significantly enhanced, ensuring a smoother and more <a href="https://ubuntu.com/engage/consumer-trends-in-the-automotive-industry:-the-impact-of-new-ownership-habits-and-mobility-trends">seamless ownership experience</a> for drivers.</p><h2 class="wp-block-heading">Supply chain enhancements</h2><p>AI isn’t just making cars lighter and more efficient – it’s also making them easier to build and send to showrooms and car lots. Car manufacturers can use AI algorithms to analyse large amounts of data related to demand forecasting, inventory management, and logistics operations; this data will reveal ways to streamline supply chain processes and improve overall manufacturing efficiency. </p><p><a href="https://ubuntu.com/blog/how-digital-twins-enable-data-driven-automotive-supply-chains">AI-driven supply chain enhancements</a> enable OEMs (Original Equipment Manufacturers) to anticipate demand fluctuations, optimise inventory levels, and minimise lead times, thereby reducing costs and improving responsiveness to market dynamics. Moreover, AI enables predictive analytics for proactive risk management, allowing manufacturers to identify potential disruptions and mitigate them before they impact production. This helps car companies be more flexible, resilient, and competitive in today’s changing market. </p><p>One example of this in action is the dispatch of parts across a vast network of locations, including repair shops and warehouses. AI algorithms analyse a multitude of factors, including weather data, customer repair habits, seasonal trends, and inventory levels, to predict demand and optimise part shipments. By consolidating information from various sources and through predictive analytics, AI enables automotive companies to proactively manage their supply chains, ensuring timely delivery of parts while minimising costs and maximising efficiency. </p><p>This approach mirrors strategies employed by agricultural companies, which rely on AI to optimise the distribution of repair parts for harvesting machines, enhancing overall supply chain resilience and performance.</p><h1 class="wp-block-heading">Enhanced in-car experience and connectivity</h1><p>In the automotive field, it’s not just the vehicle that’s being improved by AI, but the human experience of that vehicle. AI is revolutionising the in-car experience, offering a seamless blend of comfort, convenience, and connectivity for drivers and passengers alike.</p><h2 class="wp-block-heading">In-car experience personalisation</h2><p>Gone are the days of one-size-fits-all vehicle settings. With AI, the in-car experience becomes highly personalised, adapting to the individual preferences and needs of each occupant. By analysing data on driver behaviour, environmental conditions, and historical usage patterns, AI algorithms adjust various settings within the vehicle to create a unique driver-specific experience. </p><p>Imagine sitting in a brand-new car, or in your uncle’s car. Within seconds, the steering wheel height, mirrors, seat, and headrest adjust to put you at the perfect driving height with optimal vision of everything around you. The air conditioning turns on at a perfect 19 degrees (which your uncle thinks is a waste of fuel). The car radio imports your favourite stations as preset channels. The in-car GPS suggests preferred routes home for you based on your previous journeys and the current traffic. That’s the power of AI-driven user experience. </p><p>AI ensures that every journey is as comfortable and enjoyable as possible. This level of personalisation not only enhances the overall driving experience but also fosters greater driver satisfaction and loyalty to automotive brands.</p><h2 class="wp-block-heading">Natural Language Processing for smarter assistants</h2><p>In today’s world, you’re more connected than ever. There’s just one problem: it’s illegal in most countries to use the thing that connects you (namely, your phone) while driving. This simple fact makes AI-powered natural language assistants a must-have companion. These assistants enable hands-free interaction with vehicle systems, allowing drivers to perform a wide range of tasks using voice commands alone. </p><p>Whether it’s making phone calls, sending text messages, adjusting navigation settings, or controlling entertainment options, AI-powered natural language assistants make driving safer and more convenient. These assistants seamlessly integrate with other services and devices, such as calendars, emails, and smartphones, ensuring a connected and flawless experience for drivers. Imagine this: your AI companion remembers the 3pm text you got from your partner to pick up milk, and automatically adds a stop at the nearest convenience store that is listed as open and sells your usual purchased brand of organic 3.5% full-fat, free-range fresh milk. By harnessing the power of AI, natural language assistants transform the car into a true extension of the driver’s digital life, enhancing productivity and connectivity on the go.</p><h1 class="wp-block-heading">Advanced mobility solutions and urban planning</h1><p>AI goes even further than the car and its driver; at a macro scale, its data and feedback can improve roads, cities, and even the environment itself. As urbanisation continues to accelerate and cities confront growing challenges related to congestion, pollution, and limited infrastructure, AI emerges as a key enabler of advanced mobility solutions and urban planning strategies.</p><h2 class="wp-block-heading">Multimodal AI Assistant and Cross-App Integration</h2><p>The integration of AI-powered multimodal assistants marks a significant advancement in mobility solutions. These assistants are designed to seamlessly facilitate transitions between different modes of transport, offering users a harmonious and intuitive experience. Capable of processing various inputs such as voice commands, images, and video feeds, these assistants serve as versatile interfaces, connecting users with their vehicles and surrounding environments.</p><figure class="wp-block-image"><div class="lazyload" data-noscript="">&lt;noscript&gt;&lt;img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh7-us.googleusercontent.com/7k7zvVCtPyx4hehTqJXb7dLWBwmHJq3-Ztqg67PW16K3j8oKG8bP2VahHl_5R7qtzK7QNpRF8u2GUN_BSlAsTycLXjYlUdCbZOmYVozshf9i1qJ7EDOGR1b5MUpdvcgE-IwufxKnWsKaJ9huPLdVOGA" width="720" /&gt;&lt;/noscript&gt;</div></figure><p>By analysing vast amounts of data, including traffic patterns, congestion hotspots, and user preferences, these assistants not only assist drivers but also contribute to the collective improvement of transportation systems. For instance, their recommendations for nearby points of interest (POIs) like attractions and services aren’t just about enhancing individual journeys. They are also about facilitating better traffic distribution, reducing congestion, and ultimately creating a more harmonious and enjoyable travel experience for everyone on the road.</p><h2 class="wp-block-heading">Urban transport optimisation</h2><p>In densely populated urban areas, efficient transport systems are essential for maintaining mobility and reducing environmental impact. AI plays a central role in optimising urban transport planning and infrastructure, using data analytics and predictive modelling to improve efficiency and sustainability. </p><figure class="wp-block-image"><div class="lazyload" data-noscript="">&lt;noscript&gt;&lt;img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh7-us.googleusercontent.com/AzkUuBaO_Otcob30g7676wQfzkzkJyPvxbbxmymY-JjrGBTTESv3mNv5fbaawVW2_ZLS1zEky0yClFgBQcy0VIxMvcZGWKY2Al9ZmD7-jP3jmPBhKhtoYJATboD88Vqg-Eh7p2oPjT8euxgtUWyE8n4" width="720" /&gt;&lt;/noscript&gt;</div></figure><p>By analysing massive datasets, including traffic patterns, public transit schedules, and environmental conditions, AI algorithms identify opportunities for optimisation, such as route adjustments, traffic signal synchronisation, and modal shift incentives. Additionally, AI facilitates dynamic pricing and demand-responsive services, ensuring that transport networks remain responsive to changing needs and preferences. Through urban transport optimisation, AI enables cities to alleviate congestion, reduce emissions, and enhance overall mobility, creating more pleasant and sustainable urban environments.</p><h2 class="wp-block-heading">Travel booking and mobility services</h2><p>AI-driven travel booking, ride-hailing platforms and Mobility as a Service (MaaS) solutions offer <a href="https://ubuntu.com/blog/what-changing-vehicle-ownership-habits-and-mobility-trends-mean-for-the-future-of-the-automotive-industry">individually curated and integrated transportation options</a>, adjusting to individual preferences and needs. With the help of AI algorithms, these platforms analyse user data, historical travel patterns, and real-time availability to offer customised travel itineraries, including public transit, ride-sharing, and micromobility options. These plans extend beyond mode selection to include nuanced considerations such as off-peak travel calculations, surge pricing predictions, and custom suggestions for optimal travel experiences. For instance, AI could recommend travel options based on a user’s preference for a car with ample luggage space, in-car entertainment features, or the most direct route with the fewest stops.</p><p>Additionally, AI optimises travel routes and schedules, taking into account factors such as traffic conditions, weather forecasts, and user preferences, to ensure efficient and stress-free journeys.</p><p>By streamlining travel booking and offering tailored mobility solutions, AI enhances the overall urban mobility experience, making it easier and more convenient to navigate cities and reach destinations.</p><h1 class="wp-block-heading">Simulation and testing for autonomous driving</h1><p>The pursuit of autonomous driving (AD) stands at the forefront of automotive technology, promising safer, more efficient, and more convenient transportation solutions. Central to this endeavour is the use of AI to assist in <a href="https://ubuntu.com/blog/accelerate-automotive-3d-models-with-vgpu">rigorous simulation and testing processes</a>, ensuring the reliability and safety of autonomous vehicles.</p><h2 class="wp-block-heading">Complex AD simulation scenarios</h2><p>The development and validation of Advanced Driver Assistance Systems (ADAS) and autonomous driving technologies require extensive testing under diverse and complex scenarios.</p><p>AI-driven simulation platforms play a crucial role in this process, generating realistic and dynamic environments that mimic real-world driving conditions. These simulations encompass a <a href="https://ubuntu.com/blog/how-desktop-and-gpu-virtualisation-power-up-automotive-innovation">wide range of scenarios</a>, including varying weather conditions, road layouts, traffic patterns, and unforeseen events, allowing developers to evaluate the performance of autonomous systems in virtually any situation. </p><figure class="wp-block-image"><div class="lazyload" data-noscript="">&lt;noscript&gt;&lt;img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh7-us.googleusercontent.com/DgXvm7Qri6uu_gatw4Tpq7IPE2aWYFji5JUPqBpBeh7zifD1GQXV86SRTE9A1tyKb_ATcVfU15Wrkg_1IL6fOURGJcpaBJYSU6TfojWoiJm1lwgS4rMsIunxfE16RjT5JyUrgEDaPaVO34PNTSBC9sY" width="720" /&gt;&lt;/noscript&gt;</div></figure><p>By relying on AI algorithms, these simulations continuously evolve and adapt, incorporating new data and insights to enhance their realism and effectiveness. As a result, developers can iteratively refine and optimise autonomous driving algorithms, accelerating the journey towards safe and reliable autonomous vehicles.</p><h2 class="wp-block-heading">AI and AD Integration</h2><p>At the core of AD systems lies the integration of AI algorithms, enabling vehicles to perceive, interpret, and respond to their surroundings in real-time. AI processes data from various sensors– including cameras, LiDAR (Light Detection and Ranging), and radar– to identify objects, detect obstacles, and predict their movements. </p><p>Through advanced machine learning processes, AI algorithms continuously learn and improve, enhancing the accuracy and reliability of autonomous driving capabilities. Additionally, AI facilitates decision-making in complex and dynamic environments, enabling vehicles to navigate safely and efficiently in any driving conditions, no matter how stormy or congested they are. </p><p>By integrating AI into autonomous driving systems, automotive manufacturers are creating even safer self-driving cars that can share the road with the rest of us.</p><h1 class="wp-block-heading">AI for impactful and smarter automotive innovations</h1><p>In conclusion, the integration of AI into the automotive industry has ushered in a new era of innovation, transforming every facet of the driving experience. From revolutionising vehicle design and maintenance to optimising supply chains and enhancing urban mobility, AI is driving (pun intended) unprecedented advancements that promise safer, more efficient, and more sustainable transportation solutions.</p><p>The applications of AI discussed in this blog illustrate the breadth and depth of its impact on the automotive sector. AI-driven design and manufacturing processes are pushing the boundaries of creativity and efficiency, while predictive maintenance systems are ensuring the reliability and longevity of vehicles on the road. In-car experience personalisation and natural language assistants are redefining how drivers interact with their vehicles, while advanced mobility solutions and urban planning strategies are reshaping the way we navigate and interact with cities. Furthermore, AI’s role in optimising supply chains and facilitating autonomous driving technologies underscores its potential to revolutionise the entire automotive ecosystem. By harnessing the power of AI, automotive companies can unlock new opportunities for efficiency, sustainability, and innovation, driving us towards a future where mobility is smarter, safer, and more accessible for all.</p><p>As we look ahead, it is clear that AI will continue to play a leading role in shaping the future of transportation.</p><ul><li><a href="https://ubuntu.com/engage/embrace-the-v2x-era"><em>Download our whitepaper on V2X and connected vehicles</em></a></li><li><a href="https://ubuntu.com/automotive"><em>Check out our webpage</em></a></li><li><a href="https://ubuntu.com/automotive#get-in-touch"><em>Contact Us</em></a></li><li><a href="https://ubuntu.com/blog/tag/automotive"><em>More automotive software updates and news</em></a></li><li><em>Watch a joint webinar with Elektrobit: Unlocking software-defined vehicles: a deep dive into automotive software</em></li></ul><figure class="wp-block-image"><div class="lazyload" data-noscript="">&lt;noscript&gt;&lt;img alt="" src="https://res.cloudinary.com/canonical/image/fetch/f_auto,q_auto,fl_sanitize,c_fill,w_720/https://lh7-us.googleusercontent.com/T6tm9mbdbJA_vyZ2BG_tYSrLJg5N-4mnhqtlCa0mLJKlwkPMfk4zXwOpIn3KNz1vL7Pu6Pge721TTiLYr070p6hMCIsyLMtObZVtJtDX-ab1wcMJPD13K3-7wdJm6huaWOzhDiXoOmRkIGGoXKUTfcQ" width="720" /&gt;&lt;/noscript&gt;</div></figure></description> <pubDate>Tue, 30 Apr 2024 08:00:00 +0000</pubDate></item><item> <title>The Fridge: Ubuntu Weekly Newsletter Issue 837</title> <guid isPermaLink="false">https://fridge.ubuntu.com/?p=10164</guid> <link>https://fridge.ubuntu.com/2024/04/29/ubuntu-weekly-newsletter-issue-837/</link> <description><p><img src="https://fridge.ubuntu.com/wp-content/uploads/2020/02/c9d7/header.png" /></p><p>Welcome to the Ubuntu Weekly Newsletter, <strong>Issue 837 for the week of April 21 – 27, 2024</strong>. The full version of this issue is available <a href="https://discourse.ubuntu.com/t/ubuntu-weekly-newsletter-issue-837/44392">here</a>.</p><p>In this issue we cover:</p><ul><li>Ubuntu 24.04 LTS (Noble Numbat) released</li><li>Ubuntu Stats</li><li>Hot in Support</li><li>Party like a Noble Numbat</li><li>UbuCon North America 2024 Call for Papers</li><li>LoCo Events</li><li>NVIDIA GPUDirect over Infiniband Migration Paths</li><li>Let’s talk open design</li><li>Subiquity 24.04.1 has been released to the stable channel</li><li>May – October 2024 planning cycle – your opinions count</li><li>Ubuntu Cloud News</li><li>Canonical News</li><li>In the Press</li><li>In the Blogosphere</li><li>Other Articles of Interest</li><li>Featured Audio and Video</li><li>Meeting Reports</li><li>Upcoming Meetings and Events</li><li>Updates and Security for Ubuntu 20.04, 22.04, 23.10, and 24.04</li><li>And much more!</li></ul><p><strong>The Ubuntu Weekly Newsletter is brought to you by:</strong></p><ul><li>Krytarik Raido</li><li>Bashing-om</li><li>Chris Guiver</li><li>Wild Man</li><li>And many others</li></ul><p>If you have a story idea for the Weekly Newsletter, join the <a href="https://lists.ubuntu.com/mailman/listinfo/Ubuntu-news-team">Ubuntu News Team mailing list</a> and submit it. Ideas can also be added to the <a href="https://wiki.ubuntu.com/UbuntuWeeklyNewsletter/Ideas">wiki</a>!</p><p><img class="alignleft" src="https://fridge.ubuntu.com/wp-content/uploads/2015/05/ab28/CCL.png" style="margin: 0 10px 0 0;" /> <a href="https://fridge.ubuntu.com/2024/04/29/ubuntu-weekly-newsletter-issue-837/"></a>.</p></description> <pubDate>Mon, 29 Apr 2024 22:47:30 +0000</pubDate></item><item> <title>St&eacute;phane Graber: Incus and Ubuntu 24.04 LTS</title> <guid isPermaLink="false">https://stgraber.org/?p=1571</guid> <link>https://stgraber.org/2024/04/29/incus-and-ubuntu-24-04-lts/</link> <description><p><a href="https://canonical.com/blog/canonical-releases-ubuntu-24-04-noble-numbat">Ubuntu 24.04 LTS</a> was released just a few days ago and many Ubuntu users will now slowly plan their upgrades, whether it’s going to be over the next few days, weeks, months or years.</p> <figure class="wp-block-image size-full"><a href="https://stgraber.org/wp-content/uploads/2024/04/image-1.png"><img alt="" class="wp-image-1572" height="462" src="https://stgraber.org/wp-content/uploads/2024/04/image-1.png" width="694" /></a></figure> <p>When it comes to running <a href="https://linuxcontainers.org/incus">Incus</a> on Ubuntu 24.04 LTS, there are a few options detailed below.</p> <details class="wp-block-details is-layout-flow wp-block-details-is-layout-flow">About Incus<p>Incus is a container and virtual machine manager which aims at providing a cloud-like experience but fully self-hosted and capable of running on just about anything, from a single board computer, to a laptop to a cluster of high end servers.</p> <p>Incus was created following Canonical’s decision to make LXD a fully in-house project and it is actively maintained by the same team that once created LXD, almost 10 years ago. It’s part of the <a href="https://linuxcontainers.org">Linux Containers</a> project and so benefits of all the infrastructure and experience in maintaining stable software over decades.</p></details> <h1 class="wp-block-heading">Native Incus packages</h1> <p><a href="https://discuss.linuxcontainers.org/c/news/13">Incus 6.0 LTS</a> is included directly in the Ubuntu Archive, making it very easy to install:</p> <ul><li>Simple container experience: <code>apt install incus</code></li> <li>Container and virtual-machines: <code>apt install incus qemu-system-x86-64</code></li> <li>To migrate from LXD: <code>apt install incus-tools</code></li></ul> <figure class="wp-block-image size-full"><a href="https://stgraber.org/wp-content/uploads/2024/04/image-2.png"><img alt="" class="wp-image-1573" height="462" src="https://stgraber.org/wp-content/uploads/2024/04/image-2.png" width="738" /></a></figure> <p>Installing Incus that way is convenient as it doesn’t use external repositories nor does it rely on alternative packaging methods like snaps. That’s also the same set of Incus packages that will be shipped with Debian 13 (Trixie).</p> <p>On the support front, this is using Incus 6.0 LTS and so uses a version of Incus that will be supported upstream for the next 5 years. The package itself is in the <a href="https://help.ubuntu.com/community/Repositories/Ubuntu">universe repository</a> and so doesn’t come with security updates provided by Canonical as part of stock Ubuntu.</p> <p>However Canonical now provides additional security updates to <a href="https://ubuntu.com/pricing/pro">Ubuntu Pro</a> users which includes both security updates and support for all 23000 packages in universe.</p> <h1 class="wp-block-heading">Third party Incus packages</h1> <p>An alternative is to use the <a href="https://github.com/zabbly/incus">packages that I produce myself</a>.</p> <p>Those packages are quite different from the ones shipped directly in Ubuntu or Debian as they also directly include the most critical dependencies so that the whole solution can be tested and validated as a single unit.</p> <figure class="wp-block-image size-full"><a href="https://stgraber.org/wp-content/uploads/2024/04/image-3.png"><img alt="" class="wp-image-1574" height="462" src="https://stgraber.org/wp-content/uploads/2024/04/image-3.png" width="738" /></a></figure> <p>That makes it much easier for me to provide timely fixes as well as <a href="https://zabbly.com/incus/">commercial support</a> for users of those packages. It also allows for decoupling the Incus installation/version from the OS version, making major system updates easier.</p> <p>Packages are available for Ubuntu 20.04, 22.04 and now 24.04 LTS as well as Debian 11 and Debian 12.</p> <h1 class="wp-block-heading">Moving from LXD</h1> <p>Ubuntu 24.04 LTS ships with LXD 5.21, migrating from LXD 5.21 to Incus 6.0 LTS can be done very easily by running the “lxd-to-incus” command.</p> <figure class="wp-block-image"><a href="https://asciinema.org/a/650718" rel="noopener" target="_blank"><img alt="" src="https://asciinema.org/a/650718.svg" /></a></figure> <p>It supports very quickly and reliably migrating data from LXD installations as old as LXD 4.0.0 all the way to and including LXD 5.21.</p> <h1 class="wp-block-heading">Running Ubuntu 24.04 LTS on top of Incus</h1> <p>If you’re just looking at using Ubuntu 24.04 LTS but don’t want to upgrade your whole system yet, or you’re running another Linux distribution and just want to experiment with Ubuntu 24.04 LTS, you can easily do that through Incus.</p> <p>Incus has the following images ready for use:</p> <h2 class="wp-block-heading">Ubuntu 24.04 LTS base image</h2> <p>Our default Ubuntu 24.04 LTS image. It’s pretty lightweight while still containing most expected tools for day to day operation.</p> <figure class="wp-block-image size-full"><a href="https://stgraber.org/wp-content/uploads/2024/04/image-4.png"><img alt="" class="wp-image-1575" height="462" src="https://stgraber.org/wp-content/uploads/2024/04/image-4.png" width="738" /></a></figure> <p>It’s available for both containers (125MiB compressed) and virtual-machines (270MiB compressed).</p> <h2 class="wp-block-heading">Ubuntu 24.04 LTS cloud image</h2> <p>Our <a href="https://cloud-init.io/">cloud-init</a> enabled Ubuntu 24.04 LTS image, it’s basically the same as the default image but with cloud-init enabled for automated provisioning.</p> <figure class="wp-block-image size-full"><a href="https://stgraber.org/wp-content/uploads/2024/04/image-5.png"><img alt="" class="wp-image-1576" height="462" src="https://stgraber.org/wp-content/uploads/2024/04/image-5.png" width="738" /></a></figure> <p>It’s available for both containers (150MiB compressed) and virtual-machines (305MiB compressed).</p> <h2 class="wp-block-heading">Ubuntu 24.04 LTS desktop image</h2> <p>Our desktop (Gnome) Ubuntu 24.04 LTS image, it boots directly into a pre-created user account and makes it extremely easy to try the latest Ubuntu Desktop experience.</p> <figure class="wp-block-video"><video controls="controls" src="https://stgraber.org/wp-content/uploads/2024/04/Screencast-from-2024-04-29-12-00-41.webm"></video></figure> <p>This image is only available as a virtual-machine (1.1GiB compressed).</p> <h1 class="wp-block-heading">Conclusion</h1> <p>Hopefully this provided a pretty good overview of how to get Incus up and running on Ubuntu 24.04 LTS, either by moving from an existing LXD installation over to Incus or installing it fresh.</p> <figure class="wp-block-image size-large"><a href="https://stgraber.org/wp-content/uploads/2024/04/image-6.png"><img alt="" class="wp-image-1578" height="445" src="https://stgraber.org/wp-content/uploads/2024/04/image-6-1024x445.png" width="1024" /></a></figure> <p>If you’d just like to learn more about Incus without having to install it locally, our <a href="https://linuxcontainers.org/incus/try-it/">online demo service</a> is as great for that as ever!</p> <p>And if you’re not using Ubuntu on your system, don’t worry, Incus can <a href="https://linuxcontainers.org/incus/docs/main/installing/">run on just about anything else too</a>!</p></description> <pubDate>Mon, 29 Apr 2024 16:14:37 +0000</pubDate> <enclosure url="https://stgraber.org/wp-content/uploads/2024/04/Screencast-from-2024-04-29-12-00-41.webm" length="0" type="video/webm"/></item><item> <title>Alan Pope: The Joy of Code</title> <guid isPermaLink="true">https://popey.com/blog/2024/04/the-joy-of-code/</guid> <link>https://popey.com/blog/2024/04/the-joy-of-code/</link> <description><p>A few weeks ago, in <a href="https://linuxmatters.sh/25/">episode 25</a> of <a href="https://linuxmatters.sh/">Linux Matters Podcast</a> I brought up the subject of ‘Coding Joy’. This blog post is an expanded follow-up to that segment. Go and listen to that episode - or not - it’s all covered here.</p><p><a href="https://linuxmatters.sh/25/"><img alt="The Joy of Linux Torture" src="https://popey.com/blog/blog/images/2024-02-20/linuxmatters-banner-3000x750_30.png" /></a></p><h2 id="not-a-developer">Not a Developer</h2><p>I’ve said this many times - I’ve never considered myself a ‘Developer’. It’s not so much <em>imposter syndrome</em>, but plain facts. I didn’t attend university to study software engineering, and have never held a job with ‘Engineer’ or Developer’ in the title.</p><p>(I do have Engineering Manager and Developer Advocate roles in my past, but in <em>popey’s weird set of rules</em>, those don’t count.)</p><p>I <em>have</em> written code over the years. Starting with BASIC on the Sinclair ZX81 and Sinclair Spectrum, I wrote stuff for fun and no financial gain. I also coded in Z80 &amp; 6502 assembler, taught myself Pascal on my Epson 8086 PC in 1990, then <a href="https://en.wikipedia.org/wiki/QuickBASIC">QuickBasic</a> and years later, <a href="https://en.wikipedia.org/wiki/Blitz_BASIC">BlitzBasic</a>, Lua (via <a href="https://love2d.org/">LÖVE</a>) and more.</p><p>In the workplace, I wrote some alarmingly complex utilities in Windows batch scripts and later Bash shell scripts on Linux. In a past career, I would write ABAP in SAP - which turned into an internal product mildly amusingly called “<em>Alan’s Tool</em>”.</p><p>These were pretty much all coding for fun, though. Nobody specced up a project and assigned me as a developer on it. I just picked up the tools and started making something, whether that was a sprite routine in Z80 assembler, an educational CPU simulator in Pascal, or a spreadsheet uploader for SAP BiW.</p><p>In 2003, three years before Twitter launched in 2006, I made a service called ‘Clunky.net’. It was a bunch of PHP and Perl smashed together and published online with little regard for longevity or security. Users could sign up and send ’tweet’ style messages from their phone via SMS, which would be presented in a reverse-chronological timeline. It didn’t last, but I had fun making it while it did.</p><p>They were all fun side-quests.</p><p>None of this makes me a developer.</p><h2 id="volatile-memories">Volatile Memories</h2><p>It’s rapidly approaching fifty years since I first wrote any code on my <a href="https://popey.com/blog/blog/2021/03/fourty-years-on/">first computer</a>. Back then, you’d typically write code and then either save it on tape (if you were patient) or disk (if you were loaded). Maybe you’d write it down - either before or after you typed it in - or perhaps you’d turn the computer off and lose it all.</p><p>When I studied for a BTEC National Diploma in Computer Studies at college, one of our classes was on the IBM PC with two floppy disc drives. The lecturer kept hold of all the floppies because we couldn’t be trusted not to lose, damage or forget them. Sometimes the lecturer was held up at the start of class, so we’d be sat twiddling our thumbs for a bit.</p><p>In those days, when you booted the PC with no floppy inserted, it would go directly into <a href="https://en.wikipedia.org/wiki/IBM_BASIC#IBM_Advanced_BASIC">BASICA</a>, like the 8-bit microcomputers before it. I would frequently start writing something, anything, to pass the time.</p><p>With no floppy disks on hand, the code - beautiful as it was - would be lost. The lecturer often reset the room when they entered, hitting a big red ‘Stop’ button, which instantly powered down all the computers, losing whatever ‘work’ you’d done.</p><p>I was probably a little irritated at the moment, just as I would when the <a href="https://en.wikipedia.org/wiki/RAM_pack">RAM pack</a> wobbled on my ZX81, losing everything. You move on, though, and make something else, or get on with your college work, and soon forget about it.</p><p>Or you bitterly remember it and write a blog post four decades later. Each to their own.</p><h2 id="sharing-is-caring">Sharing is Caring</h2><p><em>This part was the main focus of the conversation when we talked about this on the <a href="https://linuxmatters.sh/25/">show</a>.</em></p><p>In the modern age, over the last ten to fifteen years or so, I’ve not done so much of the kind of coding I wrote about above. I certainly have done <em>some</em> stuff for work, mostly around packaging other people’s software as snaps or writing noddy little shell scripts. But I lost a lot of the ‘joy’ of coding recently.</p><p>Why?</p><p>I think a big part is the expectation that I’d make the code available to others. The public scrutiny others give your code may have been a factor. The pressure I felt that I should put my code out and continue to maintain it rather than throw it over the wall wouldn’t have helped.</p><p>I think I was so obsessed with doing the ‘right’ thing that coding ‘correctly’ or following standards and making it all maintainable became a cognitive roadblock.</p><p>I would start writing something and then begin wondering, ‘How would someone package this up?’ and ‘Am I using modern coding standards, toolkits, and frameworks?’ This held me back from the joy of coding in the first place. I was obsessing too much over other people’s opinions of my code and whether someone else could build and run it.</p><p>I never <em>used</em> to care about this stuff for personal projects, and it was a lot more joyful an experience - for me.</p><p>I used to have an idea, pick up a text editor and start coding. I missed that.</p><h2 id="realisation">Realisation</h2><p>In January this year, <a href="https://shkspr.mobi/">Terence Eden</a> <a href="https://shkspr.mobi/blog/2024/01/rebuilding-foursquare-for-activitypub-using-openstreetmap/">wrote</a> about his escapades making a FourSquare-like service using ActivityPub and OpenStreetMap. When he first mentioned this on Mastodon, I grabbed a copy of the code he shared and had a brief look at it.</p><p>The code was surprisingly simple, scrappy, kinda working, and written in PHP. I was immediately thrown back twenty years to my terrible ‘Clunky’ code and how much fun it was to throw together.</p><p>In February, I bumped into Terence at <a href="https://stateofopencon.com/">State of Open Con</a> in London and took the opportunity to quiz him about his creation. We discussed his choice of technology (PHP), and the simple ’thrown together in a day’ nature of the project.</p><p>At that point, I had a bit of a light-bulb moment, realising that I could get back to joyful coding. I don’t have to share everything; not every project needs to be an Open-Source Opus.</p><p>I <em>can</em> open a text editor, type some code, and enjoy it, and that’s <em>enough</em>.</p><h2 id="joy-rediscovered">Joy Rediscovered</h2><p>I had an idea for a web application and wanted to prototype something without too much technological research or overhead. So I created a folder on my home server, ran <code>php -S 0.0.0.0:9000</code> in a terminal there, made a skeleton <code>index.php</code> and pointed a browser at the address. Boom! Application created!</p><p>I created some horribly insecure and probably unmaintainable PHP that will almost certainly never see the light of day.</p><p>I had fun doing it though. Which is really the whole point.</p><p>More side-quests, fewer grand plans.</p></description> <pubDate>Sat, 27 Apr 2024 08:00:00 +0000</pubDate></item><item> <title>Salih Emin: Ucaresystem 24.04.0 released</title> <guid isPermaLink="false">http://utappiablog.wordpress.com/?p=49657</guid> <link>https://utappiablog.wordpress.com/2024/04/26/ucaresystem-24-04-0-released/</link> <description>The latest release of uCareSystem, version 24.04.0, introduces enhanced maintenance and cleanup capabilities for Ubuntu and its derivatives. It’s definitely worth exploring the new features As uCareSystem joyfully celebrates its 15th anniversary, its latest release unveils a host of new features that I have incorporated to address the evolving needs since the previous version, 4.4.0 […]</description> <pubDate>Fri, 26 Apr 2024 11:01:56 +0000</pubDate></item><item> <title>Alan Pope: Do you know Simone?</title> <guid isPermaLink="true">https://popey.com/blog/2024/04/do-you-know-simone/</guid> <link>https://popey.com/blog/2024/04/do-you-know-simone/</link> <description><p>Over coffee this morning, I stumbled upon <a href="https://github.com/rajtilakjee/simone">simone</a>, a fledgling Open-Source tool for repurposing YouTube videos as blog posts. The Python tool creates a text summary of the video and extracts some contextual frames to illustrate the text.</p><p>A neat idea! In my experience, software engineers are often tasked with making demonstration videos, but other engineers commonly prefer consuming the written word over watching a video. I took simone for a spin, to see how well it works. Scroll down and tell me what you think!</p><p>I was sat in front of my work laptop, which is a mac, so roughly speaking, this is what I did:</p><ul><li>Install host pre-requisites</li></ul><div class="highlight"><pre tabindex="0"><code class="language-bash" data-lang="bash"><span style="display: flex;"><span>$ brew install ffmpeg tesseract virtualenv</span></span></code></pre></div><ul><li>Get <a href="https://github.com/rajtilakjee/simone">simone</a></li></ul><div class="highlight"><pre tabindex="0"><code class="language-bash" data-lang="bash"><span style="display: flex;"><span>git clone https://github.com/rajtilakjee/simone</span></span></code></pre></div><ul><li>Get a free API key from <a href="https://openrouter.ai/">OpenRouter</a></li><li>Put the API key in <code>.env</code></li></ul><div class="highlight"><pre tabindex="0"><code class="language-text" data-lang="text"><span style="display: flex;"><span>GEMMA_API_KEY=sk-or-v1-0000000000000000000000000000000000000000000000000000000000000000</span></span></code></pre></div><ul><li>Install python requisites</li></ul><div class="highlight"><pre tabindex="0"><code class="language-bash" data-lang="bash"><span style="display: flex;"><span>$ cd simone</span></span><span style="display: flex;"><span>$ virtualenv .venv</span></span><span style="display: flex;"><span>$ source .venv/bin/activate</span></span><span style="display: flex;"><span><span style="color: #f92672;">(</span>.venv<span style="color: #f92672;">)</span> $ pip install -r requirements.txt</span></span></code></pre></div><ul><li>Run it!</li></ul><div class="highlight"><pre tabindex="0"><code class="language-bash" data-lang="bash"><span style="display: flex;"><span><span style="color: #f92672;">(</span>.venv<span style="color: #f92672;">)</span> $ python src/main.py</span></span><span style="display: flex;"><span>Enter YouTube URL: https://www.youtube.com/watch?v<span style="color: #f92672;">=</span>VDIAHEoECfM</span></span><span style="display: flex;"><span>/Users/alan/Work/rajtilakjee/simone/.venv/lib/python3.12/site-packages/whisper/transcribe.py:115: UserWarning: FP16 is not supported on CPU; using FP32 instead</span></span><span style="display: flex;"><span> warnings.warn<span style="color: #f92672;">(</span><span style="color: #e6db74;">"FP16 is not supported on CPU; using FP32 instead"</span><span style="color: #f92672;">)</span></span></span><span style="display: flex;"><span>Traceback <span style="color: #f92672;">(</span>most recent call last<span style="color: #f92672;">)</span>:</span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/Users/alan/Work/rajtilakjee/simone/.venv/lib/python3.12/site-packages/pytesseract/pytesseract.py"</span>, line 255, in run_tesseract</span></span><span style="display: flex;"><span> proc <span style="color: #f92672;">=</span> subprocess.Popen<span style="color: #f92672;">(</span>cmd_args, **subprocess_args<span style="color: #f92672;">())</span></span></span><span style="display: flex;"><span> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^</span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/opt/homebrew/Cellar/python@3.12/3.12.3/Frameworks/Python.framework/Versions/3.12/lib/python3.12/subprocess.py"</span>, line 1026, in __init__</span></span><span style="display: flex;"><span> self._execute_child<span style="color: #f92672;">(</span>args, executable, preexec_fn, close_fds,</span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/opt/homebrew/Cellar/python@3.12/3.12.3/Frameworks/Python.framework/Versions/3.12/lib/python3.12/subprocess.py"</span>, line 1955, in _execute_child</span></span><span style="display: flex;"><span> raise child_exception_type<span style="color: #f92672;">(</span>errno_num, err_msg, err_filename<span style="color: #f92672;">)</span></span></span><span style="display: flex;"><span>FileNotFoundError: <span style="color: #f92672;">[</span>Errno 2<span style="color: #f92672;">]</span> No such file or directory: <span style="color: #e6db74;">'C:/Program Files/Tesseract-OCR/tesseract.exe'</span></span></span><span style="display: flex;"><span></span></span><span style="display: flex;"><span>During handling of the above exception, another exception occurred:</span></span><span style="display: flex;"><span></span></span><span style="display: flex;"><span>Traceback <span style="color: #f92672;">(</span>most recent call last<span style="color: #f92672;">)</span>:</span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/Users/alan/Work/rajtilakjee/simone/src/main.py"</span>, line 47, in &lt;module&gt;</span></span><span style="display: flex;"><span> blogpost<span style="color: #f92672;">(</span>url<span style="color: #f92672;">)</span></span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/Users/alan/Work/rajtilakjee/simone/src/main.py"</span>, line 39, in blogpost</span></span><span style="display: flex;"><span> score <span style="color: #f92672;">=</span> scores.score_frames<span style="color: #f92672;">()</span></span></span><span style="display: flex;"><span> ^^^^^^^^^^^^^^^^^^^^^</span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/Users/alan/Work/rajtilakjee/simone/src/utils/scorer.py"</span>, line 20, in score_frames</span></span><span style="display: flex;"><span> extracted_text <span style="color: #f92672;">=</span> pytesseract.image_to_string<span style="color: #f92672;">(</span></span></span><span style="display: flex;"><span> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^</span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/Users/alan/Work/rajtilakjee/simone/.venv/lib/python3.12/site-packages/pytesseract/pytesseract.py"</span>, line 423, in image_to_string</span></span><span style="display: flex;"><span> <span style="color: #66d9ef;">return</span> <span style="color: #f92672;">{</span></span></span><span style="display: flex;"><span> ^</span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/Users/alan/Work/rajtilakjee/simone/.venv/lib/python3.12/site-packages/pytesseract/pytesseract.py"</span>, line 426, in &lt;lambda&gt;</span></span><span style="display: flex;"><span> Output.STRING: lambda: run_and_get_output<span style="color: #f92672;">(</span>*args<span style="color: #f92672;">)</span>,</span></span><span style="display: flex;"><span> ^^^^^^^^^^^^^^^^^^^^^^^^^</span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/Users/alan/Work/rajtilakjee/simone/.venv/lib/python3.12/site-packages/pytesseract/pytesseract.py"</span>, line 288, in run_and_get_output</span></span><span style="display: flex;"><span> run_tesseract<span style="color: #f92672;">(</span>**kwargs<span style="color: #f92672;">)</span></span></span><span style="display: flex;"><span> File <span style="color: #e6db74;">"/Users/alan/Work/rajtilakjee/simone/.venv/lib/python3.12/site-packages/pytesseract/pytesseract.py"</span>, line 260, in run_tesseract</span></span><span style="display: flex;"><span> raise TesseractNotFoundError<span style="color: #f92672;">()</span></span></span><span style="display: flex;"><span>pytesseract.pytesseract.TesseractNotFoundError: C:/Program Files/Tesseract-OCR/tesseract.exe is not installed or it<span style="color: #960050; background-color: #1e0010;">'</span>s not in your PATH. See README file <span style="color: #66d9ef;">for</span> more information.</span></span></code></pre></div><ul><li><a href="https://www.youtube.com/watch?v=3w-2gUSus34">Oof</a>!</li><li>File a <a href="https://github.com/rajtilakjee/simone/issues/7">bug</a> (like a good Open Source citizen)</li><li>Locally patch the <a href="https://github.com/rajtilakjee/simone/blob/main/src/utils/scorer.py#L15">file</a> and try again</li></ul><div class="highlight"><pre tabindex="0"><code class="language-bash" data-lang="bash"><span style="display: flex;"><span><span style="color: #f92672;">(</span>.venv<span style="color: #f92672;">)</span> python src/main.py</span></span><span style="display: flex;"><span>Enter YouTube URL: https://www.youtube.com/watch?v<span style="color: #f92672;">=</span>VDIAHEoECfM</span></span><span style="display: flex;"><span>/Users/alan/Work/rajtilakjee/simone/.venv/lib/python3.12/site-packages/whisper/transcribe.py:115: UserWarning: FP16 is not supported on CPU; using FP32 instead</span></span><span style="display: flex;"><span> warnings.warn<span style="color: #f92672;">(</span><span style="color: #e6db74;">"FP16 is not supported on CPU; using FP32 instead"</span><span style="color: #f92672;">)</span></span></span></code></pre></div><ul><li>Look for results</li></ul><div class="highlight"><pre tabindex="0"><code class="language-bash" data-lang="bash"><span style="display: flex;"><span><span style="color: #f92672;">(</span>.venv<span style="color: #f92672;">)</span> $ ls -l generated_blogpost.txt *.jpg</span></span><span style="display: flex;"><span>-rw-r--r-- <span style="color: #ae81ff;">1</span> alan staff <span style="color: #ae81ff;">2163</span> <span style="color: #ae81ff;">26</span> Apr 09:26 generated_blogpost.txt</span></span><span style="display: flex;"><span>-rw-r--r--@ <span style="color: #ae81ff;">1</span> alan staff <span style="color: #ae81ff;">132984</span> <span style="color: #ae81ff;">26</span> Apr 09:27 top_frame_4_score_106.jpg</span></span><span style="display: flex;"><span>-rw-r--r-- <span style="color: #ae81ff;">1</span> alan staff <span style="color: #ae81ff;">184705</span> <span style="color: #ae81ff;">26</span> Apr 09:27 top_frame_5_score_105.jpg</span></span><span style="display: flex;"><span>-rw-r--r-- <span style="color: #ae81ff;">1</span> alan staff <span style="color: #ae81ff;">126148</span> <span style="color: #ae81ff;">26</span> Apr 09:27 top_frame_9_score_101.jpg</span></span></code></pre></div><ul><li><a href="https://youtu.be/a1xjcyyuDM0?si=co6zN_17UIb_3HB4&amp;t=60">Drink your weak lemon drink now</a>! (to wash away the foul taste of computer lies in your honest hobby gullet)</li></ul><p>In my test I pointed simone at a short <a href="https://www.youtube.com/watch?v=VDIAHEoECfM">demo video</a> from my employer, <a href="https://anchore.com/">Anchore’s</a> <a href="https://www.youtube.com/@Anchore">YouTube channel</a>. The results are below, with no editing, I even included the typos. The images at the bottom of this post are frames from the video that simone selected.</p><hr /><h2 id="ancors-static-stick-checker-tool-demo-evaluating-and-resolving-security-findings">Ancors Static Stick Checker Tool Demo: Evaluating and Resolving Security Findings</h2><p><strong>Introduction</strong></p><p>Static stick checker tool helps developers identify security vulnerabilities in Docker images by running open-source security checks and generating remediation recommendations. This blog post summarizes a live demo of the tool’s capabilities.</p><p><strong>How it works</strong></p><p>The tool works by:</p><ul><li>Downloading and analyzing the Docker image.</li><li>Detecting the base operating system distribution and selecting the appropriate stick profile.</li><li>Running open-source security checks on the image.</li><li>Generating a report of identified vulnerabilities and remediation actions.</li></ul><p><strong>Demo Walkthrough</strong></p><p>The demo showcases the following steps:</p><ul><li><strong>Image preparation:</strong> Uploading a Docker image to a registry.</li><li><strong>Tool execution:</strong> Running the static stick checker tool against the image.</li><li><strong>Results viewing:</strong> Analyzing the generated stick results and identifying vulnerabilities.</li><li><strong>Remediation:</strong> Implementing suggested remediation actions by modifying the Dockerfile.</li><li><strong>Re-checking:</strong> Running the tool again to verify that the fixes have been effective.</li></ul><p><strong>Key findings</strong></p><ul><li>The static stick checker tool identified vulnerabilities in the Docker image in areas such as:<ul><li>Verifying file hash integrity.</li><li>Configuring cryptography policy.</li><li>Verifying file permissions.</li></ul></li><li>Remediation scripts were provided to address each vulnerability.</li><li>By implementing the recommended changes, the security posture of the Docker image was improved.</li></ul><p><strong>Benefits of using the static stick checker tool</strong></p><ul><li>Identify security vulnerabilities early in the development process.</li><li>Automate the remediation process.</li><li>Shift security checks leftward in the development pipeline.</li><li>Reduce the burden on security teams by addressing vulnerabilities before deployment.</li></ul><p><strong>Conclusion</strong></p><p>The Ancors static stick checker tool provides a valuable tool for developers to improve the security of their Docker images. By proactively addressing vulnerabilities during the development process, organizations can ensure their applications are secure and reduce the risk of security incidents</p><hr /><p>Here’s the images it pulled out:</p><p><a href="https://popey.com/blog/blog/images/2024-04-26/top_frame_4_score_106.jpg"><img alt="First image taken from the video" src="https://popey.com/blog/blog/images/2024-04-26/top_frame_4_score_106.jpg" /></a></p><p><a href="https://popey.com/blog/blog/images/2024-04-26/top_frame_5_score_105.jpg"><img alt="Second image taken from the video" src="https://popey.com/blog/blog/images/2024-04-26/top_frame_5_score_105.jpg" /></a></p><p><a href="https://popey.com/blog/blog/images/2024-04-26/top_frame_9_score_101.jpg"><img alt="Third image taken from the video" src="https://popey.com/blog/blog/images/2024-04-26/top_frame_9_score_101.jpg" /></a></p><p>Not bad! It could be better - getting the company name wrong, for one!</p><p>I can imagine using this to create a YouTube description, or use it as a skeleton from which a blog post could be created. I certainly wouldn’t just pipe the output of this into blog posts! But so many videos need better descriptions, and this could help!</p></description> <pubDate>Fri, 26 Apr 2024 09:00:00 +0000</pubDate></item><item> <title>The Fridge: Ubuntu 24.04 LTS (Noble Numbat) released.</title> <guid isPermaLink="false">https://fridge.ubuntu.com/?p=10156</guid> <link>https://fridge.ubuntu.com/2024/04/25/ubuntu-24-04-lts-noble-numbat-released/</link> <description><p>Ubuntu 24.04 LTS, codenamed “Noble Numbat”, is here. This release continues Ubuntu’s proud tradition of integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution. The team has been hard at work through this cycle, together with the community and our partners, to introduce new features and fix bugs.</p><p>Our 10th Long Term Supported release sets a new standard in performance engineering, enterprise security and developer experience.</p><p>Ubuntu Desktop brings the Subiquity installer to an LTS for the first time. In addition to a refreshed user experience and a minimal install by default, the installer now includes experimental support for ZFS and TPM-based full disk encryption and the ability to import auto-install configurations. Post install, users will be greeted with the latest GNOME 46 alongside a new App Center and firmware-updater. Netplan is now the default for networking configuration and supports bidirectionality with NetworkManager.</p><p>Ubuntu now enables frame pointers by default on 64-bit architectures to enable CPU and off-CPU profiling for workload optimisation, alongside a suite of critical performance tools pre-installed. The Linux 6.8 kernel now enables low-latency features by default. For IoT vendors leveraging 32-bit arm hardware, our armhf build has been updated to resolve the upcoming 2038 issue by implementing 64-bit time_t in all necessary packages.</p><p>As always, Ubuntu ships with the latest toolchain versions. .NET 8 is now fully supported on Ubuntu 24.04 LTS (and Ubuntu 22.04 LTS) for the full lifecycle of the release and OpenJDK 21 and 17 are both TCK certified to adhere to Java interoperability standards. Ubuntu 24.04 LTS ships Rust 1.75 and a simpler Rust toolchain snap framework to enable future rust versions to be delivered to developers on this release in years to come.</p><p>The newest Edubuntu, Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu Cinnamon, Ubuntu Kylin, Ubuntu MATE, Ubuntu Studio, Ubuntu Unity, and Xubuntu are also being released today. More details can be found for these at their individual release notes under the Official Flavours section:</p><p><a href="https://discourse.ubuntu.com/t/noble-numbat-release-notes/">https://discourse.ubuntu.com/t/noble-numbat-release-notes/</a></p><p>Maintenance updates will be provided for 5 years for Ubuntu Desktop, Ubuntu Server, Ubuntu Cloud and Ubuntu Core. All the remaining flavours will be supported for 3 years. Additional security support is available with ESM (Extended Security Maintenance).</p><h3>To get Ubuntu 24.04 LTS</h3><p>In order to download Ubuntu 24.04 LTS, visit:</p><p><a href="https://ubuntu.com/download">https://ubuntu.com/download</a></p><p>Users of Ubuntu 23.10 will soon be offered an automatic upgrade to 24.04. Users of 22.04 LTS will be offered the automatic upgrade when 24.04.1 LTS is released, which is scheduled for the 15th of August. For further information about upgrading, see:</p><p><a href="https://ubuntu.com/download/desktop/upgrade">https://ubuntu.com/download/desktop/upgrade</a></p><p>As always, upgrades to the latest version of Ubuntu are entirely free of charge.</p><p>We recommend that all users read the release notes, which document caveats and workarounds for known issues, and provide more in-depth information on the release itself. They are available at:</p><p><a href="https://discourse.ubuntu.com/t/noble-numbat-release-notes/">https://discourse.ubuntu.com/t/noble-numbat-release-notes/</a></p><p>Find out what’s new in this release with a graphical overview:</p><p><a href="https://ubuntu.com/desktop">https://ubuntu.com/desktop</a><br /><a href="https://ubuntu.com/desktop/features">https://ubuntu.com/desktop/features</a></p><p>If you have a question, or if you think you may have found a bug but aren’t sure, you can try asking in any of the following places:</p><p>#ubuntu on irc.libera.chat<br /><a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-users">https://lists.ubuntu.com/mailman/listinfo/ubuntu-users</a><br /><a href="https://ubuntuforums.org">https://ubuntuforums.org</a><br /><a href="https://askubuntu.com">https://askubuntu.com</a><br /><a href="https://discourse.ubuntu.com">https://discourse.ubuntu.com</a></p><h3>Help Shape Ubuntu</h3><p>If you would like to help shape Ubuntu, take a look at the list of ways<br />you can participate at:</p><p><a href="https://discourse.ubuntu.com/contribute">https://discourse.ubuntu.com/contribute</a></p><h3>About Ubuntu</h3><p>Ubuntu is a full-featured Linux distribution for desktops, laptops, IoT, cloud, and servers, with a fast and easy installation and regular releases. A tightly-integrated selection of excellent applications is included, and an incredible variety of add-on software is just a few clicks away.</p><p>Professional services including support are available from Canonical and hundreds of other companies around the world. For more information about support, visit:</p><p><a href="https://ubuntu.com/support">https://ubuntu.com/support</a></p><h3>More Information</h3><p>You can learn more about Ubuntu and about this release on our website listed below:</p><p><a href="https://ubuntu.com">https://ubuntu.com</a></p><p>To sign up for future Ubuntu announcements, please subscribe to Ubuntu’s very low volume announcement list at:</p><p><a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce">https://lists.ubuntu.com/mailman/listinfo/ubuntu-announce</a></p><p><em>Originally posted to the <a href="https://lists.ubuntu.com/archives/ubuntu-announce/2024-April/000301.html">ubuntu-announce mailing list</a> on Thu Apr 25 15:20:52 UTC 2024 by Utkarsh Gupta on behalf of the Ubuntu Release Team</em></p></description> <pubDate>Thu, 25 Apr 2024 23:47:06 +0000</pubDate></item><item> <title>Kubuntu General News: Kubuntu 24.04 LTS Noble Numbat Released</title> <guid isPermaLink="false">https://kubuntu.org/?p=5188</guid> <link>https://kubuntu.org/news/kubuntu-24-04-lts-noble-numbat-released/</link> <description><p>The Kubuntu Team is happy to announce that Kubuntu 24.04 has been released, featuring the ‘beautiful’ <a href="https://kde.org/announcements/plasma/5/5.27.0/">KDE Plasma 5.27</a> simple by default, powerful when needed.</p> <p id="block-7a60819d-73c4-4669-ad66-0d72354bb4eb">Codenamed “Noble Numbat”, Kubuntu 24.04 continues our tradition of giving you Friendly Computing by integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution.</p> <p id="block-fcdac755-cc4d-48d7-b423-e5093ab4df49">Under the hood, there have been updates to many core packages, including a new 6.8-based kernel, <a data-type="URL" href="https://kde.org/announcements/frameworks/5/5.115.0/">KDE Frameworks 5.115</a>, <a href="https://kde.org/announcements/plasma/5/5.27.11/">KDE Plasma 5.27</a> and <a href="https://kde.org/announcements/gear/23.08.0/">KDE Gear 23.08</a>.</p> <figure class="wp-block-image size-full"><img alt="" class="wp-image-5190" height="800" src="https://kubuntu.org/wp-content/uploads/2024/04/7368/NoblePlasma.jpg" width="1280" />Kubuntu 24.04 with Plasma 5.27.11</figure> <p id="block-9e41f240-318b-4dca-b85c-e4c1f6a6cfcc">Kubuntu has seen many updates for other applications, both in our default install, and installable from the Ubuntu archive.</p> <p id="block-a60defe4-5c80-44d9-a920-16ca87ac229f">Haruna, Krita, Kdevelop, Yakuake, and many many more applications are updated.</p> <p id="block-148f21b1-28b1-4c3d-844e-2a92e9db4fef">Applications for core day-to-day usage are included and updated, such as Firefox, and LibreOffice.</p> <p id="block-d78ec940-18ee-4cf1-a5ec-8f332cbb9581">For a list of other application updates, and known bugs be sure to read our <a href="https://wiki.ubuntu.com/NobleNumbat/ReleaseNotes/Kubuntu">release notes</a>.</p> <p id="block-834ae2db-c972-4655-8037-916673c7b671"><a href="https://kubuntu.org/getkubuntu/">Download Kubuntu 24.04</a>, or <a href="https://help.ubuntu.com/community/NobleUpgrades/Kubuntu">learn how to upgrade from 23.10 or 22.04 LTS</a>.</p> <p id="block-0373fb35-d2f5-4e0a-b1f4-fd3bd9c16b0c"><strong>Note: For upgrades from 23.10, there may a delay of a few hours to days between the official release announcements and the Ubuntu Release Team enabling upgrades.</strong></p></description> <pubDate>Thu, 25 Apr 2024 16:16:27 +0000</pubDate></item><item> <title>Ubuntu Studio: Ubuntu Studio 24.04 LTS Released</title> <guid isPermaLink="false">https://ubuntustudio.org/?p=2761</guid> <link>https://ubuntustudio.org/2024/04/ubuntu-studio-24-04-lts-released/</link> <description><div class="wp-block-image"><figure class="aligncenter size-full"><img alt="" class="wp-image-2763" height="297" src="https://ubuntustudio.org/wp-content/uploads/2024/04/0a09/finalbanner.png" width="800" /></figure></div> <p id="block-08eb94aa-8521-4ed2-adb1-72f6f4094411">The Ubuntu Studio team is pleased to announce the release of Ubuntu Studio 24.04 LTS, code-named “Noble Numbat”. This marks Ubuntu Studio’s 34th release. This release is a Long-Term Support release and as such, it is supported for 3 years (36 months, until April 2027).</p> <p id="block-895e2f57-e719-450c-a4c8-9405017a7e75">Since it’s just out, you may experience some issues, so you might want to wait a bit before upgrading. Please see the <a href="https://ubuntustudio.org/ubuntu-studio-24-04-LTS-release-notes/">release notes</a> for a more complete list of changes and known issues. Listed here are some of the major highlights.</p> <div class="wp-block-image"><figure class="aligncenter size-full is-resized"><img alt="" class="wp-image-2771" height="383" src="https://ubuntustudio.org/wp-content/uploads/2024/04/05d2/VirtualBox_ISOTest_22_04_2024_13_18_58.png" width="681" /></figure></div> <p id="block-aef9a406-e305-4f97-a130-f522c2f1ce7e">You can download Ubuntu Studio 24.04 LTS from our <a href="https://ubuntustudio.org/download">download page</a>.</p> <h2 id="block-6ca66e3a-8d42-42a8-a0cf-a8ed86e6025f">Special Notes</h2> <p id="block-708043b1-523e-4fb9-92ca-720e3316371a">The Ubuntu Studio 24.04 LTS disk image (ISO) exceeds 4 GB and cannot be downloaded to some file systems such as FAT32 and may not be readable when burned to a standard DVD. For this reason, we recommend downloading to a compatible file system. When creating a boot medium, we recommend <a href="https://ubuntu.com/tutorials/create-a-usb-stick-on-ubuntu#1-overview">creating a bootable USB stick</a> with the ISO image or burning to a Dual-Layer DVD.</p> <p>Minimum installation media requirements: Dual-Layer DVD or 8GB USB drive.</p> <p id="block-fa4be379-b904-4919-9502-c73469ca31ef">Images can be obtained from this link: <a href="https://cdimage.ubuntu.com/ubuntustudio/releases/24.04/beta/" rel="noreferrer noopener" target="_blank">https://cdimage.ubuntu.com/ubuntustudio/releases/24.04/beta/</a></p> <p id="block-bf39c734-e080-4549-9621-044e9241d48c">Full updated information, including <strong>Upgrade Instructions,</strong> are available in the <strong><a href="https://ubuntustudio.org/ubuntu-studio-24-04-LTS-release-notes/">Release Notes</a></strong><a href="https://wiki.ubuntu.com/GroovyGorilla/Beta/UbuntuStudio">.</a></p> <p><strong>Please note that upgrading from 22.04 before the release of 24.04.1,</strong> <strong>due August 2024, is unsupported.</strong></p> <p>Upgrades from 23.10 should be enabled within a month after release, so we appreciate your patience.</p> <h2>New This Release</h2> <h3>All-New System Installer</h3> <div class="wp-block-image"><figure class="alignright size-full is-resized"><img alt="" class="wp-image-2765" height="199" src="https://ubuntustudio.org/wp-content/uploads/2024/04/5d73/VirtualBox_ISOTest_22_04_2024_10_00_48.png" width="317" /></figure></div> <p>In cooperation with the Ubuntu Desktop Team, we have an all-new Desktop installer. This installer uses the underlying code of the Ubuntu Server installer (“Subiquity”) which has been in-use for years, with a frontend coded in “Flutter”. This took a large amount of work for this release, and we were able to help a lot of other official Ubuntu flavors transition to this new installer.</p> <p>Be on the lookout for a special easter egg when the graphical environment for the installer first starts. For those of you who have been long-time users of Ubuntu Studio since our early days (even before Xfce!), you will notice exactly what it is.</p> <h3>PipeWire 1.0.4</h3> <div class="wp-block-image"><figure class="alignright size-full is-resized"><img alt="" class="wp-image-2766" height="70" src="https://ubuntustudio.org/wp-content/uploads/2024/04/be34/Pipewire_logo.svg_.png" width="324" /></figure></div> <p>Now for the big one: PipeWire is now mature, and this release contains <strong>PipeWire 1.0</strong>. With PipeWire 1.0 comes the stability and compatibility you would expect from multimedia audio. In fact, at this point, <strong>we recommend PipeWire usage for both Professional, Prosumer, and Everyday audio needs</strong>. At Ubuntu Summit 2023 in Riga, Latvia, our project leader Erich Eickmeyer used PipeWire to demonstrate live audio mixing with much success and has since done some audio mastering work using it. JACK developers even consider it to be “JACK 3”.</p> <p>PipeWire’s JACK compatibility is configured to use out-of-the-box and is zero-latency internally. System latency is configurable via Ubuntu Studio Audio Configuration.</p> <p>However, if you would rather use straight JACK 2 instead, that’s also possible. Ubuntu Studio Audio Configuration can disable and enable PipeWire’s JACK compatibility on-the-fly. From there, you can simply use JACK via QJackCtl.</p> <p>With this, we consider audio production with Ubuntu Studio so mature that it can now rival operating systems such as macOS and Windows in ease-of-use since it’s ready to go out-of-the-box.</p> <h4>Deprecation of PulseAudio/JACK setup/Studio Controls</h4> <p>Due to the maturity of PipeWire, we now consider the traditional PulseAudio/JACK setup, where JACK would be started/stopped by Studio Controls and bridged to PulseAudio, deprecated. This configuration is still installable via Ubuntu Studio Audio Configuration, but we do not recommend it. Studio Controls may return someday as a PipeWire fine-tuning solution, but for now it is unsupported by the developer. <strong>For that reason, we recommend users not use this configuration. If you do, it is at your own risk and no support will be given.</strong> In fact, it’s likely to be dropped for 24.10.</p> <h3>Ardour 8.4</h3> <div class="wp-block-image"><figure class="alignright size-full is-resized"><img alt="" class="wp-image-1977" height="73" src="https://ubuntustudio.org/wp-content/uploads/2020/06/2a76/ardour.png" width="84" /></figure></div> <p>While this does not represent the latest release of Ardour, Ardour 8.4 is a great release. If you would like the latest release, we highly recommend <a href="https://community.ardour.org/download?platform=linux&amp;architecture=x86_64&amp;type=compiled&amp;paymentSelection=options">purchasing one-time or subscribing to Ardour</a> directly from the developers to help support this wonderful application. Also, for that reason, this will be an application we will not directly backport. More on that later.</p> <div class="wp-block-image"><figure class="alignright size-full is-resized"><img alt="" class="wp-image-2767" height="261" src="https://ubuntustudio.org/wp-content/uploads/2024/04/f162/Screenshot_20240422_104529.png" width="361" /></figure></div> <h3>Ubuntu Studio Audio Configuration</h3> <p>Ubuntu Studio Audio Configuration has undergone a UI overhaul and contains the ability to start and stop a Dummy Audio Device which can also be configured to start or stop upon login. When assigned as the default, this will free-up channels that would normally be assigned to your system audio to be assigned to a null device.</p> <h3>Meta Package for Music Education</h3> <p>In cooperation with <a href="https://edubuntu.org" rel="noreferrer noopener" target="_blank">Edubuntu</a>, we have created a metapackage for music education. This package is installable from <strong>Ubuntu Studio Installer</strong> and includes the following packages:</p> <div class="wp-block-image"><figure class="alignright size-full is-resized"><img alt="" class="wp-image-2768" height="85" src="https://ubuntustudio.org/wp-content/uploads/2024/04/8560/Edbuntu-logo-2022_RGB.png" width="311" /></figure></div> <ul><li><strong>FMIT</strong>: Free Musical Instrument Tuner, a tool for tuning musical Instruments (also included by default)</li><li><strong>GNOME Metronome</strong>: Exactly what it sounds like (pun unintended): a metronome.</li><li><strong>Minuet: </strong>Ear training for intervals, chords, scales, and more.</li><li><strong>MuseScore: </strong>Create, playback, and print sheet music for free (this one is no stranger to the Ubuntu Studio community)</li><li><strong>Piano Booster: </strong>MIDI player/game that displays musical notes and teaches you how to play piano, optionally using a MIDI keyboard.</li><li><strong>Solfege: </strong>Ear training program for harmonic and melodic intervals, chords, scales, and rhythms.</li></ul> <h3>New Artwork</h3> <p>Thanks to the work of Eylul and the submissions to the <a href="https://ubuntustudio.org/2024/03/wallpaper-competition-winners-24-04-lts/">Ubuntu Studio Noble Numbat Wallpaper Contest</a>, we have a number of wallpapers to choose from and a new default wallpaper. </p> <h2>Deprecation of Ubuntu Studio Backports Is In Effect</h2> <p>As stated in the Ubuntu 23.10 Release Announcement, the Ubuntu Studio Backports PPA is now deprecated in favor of the official Ubuntu Backports repository. However, the Backports repository only works for LTS releases and for good reason. There are a few requirements for backporting:</p> <ul><li>It must be an application which already exists in the Ubuntu repositories</li><li>It must be an application which would not otherwise qualify for a simple bugfix, which would then qualify it to be a Stable Release Update. This means it must have new features.</li><li>It must not rely on new libraries or new versions of libraries.</li><li>It must exist within a later supported release or the development release of Ubuntu.</li></ul> <p>If you have a suggestion for an application for which to backport that meets those requirements, feel free to <a href="https://lists.ubuntu.com/archives/ubuntu-studio-users/">join and email the Ubuntu Studio Users Mailing List</a> with your suggestion with the tag “[BPO]” at the beginning of the subject line. <strong>Backports to 22.04 LTS are now closed</strong> <strong>and backports to 24.04 LTS are now open.</strong> Additionally, <strong>suggestions must pertain to Ubuntu Studio and preferably must be applications included with Ubuntu Studio. Suggestions can be rejected at the Project Leader’s discretion.</strong></p> <p>One package that is exempt to backporting is Ardour. To help support Ardour’s funding, you may obtain later versions directly from them. To do so, please <a data-id="https://ardour.org" data-type="URL" href="https://ardour.org">one-time purchase or subscribe to Ardour from their website.</a> If you wish to get later versions of Ardour from us, you will have to wait until the next regular release of Ubuntu Studio, due in October 2024.</p> <h2>We’re back on Matrix</h2> <div class="wp-block-image"><figure class="alignright size-full is-resized"><img alt="" class="wp-image-2722" height="127" src="https://ubuntustudio.org/wp-content/uploads/2012/03/eb3a/matrix-chat.png" width="126" /></figure></div> <p>You’ll notice that the menu links to our support chat and on our website will now take you to a Matrix chat. This is due to the Ubuntu community carving its own space within the Matrix federation.</p> <p>However, this is not only a support chat. This is also a creativity discussion chat. You can pass ideas to each other and you’re welcome to it if the topic remains within those confines. However, if a moderator or admin warns you that you’re getting off-topic (or the intention for the chat room), please heed the warning.</p> <p>This is a persistent connection, meaning if you close the window (or chat), it won’t lose your place as you may only need to sign back in to resume the chat.</p> <h2 id="block-c7a21be7-9349-421e-a098-c0d2919f320a">Frequently Asked Questions</h2> <p id="block-163f794a-f451-40b0-bbbd-6f26c6cbe8e8"><strong>Q:</strong> Does Ubuntu Studio contain snaps?<br /><strong>A:</strong> Yes. Mozilla’s distribution agreement with Canonical changed, and Ubuntu was forced to no longer distribute Firefox in a native .deb package. We have found that, after numerous improvements, Firefox now performs just as well as the native .deb package did.</p> <p>Thunderbird also became a snap during this cycle for the maintainers to get security patches delivered faster.</p> <p id="block-342134d3-a024-4b7b-b768-76c758b20acd">Additionally, Freeshow is an Electron-based application. Electron-based applications cannot be packaged in the Ubuntu repositories in that they cannot be packaged in a traditional Debian source package. While such apps do have a build system to create a .deb binary package, it circumvents the source package build system in Launchpad, which is required when packaging for Ubuntu. However, Electron apps also have a facility for creating snaps, which can be uploaded and included. Therefore, for Freeshow to be included in Ubuntu Studio, it had to be packaged as a snap.</p> <p id="block-2266cee7-0ea1-49cf-8340-594da42a09d7"><strong>Q</strong>: Will you make an ISO with {my favorite desktop environment}?<br /><strong>A:</strong> To do so would require creating an entirely new flavor of Ubuntu, which would require going through the Official Ubuntu Flavor application process. Since we’re completely volunteer-run, we don’t have the time or resources to do this. Instead, we recommend you download the <a href="https://ubuntu.com/download/flavours">official flavor for the desktop environment of your choice</a> and use <a href="https://ubuntustudio.org/ubuntu-studio-installer">Ubuntu Studio Installer</a> to get Ubuntu Studio – which does *not* convert that flavor to Ubuntu Studio but adds its benefits.</p> <p id="block-48669a69-39bc-4971-b46b-c7da87133d24"><strong>Q: </strong>What if I don’t want all these packages installed on my machine?<br /><strong>A: </strong>Simply use the <strong>Ubuntu Studio Installer</strong> to remove the features of Ubuntu Studio you don’t want or need!</p> <h1>Looking Toward the Future</h1> <h2>Plasma 6</h2> <p>Ubuntu Studio, in cooperation with Kubuntu, will be switching to Plasma 6 during the 24.10 development cycle. Likewise, Lubuntu will be switching to LXQt 2.0 and Qt 6, so the three flavors will be cooperating to do the move.</p> <h2>New Look</h2> <p>Ubuntu Studio has been using the same theming, “Materia” (except for the 22.04 LTS release which was a re-colored Breeze theme) since 19.04. However, Materia has gone dead upstream. To stay consistent, we found a fork called “Orchis” which seems to match closely and will be switching to that. More on that soon.</p> <h2>Minimal Installation</h2> <p>The new system installer has the capability to do minimal installations. This was something we did not have time to implement this cycle but intend to do for 24.10. This will let users install a minimal desktop to get going and then install what they need via Ubuntu Studio Installer. This will make a faster installation process but will not make the installation .iso image smaller. However, we have an idea for that as well.</p> <h2>Minimal Installation .iso Image</h2> <p>We are going to research what it will take to create a minimal installer .iso image that will function much like the regular .iso image minus the ability to install everything and allow the user to customize the installation via Ubuntu Studio Installer. This should lead to a much smaller initial download. Unlike creating a version with a different desktop environment, the Ubuntu Technical Board has been on record as saying this would not require going through the new flavor creation process. Our friends at Xubuntu recently did something similar.</p> <h2>Get Involved!</h2> <p>A wonderful way to contribute is to get involved with the project directly! We’re always looking for new volunteers to help with packaging, documentation, tutorials, user support, and MORE! <a href="https://ubuntustudio.org/contribute/">Check out all the ways you can contribute!</a></p> <p>Our project leader, Erich Eickmeyer, is now working on Ubuntu Studio at least part-time, and is hoping that the users of Ubuntu Studio can give enough to generate a monthly part-time income. Your donations are appreciated! If other distributions can do it, surely we can! See the sidebar for ways to give!</p> <h2>Special Thanks</h2> <p>Huge special thanks for this release go to:</p> <ul><li><strong>Eylul Dogruel</strong>: Artwork, Graphics Design</li><li><strong>Ross Gammon</strong>: Upstream Debian Developer, Testing, Email Support</li><li><strong>Sebastien Ramacher</strong>:<strong> </strong>Upstream Debian Developer</li><li><strong>Dennis Braun</strong>: Upstream Debian Developer</li><li><strong>Rik Mills</strong>: Kubuntu Council Member, help with Plasma desktop</li><li><strong>Scarlett Moore: </strong>Kubuntu Project Lead, help with Plasma desktop</li><li><b>Z</b><strong>ixing Liu</strong>: Simplified Chinese translations in the installer</li><li><strong>Simon Quigley</strong>: Lubuntu Release Manager, help with Qt items, Core Developer stuff, keeping Erich sane and focused</li><li><strong>Steve Langasek</strong>: Help with livecd-rootfs changes to make the new installer work properly.</li><li><strong>Dan Bungert</strong>: Subiquity, seed fixes</li><li><strong>Dennis Loose</strong>: Ubuntu Desktop Provision (installer)</li><li><strong>Lukas Klingsbo</strong>: Ubuntu Desktop Provision (installer)</li><li><strong>Len Ovens:</strong> Testing, insight</li><li><strong>Wim Taymans</strong>: Creator of PipeWire</li><li><strong>Mauro Gaspari</strong>: Tutorials, Promotion, and Documentation, Testing, keeping Erich sane</li><li><strong>Krytarik Raido</strong>: IRC Moderator, Mailing List Moderator</li><li><strong>Erich Eickmeyer</strong>: Project Leader, Packaging, Development, Direction, Treasurer</li></ul> <h1>A Note from the Project Leader</h1> <p><em>When I started out working on Ubuntu Studio six years ago, I had a vision of making it not only the easiest Linux-based operating system for content creation, but the easiest content creation operating system… full-stop.</em></p> <p><em>With the release of <strong>Ubuntu Studio 24.04 LTS, </strong>I believe we have achieved that goal. No longer do we have to worry about whether an application is JACK or PulseAudio or… whatever. It all just works! Audio applications can be patched to each other!</em></p> <p><em>If an audio device doesn’t depend on complex drivers (i.e. if the device is class-compliant), it will just work. If a user wishes to lower the latency or change the sample rate, we have a utility that does that (Ubuntu Studio Audio Configuration). If a user wants to have finer control use pure JACK via QJackCtl, they can do that too!</em></p> <p><em>I honestly don’t know how I would replicate this on Windows, and replicating on macOS would be much harder without downloading all sorts of applications. With Ubuntu Studio 24.04 LTS, it’s ready to go and you don’t have to worry about it.</em></p> <p><em>Where we are now is a dream come true for me, and something I’ve been hoping to see Ubuntu Studio become. And now, we’re finally here, and I feel like it can only get better.</em></p> <p class="has-text-align-right">-Erich Eickmeyer</p></description> <pubDate>Thu, 25 Apr 2024 15:16:29 +0000</pubDate></item><item> <title>Ubuntu MATE: Ubuntu MATE 24.04 LTS Release Notes</title> <guid isPermaLink="false">https://ubuntu-mate.org/blog/ubuntu-mate-noble-numbat</guid> <link>https://ubuntu-mate.org/blog/ubuntu-mate-noble-numbat-release-notes/</link> <description><p>Ubuntu MATE 24.04 is more of what you like, stable MATE Desktop on top of current Ubuntu.This release rolls up some fixes and more closely aligns with Ubuntu. Read on to learn more 👓️</p> <p class="center"><img alt="Ubuntu MATE 24.04 LTS" src="https://ubuntu-mate.org/images/blog/noble/screenshot.png" /><strong>Ubuntu MATE 24.04 LTS</strong></p> <h2 id="thank-you-">Thank you! 🙇</h2> <p><strong>I’d like to extend my sincere thanks to everyone who has played an active role in improving Ubuntu MATE for this release 👏I’d like to acknowledge the close collaboration with all the Ubuntu flavour teams and the Ubuntu Foundations and Desktop Teams.The assistance and support provided by <a href="https://launchpad.net/~eeickmeyer">Erich Eickmeyer</a> (Ubuntu Studio), <a href="https://launchpad.net/~tsimonq2">Simon Quigley</a> (Lubuntu) and <a href="https://launchpad.net/~fossfreedom">David Muhammed</a> (Ubuntu Budgie) have been invaluable.Thank you!</strong> 💚</p> <h2 id="what-changed-since-the-ubuntu-mate-2310">What changed since the Ubuntu MATE 23.10?</h2> <p>Here are the highlights of what’s changed since the <a href="https://ubuntu-mate.org/blog/ubuntu-mate-mantic-minotaur-release-notes/">release of Ubuntu MATE 23.10</a></p> <ul> <li>Ships stable <a href="https://mate-desktop.org">MATE Desktop</a> 1.26.2 with a selection of bug fixes 🐛 and minor improvements 🩹 to associated components.</li> <li>Integrated the new ✨ <a href="https://snapcraft.io/ubuntu-desktop-bootstrap">Ubuntu Desktop Bootstrap</a> installer 📀</li> <li>Added <a href="https://gitlab.gnome.org/World/gnome-firmware">GNOME Firmware</a>, that replaces <a href="https://snapcraft.io/firmware-updater">Firmware Updater</a>.</li> <li>Added <a href="https://snapcraft.io/snap-store">App Center</a>, that replaces Software Boutique.</li> <li>Retired Ubuntu MATE Welcome; although it is still available for Ubuntu MATE 23.10 and earlier.</li></ul> <h2 id="major-applications">Major Applications</h2> <p>Accompanying <strong>MATE Desktop 1.26.2</strong> 🧉 and <strong>Linux 6.8</strong> 🐧 are <strong>Firefox 125</strong> 🔥🦊,<strong>Celluloid 0.26</strong> 🎥, <strong>Evolution 3.52</strong> 📧, <strong>LibreOffice 24.2.2</strong> 📚</p> <p>See the <a href="https://discourse.ubuntu.com/t/noble-numbat-release-notes/39890">Ubuntu 24.04 Release Notes</a>for details of all the changes and improvements that Ubuntu MATE benefits from.</p> <div class="jumbotron"> <h2>Download Ubuntu MATE 24.04</h2> <p>This new release will be first available for PC/Mac users.</p> <a class="btn" href="https://ubuntu-mate.org/download/">Download</a> </div> <h2 id="upgrading-to-ubuntu-mate-2404">Upgrading to Ubuntu MATE 24.04</h2> <p>The upgrade process to Ubuntu MATE 24.04 LTS from either Ubuntu MATE 22.04 LTS or23.10 is the same as Ubuntu.</p> <ul> <li><a href="https://help.ubuntu.com/community/NobleUpgrades">Ubuntu 24.04 Upgrade Process</a></li></ul> <p>There are no offline upgrade options for Ubuntu MATE. Please ensure you havenetwork connectivity to one of the official mirrors or to a locally accessiblemirror and follow the instructions above.</p></description> <pubDate>Thu, 25 Apr 2024 14:57:38 +0000</pubDate></item><item> <title>David Mohammed: Ubuntu Budgie 24.04 Released</title> <guid isPermaLink="false">https://ubuntubudgie.org/?p=3772</guid> <link>https://ubuntubudgie.org/2024/04/ubuntu-budgie-24-04-released/</link> <description><p>We are pleased to announce the release of the next version of our distro, 24.04 Long Term Support. The LTS version is supported for 3 years while the regular releases are supported for 9 months. The new release rolls-up various fixes and optimizations that the Ubuntu Budgie team have been released since the 22.04 release in April 2022: We also inherits hundreds of stability…</p><p><a href="https://ubuntubudgie.org/2024/04/ubuntu-budgie-24-04-released/" rel="nofollow">Source</a></p></description> <pubDate>Thu, 25 Apr 2024 13:37:47 +0000</pubDate></item><item> <title>Lubuntu Blog: Lubuntu 24.04 LTS Released!</title> <guid isPermaLink="false">https://lubuntu.me/?p=3981</guid> <link>https://lubuntu.me/noble-released/</link> <description>Thanks to the hard work from our contributors, Lubuntu 24.04 LTS has been released. With the codename Noble Numbat, Lubuntu 24.04 is the 26th release of Lubuntu, the 12th release of Lubuntu with LXQt as the default desktop environment. Download and Support Lifespan With Lubuntu 24.04 being a long-term support interim release, it will follow […]</description> <pubDate>Thu, 25 Apr 2024 13:31:02 +0000</pubDate></item><item> <title>Xubuntu: Xubuntu 24.04 released!</title> <guid isPermaLink="false">https://xubuntu.org/?p=5547</guid> <link>https://xubuntu.org/news/xubuntu-24-04-released/</link> <description><p>The Xubuntu team is happy to announce the immediate release of Xubuntu 24.04.</p> <p>Xubuntu 24.04, codenamed <strong>Noble Numbat</strong>, is a long-term support (LTS) release and will be supported for 3 years, until 2027.</p> <figure class="wp-block-image size-full"><img alt="" class="wp-image-5548" height="800" src="https://xubuntu.org/wp-content/uploads/2024/04/6515/xubuntu-24.04.png" width="1280" />Xubuntu 24.04, featuring the latest updates from Xfce 4.18 and GNOME 46.</figure> <p>Xubuntu 24.04 features the latest updates from Xfce 4.18, GNOME 46, and MATE 1.26. For new users and those coming from Xubuntu 22.04, you’ll appreciate the performance, stability, and improved hardware support found in Xubuntu 24.04. Xfce 4.18 is stable, fast, and full of user-friendly features. Enjoy frictionless bluetooth headphone connections and out-of-the-box touchpad support. Updates to our icon theme and wallpapers make Xubuntu feel fresh and stylish.</p> <p>The <strong>final release images</strong> for <strong>Xubuntu Desktop</strong> and <strong>Xubuntu Minimal</strong> are available as torrents and direct downloads from <a href="https://xubuntu.org/download/">xubuntu.org/download/</a>.</p> <p>As the main server might be busy in the first few days after the release, we recommend using the torrents if possible.</p> <p>We’d like to thank everybody who contributed to this release of Xubuntu!</p> <h2>Highlights and Known Issues</h2> <h3>Highlights</h3> <ul><li><strong>Xfce 4.18</strong> is included and well-polished since it’s initial release in December 2022</li><li><strong>Xubuntu Minimal</strong> is included as an officially supported subproject</li><li>GNOME Software has been replaced by <strong>Snap Store</strong> and <strong>GDebi</strong></li><li><strong>Snap Desktop Integration</strong> is now included for improved snap package support</li><li><strong>Firmware Updater</strong> has been added to enable firmware updates in Xubuntu is included to support firmware updates from the Linux Vendor Firmware Service (LVFS)</li><li><strong>Thunderbird</strong> is now distributed as a Snap package</li><li>Ubiquity has been replaced by the Flutter-based <strong>Ubuntu Installer</strong> to provide fast and user-friendly installation</li><li><strong>Pipewire</strong> (and wireplumber) are now included in Xubuntu</li><li>Improved hardware support for <strong>bluetooth headphones</strong> and <strong>touchpads</strong></li><li><strong>Color emoji</strong> is now included and supported in Firefox, Thunderbird, and newer Gtk-based apps</li><li>Significantly improved <strong>screensaver</strong> integration and stability</li></ul> <h3>Known Issues</h3> <ul><li>The shutdown prompt may not be displayed at the end of the installation. Instead you might just see a Xubuntu logo, a black screen with an underscore in the upper left hand corner, or just a black screen. Press Enter and the system will reboot into the installed environment. (LP: <a href="https://bugs.launchpad.net/ubuntu-release-notes/+bug/1944519">#1944519</a>)</li><li>Xorg crashes and the user is logged out after logging in or switching users on some virtual machines, including GNOME Boxes. (LP: #<a href="https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1861609">1861609</a>)</li><li>You may experience choppy audio or poor system performance while playing audio, but only in some virtual machines (observed in VMware and VirtualBox)</li><li>OEM installation options are not currently supported or available, but will be included for Xubuntu 24.04.1</li></ul> <p>For more obscure known issues, information on affecting bugs, bug fixes, and a list of new package versions, please refer to the <a href="https://wiki.xubuntu.org/releases/24.04/release-notes">Xubuntu Release Notes</a>.</p> <p>The main <a href="https://discourse.ubuntu.com/t/noble-numbat-release-notes/39890">Ubuntu Release Notes</a> cover many of the other packages we carry and more generic issues.</p> <h2>Support</h2> <p><strong>For support </strong>with the release, navigate to <a href="https://xubuntu.org/help/">Help &amp; Support</a> for a complete list of methods to get help.</p></description> <pubDate>Thu, 25 Apr 2024 12:00:53 +0000</pubDate></item><item> <title>Lukas Märdian: Creating a Netplan enabled system through Debian-Installer</title> <guid isPermaLink="false">https://blog.slyon.de/?p=2368</guid> <link>https://blog.slyon.de/2024/04/25/creating-a-netplan-enabled-system-through-debian-installer/</link> <description><p>With the work that has been done in the <a href="https://salsa.debian.org/installer-team/netcfg/-/merge_requests/9">debian-installer/netcfg merge-proposal !9</a> it is possible to install a standard Debian system, using the normal Debian-Installer (d-i) <strong>mini.iso</strong> images, that will come pre-installed with Netplan and all network configuration structured in <code>/etc/netplan/</code>.</p> <p>In this write-up, I’d like to run you through a list of commands for experiencing the Netplan enabled installation process first-hand. For now, we’ll be using a custom ISO image, while waiting for the above-mentioned merge-proposal to be landed. Furthermore, as the Debian archive is going through major transitions builds of the “unstable” branch of d-i don’t currently work. So I implemented a <a href="https://people.ubuntu.com/~slyon/d-i/bookworm/0001-finish-install-adopt-to-netplan.io-package-netplan-g.patch">small backport</a>, producing updated <a href="https://people.ubuntu.com/~slyon/d-i/bookworm/netcfg_1.189_amd64.udeb">netcfg</a> and <a href="https://people.ubuntu.com/~slyon/d-i/bookworm/netcfg-static_1.189_amd64.udeb">netcfg-static</a> for Bookworm, which can be used as <strong>localudebs/</strong> during the d-i build.</p> <p>Let’s start with preparing a working directory and installing the software dependencies for our virtualized Debian system:</p> <pre class="wp-block-code"><code>$ mkdir d-i_bookworm &amp;&amp; cd d-i_bookworm$ apt install ovmf qemu-utils qemu-system-x86</code></pre> <p>Now let’s download the custom<code> mini.iso</code>, <code>linux</code> kernel image and <code>initrd.gz</code> containing the Netplan enablement changes, as mentioned above.</p> <pre class="wp-block-code"><code>$ wget https://people.ubuntu.com/~slyon/d-i/bookworm/mini.iso$ wget https://people.ubuntu.com/~slyon/d-i/bookworm/linux$ wget https://people.ubuntu.com/~slyon/d-i/bookworm/initrd.gz</code></pre> <p>Next we’ll prepare a VM, by copying the EFI firmware files, preparing some persistent EFIVARs file, to boot from <code>FS0:\EFI\debian\grubx64.efi</code>, and create a virtual disk for our machine:</p> <pre class="wp-block-code"><code>$ cp /usr/share/OVMF/OVMF_CODE_4M.fd .$ cp /usr/share/OVMF/OVMF_VARS_4M.fd .$ qemu-img create -f qcow2 ./data.qcow2 5G</code></pre> <p>Finally, let’s launch the installer using a custom preseed.cfg file, that will automatically install Netplan for us in the target system. A minimal preseed file could look like this:</p> <pre class="wp-block-preformatted"># Install minimal Netplan generator binary<br />d-i preseed/late_command string in-target apt-get -y install netplan-generator</pre> <p>For this demo, we’re installing the full <code>netplan.io</code> package (incl. Python CLI), as the <code>netplan-generator</code> package was not yet split out as an independent binary in the Bookworm cycle. You can choose the preseed file from a set of different variants to test the different configurations:</p> <ul><li>Netplan + systemd-resolved configuration<ul><li><a href="https://people.ubuntu.com/~slyon/d-i/bookworm/netplan-preseed+networkd.cfg">https://people.ubuntu.com/~slyon/d-i/bookworm/netplan-preseed+networkd.cfg</a></li></ul></li> <li>Netplan + NetworkManager configuration<ul><li><a href="https://people.ubuntu.com/~slyon/d-i/bookworm/netplan-preseed+nm.cfg">https://people.ubuntu.com/~slyon/d-i/bookworm/netplan-preseed+nm.cfg</a></li></ul></li></ul> <p>We’re using the custom <code>linux</code> kernel and <code>initrd.gz</code> here to be able to pass the preseed URL as a parameter to the kernel’s <code>cmdline</code> directly. Launching this VM should bring up the normal debian-installer in its <code>netboot/gtk</code> form:</p> <pre class="wp-block-code"><code>$ export U=https://people.ubuntu.com/~slyon/d-i/bookworm/netplan-preseed+networkd.cfg$ qemu-system-x86_64 \ -M q35 -enable-kvm -cpu host -smp 4 -m 2G \ -drive if=pflash,format=raw,unit=0,file=OVMF_CODE_4M.fd,readonly=on \ -drive if=pflash,format=raw,unit=1,file=OVMF_VARS_4M.fd,readonly=off \ -device qemu-xhci -device usb-kbd -device usb-mouse \ -vga none -device virtio-gpu-pci \ -net nic,model=virtio -net user \ -kernel ./linux -initrd ./initrd.gz -append "url=$U" \ -hda ./data.qcow2 -cdrom ./mini.iso;</code></pre> <p>Now you can click through the normal Debian-Installer process, using mostly default settings. Optionally, you could play around with the networking settings, to see how those get translated to <code>/etc/netplan/</code> in the target system.</p> <figure class="wp-block-image size-full"><a href="https://blog.slyon.de/wp-content/uploads/2024/04/image.png"><img alt="" class="wp-image-2377" height="600" src="https://blog.slyon.de/wp-content/uploads/2024/04/image.png" width="800" /></a></figure> <p>After you confirmed your partitioning changes, the base system gets installed. I suggest not to select any additional components, like desktop environments, to speed up the process.</p> <figure class="wp-block-image size-full"><a href="https://blog.slyon.de/wp-content/uploads/2024/04/image-1.png"><img alt="" class="wp-image-2378" height="600" src="https://blog.slyon.de/wp-content/uploads/2024/04/image-1.png" width="800" /></a></figure> <p>During the final step of the installation (<code>finish-install.d/55netcfg-copy-config</code>) d-i will detect that Netplan was installed in the target system (due to the preseed file provided) and opt to write its network configuration to <code>/etc/netplan/</code> instead of <code>/etc/network/interfaces</code> or <code>/etc/NetworkManager/system-connections/</code>.</p> <figure class="wp-block-image size-full"><a href="https://blog.slyon.de/wp-content/uploads/2024/04/image-2.png"><img alt="" class="wp-image-2379" height="600" src="https://blog.slyon.de/wp-content/uploads/2024/04/image-2.png" width="800" /></a></figure> <p>Done! After the installation finished, you can reboot into your virgin Debian Bookworm system.</p> <p>To do that, quit the current Qemu process, by pressing <strong>Ctrl+C</strong> and make sure to copy over the <code>EFIVARS.fd</code> file that was written by <code>grub</code> during the installation, so Qemu can find the new system. Then reboot into the new system, not using the <strong>mini.iso</strong> image any more:</p> <pre class="wp-block-code"><code>$ cp ./OVMF_VARS_4M.fd ./EFIVARS.fd$ qemu-system-x86_64 \ -M q35 -enable-kvm -cpu host -smp 4 -m 2G \ -drive if=pflash,format=raw,unit=0,file=OVMF_CODE_4M.fd,readonly=on \ -drive if=pflash,format=raw,unit=1,file=EFIVARS.fd,readonly=off \ -device qemu-xhci -device usb-kbd -device usb-mouse \ -vga none -device virtio-gpu-pci \ -net nic,model=virtio -net user \ -drive file=./data.qcow2,if=none,format=qcow2,id=disk0 \ -device virtio-blk-pci,drive=disk0,bootindex=1 -serial mon:stdio</code></pre> <p>Finally, you can play around with your <strong>Netplan enabled Debian system</strong>! As you will find, <code>/etc/network/interfaces</code> exists but is empty, it could still be used (optionally/additionally). Netplan was configured in <code>/etc/netplan/</code> according to the settings given during the d-i installation process.</p> <figure class="wp-block-image size-large"><a href="https://blog.slyon.de/wp-content/uploads/2024/04/deb1-1.png"><img alt="" class="wp-image-2383" height="882" src="https://blog.slyon.de/wp-content/uploads/2024/04/deb1-1-1024x882.png" width="1024" /></a></figure> <p>In our case, we also installed the Netplan CLI, so we can play around with some of its features, like <code>netplan status</code>:</p> <figure class="wp-block-image size-large"><a href="https://blog.slyon.de/wp-content/uploads/2024/04/deb2.png"><img alt="" class="wp-image-2384" height="882" src="https://blog.slyon.de/wp-content/uploads/2024/04/deb2-1024x882.png" width="1024" /></a></figure> <p>Thank you for following along the Netplan enabled Debian installation process and happy hacking! If you want to learn more, join the discussion at <a href="https://salsa.debian.org/installer-team/netcfg/-/merge_requests/9">Salsa:installer-team/netcfg</a> and find us at <a href="https://github.com/canonical/netplan">GitHub:netplan</a>.</p></description> <pubDate>Thu, 25 Apr 2024 10:19:44 +0000</pubDate></item><item> <title>Podcast Ubuntu Portugal: E296 Nobre Mirmecóbio Refrigerado</title> <guid isPermaLink="false">https://media.blubrry.com/ubuntupt/archive.org/download/pup-e296/e296.mp3</guid> <link>https://podcastubuntuportugal.org/e296/</link> <description><p>Desta vez recebemos a visita do André Bação e a conversa seguiu animada em torno de leis de termodinâmica, panelas de esquentadores, alegria de famílias chinesas, computadores azeiteiros e - como não podia deixar de ser - casas espertas. Ainda falámos da última beta de Ubuntu 24.04 e descobrimos que há empacotadores chamados Carlão. Nos próximos dias vai haver muita celebração da Liberdade na comunidade do Software Livre e todos vamos querer lá estar! 25 de Abril Sempre, Software Proprietário Nunca Mais!</p><p>Já sabem: oiçam, subscrevam e partilhem!</p><ul><li><p><a href="https://pi-apps.io/">https://pi-apps.io/</a></p></li><li><p><a href="https://schneegans.github.io/gnome-pie">https://schneegans.github.io/gnome-pie</a></p></li><li><p><a href="https://pt.wikipedia.org/wiki/Termodin%C3%A2mica">https://pt.wikipedia.org/wiki/Termodin%C3%A2mica</a></p></li><li><p><a href="https://inv.nadeko.net/watch?v=oa__fLArsFk">https://inv.nadeko.net/watch?v=oa__fLArsFk</a></p></li><li><p><a href="https://www.openhomefoundation.org/">https://www.openhomefoundation.org/</a></p></li><li><p><a href="https://pt.wikipedia.org/wiki/Arrefecimento_termoel%C3%A9trico">https://pt.wikipedia.org/wiki/Arrefecimento_termoel%C3%A9trico</a></p></li><li><p><a href="https://slimbook.com/">https://slimbook.com/</a></p></li><li><p><a href="https://releases.ubuntu.com/noble/">https://releases.ubuntu.com/noble/</a></p></li><li><p><a href="https://loco.ubuntu.com/teams/ubuntu-pt/">https://loco.ubuntu.com/teams/ubuntu-pt/</a></p></li><li><p><a href="https://shop.nitrokey.com/shop?aff_ref=3">https://shop.nitrokey.com/shop?aff_ref=3</a></p></li><li><p><a href="https://masto.pt/@pup">https://masto.pt/@pup</a></p></li><li><p><a href="https://youtube.com/PodcastUbuntuPortugal">https://youtube.com/PodcastUbuntuPortugal</a></p></li></ul><h3 id="apoios">Apoios</h3><p>Podem apoiar o podcast usando os links de afiliados do Humble Bundle, porque ao usarem esses links para fazer uma compra, uma parte do valor que pagam reverte a favor do Podcast Ubuntu Portugal.E podem obter tudo isso com 15 dólares ou diferentes partes dependendo de pagarem 1, ou 8.Achamos que isto vale bem mais do que 15 dólares, pelo que se puderem paguem mais um pouco mais visto que têm a opção de pagar o quanto quiserem.Se estiverem interessados em outros bundles não listados nas notas usem o link <a href="https://www.humblebundle.com/?partner=PUP">https://www.humblebundle.com/?partner=PUP</a> e vão estar também a apoiar-nos.</p><h3 id="atribuição-e-licenças">Atribuição e licenças</h3><p>Este episódio foi produzido por Diogo Constantino, Miguel e Tiago Carrondo e editado pelo <a href="https://senhorpodcast.pt/">Senhor Podcast</a>.O website é produzido por Tiago Carrondo e o <a href="https://gitlab.com/podcastubuntuportugal/website">código aberto</a> está licenciado nos termos da <a href="https://gitlab.com/podcastubuntuportugal/website/main/LICENSE">Licença MIT</a>.A música do genérico é: “Won’t see it comin’ (Feat Aequality &amp; N’sorte d’autruche)”, por Alpha Hydrae e está licenciada nos termos da <a href="https://creativecommons.org/publicdomain/zero/1.0/">CC0 1.0 Universal License</a>.Este episódio e a imagem utilizada estão licenciados nos termos da licença: <a href="https://creativecommons.org/licenses/by-nc-nd/4.0/">Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0)</a>, <a href="https://creativecommons.org/licenses/by-nc-nd/4.0/legalcode">cujo texto integral pode ser lido aqui</a>. Estamos abertos a licenciar para permitir outros tipos de utilização, <a href="https://podcastubuntuportugal.org/contactos">contactem-nos</a> para validação e autorização.</p></description> <pubDate>Thu, 25 Apr 2024 00:00:00 +0000</pubDate> <enclosure url="https://media.blubrry.com/ubuntupt/archive.org/download/pup-e296/e296.mp3" length="38015648" type="audio/mpeg"/></item><item> <title>Ubuntu MATE: Ubuntu MATE 23.10 Release Notes</title> <guid isPermaLink="false">https://ubuntu-mate.org/blog/ubuntu-mate-mantic-minotaur</guid> <link>https://ubuntu-mate.org/blog/ubuntu-mate-mantic-minotaur-release-notes/</link> <description><p>Ubuntu MATE 23.10 is more of what you like, stable MATE Desktop on top of current Ubuntu.This release rolls up a number of bugs fixes and updates that continues to build on recent releases, where the focus has been on improving stability 🪨</p> <p class="center"><img alt="Ubuntu MATE 23.10" src="https://ubuntu-mate.org/images/blog/mantic/screenshot.png" /><strong>Ubuntu MATE 23.10</strong></p> <h2 id="thank-you-">Thank you! 🙇</h2> <p><strong>I’d like to extend my sincere thanks to everyone who has played an active role in improving Ubuntu MATE for this release 👏 From reporting bugs, submitting translations, providing patches, contributing to <a href="https://www.patreon.com/ubuntu_mate">our crowd-funding</a>, developing new features, creating artwork, offering community support, activelytesting and providing QA feedback to writing documentation or creating this fabulous website. Thank you!</strong> 💚</p> <h2 id="what-changed-since-the-ubuntu-mate-2304">What changed since the Ubuntu MATE 23.04?</h2> <p>Here are the highlights of what’s changed since the <a href="https://ubuntu-mate.org/blog/ubuntu-mate-lunar-lobster-release-notes/">release of Ubuntu MATE 23.04</a></p> <h3 id="mate-desktop">MATE Desktop</h3> <p><a href="https://mate-desktop.org">MATE Desktop</a> has been updated to 1.26.2 with a selection of bugs fixes 🐛 and minor improvements 🩹 to associated components.</p> <ul> <li><code class="language-plaintext highlighter-rouge">caja-rename</code> 23.10.1-1 has been ported from Python to C.</li> <li><code class="language-plaintext highlighter-rouge">libmatemixer</code> 1.26.0-2+deb12u1 resolves heap corruption and application crashes when removing USB audio devices.</li> <li><code class="language-plaintext highlighter-rouge">mate-desktop</code> 1.26.2-1 improves portals support.</li> <li><code class="language-plaintext highlighter-rouge">mate-notification-daemon</code> 1.26.1-1 fixes several memory leaks.</li> <li><code class="language-plaintext highlighter-rouge">mate-system-monitor</code> 1.26.0-5 now picks up libexec files from <code class="language-plaintext highlighter-rouge">/usr/libexec</code></li> <li><code class="language-plaintext highlighter-rouge">mate-session-manager</code> 1.26.1-2 set <code class="language-plaintext highlighter-rouge">LIBEXECDIR</code> to <code class="language-plaintext highlighter-rouge">/usr/libexec/</code> for correct interaction with <code class="language-plaintext highlighter-rouge">mate-system-monitor</code> ☝️</li> <li><code class="language-plaintext highlighter-rouge">mate-user-guide</code> 1.26.2-1 is a new upstream release.</li> <li><code class="language-plaintext highlighter-rouge">mate-utils</code> 1.26.1-1 fixes several memory leaks.</li></ul> <h4 id="yet-more-ai-generated-wallpaper">Yet more AI Generated wallpaper</h4> <p>My friend <a href="https://twitter.com/simonjbutcher">Simon Butcher</a> 🇬🇧 is Head of Research Platforms at Queen Mary University of London managing the Apocrita HPC cluster service. <strong>Once again, Simon has created a stunning AI-generated 🤖🧠 wallpaper for Ubuntu MATE using bleeding edge diffusion models</strong> 🖌 <em>The sample below is 1920x1080 but the version included in Ubuntu MATE 23.10 are 3840x2160</em>.</p> <div class="gallery"> <div class="gallery-item"> <img alt="" src="https://ubuntu-mate.org/images/blog/mantic/minotaur-king.jpg" /> </div> </div> <p>Here’s what Simon has to say about the process of creating this new wallpaper for Mantic Minotaur:</p> <blockquote> <p>Since Minotaurs are imaginary creatures, interpretations tend to vary widely. I wanted to produce an image of a powerful creature in a graphic novel style, although not gruesome like many depictions. The latest open source Stable Diffusion XL base model was trained at a higher resolution and the difference in quality has been noticeable, particularly at better overall consistency and detail, while reducing anatomical irregularities in images. The image was produced locally using Linux and an NVIDIA A100 80GB GPU, starting from an initial text prompt and refined using img2img, inpainting and upscaling features.</p></blockquote> <h2 id="major-applications">Major Applications</h2> <p>Accompanying <strong>MATE Desktop 1.26.2</strong> 🧉 and <strong>Linux 6.5</strong> 🐧 are <strong>Firefox 118</strong> 🔥🦊,<strong>Celluloid 0.25</strong> 🎥, <strong>Evolution 3.50</strong> 📧, <strong>LibreOffice 7.6.1</strong> 📚</p> <p>See the <a href="https://discourse.ubuntu.com/t/mantic-minotaur-release-notes/35534">Ubuntu 23.10 Release Notes</a>for details of all the changes and improvements that Ubuntu MATE benefits from.</p> <div class="jumbotron"> <h2>Download Ubuntu MATE 23.10</h2> <p>This new release will be first available for PC/Mac users.</p> <a class="btn" href="https://ubuntu-mate.org/download/">Download</a> </div> <h2 id="upgrading-from-ubuntu-mate-2304">Upgrading from Ubuntu MATE 23.04</h2> <p>You can upgrade to Ubuntu MATE 23.10 from Ubuntu MATE 23.04. Ensure that youhave all updates installed for your current version of Ubuntu MATE before youupgrade.</p> <ul> <li>Open the “Software &amp; Updates” from the Control Center.</li> <li>Select the 3rd Tab called “Updates”.</li> <li>Set the “Notify me of a new Ubuntu version” drop down menu to “For any new version”.</li> <li>Press <kbd>Alt</kbd>+<kbd>F2</kbd> and type in <code class="language-plaintext highlighter-rouge">update-manager -c -d</code> into the command box.</li> <li>Update Manager should open up and tell you: New distribution release ‘23.10’ is available. <ul> <li>If not, you can use <code class="language-plaintext highlighter-rouge">/usr/lib/ubuntu-release-upgrader/check-new-release-gtk</code></li> </ul> </li> <li>Click “Upgrade” and follow the on-screen instructions.</li></ul> <p>There are no offline upgrade options for Ubuntu MATE. Please ensure you havenetwork connectivity to one of the official mirrors or to a locally accessiblemirror and follow the instructions above.</p> <h2 id="feedback">Feedback</h2> <p>Is there anything you can help with or want to be involved in? Maybe you justwant to discuss your experiences or ask the maintainers some questions. Please<a href="https://ubuntu-mate.community/">come and talk to us</a>.</p></description> <pubDate>Wed, 24 Apr 2024 21:55:28 +0000</pubDate></item><item> <title>David Mohammed: Ubuntu Budgie 24.04 Release Notes</title> <guid isPermaLink="false">https://ubuntubudgie.org/?p=3762</guid> <link>https://ubuntubudgie.org/2024/04/ubuntu-budgie-24-04-release-notes/</link> <description><p>Ubuntu Budgie 24.04 LTS (Noble Numbat) is a Long Term Support release with 3 years of support by your distro maintainers, from April 2024 to May 2027. These release notes showcase the key takeaways for 22.04 upgraders to 24.04. In these release notes the areas covered are: Quarter &amp; half tiling is pretty much self-explaining. Dragging a window to the…</p><p><a href="https://ubuntubudgie.org/2024/04/ubuntu-budgie-24-04-release-notes/" rel="nofollow">Source</a></p></description> <pubDate>Mon, 15 Apr 2024 21:02:12 +0000</pubDate></item><item> <title>Paul Tagliamonte: Domo Arigato, Mr. debugfs</title> <guid isPermaLink="true">https://notes.pault.ag/debugfs/</guid> <link>https://notes.pault.ag/debugfs/</link> <description><p>Years ago, at what I think I remember was DebConf 15, I hacked for a whileon debhelper to<a href="https://github.com/Debian/debhelper/commit/5549f841fd7cba07e21df8e4f70b21c31cfb3da6">write build-ids to debian binary control files</a>,so that the <code>build-id</code> (more specifically, the ELF note<code>.note.gnu.build-id</code>) wound up in the Debian apt archive metadata.I’ve always thought this was super cool, and seeing as how Michael Stapelberg<a href="https://michael.stapelberg.ch/posts/2019-02-15-debian-debugging-devex/">blogged</a>some great pointers around the ecosystem, including the fancy new <code>debuginfod</code>service, and the<a href="https://manpages.debian.org/testing/debian-goodies/find-dbgsym-packages.1.en.html">find-dbgsym-packages</a>helper, which uses these same headers, I don’t think I’m the only one.</p><p>At work I’ve been using a lot of <a href="https://www.rust-lang.org/">rust</a>,specifically, async rust using <a href="https://tokio.rs/">tokio</a>. To try and work onmy style, and to dig deeper into the how and why of the decisions made in theseframeworks, I’ve decided to hack up a project that I’ve wanted to do eversince 2015 – write a debug filesystem. Let’s get to it.</p><h1 id="back-to-the-future">Back to the Future</h1><aside class="left">It shouldn't shock anyone to learn I'm a huge fan of Go, right?</aside><p>Time to admit something. I really love <a href="https://9front.org/">Plan 9</a>. It’sjust so good. So many ideas from Plan 9 are just so prescient, and everythingjust feels <em>right</em>. Not just right like, feels good – like, <em>correct</em>. Thebit that I’ve always liked the most is <code>9p</code>, the network protocol for servinga filesystem over a network. This leads to all sorts of fun programs, like thePlan 9 <code>ftp</code> client being a 9p server – you mount the ftp server and accessfiles like any other files. It’s kinda like if fuse were more fully a partof how the operating system worked, but fuse is all running client-side. With9p there’s a single client, and different <em>servers</em> that you can connect to,which may be backed by a hard drive, remote resources over something like SFTP, FTP, HTTP or even purely synthetic.</p><aside class="right">I even triggered a weird bug in<a href="https://github.com/vim/vim/commit/14759ded57447345ba11c11a99fd84344797862c">vim</a>when writing a 9p filesystem that wound up impacting<a href="https://github.com/microsoft/WSL/issues/11256">WSL</a>-- although it seems like maybe not due to 9p (rather, SMB)</aside><p>The interesting (maybe sad?) part here is that 9p wound up outliving Plan 9in terms of adoption – <code>9p</code> is in all sorts of places folks don’t usually expect.For instance, the Windows Subsystem for Linux uses the 9p protocol to sharefiles between Windows and Linux. ChromeOS uses it to share files with Crostini,and qemu uses 9p (<code>virtio-p9</code>) to share files between guest and host. If you’renoticing a pattern here, you’d be right; for some reason 9p is the go-to protocolto exchange files between hypervisor and guest. Why? I have no idea, except maybedue to being designed well, simple to implement, and it’s a lot easier to validate the data being sharedand validate security boundaries. Simplicity has its value.</p><p>As a result, there’s a <em>lot</em> of lingering 9p support kicking around. Turns outLinux can even handle mounting 9p filesystems out of the box. This means that Ican deploy a filesystem to my LAN or my <code>localhost</code> by running a process on topof a computer that needs nothing special, and mount it over the network on anunmodified machine – unlike <code>fuse</code>, where you’d need client-specific softwareto run in order to mount the directory. For instance, let’s mount a 9pfilesystem running on my localhost machine, serving requests on <code>127.0.0.1:564</code>(tcp) that goes by the name “<code>mountpointname</code>” to <code>/mnt</code>.</p><aside class="left">Unfortunately, this requires root to mount and feels very un-plan9,but it does work and the protocol is good.</aside><pre>$ mount -t 9p \-o trans=tcp,port=564,version=9p2000.u,aname=mountpointname \127.0.0.1 \/mnt</pre><p>Linux will mount away, and attach to the filesystem as the root user, and by default,attach to that mountpoint again for each local user that attempts to useit. Nifty, right? I think so. The server is ableto keep track of per-user access and authorizationalong with the host OS.</p><h1 id="wherein-i-styx-with-it">WHEREIN I STYX WITH IT</h1><aside class="right">"Simple" here is intended as my highest form of praise. Writing complexthings is easy. Taking your work, and simplifying it down the coreis the most difficult part of our work.</aside><p>Since I wanted to push myself a bit more with <code>rust</code> and <code>tokio</code> specifically,I opted to implement the whole stack myself, without third party libraries onthe critical path where I could avoid it. The 9p protocol (sometimes called<code>Styx</code>, the original name for it) is incredibly simple. It’s a series of clientto server requests, which receive a server to client response. These are,respectively, “<code>T</code>” messages, which <code>t</code>ransmit a request to the server, whichtrigger an “<code>R</code>” message in response (<code>R</code>eply messages). These messages are<a href="https://en.wikipedia.org/wiki/Type%E2%80%93length%E2%80%93value">TLV</a> payloadwith a very straight forward structure – so straight forward, in fact, that Iwas able to implement a working server off nothing more than a handful of <a href="https://9fans.github.io/plan9port/man/man9/">manpages</a>.</p><aside class="left">There's also a <code>9P2000.L</code> 9p variant which has moreLinux specific extensions. There's a good chance I port thisforward when I get the chance.</aside><p>Later on after the basics worked, I found a more complete<a href="https://ericvh.github.io/9p-rfc/rfc9p2000.html">spec page</a>that contains more information about the<a href="https://ericvh.github.io/9p-rfc/rfc9p2000.u.html">unix specific variant</a>that I opted to use (<code>9P2000.u</code> rather than <code>9P2000</code>) due to the levelof <code>Linux</code> specific support for the <code>9P2000.u</code> variant over the <code>9P2000</code>protocol.</p><h1 id="mr-roboto">MR ROBOTO</h1><aside class="right">It really bothers me rust libraries that deal with I/O need to supportstd::io, but to add support for async runtimes, you need to implementsupport for tokio::io and every other runtime; but them's the breaks Iguess. I really miss Go's built-in async support and io module.</aside><p>The backend stack over at <a href="https://zoo.dev">zoo</a> is <code>rust</code> and <code>tokio</code>running i/o for an <code>HTTP</code> and <code>WebRTC</code> server. I figured I’d pick somethingfairly similar to write my filesystem with, since <code>9P</code> can be implementedon basically anything with I/O. That means <code>tokio</code> tcp server bits, whichconstruct and use a <code>9p</code> server, which has an idiomatic Rusty API thatpartially abstracts the raw <code>R</code> and <code>T</code> messages, but not so much as tocause issues with hiding implementation possibilities. At each abstractionlevel, there’s an escape hatch – allowing someone to implement any ofthe layers if required. I called this framework<a href="https://github.com/paultag/arigato">arigato</a> which can be found over on<a href="https://docs.rs/arigato">docs.rs</a> and<a href="https://crates.io/crates/arigato">crates.io</a>.</p><div class="highlight"><pre><code class="language-rust" data-lang="rust"><span style="color: #e6db74;">/// Simplified version of the arigato File trait; this isn't actually</span><span style="color: #e6db74;">/// the same trait; there's some small cosmetic differences. The</span><span style="color: #e6db74;">/// actual trait can be found at:</span><span style="color: #e6db74;">///</span><span style="color: #e6db74;">/// https://docs.rs/arigato/latest/arigato/server/trait.File.html</span><span style="color: #e6db74;"></span><span style="color: #66d9ef;">trait</span> File {<span style="color: #e6db74;">/// OpenFile is the type returned by this File via an Open call.</span><span style="color: #e6db74;"></span> <span style="color: #66d9ef;">type</span> <span style="color: #a6e22e;">OpenFile</span>: <span style="color: #a6e22e;">OpenFile</span>;<span style="color: #e6db74;">/// Return the 9p Qid for this file. A file is the same if the Qid is</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// the same. A Qid contains information about the mode of the file,</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// version of the file, and a unique 64 bit identifier.</span><span style="color: #e6db74;"></span> <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">qid</span>(<span style="color: #f92672;">&amp;</span>self) -&gt; <span style="color: #a6e22e;">Qid</span>;<span style="color: #e6db74;">/// Construct the 9p Stat struct with metadata about a file.</span><span style="color: #e6db74;"></span> async <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">stat</span>(<span style="color: #f92672;">&amp;</span>self) -&gt; <span style="color: #a6e22e;">FileResult</span><span style="color: #f92672;">&lt;</span>Stat<span style="color: #f92672;">&gt;</span>;<span style="color: #e6db74;">/// Attempt to update the file metadata.</span><span style="color: #e6db74;"></span> async <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">wstat</span>(<span style="color: #f92672;">&amp;</span><span style="color: #66d9ef;">mut</span> self, s: <span style="color: #66d9ef;">&amp;</span><span style="color: #a6e22e;">Stat</span>) -&gt; <span style="color: #a6e22e;">FileResult</span><span style="color: #f92672;">&lt;</span>()<span style="color: #f92672;">&gt;</span>;<span style="color: #e6db74;">/// Traverse the filesystem tree.</span><span style="color: #e6db74;"></span> async <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">walk</span>(<span style="color: #f92672;">&amp;</span>self, path: <span style="color: #66d9ef;">&amp;</span>[<span style="color: #f92672;">&amp;</span><span style="color: #66d9ef;">str</span>]) -&gt; <span style="color: #a6e22e;">FileResult</span><span style="color: #f92672;">&lt;</span>(Option<span style="color: #f92672;">&lt;</span>Self<span style="color: #f92672;">&gt;</span>, Vec<span style="color: #f92672;">&lt;</span>Self<span style="color: #f92672;">&gt;</span>)<span style="color: #f92672;">&gt;</span>;<span style="color: #e6db74;">/// Request that a file's reference be removed from the file tree.</span><span style="color: #e6db74;"></span> async <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">unlink</span>(<span style="color: #f92672;">&amp;</span><span style="color: #66d9ef;">mut</span> self) -&gt; <span style="color: #a6e22e;">FileResult</span><span style="color: #f92672;">&lt;</span>()<span style="color: #f92672;">&gt;</span>;<span style="color: #e6db74;">/// Create a file at a specific location in the file tree.</span><span style="color: #e6db74;"></span> async <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">create</span>(<span style="color: #f92672;">&amp;</span><span style="color: #66d9ef;">mut</span> self,name: <span style="color: #66d9ef;">&amp;</span><span style="color: #66d9ef;">str</span>,perm: <span style="color: #66d9ef;">u16</span>,ty: <span style="color: #a6e22e;">FileType</span>,mode: <span style="color: #a6e22e;">OpenMode</span>,extension: <span style="color: #66d9ef;">&amp;</span><span style="color: #66d9ef;">str</span>,) -&gt; <span style="color: #a6e22e;">FileResult</span><span style="color: #f92672;">&lt;</span>Self<span style="color: #f92672;">&gt;</span>;<span style="color: #e6db74;">/// Open the File, returning a handle to the open file, which handles</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// file i/o. This is split into a second type since it is genuinely</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// unrelated -- and the fact that a file is Open or Closed can be</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// handled by the `arigato` server for us.</span><span style="color: #e6db74;"></span> async <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">open</span>(<span style="color: #f92672;">&amp;</span><span style="color: #66d9ef;">mut</span> self, mode: <span style="color: #a6e22e;">OpenMode</span>) -&gt; <span style="color: #a6e22e;">FileResult</span><span style="color: #f92672;">&lt;</span>Self::OpenFile<span style="color: #f92672;">&gt;</span>;}<span style="color: #e6db74;">/// Simplified version of the arigato OpenFile trait; this isn't actually</span><span style="color: #e6db74;">/// the same trait; there's some small cosmetic differences. The</span><span style="color: #e6db74;">/// actual trait can be found at:</span><span style="color: #e6db74;">///</span><span style="color: #e6db74;">/// https://docs.rs/arigato/latest/arigato/server/trait.OpenFile.html</span><span style="color: #e6db74;"></span><span style="color: #66d9ef;">trait</span> OpenFile {<span style="color: #e6db74;">/// iounit to report for this file. The iounit reported is used for Read</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// or Write operations to signal, if non-zero, the maximum size that is</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// guaranteed to be transferred atomically.</span><span style="color: #e6db74;"></span> <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">iounit</span>(<span style="color: #f92672;">&amp;</span>self) -&gt; <span style="color: #66d9ef;">u32</span>;<span style="color: #e6db74;">/// Read some number of bytes up to `buf.len()` from the provided</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// `offset` of the underlying file. The number of bytes read is</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// returned.</span><span style="color: #e6db74;"></span> async <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">read_at</span>(<span style="color: #f92672;">&amp;</span><span style="color: #66d9ef;">mut</span> self,buf: <span style="color: #66d9ef;">&amp;</span><span style="color: #a6e22e;">mut</span> [<span style="color: #66d9ef;">u8</span>],offset: <span style="color: #66d9ef;">u64</span>,) -&gt; <span style="color: #a6e22e;">FileResult</span><span style="color: #f92672;">&lt;</span><span style="color: #66d9ef;">u32</span><span style="color: #f92672;">&gt;</span>;<span style="color: #e6db74;">/// Write some number of bytes up to `buf.len()` from the provided</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// `offset` of the underlying file. The number of bytes written</span><span style="color: #e6db74;"></span> <span style="color: #e6db74;">/// is returned.</span><span style="color: #e6db74;"></span> <span style="color: #66d9ef;">fn</span> <span style="color: #a6e22e;">write_at</span>(<span style="color: #f92672;">&amp;</span><span style="color: #66d9ef;">mut</span> self,buf: <span style="color: #66d9ef;">&amp;</span><span style="color: #a6e22e;">mut</span> [<span style="color: #66d9ef;">u8</span>],offset: <span style="color: #66d9ef;">u64</span>,) -&gt; <span style="color: #a6e22e;">FileResult</span><span style="color: #f92672;">&lt;</span><span style="color: #66d9ef;">u32</span><span style="color: #f92672;">&gt;</span>;}</code></pre></div><h1 id="thanks-decade-ago-paultag">Thanks, decade ago paultag!</h1><aside class="left">If this isn't my record for longest idea-to-wip-project time, it's close.</aside><p>Let’s do it! Let’s use <code>arigato</code> to implement a <code>9p</code> filesystem we’ll call<a href="https://github.com/paultag/debugfs">debugfs</a> that will serve all the debugfiles shipped according to the <code>Packages</code> metadata from the <code>apt</code> archive. We’llfetch the <code>Packages</code> file and construct a filesystem based on the reported<code>Build-Id</code> entries. For those who don’t know much about how an <code>apt</code> repoworks, here’s the 2-second crash course on what we’re doing. The first is tofetch the <code>Packages</code> file, which is specific to a binary architecture (such as<code>amd64</code>, <code>arm64</code> or <code>riscv64</code>). That <code>architecture</code> is specific to a<code>component</code> (such as <code>main</code>, <code>contrib</code> or <code>non-free</code>). That <code>component</code> isspecific to a <code>suite</code>, such as <code>stable</code>, <code>unstable</code> or any of its aliases(<code>bullseye</code>, <code>bookworm</code>, etc). Let’s take a look at the <code>Packages.xz</code> file forthe <code>unstable-debug</code> <code>suite</code>, <code>main</code> <code>component</code>, for all <code>amd64</code> binaries.</p><pre><code>$ curl \https://deb.debian.org/debian-debug/dists/unstable-debug/main/binary-amd64/Packages.xz \| unxz</code></pre><p>This will return the Debian-style<a href="https://man7.org/linux/man-pages/man5/deb822.5.html">rfc2822-like</a> headers,which is an export of the metadata contained inside each <code>.deb</code> file which<code>apt</code> (or other tools that can use the <code>apt</code> repo format) use to fetchinformation about debs. Let’s take a look at the debug headers for the<code>netlabel-tools</code> package in <code>unstable</code> – which is a package named<code>netlabel-tools-dbgsym</code> in <code>unstable-debug</code>.</p><pre><code>Package: netlabel-tools-dbgsymSource: netlabel-tools (0.30.0-1)Version: 0.30.0-1+b1Installed-Size: 79Maintainer: Paul Tagliamonte &lt;paultag@debian.org&gt;Architecture: amd64Depends: netlabel-tools (= 0.30.0-1+b1)Description: debug symbols for netlabel-toolsAuto-Built-Package: debug-symbolsBuild-Ids: e59f81f6573dadd5d95a6e4474d9388ab2777e2aDescription-md5: a0e587a0cf730c88a4010f78562e6db7Section: debugPriority: optionalFilename: pool/main/n/netlabel-tools/netlabel-tools-dbgsym_0.30.0-1+b1_amd64.debSize: 62776SHA256: 0e9bdb087617f0350995a84fb9aa84541bc4df45c6cd717f2157aa83711d0c60</code></pre><p>So here, we can parse the package headers in the <code>Packages.xz</code> file, and store,for each <code>Build-Id</code>, the <code>Filename</code> where we can fetch the <code>.deb</code> at. Each<code>.deb</code> contains a number of files – but we’re only really interested in thefiles inside the <code>.deb</code> located at or under <code>/usr/lib/debug/.build-id/</code>,which you can find in <code>debugfs</code> under<a href="https://github.com/paultag/debugfs/blob/main/src/deb822.rs">rfc822.rs</a>. It’scrude, and very single-purpose, but I’m feeling a bit lazy.</p><h1 id="who-needs-dpkg">Who needs dpkg?!</h1><aside class="right">Hilariously, the fourth? fifth? non-serious time (second serious time)I've had to do this for a new language.</aside><p>For folks who haven’t seen it yet, a <code>.deb</code> file is a special type of<a href="https://en.wikipedia.org/wiki/Ar_(Unix)">.ar</a> file, that contains (usually)three files inside – <code>debian-binary</code>, <code>control.tar.xz</code> and <code>data.tar.xz</code>.The core of an <code>.ar</code> file is a fixed size (<code>60 byte</code>) entry header,followed by the specified <code>size</code> number of bytes.</p><pre><code>[8 byte .ar file magic][60 byte entry header][N bytes of data][60 byte entry header][N bytes of data][60 byte entry header][N bytes of data]...</code></pre><aside class="left">I can't believe it's already been over a decade since my NM process,and nearly 16 years since I became an Ubuntu member.</aside><p>First up was to implement a basic <code>ar</code> parser in<a href="https://github.com/paultag/debugfs/blob/main/src/ar.rs">ar.rs</a>. Before we getinto using it to parse a deb, as a quick diversion, let’s break apart a <code>.deb</code>file by hand – something that is a bit of a rite of passage (or at least itused to be? I’m getting old) during the Debian nm (new member) process, to takea look at where exactly the <code>.debug</code> file lives inside the <code>.deb</code> file.</p><pre><code>$ ar x netlabel-tools-dbgsym_0.30.0-1+b1_amd64.deb$ lscontrol.tar.xz debian-binarydata.tar.xz netlabel-tools-dbgsym_0.30.0-1+b1_amd64.deb$ tar --list -f data.tar.xz | grep '.debug$'./usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug</code></pre><p>Since we know quite a bit about the structure of a <code>.deb</code> file, and I had toimplement support from scratch anyway, I opted to implement a (very!) basicdebfile parser using HTTP Range requests. HTTP Range requests, if supported bythe server (denoted by a <code>accept-ranges: bytes</code> HTTP header in response to anHTTP <code>HEAD</code> request to that file) means that we can add a header such as<code>range: bytes=8-68</code> to specifically request that the returned <code>GET</code> body be thebyte range provided (in the above case, the bytes starting from byte offset <code>8</code>until byte offset <code>68</code>). This means we can fetch just the ar file entry fromthe <code>.deb</code> file until we get to the file inside the <code>.deb</code> we are interested in(in our case, the <code>data.tar.xz</code> file) – at which point we can request the bodyof that file with a final <code>range</code> request. I wound up writing a struct tohandle a <code>read_at</code>-style API surface in<a href="https://github.com/paultag/debugfs/blob/main/src/hrange.rs">hrange.rs</a>, whichwe can pair with <code>ar.rs</code> above and start to find our data in the <code>.deb</code> remotelywithout downloading and unpacking the <code>.deb</code> at all.</p><aside class="right">I really like<a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Range_requests">HTTP Range</a>requests a lot.</aside><aside class="left">I did some stats to figure out what compression dbgsym packages use thesedays; my LAN debug mirror contains 113459 xz compressed tarfiles, and 9gzip compressed tarfiles at the time of writing.</aside><p>After we have the body of the <code>data.tar.xz</code> coming back through the HTTPresponse, we get to pipe it through an <code>xz</code> decompressor (this kinda sucked inRust, since a <code>tokio</code> <code>AsyncRead</code> is not the same as an <code>http</code> Body response isnot the same as <code>std::io::Read</code>, is not the same as an async (or sync)<code>Iterator</code> is not the same as what the <code>xz2</code> crate expects; leading me to readblocks of data to a buffer and stuff them through the decoder by looping overthe buffer for each <code>lzma2</code> packet in a loop), and <code>tar</code>file parser (similarlytroublesome). From there we get to iterate over all entries in the tarfile,stopping when we reach our file of interest. Since we can’t seek, but <code>gdb</code>needs to, we’ll pull it out of the stream into a <code>Cursor&lt;Vec&lt;u8&gt;&gt;</code> in-memoryand pass a handle to it back to the user.</p><p>From here on out its a matter of<a href="https://github.com/paultag/debugfs/blob/main/src/debugfs.rs">gluing together a File traited struct</a>in <code>debugfs</code>, and serving the filesystem over TCP using <code>arigato</code>. Donedeal!</p><h1 id="a-quick-diversion-about-compression">A quick diversion about compression</h1><p>I was originally hoping to avoid transferring the whole tar file over thenetwork (and therefore also reading the whole debug file into ram, whichobjectively sucks), but quickly hit issues with figuring out a way aroundseeking around an <code>xz</code> file. What’s interesting is <code>xz</code> has a great primitiveto solve this specific problem (specifically, use a block size that allows youto seek to the block as close to your desired seek position just before it,only discarding at most <code>block size - 1</code> bytes), but <code>data.tar.xz</code> filesgenerated by <code>dpkg</code> appear to have a single mega-huge block for the whole file.I don’t know why I would have expected any different, in retrospect. That meansthat this now devolves into the base case of “How do I seek around an <code>lzma2</code>compressed data stream”; which is a lot more complex of a question.</p><aside class="left">After going through a lot of this, I realized just how complexthe xz format is -- it's a lot more than just lzma2!</aside><p>Thankfully, notoriously brilliant <a href="https://github.com/tianon">tianon</a> wasnice enough to introduce me to <a href="https://github.com/jonjohnsonjr">Jon Johnson</a>who did something super similar – adapted a technique to seek inside acompressed <code>gzip</code> file, which lets his service<a href="https://oci.dag.dev/?image=debian%3Aunstable">oci.dag.dev</a>seek through Docker container images super fast based on some prior worksuch as <code>soci-snapshotter</code>, <code>gztool</code>, and<a href="https://github.com/madler/zlib/blob/0f51fb4933fc9ce18199cb2554dacea8033e7fd3/examples/zran.c">zran.c</a>.He also pulled this party trick off for apk based distrosover at <a href="https://apk.dag.dev/">apk.dag.dev</a>, which seems apropos.Jon was nice enough to publish a lot of his work on this specifically in acentral place under the name “<a href="https://github.com/jonjohnsonjr/targz">targz</a>”on his GitHub, which has been a ton of fun to read through.</p><p>The gist is that, by dumping the decompressor’s state (window of previousbytes, in-memory data derived from the last <code>N-1 bytes</code>) at specific“checkpoints” along with the compressed data stream offset in bytes anddecompressed offset in bytes, one can seek to that checkpoint in the compressedstream and pick up where you left off – creating a similar “block” mechanismagainst the wishes of gzip. It means you’d need to do an <code>O(n)</code> run over thefile, but every request after that will be sped up according to the numberof checkpoints you’ve taken.</p><p>Given the complexity of <code>xz</code> and <code>lzma2</code>, I don’t think this is possiblefor me at the moment – especially given most of the files I’ll be requestingwill not be loaded from again – especially when I can “just” cache the debugheader by <code>Build-Id</code>. I want to implement this (because I’m generally curiousand Jon has a way of getting someone excited about compression schemes, whichis not a sentence I thought I’d ever say out loud), but for now I’m going tomove on without this optimization. Such a shame, since it kills a lot of thework that went into seeking around the <code>.deb</code> file in the first place, giventhe <code>debian-binary</code> and <code>control.tar.gz</code> members are so small.</p><h1 id="the-good">The Good</h1><p>First, the good news right? It works! That’s pretty cool. I’m positivemy younger self would be amused and happy to see this working; as iscurrent day paultag. Let’s take <code>debugfs</code> out for a spin! First, we needto mount the filesystem. It even works on an entirely unmodified, stockDebian box on my LAN, which is <em>huge</em>. Let’s take it for a spin:</p><pre><code>$ mount \-t 9p \-o trans=tcp,version=9p2000.u,aname=unstable-debug \192.168.0.2 \/usr/lib/debug/.build-id/</code></pre><p>And, let’s prove to ourselves that this actually mounted before we gotrying to use it:</p><pre><code>$ mount | grep build-id192.168.0.2 on /usr/lib/debug/.build-id type 9p (rw,relatime,aname=unstable-debug,access=user,trans=tcp,version=9p2000.u,port=564)</code></pre><p>Slick. We’ve got an open connection to the server, where our hostwill keep a connection alive as root, attached to the filesystem providedin <code>aname</code>. Let’s take a look at it.</p><pre><code>$ ls /usr/lib/debug/.build-id/00 0d 1a 27 34 41 4e 5b 68 75 82 8E 9b a8 b5 c2 CE db e7 f301 0e 1b 28 35 42 4f 5c 69 76 83 8f 9c a9 b6 c3 cf dc E7 f402 0f 1c 29 36 43 50 5d 6a 77 84 90 9d aa b7 c4 d0 dd e8 f503 10 1d 2a 37 44 51 5e 6b 78 85 91 9e ab b8 c5 d1 de e9 f604 11 1e 2b 38 45 52 5f 6c 79 86 92 9f ac b9 c6 d2 df ea f705 12 1f 2c 39 46 53 60 6d 7a 87 93 a0 ad ba c7 d3 e0 eb f806 13 20 2d 3a 47 54 61 6e 7b 88 94 a1 ae bb c8 d4 e1 ec f907 14 21 2e 3b 48 55 62 6f 7c 89 95 a2 af bc c9 d5 e2 ed fa08 15 22 2f 3c 49 56 63 70 7d 8a 96 a3 b0 bd ca d6 e3 ee fb09 16 23 30 3d 4a 57 64 71 7e 8b 97 a4 b1 be cb d7 e4 ef fc0a 17 24 31 3e 4b 58 65 72 7f 8c 98 a5 b2 bf cc d8 E4 f0 fd0b 18 25 32 3f 4c 59 66 73 80 8d 99 a6 b3 c0 cd d9 e5 f1 fe0c 19 26 33 40 4d 5a 67 74 81 8e 9a a7 b4 c1 ce da e6 f2 ff</code></pre><p>Outstanding. Let’s try using <code>gdb</code> to debug a binary that was provided bythe <code>Debian</code> archive, and see if it’ll load the ELF by <code>build-id</code> from theright <code>.deb</code> in the <code>unstable-debug</code> suite:</p><pre><code>$ gdb -q /usr/sbin/netlabelctlReading symbols from /usr/sbin/netlabelctl...Reading symbols from /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug...(gdb)</code></pre><p>Yes! Yes it will!</p><pre><code>$ file /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug/usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter *empty*, BuildID[sha1]=e59f81f6573dadd5d95a6e4474d9388ab2777e2a, for GNU/Linux 3.2.0, with debug_info, not stripped</code></pre><h1 id="the-bad">The Bad</h1><p>Linux’s support for <code>9p</code> is mainline, which is great, but it’s not robust.Network issues or server restarts will wedge the mountpoint (Linux can’treconnect when the tcp connection breaks), and things that work fine on localfilesystems get translated in a way that causes a lot of network chatter – forinstance, just due to the way the syscalls are translated, doing an <code>ls</code>, willresult in a <code>stat</code> call for each file in the directory, even though linux hadjust got a <code>stat</code> entry for every file while it was resolving directory names.On top of that, Linux will serialize all I/O with the server, so there’s noconcurrent requests for file information, writes, or reads pending at the sametime to the server; and <code>read</code> and <code>write</code> throughput will degrade as latencyincreases due to increasing round-trip time, even though there are offsetsincluded in the <code>read</code> and <code>write</code> calls. It works well enough, but isfrustrating to run up against, since there’s not a lot you can do server-sideto help with this beyond implementing the <code>9P2000.L</code> variant (which, maybe isworth it).</p><h1 id="the-ugly">The Ugly</h1><p>Unfortunately, we don’t know the file size(s) until we’ve actually opened theunderlying <code>tar</code> file and found the correct member, so for most files, we don’tknow the real size to report when getting a <code>stat</code>. We can’t parse the tarfilesfor every <code>stat</code> call, since that’d make <code>ls</code> even slower (bummer). Onlyhiccup is that when I report a filesize of zero, <code>gdb</code> throws a bit of afit; let’s try with a size of <code>0</code> to start:</p><pre><code>$ ls -lah /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug-r--r--r-- 1 root root 0 Dec 31 1969 /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug$ gdb -q /usr/sbin/netlabelctlReading symbols from /usr/sbin/netlabelctl...Reading symbols from /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug...warning: Discarding section .note.gnu.build-id which has a section size (24) larger than the file size [in module /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug][...]</code></pre><p>This obviously won’t work since <code>gdb</code> will throw away all our hard work becauseof <code>stat</code>’s output, and neither will loading the real size of the underlyingfile. That only leaves us with hardcoding a file size and hope nothing elsebreaks significantly as a result. Let’s try it again:</p><pre><code>$ ls -lah /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug-r--r--r-- 1 root root 954M Dec 31 1969 /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug$ gdb -q /usr/sbin/netlabelctlReading symbols from /usr/sbin/netlabelctl...Reading symbols from /usr/lib/debug/.build-id/e5/9f81f6573dadd5d95a6e4474d9388ab2777e2a.debug...(gdb)</code></pre><p>Much better. I mean, terrible but better. Better for now, anyway.</p><h1 id="kilroy-was-here">Kilroy was here</h1><p>Do I think this is a particularly good idea? I mean; kinda. I’m probably goingto make some fun <code>9p</code> <code>arigato</code>-based filesystems for use around my LAN, but Idon’t think I’ll be moving to use <code>debugfs</code> until I can figure out how toensure the connection is more resilient to changing networks, server restartsand fixes on i/o performance. I think it was a useful exercise and is a prettygreat hack, but I don’t think this’ll be shipping anywhere anytime soon.</p><p>Along with me publishing this post, I’ve pushed up all my repos; so youshould be able to play along at home! There’s a lot more work to be doneon <code>arigato</code>; but it does handshake and successfully export a working<code>9P2000.u</code> filesystem. Check it out on on my github at<a href="https://github.com/paultag/arigato">arigato</a>,<a href="https://github.com/paultag/debugfs">debugfs</a>and also on <a href="https://crates.io/crates/arigato">crates.io</a>and <a href="https://docs.rs/arigato">docs.rs</a>.</p><p>At least I can say I was here and I got it working after all these years.</p></description> <pubDate>Sat, 13 Apr 2024 13:27:00 +0000</pubDate></item><item> <title>Scarlett Gately Moore: Kubuntu: Noble Numbat Beta available! Qt6 snaps coming soon.</title> <guid isPermaLink="false">https://www.scarlettgatelymoore.dev/?p=437</guid> <link>https://www.scarlettgatelymoore.dev/kubuntu-noble-numbat-beta-available-qt6-snaps-coming-soon/</link> <description><figure class="wp-block-image aligncenter size-large is-resized"><img alt="" class="not-transparent wp-image-439" data-dominant-color="838e9d" data-has-transparency="false" height="640" src="https://www.scarlettgatelymoore.dev/wp-content/uploads/VirtualBox_kubuntu-noble_11_04_2024_05_52_10-1024x640.webp" width="1024" /></figure> <p>It has been a very busy couple of weeks as we worked against some major transitions and a security fix that required a rebuild of the $world. I am happy to report that against all odds we have a beta release! You can read all about it here: <a href="https://kubuntu.org/news/kubuntu-24-04-beta-released/">https://kubuntu.org/news/kubuntu-24-04-beta-released/</a> Post beta freeze I have already begun pushing our fixes for known issues today. A big one being our new branding! Very exciting times in the Kubuntu world.</p> <p>In the snap world I will be using my free time to start knocking out KDE applications ( not covered by the project ). I have also recruited some help, so you should start seeing these pop up in the edge channel very soon!</p> <p>Now that we are nearing the release of Noble Numbat, my contract is coming to an end with Kubuntu. If you would like to see Plasma 6 in the next release and in a PPA for Noble, please consider donating to extend my contract at <a href="https://kubuntu.org/donate">https://kubuntu.org/donate</a> !</p> <p>On a personal level, I am still looking to help with my grandson and you can find that here: <a href="https://www.gofundme.com/f/in-loving-memory-of-william-billy-dean-scalf">https://www.gofundme.com/f/in-loving-memory-of-william-billy-dean-scalf</a></p> <p>Thanks for stopping by,</p> <p>Scarlett</p></description> <pubDate>Fri, 12 Apr 2024 19:29:58 +0000</pubDate></item><item> <title>Kubuntu General News: Kubuntu 24.04 Beta Released</title> <guid isPermaLink="false">https://kubuntu.org/?p=5178</guid> <link>https://kubuntu.org/news/kubuntu-24-04-beta-released/</link> <description><h2>Join the Excitement: </h2> <h2>Test Kubuntu 24.04 Beta and Experience Innovation with KubuQA!</h2> <figure class="wp-block-image size-full"><img alt="" class="wp-image-5179" height="1024" src="https://kubuntu.org/wp-content/uploads/2024/04/ecd2/Kubuntu_24.04_beta.webp" width="1792" /></figure> <p>We’re thrilled to announce the availability of the <a href="https://cdimage.ubuntu.com/kubuntu/releases/24.04/beta/">Kubuntu 24.04 Beta!</a> This release is packed with new features and enhancements, and we’re inviting you, our valued community, to join us in fine-tuning this exciting new version. Whether you’re a seasoned tester or new to software testing, your feedback is crucial to making Kubuntu 24.04 the best it can be.</p> <p>To make your testing journey as easy as pie, we’re introducing a fantastic new tool: <a href="https://github.com/kubuntu-team/KubuQA"><strong>KubuQA</strong>.</a> Designed with both new and experienced users in mind, KubuQA simplifies the testing process by automating the download, VirtualBox setup, and configuration steps. Now, everyone can participate in testing Kubuntu with ease!</p> <p>This beta release also debuts our fresh new branding, artwork, and wallpapers—created and chosen by our own community through recent <a href="https://kubuntu.org/news/celebrating-creativity-announcing-the-winners-of-the-kubuntu-contests/">branding and wallpaper contests.</a> These additions reflect the spirit and creativity of the Kubuntu family, and we can’t wait for you to see them.</p> <h2>Get Testing</h2> <p>By participating in the beta testing of Kubuntu 24.04, you’re not just helping improve the software; you’re becoming an integral part of a global community that values open collaboration and innovation. Your contributions help us identify and fix issues, ensuring Kubuntu remains a high-quality, stable, and user-friendly Linux distribution.</p> <p>The benefits of joining our testing team extend beyond improving the software. You’ll gain valuable experience, meet like-minded individuals, and perhaps discover a new passion in the world of open-source software.</p> <p>So why wait? <a href="https://cdimage.ubuntu.com/kubuntu/releases/24.04/beta/">Download the Kubuntu 24.04</a> Beta today, try out <a href="https://github.com/kubuntu-team/KubuQA">KubuQA</a>, or follow our <a href="https://wiki.ubuntu.com/NobleNumbat/Beta/Kubuntu#preview">wiki to upgrade</a> and help us make Kubuntu better than ever! Remember, your feedback is the key to our success.</p> <h2>Ready to make an impact? </h2> <p>Join us in this exciting phase of development and see your ideas come to life in Kubuntu. Plus, enjoy the satisfaction of knowing that you’ve contributed to a project used by millions around the world. Become a<a href="https://github.com/kubuntu-team/KubuQA"> tester</a> today and be part of something big!</p> <h2>Interested in more than testing? </h2> <p>By the way, have you thought about becoming a member of the Kubuntu Community? It’s a fantastic way to contribute more actively and help shape the future of Kubuntu. Learn more about <a href="https://kubuntu.org/community/">joining the community.</a></p></description> <pubDate>Fri, 12 Apr 2024 18:54:20 +0000</pubDate></item><item> <title>Ubuntu Studio: Ubuntu Studio 24.04 LTS Beta Released</title> <guid isPermaLink="false">https://ubuntustudio.org/?p=2742</guid> <link>https://ubuntustudio.org/2024/04/ubuntu-studio-24-04-lts-beta-released/</link> <description><div class="wp-block-image" id="block-85f39608-c985-4310-86d5-00b9690ffde7"><figure class="aligncenter size-full is-resized"><img alt="" class="wp-image-2749" height="223" src="https://ubuntustudio.org/wp-content/uploads/2024/04/08a9/betabanner.png" width="600" /></figure></div> <p id="block-dfae7f3f-d386-4297-b510-560ae7fce8a5">The Ubuntu Studio team is pleased to announce the beta release of Ubuntu Studio 24.04 LTS, codenamed “Noble Numbat”.</p> <p id="block-ebf85cba-74ad-4dc6-a731-f595c9f28a72">While this beta is reasonably free of any showstopper installer bugs, you will find some bugs within. This image is, however, mostly representative of what you will find when Ubuntu Studio 24.04 is released on April 25, 2024.</p> <h2 id="block-6ca66e3a-8d42-42a8-a0cf-a8ed86e6025f">Special Notes</h2> <p id="block-708043b1-523e-4fb9-92ca-720e3316371a">The Ubuntu Studio 24.04 LTS disk image (ISO) exceeds 4 GB and cannot be downloaded to some file systems such as FAT32 and may not be readable when burned to a DVD. For this reason, we recommend downloading to a compatible file system. When creating a boot medium, we recommend <a href="https://ubuntu.com/tutorials/create-a-usb-stick-on-ubuntu#1-overview">creating a bootable USB stick</a> with the ISO image or burning to a Dual-Layer DVD.</p> <p id="block-fa4be379-b904-4919-9502-c73469ca31ef">Images can be obtained from this link: <a href="https://cdimage.ubuntu.com/ubuntustudio/releases/24.04/beta/" rel="noreferrer noopener" target="_blank">https://cdimage.ubuntu.com/ubuntustudio/releases/24.04/beta/</a></p> <p id="block-bf39c734-e080-4549-9621-044e9241d48c">Full updated information, including <strong>Upgrade Instructions,</strong> are available in the <strong><a href="https://ubuntustudio.org/ubuntu-studio-24-04-LTS-release-notes/">Release Notes</a></strong><a href="https://wiki.ubuntu.com/GroovyGorilla/Beta/UbuntuStudio">.</a></p> <p><strong>Please note that upgrading before the release of 24.04.1,</strong> <strong>due August 2024, is unsupported.</strong></p> <h2 id="block-aaaf14ed-800d-473e-abc2-4f2db719e0d7">New Features This Release</h2> <ul id="block-05beff49-852b-4564-9df3-018c2354c56e"><li><strong>PipeWire</strong> continues to improve with every release and is so robust it can be used for professional and prosumer use. Version 1.0.4</li><li><strong>Ubuntu Studio Installer</strong>‘s included <strong><a data-type="page" href="https://ubuntustudio.org/ubuntu-studio-installer/#audioconfig">Ubuntu Studio Audio Configuration</a> </strong>utility for fine-tuning the PipeWire setup or changing the configuration altogether now includes the ability to create or remove a dummy audio device. Version 1.9</li></ul> <h2 id="block-c3e434c7-367a-4777-b799-a3fd6a35e1b3">Major Package Upgrades</h2> <ul id="block-e855e703-e523-4f63-940a-d1071d6b8dbf"><li><strong>Ardour</strong> version 8.4.0</li><li><strong>Qtractor</strong> version 0.9.39</li><li><strong>OBS Studio </strong>version 30.0.2</li><li><strong>Audacity </strong>version 3.4.2</li><li><strong>digiKam</strong> version 8.2.0</li><li><strong>Kdenlive </strong>version 23.08.5</li><li><strong>Krita </strong>version 5.2.2</li></ul> <p id="block-5f0d720e-bce2-4330-9654-b7cd8589e194">There are many other improvements, too numerous to list here. We encourage you to look around the freely-downloadable ISO image.</p> <h2 id="block-8f4aa3cc-9bd2-4090-a685-153ad6761131">Known Issues</h2> <ul id="block-c6eb8dde-1349-461b-886c-937bdbed611d"><li>Ubuntu Studio’s classic PulseAudio-JACK configuration cannot be used on Ubuntu Desktop (GNOME) due to a known issue with the ubuntu-desktop metapackage. (LP: #<a href="https://launchpad.net/bugs/2033440">2033440</a>)</li><li>We now discourage the use of the aforementioned classic PulseAudio-JACK configuration as PulseAudio is becoming deprecated with time in favor of PipeWire. PipeWire’s JACK configuration can be disabled to use JACK2 via QJackCTL for advanced users.</li><li>Due to the Ubuntu repositories being in-flux following the time_t transition and xz-utils security issue resolution, some items in the repository are uninstallable or causing other packaging conflicts. The Ubuntu Release Team is working around the clock to help resolve these issues, so patience is required.</li></ul> <p id="block-cac00ac7-cbaa-4df0-a2b1-579dfba8e8a8">Official Ubuntu Studio release notes can be found at <a href="https://ubuntustudio.org/ubuntu-studio-24-04-LTS-release-notes/">https://ubuntustudio.org/ubuntu-studio-24-04-LTS-release-notes/</a></p> <p id="block-8127ec85-81e1-49ae-8132-7d07e86e6647">Further known issues, mostly pertaining to the desktop environment, can be found at <a href="https://wiki.ubuntu.com/NobleNumbat/ReleaseNotes/Kubuntu">https://wiki.ubuntu.com/NobleNumbat/ReleaseNotes/Kubuntu</a></p> <p id="block-547b9794-57c5-49eb-a8cb-884c89bb51a8">Additionally, the main Ubuntu release notes contain more generic issues: <a href="https://discourse.ubuntu.com/t/noble-numbat-release-notes/39890">https://discourse.ubuntu.com/t/noble-numbat-release-notes/39890</a></p> <h2 id="block-82f8513f-6640-43f9-bde7-5c17da0aa520">How You Can Help</h2> <p>Please test using the test cases on <a href="https://iso.qa.ubuntu.com">https://iso.qa.ubuntu.com</a>. All you need is a <a href="https://launchpad.net">Launchpad</a> account to get started.</p> <p>Additionally, we need financial contributions. Our project lead, Erich Eickmeyer, is working long hours on this project and trying to generate a part-time income. See <a data-id="2615" data-type="post" href="https://ubuntustudio.org/2023/09/a-message-from-the-project-lead/">this post</a> as to the reasons why and <a data-id="56" data-type="page" href="https://ubuntustudio.org/contribute/">go here</a> to see how you can contribute financially (options are also in the sidebar).</p> <h2 id="block-c7a21be7-9349-421e-a098-c0d2919f320a">Frequently Asked Questions</h2> <p id="block-163f794a-f451-40b0-bbbd-6f26c6cbe8e8"><strong>Q:</strong> Does Ubuntu Studio contain snaps?<br /><strong>A:</strong> Yes. Mozilla’s distribution agreement with Canonical changed, and Ubuntu was forced to no longer distribute Firefox in a native .deb package. We have found that, after numerous improvements, Firefox now performs just as well as the native .deb package did.</p> <p>Thunderbird has become a snap this cycle in order for the maintainers to get security patches delivered faster.</p> <p id="block-342134d3-a024-4b7b-b768-76c758b20acd">Additionally, Freeshow is an Electron-based application. Electron-based applications cannot be packaged in the Ubuntu repositories in that they cannot be packaged in a traditional Debian source package. While such apps do have a build system to create a .deb binary package, it circumvents the source package build system in Launchpad, which is required when packaging for Ubuntu. However, Electron apps also have a facility for creating snaps, which can be uploaded and included. Therefore, for Freeshow to be included in Ubuntu Studio, it had to be packaged as a snap.</p> <p id="block-c5b30c83-d27b-4fd0-a958-bc418f83bf2a"><strong>Q:</strong> If I install this Beta release, will I have to reinstall when the final release comes out?<br /><strong>A:</strong> No. If you keep it updated, your installation will automatically become the final release. However, if Audacity returns to the Ubuntu repositories before final release, then you might end-up with a double-installation of Audacity. Removal instructions of one or the other will be made available in a future post.</p> <p id="block-2266cee7-0ea1-49cf-8340-594da42a09d7"><strong>Q</strong>: Will you make an ISO with {my favorite desktop environment}?<br /><strong>A:</strong> To do so would require creating an entirely new flavor of Ubuntu, which would require going through the Official Ubuntu Flavor application process. Since we’re completely volunteer-run, we don’t have the time or resources to do this. Instead, we recommend you download the <a href="https://ubuntu.com/download/flavours">official flavor for the desktop environment of your choice</a> and use <a href="https://ubuntustudio.org/ubuntu-studio-installer">Ubuntu Studio Installer</a> to get Ubuntu Studio – which does *not* convert that flavor to Ubuntu Studio but adds its benefits.</p> <p id="block-48669a69-39bc-4971-b46b-c7da87133d24"><strong>Q: </strong>What if I don’t want all these packages installed on my machine?<br /><strong>A: </strong>Simply use the <strong>Ubuntu Studio Installer</strong> to remove the features of Ubuntu Studio you don’t want or need!</p></description> <pubDate>Fri, 12 Apr 2024 00:40:36 +0000</pubDate></item><item> <title>Lubuntu Blog: Lubuntu Noble Beta Released!</title> <guid isPermaLink="false">https://lubuntu.me/?p=3969</guid> <link>https://lubuntu.me/noble-beta-released/</link> <description>We are happy to announce the Beta release for Lubuntu Noble (what will become 24.04 LTS)! What makes this cycle unique? Lubuntu is a lightweight flavor of Ubuntu, based on LXQt and built for you. As an official flavor, we benefit from Canonical’s infrastructure and assistance, in addition to the support and enthusiasm from the […]</description> <pubDate>Thu, 11 Apr 2024 21:04:10 +0000</pubDate></item><item> <title>St&eacute;phane Graber: Announcing Incus 6.0 LTS</title> <guid isPermaLink="false">https://stgraber.org/?p=1565</guid> <link>https://stgraber.org/2024/04/04/announcing-incus-6-0-lts/</link> <description><p>And it’s finally out, our first LTS (Long Term Support) release of Incus!</p> <p>For anyone unfamiliar, <a href="https://linuxcontainers.org/incus/">Incus</a> is a modern system container and virtual machine manager developed and maintained by the same team that first created LXD. It’s released under the Apache 2.0 license and is run as a community led Open Source project as part of the <a href="https://linuxcontainers.org">Linux Containers</a> organization.</p> <p>Incus provides a cloud-like environment, creating instances from premade images and offers a wide variety of features, including the ability to seamlessly cluster up to 50 servers together.</p> <p>It supports multiple different local or remote storage options, traditional or fully distributed networking and offers most common cloud features, including a full <a href="https://linuxcontainers.org/incus/docs/main/rest-api-spec/">REST API</a> and <a href="https://linuxcontainers.org/incus/docs/main/third_party/">integrations</a> with common tooling like Ansible, Terraform/OpenTofu and more!</p> <figure class="wp-block-image size-large"><a href="https://stgraber.org/wp-content/uploads/2024/04/image.png" rel="noreferrer noopener" target="_blank"><img alt="" class="wp-image-1566" height="726" src="https://stgraber.org/wp-content/uploads/2024/04/image-1024x726.png" width="1024" /></a></figure> <p>The LTS release of Incus will be supported until June 2029 with the first two years featuring bug and security fixes as well as minor usability improvements before transitioning to security fixes only for the remaining 3 years.</p> <p>The highlights for existing Incus users are:</p> <ul><li>Swap limits for containers</li> <li>New shell completion mechanism</li> <li>Creation of external bridge interfaces</li> <li>Live-migration of VMs with disks attached</li> <li>System information in <code>incus info --resources</code></li> <li>USB information in <code>incus info --resources</code></li></ul> <p>For those coming from LXD 5.0 LTS, a full list of changes is included in the announcement as well as some instructions on how to migrate over.</p> <p>The full announcement and changelog can be <a href="https://discuss.linuxcontainers.org/t/incus-6-0-lts-has-been-released/19576" rel="noreferrer noopener" target="_blank">found here</a>.<br />And for those who prefer videos, here’s the release overview video:</p> <figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper"> </div></figure> <p>You can take the latest release of Incus up for a spin through our online demo service at: <a href="https://linuxcontainers.org/incus/try-it/" rel="noreferrer noopener" target="_blank">https://linuxcontainers.org/incus/try-it/</a></p> <p>And as always, my company is offering commercial support on Incus, ranging from by-the-hour support contracts to one-off services on things like initial migration from LXD, review of your deployment to squeeze the most out of Incus or even feature sponsorship. You’ll find all details of that here: <a href="https://zabbly.com/incus">https://zabbly.com/incus</a></p> <p>Donations towards my work on this and other open source projects is also always appreciated, you can find me on <a href="https://github.com/sponsors/stgraber">Github Sponsors</a>, <a href="https://patreon.com/stgraber">Patreon</a> and <a href="https://ko-fi.com/stgraber">Ko-fi</a>.</p> <p>Enjoy!</p></description> <pubDate>Thu, 04 Apr 2024 17:01:49 +0000</pubDate></item><item> <title>Lukas Märdian: Netplan v1.0 paves the way to stable, declarative network management</title> <guid isPermaLink="false">https://blog.slyon.de/?p=2352</guid> <link>https://blog.slyon.de/2024/04/04/netplan-v1-0-paves-the-way-to-stable-declarative-network-management/</link> <description><figure class="wp-block-image is-style-default"><img alt="" class="wp-image-2361" height="483" src="https://blog.slyon.de/wp-content/uploads/2024/03/image.png" width="902" /></figure> <p class="has-text-align-center">New “netplan status –diff” subcommand, finding differences between configuration and system state</p> <p>As the maintainer and lead developer for Netplan, I’m proud to announce the general availability of Netplan v1.0 after <a href="https://blog.slyon.de/2023/07/18/a-declarative-approach-to-linux-networking-with-netplan/">more than 7 years</a> of development efforts. Over the years, we’ve so far had about 80 individual contributors from around the globe. This includes many contributions from our Netplan core-team at Canonical, but also from other big corporations such as Microsoft or Deutsche Telekom. Those contributions, along with the many we receive from our <a href="https://github.com/canonical/netplan/pulls?q=is%3Apr+label%3Acommunity">community of individual contributors</a>, solidify Netplan as a healthy and trusted open source project. In an effort to make Netplan even more dependable, we started shipping upstream patch releases, such as 0.106.1 and 0.107.1, which make it easier to integrate fixes into our users’ custom workflows.</p> <p>With the release of version 1.0 we primarily focused on stability. However, being a major version upgrade, it allowed us to drop some long-standing legacy code from the <strong>libnetplan1</strong> library. Removing this technical debt increases the maintainability of Netplan’s codebase going forward. The upcoming Ubuntu 24.04 LTS and Debian 13 releases will ship Netplan v1.0 to millions of users worldwide.</p> <h2 class="wp-block-heading">Highlights of version 1.0</h2> <p>In addition to stability and maintainability improvements, it’s worth looking at some of the new features that were included in the latest release:</p> <ul><li>Simultaneous WPA2 &amp; WPA3 support.</li> <li>Introduction of a stable libnetplan1 API.</li> <li>Mellanox VF-LAG support for high performance SR-IOV networking.</li> <li>New <strong>hairpin</strong> and <strong>port-mac-learning</strong> settings, useful for VXLAN tunnels with FRRouting.</li> <li>New <strong>netplan status –diff</strong> subcommand, finding differences between configuration and system state.</li></ul> <p>Besides those highlights of the v1.0 release, I’d also like to shed some light on new functionality that was integrated within the past two years for those upgrading from the previous Ubuntu 22.04 LTS which used Netplan v0.104:</p> <ul><li>We added support for the management of new network interface types, such as <strong>veth</strong>, <strong>dummy</strong>, <strong>VXLAN</strong>, <strong>VRF</strong> or <strong>InfiniBand</strong> (IPoIB). </li> <li>Wireless functionality was improved by <a href="https://blog.slyon.de/2023/11/12/netplan-brings-consistent-network-configuration-across-desktop-server-cloud-and-iot/">integrating Netplan with NetworkManager</a> on desktop systems, adding support for WPA3 and adding the notion of a <strong>regulatory-domain</strong>, to choose proper frequencies for specific regions. </li> <li>To improve maintainability, we moved to Meson as Netplan’s buildsystem, added upstream CI coverage for multiple Linux distributions and integrations (such as Debian testing, NetworkManager, snapd or cloud-init), checks for ABI compatibility, and automatic memory leak detection. </li> <li>We increased consistency between the supported backend renderers (systemd-networkd and NetworkManager), by <a href="https://discourse.ubuntu.com/t/netplan-0-106-call-for-testing/33932">matching physical network interfaces on permanent MAC address</a>, when the <strong>match.macaddress</strong> setting is being used, and added new hardware offloading functionality for high performance networking, such as Single-Root IO Virtualisation virtual function link-aggregation (SR-IOV VF-LAG).</li></ul> <p>The much improved <a href="https://netplan.readthedocs.io">Netplan documentation</a>, that is now hosted on “Read the Docs”, and new command line subcommands, such as <strong>netplan status</strong>, make Netplan a well vested tool for declarative network management and troubleshooting.</p> <h2 class="wp-block-heading">Integrations</h2> <p>Those changes pave the way to integrate Netplan in 3rd party projects, such as system installers or cloud deployment methods. By shipping the new <strong>python3-netplan</strong> Python bindings to libnetplan, it is now easier than ever to access Netplan functionality and network validation from other projects. We are proud that the <a href="https://blog.slyon.de/2023/07/10/netplan-and-systemd-networkd-on-debian-bookworm/">Debian Cloud Team chose Netplan</a> to be the default network management tool in their official cloud-images for Debian Bookworm and beyond. Ubuntu’s NetworkManager package now uses <a href="https://blog.slyon.de/2023/11/12/netplan-brings-consistent-network-configuration-across-desktop-server-cloud-and-iot/">Netplan as it’s default backend on Ubuntu 23.10 Desktop</a> systems and beyond. Further integrations happened with cloud-init and the Calamares installer.<br /></p> <p>Please check out the <a href="https://github.com/canonical/netplan/releases/1.0">Netplan version 1.0 release</a> on GitHub! If you want to learn more, follow our activities on <a href="https://netplan.io/">Netplan.io</a>, <a href="https://github.com/canonical/netplan">GitHub</a>, <a href="https://bugs.launchpad.net/netplan">Launchpad</a>, <a href="https://web.libera.chat/gamja/?channels=%23netplan">IRC</a> or our <a href="https://discourse.ubuntu.com/t/blog-netplan-developer-diaries/35932">Netplan Developer Diaries</a> blog on discourse.</p></description> <pubDate>Thu, 04 Apr 2024 15:39:18 +0000</pubDate></item><item> <title>Dougie Richardson: Update Plesk Docker Images</title> <guid isPermaLink="false">https://dougiewougie.com/?p=2749</guid> <link>https://dougiewougie.com/2024/03/31/update-plesk-docker-images/</link> <description><p>Docker &gt; Settings &gt; Overview &gt; Recreate, making sure that “Rest variable to default” is <strong><u>not</u></strong> checked.</p> <p>Finally start.</p> <figure class="wp-block-image size-full"><img alt="" class="wp-image-2751" height="324" src="https://dougiewougie.com/wp-content/uploads/2024/03/Untitled-removebg-preview.png" width="611" /></figure></description> <pubDate>Sun, 31 Mar 2024 13:35:49 +0000</pubDate></item><item> <title>Simos Xenitellis: How to install and setup the Incus Web UI</title> <guid isPermaLink="false">https://blog.simos.info/?p=46759</guid> <link>https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/</link> <description><p><a href="https://linuxcontainers.org/incus/">Incus</a> is a manager for <strong><em>virtual machines (VM)</em></strong> and <strong><em>system containers</em></strong>. There is also <a href="https://discuss.linuxcontainers.org/">an Incus support forum</a>.</p> <p>Typically you would use the <code>incus</code> command-line interface (CLI) client to get access to the Incus manager and perform the tasks for the full life-cycle of the virtual machines and system containers. </p> <p>In this post we see how to install and setup the Incus Web UI. Just like the <code>incus</code> CLI tool that gets access to the REST API of the Incus manager (through a Unix socket or HTTPS), the Incus Web UI does the same over HTTPS. I assume that you have already installed and setup Incus.</p> <h2 class="simpletoc-title">Table of Contents</h2><ul class="simpletoc-list"><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#prerequisites">Prerequisites</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#installing-the-incus-web-ui-package">Installing the Incus Web UI package</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#preparing-incus-to-serve-the-web-ui">Preparing Incus to serve the Web UI</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#getting-the-browser-to-authenticate-to-the-server">Getting the browser to authenticate to the server</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#using-the-incus-ui">Using the Incus UI</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#conclusion">Conclusion</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#tips-and-tricks">Tips and Tricks</a> <ul><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#how-to-make-the-incus-port-accessible-to-localhost-only">How to make the Incus port accessible to localhost only</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#whats-in-incusuicrt-and-incusuipfx">What’s in incus-ui.crt and incus-ui.pfx?</a> </li></ul></li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#troubleshooting">Troubleshooting</a> <ul><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#error-unable-to-connect">Error: Unable to connect</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#error-client-sent-an-http-request-to-an-https-server">Error: Client sent an HTTP request to an HTTPS server</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#warning-potential-security-risk-ahead">Warning: Potential Security Risk Ahead</a></li></ul></li></ul> <h2 class="wp-block-heading" id="prerequisites">Prerequisites</h2> <p>You should already have a installation of Incus. If you do not have yet, see the official documentation on <a href="https://linuxcontainers.org/incus/docs/main/tutorial/first_steps/">Incus installation</a> and <a href="https://linuxcontainers.org/incus/docs/main/howto/server_migrate_lxd/">Incus migration</a>, or my prior posts on <a href="https://blog.simos.info/how-to-install-and-set-up-incus-on-a-cloud-server/">Incus installation</a> and <a href="https://blog.simos.info/migrating-to-incus-from-lxd/">Incus migration</a>.</p> <h2 class="wp-block-heading" id="installing-the-incus-web-ui-package">Installing the Incus Web UI package</h2> <p>The Incus Web UI package is <code>incus-ui-canonical</code>. We install it. By installing the package, we can enable Incus to serve the necessary Web pages (from <code>/opt/incus/ui</code>) so that we can connect with our browser and manage Incus itself. </p> <pre class="wp-block-code"><code><kbd>sudo apt install -y incus-ui-canonical</kbd></code></pre> <h2 class="wp-block-heading" id="preparing-incus-to-serve-the-web-ui">Preparing Incus to serve the Web UI</h2> <p>By default Incus is not <em>listening</em> to a Web port so that we can access directly through the browser. <a href="https://linuxcontainers.org/incus/docs/main/howto/server_expose/">We need to enable first Incus to activate access to the Web browser.</a> By default there is no configuration with <code>incus config show</code>.</p> <pre class="wp-block-code"><code>debian@myincus:~$ <kbd>incus config show </kbd>config: {}debian@myincus:~$ </code></pre> <p>We activate the Incus Web server, selecting the port number 8443. You are free to select another one, if you need to. We set <code>core.https_address</code> to <code>:8443</code>. This information appears in the <code>incus config</code> output.</p> <pre class="wp-block-code"><code>debian@myincus:~$ <kbd>incus config set core.https_address :8443</kbd>debian@myincus:~$ <kbd>incus config show </kbd>config: core.https_address: :8443debian@myincus:~$ </code></pre> <p>Let’s verify that Incus is now listening to port 8443. Yes, it does. On all interfaces (because of the <code>*</code>).</p> <pre class="wp-block-code"><code>debian@myincus:~$ <kbd>sudo apt install -y lsof</kbd>...debian@myincus:~$ <kbd>sudo lsof -i :8443</kbd>COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAMEincusd 8338 root 8u IPv6 29751 0t0 TCP *:8443 (LISTEN)debian@myincus:~$ </code></pre> <p>This is HTTPS, where are the certificate and the server key (private key)?</p> <pre class="wp-block-code"><code>debian@myincus:~$ <kbd>sudo ls -l /var/lib/incus/server.key /var/lib/incus/server.crt</kbd>-rw-r--r-- 1 root root 753 Mar 28 18:54 /var/lib/incus/server.crt-rw------- 1 root root 288 Mar 28 18:54 /var/lib/incus/server.keydebian@myincus:~$ <kbd>sudo openssl x509 -in /var/lib/incus/server.crt -text -noout</kbd>Certificate: Data: Version: 3 (0x2) Serial Number: 22:05:f1:14:f2:82:43:68:44:5e:1c:42:4c:28:5b:5c Signature Algorithm: ecdsa-with-SHA384 Issuer: O = Linux Containers, CN = root@myincus Validity Not Before: Mar 28 18:54:17 2024 GMT Not After : Mar 26 18:54:17 2034 GMT Subject: O = Linux Containers, CN = root@myincus Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:fb:cd:b6:b2:25:55:68:a5:33:75:48:4c:b0:7a: 2f:e9:c0:16:af:6f:b2:36:f9:19:6e:b0:86:bf:d1: 9f:07:16:b1:26:8b:75:36:f2:fc:02:38:c7:fa:25: 39:01:6c:bb:48:a9:4f:57:0d:af:e1:0f:a3:cf:b1: 7c:a2:d9:46:77:e7:94:c7:00:1a:d0:5f:5f:93:d8: 11:39:8d:16:0e:d0:62:98:81:93:da:ec:b8:70:24: f2:c4:da:91:0f:f8:8e ASN1 OID: secp384r1 NIST CURVE: P-384 X509v3 extensions: X509v3 Key Usage: critical Digital Signature, Key Encipherment X509v3 Extended Key Usage: TLS Web Server Authentication X509v3 Basic Constraints: critical CA:FALSE X509v3 Subject Alternative Name: DNS:myincus, IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1 Signature Algorithm: ecdsa-with-SHA384 Signature Value: 30:64:02:30:15:f4:fa:7b:d6:52:79:d4:c9:27:b9:d6:6c:90: f7:0e:13:83:15:ac:af:cd:c5:f2:48:08:99:7f:7b:94:55:06: 81:95:80:5f:0a:21:17:82:61:ac:5a:b6:5f:b8:49:b3:02:30: 62:a3:92:66:da:ce:7c:01:49:7e:38:16:c6:16:b3:cb:aa:3d: 1d:3f:63:12:93:e8:a1:0b:55:f0:80:99:d5:80:8a:a3:a6:2e: 3d:68:90:a6:dc:55:29:0b:36:80:36:72 debian@myincus:~$</code></pre> <p>Note that this is a self-signed certificate. Chrome, Firefox and other browsers will complain; you can still accept to continue but it will show a broken padlock at the address bar. If you wish, you can replace these with proper certificates so that the padlock is intact. To do so, once you replace the server key and the server certificate with actual values, restart Incus. If, however, you are running an Incus cluster, you must use <code>lxc cluster update-certificate</code> instead to update them. Note that a common alternative to dealing with Incus certificates, is to use a reverse-proxy; you get the reverse-proxy to use a proper certificate and leave Incus as is.</p> <p>At this point Incus is configured. We can continue with the next step where we get the client (our browser) to be authenticated to the server. </p> <h2 class="wp-block-heading" id="getting-the-browser-to-authenticate-to-the-server">Getting the browser to authenticate to the server</h2> <p>Visit the URL of your Incus server with your browser. At first you will likely confronted with a message that the server certificate is not accepted (<em>Warning: Potential Security Risk Ahead</em>). Click to <em>Accept</em> and continue. Then, you are presented with the following screen that asks you to login. You are authenticated to the Incus server through <em>user certificates</em>. You are prompted here to do just that. Your browser will create </p> <ol><li>a user certificate to be installed into Incus (<code>incus-ui.crt</code>)</li> <li>the same user certificate with a private key that will be setup in your browser(s) (<code>incus-ui.pfx</code>).</li></ol> <p>Click on <strong><em>Create a new certificate</em></strong>.</p> <div class="wp-block-image"><figure class="aligncenter size-full"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-1.png?ssl=1"><img alt="" class="wp-image-46763" data-attachment-id="46763" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-1" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-1.png?fit=750%2C485&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-1.png?fit=300%2C194&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-1.png?fit=822%2C532&amp;ssl=1" data-orig-size="822,532" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-1/" data-recalc-dims="1" height="485" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-1.png?resize=750%2C485&amp;ssl=1" width="750" /></a>Creating a new certificate.</figure></div> <p>Now click on <strong><em>Generate</em></strong> to get your browser to generate the private key and the certificate. </p> <figure class="wp-block-image size-large"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-2.png?ssl=1"><img alt="" class="wp-image-46766" data-attachment-id="46766" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-2" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-2.png?fit=750%2C641&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-2.png?fit=300%2C256&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-2.png?fit=1115%2C953&amp;ssl=1" data-orig-size="1115,953" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-2/" data-recalc-dims="1" height="641" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-2.png?resize=750%2C641&amp;ssl=1" width="750" /></a></figure> <p></p> <p>You are asked whether you want to protect the certificate with a password. In our case we click on <strong><em>Skip</em></strong> because we do not want to encrypt the private key with a password. By clicking on <strong><em>Skip</em></strong>, the private key is still generated but it is not getting encrypted.</p> <div class="wp-block-image"><figure class="aligncenter size-full"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-3.png?ssl=1"><img alt="" class="wp-image-46767" data-attachment-id="46767" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-3" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-3.png?fit=626%2C446&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-3.png?fit=300%2C214&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-3.png?fit=626%2C446&amp;ssl=1" data-orig-size="626,446" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-3/" data-recalc-dims="1" height="446" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-3.png?resize=626%2C446&amp;ssl=1" width="626" /></a></figure></div> <p>At this point the browser generated <code>incus-ui.crt</code>, which is the user certificate to install in Incus. In the following we added the user certificate to Incus.</p> <pre class="wp-block-code"><code>debian@myincus:~$ <kbd>incus config trust list</kbd>+------+------+-------------+-------------+-------------+| NAME | TYPE | DESCRIPTION | FINGERPRINT | EXPIRY DATE |+------+------+-------------+-------------+-------------+debian@myincus:~$ <kbd>incus config trust add-certificate incus-ui.crt</kbd>debian@myincus:~$ <kbd>incus config trust list</kbd>+--------------+--------+-------------+--------------+----------------------+| NAME | TYPE | DESCRIPTION | FINGERPRINT | EXPIRY DATE |+--------------+--------+-------------+--------------+----------------------+| incus-ui.crt | client | | b89b80eb4c89 | 2026/12/23 21:08 UTC |+--------------+--------+-------------+--------------+----------------------+debian@myincus:~$ </code></pre> <div class="wp-block-image"><figure class="aligncenter size-large"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-4.png?ssl=1"><img alt="" class="wp-image-46768" data-attachment-id="46768" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-4" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-4.png?fit=750%2C641&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-4.png?fit=300%2C256&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-4.png?fit=1115%2C953&amp;ssl=1" data-orig-size="1115,953" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-4/" data-recalc-dims="1" height="641" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-4.png?resize=750%2C641&amp;ssl=1" width="750" /></a>The two files have been generated. We are adding <code>incus-ui.crt</code> to Incus, and <code>incus-ui.pfx</code> to the Web browser. </figure></div> <p>The page above has instructions on how to add the user certificate to Firefox, Chrome, Edge and macOS. For example, for the case of Firefox, type the following to the address bar and press Enter. Alternatively, go to Settings→Privacy &amp; Security→Certificates. There, click on <strong><em>View Certificates…</em></strong> and select the <strong><em>Your Certificates</em></strong> tab. Finally, click to Import… the <code>incus-ui.pfx</code> certificate file.</p> <pre class="wp-block-code"><code>about:preferences#privacy</code></pre> <div class="wp-block-image"><figure class="aligncenter size-full"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-5.png?ssl=1"><img alt="" class="wp-image-46769" data-attachment-id="46769" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-5" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-5.png?fit=750%2C175&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-5.png?fit=300%2C70&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-5.png?fit=768%2C179&amp;ssl=1" data-orig-size="768,179" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-5/" data-recalc-dims="1" height="175" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-5.png?resize=750%2C175&amp;ssl=1" width="750" /></a>This is found in Firefox under <strong><em>Settings</em></strong>→<strong><em>Privacy &amp; Security</em></strong>→<strong><em>Certificates</em></strong>.</figure></div> <p>When you add the <code>incus-ui.pfx</code> user certificate in Firefox, it will appear as in the following screenshot.</p> <div class="wp-block-image"><figure class="aligncenter size-full"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-6.png?ssl=1"><img alt="" class="wp-image-46770" data-attachment-id="46770" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-6" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-6.png?fit=705%2C482&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-6.png?fit=300%2C205&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-6.png?fit=705%2C482&amp;ssl=1" data-orig-size="705,482" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-6/" data-recalc-dims="1" height="482" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-6.png?resize=705%2C482&amp;ssl=1" width="705" /></a>The <code>incus-ui.pfx</code> certificate has been added to this instance of Firefox.</figure></div> <p>Subsequently, switch back to the Firefox tab with the Incus UI page and you are shown the following prompt to get your browser to send the user certificate to the Incus manager in order to get authenticated, and be able to manage Incus through the Web. Click on <strong><em>OK</em></strong>.</p> <div class="wp-block-image"><figure class="aligncenter size-large"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-7.png?ssl=1"><img alt="" class="wp-image-46771" data-attachment-id="46771" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-7" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-7.png?fit=750%2C311&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-7.png?fit=300%2C125&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-7.png?fit=1057%2C439&amp;ssl=1" data-orig-size="1057,439" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-7/" data-recalc-dims="1" height="311" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-7.png?resize=750%2C311&amp;ssl=1" width="750" /></a>You are prompted to identify yourself to Incus UI in order to be able to manage the Incus installation.</figure></div> <p>Finally, you are able to manage Incus over the Web with Incus UI. The Web page loads up and you can perform all tasks that you can do with the <code>incus</code> command-line client.</p> <div class="wp-block-image"><figure class="aligncenter size-full"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-8.png?ssl=1"><img alt="" class="wp-image-46772" data-attachment-id="46772" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-8" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-8.png?fit=750%2C584&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-8.png?fit=300%2C233&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-8.png?fit=865%2C673&amp;ssl=1" data-orig-size="865,673" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-8/" data-recalc-dims="1" height="584" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-8.png?resize=750%2C584&amp;ssl=1" width="750" /></a>Your browser is now authenticated through your user certificate and you can manage Incus over the Web with Incus UI.</figure></div> <h2 class="wp-block-heading" id="using-the-incus-ui">Using the Incus UI</h2> <p>We click on <strong><em>Create Instance</em></strong> to create a first instance. We select from the list which image to use, then click to <strong><em>Create and start</em></strong>.</p> <div class="wp-block-image"><figure class="aligncenter size-large"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-9.png?ssl=1"><img alt="" class="wp-image-46774" data-attachment-id="46774" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image-9" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-9.png?fit=750%2C454&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-9.png?fit=300%2C182&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-9.png?fit=1099%2C665&amp;ssl=1" data-orig-size="1099,665" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image-9/" data-recalc-dims="1" height="454" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image-9.png?resize=750%2C454&amp;ssl=1" width="750" /></a>Creating an instance and starting it.</figure></div> <p>While the instance is created, you are updated with the different steps that take place. In the end, the instance is successfully launched.</p> <div class="wp-block-image"><figure class="aligncenter size-large"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-2024-03-28-at-23-52-55-10.10.10.98-Incus-UI.png?ssl=1"><img alt="" class="wp-image-46776" data-attachment-id="46776" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="Screenshot-2024-03-28-at-23-52-55-10.10.10.98-Incus-UI" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-2024-03-28-at-23-52-55-10.10.10.98-Incus-UI.png?fit=750%2C454&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-2024-03-28-at-23-52-55-10.10.10.98-Incus-UI.png?fit=300%2C182&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-2024-03-28-at-23-52-55-10.10.10.98-Incus-UI.png?fit=1099%2C665&amp;ssl=1" data-orig-size="1099,665" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/screenshot-2024-03-28-at-23-52-55-10-10-10-98-incus-ui/" data-recalc-dims="1" height="454" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-2024-03-28-at-23-52-55-10.10.10.98-Incus-UI.png?resize=750%2C454&amp;ssl=1" width="750" /></a>The instance has been created and is running.</figure></div> <h2 class="wp-block-heading" id="conclusion">Conclusion</h2> <p>With Incus UI you are able to go through all the workflow of managing Incus instances through your Web browser. Incus UI has been implemented as a stateless Web application, which means that no information are stored on the browser. For example, the browser does not maintain a database with the created instances; the state is maintained on Incus.</p> <p>There are a few more UI Web applications for Incus, including <code><a href="https://github.com/melato/lxops">lxops</a></code>. At some point in the future I expect to cover them as well.</p> <h2 class="wp-block-heading" id="tips-and-tricks">Tips and Tricks</h2> <h3 class="wp-block-heading" id="how-to-make-the-incus-port-accessible-to-localhost-only">How to make the Incus port accessible to localhost only</h3> <p>The address has the format of &lt;<em>ip address</em>&gt;:&lt;<em>port</em>&gt;. You can specify <em>localhost</em> (127.0.0.1) for the part of the IP address. By doing so, Incus will only bind to <em>localhost</em> and listen to local connections only.</p> <pre class="wp-block-code"><code>debian@myincus:~$ <kbd>incus config show</kbd>config: core.https_address: :8443debian@myincus:~$ <kbd>incus config set core.https_address 127.0.0.1:8443</kbd>debian@myincus:~$ <kbd>incus config show</kbd>config: core.https_address: 127.0.0.1:8443debian@myincus:~$ <kbd>sudo lsof -i :8443</kbd>COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAMEincusd 8338 root 8u IPv4 30315 0t0 TCP localhost:8443 (LISTEN)debian@myincus:~$ </code></pre> <h3 class="wp-block-heading" id="whats-in-incusuicrt-and-incusuipfx">What’s in <code>incus-ui.crt</code> and <code>incus-ui.pfx</code>?</h3> <p>You can use <code>openssl</code> to decode both files. This is an RSA 2048-bit certificate using the SHA-1 hash function.</p> <pre class="wp-block-code"><code>$ <kbd>openssl x509 -in incus-ui.crt -noout -text</kbd>Certificate: Data: Version: 3 (0x2) Serial Number: 01:12:00:11:07:65:00:03:00:10:00:41:00:04:09:11 Signature Algorithm: sha1WithRSAEncryption Issuer: C = AU, ST = Some-State, O = Incus UI 10.10.10.98 (Browser Generated) Validity Not Before: Mar 28 21:08:58 2024 GMT Not After : Dec 23 21:08:58 2026 GMT Subject: C = AU, ST = Some-State, O = Incus UI 10.10.10.98 (Browser Generated) Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (2048 bit) Modulus: 00:ce:f8:1d:67:e1:a3:f5:1a:16:b6:26:63:8f:32: 42:99:0d:af:86:8b:18:49:1a:4b:8e:ab:68:e1:04: ba:24:dd:e6:27:d5:df:7a:13:cf:16:b3:33:28:89: e0:ab:c8:dc:c1:2a:0a:de:ed:26:3a:77:74:dd:42: 1c:e2:22:fc:a5:a5:68:c1:c9:3b:4d:12:15:27:ae: c6:50:ec:dc:f1:0a:ba:00:0c:83:d0:0d:0f:81:90: 4e:30:43:cb:45:bf:e2:e9:17:39:40:3b:95:8b:8b: 18:e9:59:51:fc:9a:7a:80:e4:73:b3:54:bd:ff:1c: 7c:81:75:16:e3:6f:3a:56:9b:0f:a3:73:55:45:03: d8:fb:f3:34:4c:60:4f:f2:67:9f:66:ea:29:29:78: 6c:66:05:d6:7d:96:cd:0f:2b:4b:9c:71:2c:09:6f: e2:b4:23:d0:5d:d0:fe:b0:6a:b1:58:5e:d7:b5:47: 9e:aa:47:34:f8:7d:e1:ed:fe:bf:97:3d:99:49:42: af:e2:e5:b3:c5:1e:58:b1:98:01:db:8f:25:9f:f8: d9:03:02:06:f9:99:0a:3a:a1:70:9d:fe:64:0d:c2: d8:cc:f0:1c:53:e4:31:4c:78:12:c2:fd:72:23:6a: f4:7e:41:f9:d5:df:6b:ad:2c:52:29:d0:7f:eb:65: 64:0f Exponent: 65537 (0x10001) Signature Algorithm: sha1WithRSAEncryption Signature Value: 28:b3:5c:48:64:8c:23:82:dd:e2:05:6a:9d:18:dd:43:f4:07: e6:be:1e:80:b7:f9:0c:0f:3d:cd:b8:bd:7b:55:7e:36:6d:74: 24:d5:69:b2:24:51:3a:2d:c5:95:68:b5:dc:27:d5:83:d9:bc: cb:d0:fd:55:24:63:7d:c6:65:9b:f1:b3:9d:f7:b4:4e:ba:83: eb:bf:f5:d0:f6:95:2d:7b:90:4e:d3:89:ac:f0:87:e6:fa:9d: f6:ea:c2:42:f2:15:17:74:5c:e4:3c:ed:1a:42:3c:e7:04:aa: 65:42:3e:75:5c:24:8e:52:85:0d:4b:b2:e2:ec:fa:57:4a:68: 35:4b:8f:3c:13:fc:15:09:80:5a:b1:c8:e0:22:f5:69:25:4b: 46:8b:e0:b9:e1:3a:f5:0c:40:d2:c3:75:9c:79:9a:aa:68:9b: 21:36:ed:67:cb:6d:fc:bc:f0:0b:5a:2b:1a:4c:73:67:c5:79: b6:27:b9:58:d0:c7:ea:84:21:bf:f4:7c:44:11:d7:88:ab:1d: e4:53:c9:10:cd:e6:b8:5a:7a:92:73:a8:1e:fe:1c:2e:dc:e8: 7e:3d:e9:a2:6d:26:5a:09:40:a1:3e:51:40:8b:da:57:37:9a: 8d:0e:d8:cf:c1:0a:b1:0b:95:53:05:41:29:39:af:93:9b:aa: 10:af:a1:6c$ </code></pre> <p>For the <code>incus-ui.pfx</code> file, we first convert to the PEM format, then print the contents. The PFX file contains the certificate (the same that was added earlier to Incus) along with the private key.</p> <pre class="wp-block-code"><code>$ <kbd>openssl pkcs12 -in incus-ui.pfx -out incus-ui.pem -noenc</kbd>Enter Import Password:$ <kbd>cat incus-ui.pem </kbd>Bag Attributes localKeyID: 3A 23 25 F7 56 4D 71 B8 FB FD 72 90 2D A1 F3 B8 2F 01 5E 92 friendlyName: Incus-UIsubject=C = AU, ST = Some-State, O = Incus UI 10.10.10.98 (Browser Generated)issuer=C = AU, ST = Some-State, O = Incus UI 10.10.10.98 (Browser Generated)-----BEGIN CERTIFICATE-----MIIDMjCCAhqgAwIBAgIQARIAEQdlAAMAEABBAAQJETANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTExMC8GA1UEChMoSW5jdXMgVUkgMTAuMTAuMTAuOTggKEJyb3dzZXIgR2VuZXJhdGVkKTAeFw0yNDAzMjgyMTA4NThaFw0yNjEyMjMyMTA4NThaMFUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMTEwLwYDVQQKEyhJbmN1cyBVSSAxMC4xMC4xMC45OCAoQnJvd3NlciBHZW5lcmF0ZWQpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvgdZ+Gj9RoWtiZjjzJCmQ2vhosYSRpLjqto4QS6JN3mJ9XfehPPFrMzKIngq8jcwSoK3u0mOnd03UIc4iL8paVowck7TRIVJ67GUOzc8Qq6AAyD0A0PgZBOMEPLRb/i6Rc5QDuVi4sY6VlR/Jp6gORzs1S9/xx8gXUW4286VpsPo3NVRQPY+/M0TGBP8mefZuopKXhsZgXWfZbNDytLnHEsCW/itCPQXdD+sGqxWF7XtUeeqkc0+H3h7f6/lz2ZSUKv4uWzxR5YsZgB248ln/jZAwIG+ZkKOqFwnf5kDcLYzPAcU+QxTHgSwv1yI2r0fkH51d9rrSxSKdB/62VkDwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQAos1xIZIwjgt3iBWqdGN1D9Afmvh6At/kMDz3NuL17VX42bXQk1WmyJFE6LcWVaLXcJ9WD2bzL0P1VJGN9xmWb8bOd97ROuoPrv/XQ9pUte5BO04ms8Ifm+p326sJC8hUXdFzkPO0aQjznBKplQj51XCSOUoUNS7Li7PpXSmg1S488E/wVCYBascjgIvVpJUtGi+C54Tr1DEDSw3WceZqqaJshNu1ny238vPALWisaTHNnxXm2J7lY0MfqhCG/9HxEEdeIqx3kU8kQzea4WnqSc6ge/hwu3Oh+PemibSZaCUChPlFAi9pXN5qNDtjPwQqxC5VTBUEpOa+Tm6oQr6Fs-----END CERTIFICATE-----Bag Attributes localKeyID: 3A 23 25 F7 56 4D 71 B8 FB FD 72 90 2D A1 F3 B8 2F 01 5E 92 friendlyName: Incus-UIKey Attributes: &lt;No Attributes&gt;-----BEGIN PRIVATE KEY-----MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDO+B1n4aP1Gha2JmOPMkKZDa+GixhJGkuOq2jhBLok3eYn1d96E88WszMoieCryNzBKgre7SY6d3TdQhziIvylpWjByTtNEhUnrsZQ7NzxCroADIPQDQ+BkE4wQ8tFv+LpFzlAO5WLixjpWVH8mnqA5HOzVL3/HHyBdRbjbzpWmw+jc1VFA9j78zRMYE/yZ59m6ikpeGxmBdZ9ls0PK0uccSwJb+K0I9Bd0P6warFYXte1R56qRzT4feHt/r+XPZlJQq/i5bPFHlixmAHbjyWf+NkDAgb5mQo6oXCd/mQNwtjM8BxT5DFMeBLC/XIjavR+QfnV32utLFIp0H/rZWQPAgMBAAECggEBAMm1N/tpBgC291F4YmlJg2xk0R8f6oA8V0zpMyKyF7QcatWB8/Wm3pnx9bbZgRQKg1LiZYvTtgEfMM7+QuYFURMi/NB4DQpUyDdPd0mhPsbQWVH8mnqA5HOzVL3/HHyBdRbjbzpWmw+jc1VFA9j78zRMYE/yZ59m6ikpeGxmBdZ9+uKyZ4U4/TORu2tadg9frtUl1HhkY1zGAxOyJUbCOVIbZF2iQt5zMZt4XLFhKgwhjtDklc3dFIDigUZzpMgdLExLWi6CGT++cjJGpseM+QOAubSoCmT6eIs8qi9KpQhkaZYBerWqBxswkmNGK4Zh+5gFvdW7EmEp128hATgYZGECgYEA7ckh3qL4Jg6FQA8+UeEoaT2CvDI89HMJfFN2NvU1ZklqP9aDnPvMjui/h/8HtDeb+5FWFZHF1B9laJp3HnGGt+98/aO9skdFQDiszclDNIHdpSqcD2LWkKz84QTWqTTkRAxJpgnW91oURtyhWVH8mnqA5HOzVL3/HHyBdRbjbzpWmw+jc1VFA9j78zRMYE/yZ59m6ikpeGxmBdZ9JSltWZtYemYzPTpZysocyRs5mD8CgYEA3tKviDreIR+TKT3FQoevyicXuwSn6ocH2RTgJQF+Qyj+1ykQhwRQUD+axZGls5g2JgT+2gFIdUcAR9CN22rxLRbnIj645yGPKa4dVhNAZnz/olWgs4onoO0CnOGXAkVdyiBe9H/D1dkj5bqAfY1eov6khPMOyrDFEXGi0e6uInbddI/sHUAAIIqJ4+knqwJIgxlzA9GFuzzt4oRLGMsoaClLYFCsrekJSF/w7DvhoDQo+JIrHuGX4hLgFLWOgp2WMWhbvgZ0P1PWcJukZ/jx7rJmkwKBgGa57x75NMtEiU3sInMnpw2ltDUOUnO3SRD1pNiqtZE05zg+wFXe0UAN8sa+/QutUtl4WVH8mnqA5HOzVL3/HHyBdRbjbzpWmw+jc1VFA9j78zRMYE/yZ59m6ikpeGxmBdZ9WB4dlVAsKZ7yMVRFG2dUNb7997TnLd9jXDcArSIS4q/uliXvvZFdc2TsQ/hSDolPHzfNZ3XBo+EXeIFpmYW/rA13GQytLl5oDC28WaEhAoGBAL6acBqMflXUoWWVHZR70vNcJjtRTC13SGRoAKR/tT2kUqloz60bgWeVtggkFWTpPGgm6lmSuYvTnPeoHYDfvLibVFGasTk8Y7Aji0V7rF4O-----END PRIVATE KEY-----$ </code></pre> <h2 class="wp-block-heading" id="troubleshooting">Troubleshooting</h2> <h3 class="wp-block-heading" id="error-unable-to-connect">Error: Unable to connect</h3> <p>You tried to access the IP address of the Incus server as (for example) <code>https://192.168.1.10/</code> while you should have specified the IP address as well. The URL should look like <code>https://192.168.1.10:8443/</code>.</p> <h3 class="wp-block-heading" id="error-client-sent-an-http-request-to-an-https-server">Error: Client sent an HTTP request to an HTTPS server</h3> <p>You tried to connect to the Incus server at an address (for example) <code>http://192.168.1.10:8443/</code> but you omitted the <code>s</code> in <code>https</code>. Use <code>https://192.168.1.10:8443/</code> instead. </p> <h3 class="wp-block-heading" id="warning-potential-security-risk-ahead">Warning: Potential Security Risk Ahead</h3> <p>You are accessing the Incus server through the HTTPS address for the first time and the certificate has not been signed by a certification authority. </p> <div class="wp-block-image"><figure class="aligncenter size-full"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image.png?ssl=1"><img alt="" class="wp-image-46761" data-attachment-id="46761" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="image" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image.png?fit=750%2C540&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image.png?fit=300%2C216&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image.png?fit=755%2C544&amp;ssl=1" data-orig-size="755,544" data-permalink="https://blog.simos.info/how-to-install-and-setup-the-incus-web-ui/image/" data-recalc-dims="1" height="540" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/image.png?resize=750%2C540&amp;ssl=1" width="750" /></a>First attempt to access the Incus server over HTTPS with your browser.</figure></div> <p>Click on <em>Advanced</em> and select to <em>Accept the risk and Continue</em>. If you want to avoid this error message, you need to provide a server certificate that is accepted by your browser. </p><div class="saboxplugin-wrap"><div class="saboxplugin-tab"><div class="saboxplugin-gravatar"><img alt="Simos Xenitellis" class="avatar avatar-100 photo" height="100" src="https://secure.gravatar.com/avatar/5c04c6b5f513d926ea9d77782a3843a1?s=100&amp;d=wavatar&amp;r=g" width="100" /></div><div class="saboxplugin-authorname"><a class="vcard author" href="https://blog.simos.info/author/simos/" rel="author"><span class="fn">Simos Xenitellis</span></a></div><div class="saboxplugin-desc"><div></div></div><div class="saboxplugin-web "><a href="https://blog.simos.info/" target="_self">blog.simos.info/</a></div><div class="clearfix"></div></div></div></description> <pubDate>Thu, 28 Mar 2024 22:16:39 +0000</pubDate></item><item> <title>Scarlett Gately Moore: Kubuntu, KDE Report. In Loving Memory of my Son.</title> <guid isPermaLink="false">https://www.scarlettgatelymoore.dev/?p=431</guid> <link>https://www.scarlettgatelymoore.dev/kubuntu-kde-report-in-loving-memory-of-my-son/</link> <description><figure class="wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio"><div class="wp-block-embed__wrapper"> </div></figure> <p><strong>Personal:</strong></p> <p>As many of you know, I lost my beloved son March 9th. This has hit me really hard, but I am staying strong and holding on to all the wonderful memories I have. He grew up to be an amazing man, devoted christian and wonderful father. He was loved by everyone who knew him and will be truly missed by us all. I have had folks ask me how they can help. He left behind his 7 year old son Mason. Mason was Billy’s world and I would like to make sure Mason is taken care of. I have set up a gofundme for Mason and all proceeds will go to the future care of him. </p> <p><a href="https://gofund.me/25dbff0c">https://gofund.me/25dbff0c</a></p> <p class="has-text-align-center"><strong>Work report</strong></p> <p><strong>Kubuntu:</strong></p> <p>Bug bashing! I am triaging allthebugs for Plasma which can be seen here:</p> <p><a href="https://bugs.launchpad.net/plasma-5.27/+bug/2053125">https://bugs.launchpad.net/plasma-5.27/+bug/2053125</a></p> <p>I am happy to report many of the remaining bugs have been fixed in the latest bug fix release 5.27.11.</p> <p>I prepared <a href="https://kde.org/announcements/plasma/5/5.27.11/">https://kde.org/announcements/plasma/5/5.27.11/</a> and Rik uploaded to archive, thank you. Unfortunately, this and several other key fixes are stuck in transition do to the time_t64 transition, which you can read about here: <a href="https://wiki.debian.org/ReleaseGoals/64bit-time">https://wiki.debian.org/ReleaseGoals/64bit-time</a> . It is the biggest transition in Debian/Ubuntu history and it couldn’t come at a worst time. We are aware our ISO installer is currently broken, calamares is one of those things stuck in this transition. There is a workaround in the comments of the bug report: <a href="https://bugs.launchpad.net/ubuntu/+source/calamares/+bug/2054795">https://bugs.launchpad.net/ubuntu/+source/calamares/+bug/2054795</a></p> <p>Fixed an issue with plasma-welcome.</p> <p>Found the fix for emojis and Aaron has kindly moved this forward with the fontconfig maintainer. Thanks!</p> <p>I have received an <a data-id="https://kfocus.org/spec/spec-ir14.html" data-type="link" href="https://kfocus.org/spec/spec-ir14.html">https://kfocus.org/spec/spec-ir14.html</a> laptop and it is truly a great machine and is now my daily driver. A big thank you to the Kfocus team! I can’t wait to show it off at <a href="https://linuxfestnorthwest.org/">https://linuxfestnorthwest.org/</a>.</p> <p><strong>KDE Snaps:</strong></p> <p>You will see the activity in this ramp back up as the KDEneon Core project is finally a go! I will participate in the project with part time status and get everyone in the Enokia team up to speed with my snap knowledge, help prepare the qt6/kf6 transition, package plasma, and most importantly I will focus on documentation for future contributors.</p> <p>I have created the ( now split ) qt6 with KDE patchset support and KDE frameworks 6 SDK and runtime snaps. I have made the kde-neon-6 extension and the PR is in: https://github.com/canonical/snapcraft/pull/4698 . Future work on the extension will include multiple versions track support and core24 support.</p> <figure class="wp-block-image size-large"><img alt="" class="has-transparency wp-image-433" data-dominant-color="a19f9f" data-has-transparency="true" height="712" src="https://www.scarlettgatelymoore.dev/wp-content/uploads/ark_qt6_snap-1024x712.png" width="1024" /></figure> <p>I have successfully created our first qt6/kf6 snap ark. They will show showing up in the store once all the required bits have been merged and published.</p> <p>Thank you for stopping by.</p> <p>~Scarlett</p></description> <pubDate>Thu, 28 Mar 2024 17:54:44 +0000</pubDate></item><item> <title>Simos Xenitellis: How to run an Incus VM inside an Incus VM (nested virtualization)</title> <guid isPermaLink="false">https://blog.simos.info/?p=46737</guid> <link>https://blog.simos.info/how-to-run-an-incus-vm-inside-an-incus-vm-nested-virtualization/</link> <description><p><a href="https://linuxcontainers.org/incus/">Incus</a> is a manager for virtual machines (VM) and system containers. There is also <a href="https://discuss.linuxcontainers.org/">an Incus support forum</a>.</p> <p>A <strong>virtual machine</strong> (VM) is an instance of an operating system that runs on a computer, along with the main operating system. A virtual machine uses hardware virtualization features for the separation from the main operating system. With virtual machines, the full operating system boots up in them. </p> <p>A <strong>system container</strong> is an instance of an operating system that also runs on a computer, along with the main operating system. A system container, instead, uses security primitives of the Linux kernel for the separation from the main operating system. You can think of system containers as <em>software virtual machines</em>. System containers reuse the running Linux kernel of the host, therefore you can only have Linux system containers, <a href="https://images.linuxcontainers.org/">any Linux distribution</a>. </p> <p>In this post we see how to create a VM with Incus, install Incus into that VM, and then create a VM through the <em><strong>inner Incus installation</strong></em>. This is also called <strong><em>nested virtualization</em></strong>. Incus works fine with nested virtualization. Any pitfalls arise from the settings of the host (BIOS/UEFI settings, host Linux kernel, etc). We’ll see these together, step by step.</p> <h2 class="simpletoc-title">Table of Contents</h2><ul class="simpletoc-list"><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#configuring-your-hardware-for-virtualization">Configuring your hardware for virtualization</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#testing-your-host-for-virtualization">Testing your host for virtualization</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#testing-your-host-for-nested-virtualization">Testing your host for nested virtualization</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#launching-the-outer-incus-vm">Launching the outer Incus VM</a> </li><li><a href="https://blog.simos.info/category/planet-ubuntu/feed/?mrss=off#conclusion">Conclusion</a></li></ul> <h2 class="wp-block-heading" id="configuring-your-hardware-for-virtualization">Configuring your hardware for virtualization</h2> <p>You would need to enter into the BIOS/UEFI settings and enable the option for <strong>VT-x</strong> (for Intel CPUs) or <strong>AMD-V</strong> (for AMD CPUs) virtualization. If you are unsure, you can just follow the instructions in the next step which will complain if you have not enabled the appropriate BIOS/UEFI settings.</p> <p>As a sidenote there is another setting, Intel VT-d (for Intel CPUs) or AMD-Vi (for AMD CPUs) that allow to move a supported hardware device (like a GPU, if you have more than one) into the VM. Not essential for what we are testing, but keep that in mind if you get too deep into virtualization.</p> <p>There are also some additional options that are optional, AMD Nested Page tables (NPT) (for AMD) and Rapid Virtualization Indexing (RVI)/Intel Extended Page Tables (EPT) for Intel. These help for performance. </p> <h2 class="wp-block-heading" id="testing-your-host-for-virtualization">Testing your host for virtualization</h2> <p>The Linux kernel that is available in most Linux distributions supports <a href="https://en.wikipedia.org/wiki/Kernel-based_Virtual_Machine">the KVM hypervisor</a> for virtualization.</p> <p>Applications use <a href="https://libvirt.org/">the <code>libvirt</code>toolkit</a> to access the virtualization features. </p> <p>In order to test if our host supports virtualization, we install <code>cpu-checker</code> and the <code>libvirt-clients</code> packages on the host and then run <code>kvm-ok</code> and <code>virt-host-validate</code> respectively to verify our system. Compared between the two utilities, the latter is better. However, I am including <code>cpu-checker</code>as it is covered in lots of documentation.</p> <pre class="wp-block-code"><code>$ <kbd>sudo apt install -y cpu-checker libvirt-clients</kbd>...$ <kbd>kvm-ok</kbd>INFO: /dev/kvm existsKVM acceleration can be used$ <kbd>sudo virt-host-validate</kbd> QEMU: Checking for hardware virtualization : PASS QEMU: Checking if device /dev/kvm exists : PASS QEMU: Checking if device /dev/kvm is accessible : PASS QEMU: Checking if device /dev/vhost-net exists : PASS QEMU: Checking if device /dev/net/tun exists : PASS QEMU: Checking for cgroup 'cpu' controller support : PASS QEMU: Checking for cgroup 'cpuacct' controller support : PASS QEMU: Checking for cgroup 'cpuset' controller support : PASS QEMU: Checking for cgroup 'memory' controller support : PASS QEMU: Checking for cgroup 'devices' controller support : PASS QEMU: Checking for cgroup 'blkio' controller support : PASS QEMU: Checking for device assignment IOMMU support : PASS QEMU: Checking if IOMMU is enabled by kernel : PASS QEMU: Checking for secure guest support : WARN (Unknown if this platform has Secure Guest support) LXC: Checking for Linux &gt;= 2.6.26 : PASS LXC: Checking for namespace ipc : PASS LXC: Checking for namespace mnt : PASS LXC: Checking for namespace pid : PASS LXC: Checking for namespace uts : PASS LXC: Checking for namespace net : PASS LXC: Checking for namespace user : PASS LXC: Checking for cgroup 'cpu' controller support : PASS LXC: Checking for cgroup 'cpuacct' controller support : PASS LXC: Checking for cgroup 'cpuset' controller support : PASS LXC: Checking for cgroup 'memory' controller support : PASS LXC: Checking for cgroup 'devices' controller support : PASS LXC: Checking for cgroup 'freezer' controller support : FAIL (Enable 'freezer' in kernel Kconfig file or mount/enable cgroup controller in your system) LXC: Checking for cgroup 'blkio' controller support : PASS LXC: Checking if device /sys/fs/fuse/connections exists : PASS$ </code></pre> <p>If you get a failure, try to identify whether the issue is with your computer’s firmware or with the Linux kernel of your host. If in doubt, post below the output.</p> <p>Why does the output mention both <strong>QEMU</strong> and <strong>LXC</strong>? By default, the command shows all <code>libvirt</code> virtualization support, unless you specify something specific. If you wanted only the QEMU output, you would run <code>sudo virt-host-validate qemu</code>. Note that the LXC here is not <a href="https://linuxcontainers.org/lxc/introduction/">the Linux Containers LXC</a>. The LXC above is <a href="https://libvirt.org/drvlxc.html">the Libvirt LXC</a>.</p> <h2 class="wp-block-heading" id="testing-your-host-for-nested-virtualization">Testing your host for nested virtualization</h2> <p>I have not noticed any mention for <em>nested virtualization</em> in the output of <code>virt-host-validate</code>. If you know a tool that shows that information, write it in the comments. In the absence of such a tool, let’s check manually.</p> <p>If you have an AMD CPU, run the following. If you get <code>1</code>, then nested virtualization through KVM works.</p> <pre class="wp-block-code"><code>$ <kbd>cat /sys/module/kvm_amd/parameters/nested </kbd>1$ </code></pre> <p>If instead you have an Intel CPU, run the following. If you get <code>Y</code>(instead of <strong><em>1</em></strong>), then nested virtualization through KVM works.</p> <pre class="wp-block-code"><code>$ <kbd>cat /sys/module/kvm_intel/parameters/nested</kbd>Y$ </code></pre> <p>If instead you get an error (such as the following), then something is wrong. Report back your CPU model and motherboard, along with the Linux kernel version and Linux distribution.</p> <pre class="wp-block-code"><code>cat: /sys/module/kvm_intel/parameters/nested: No such file or directory</code></pre> <h2 class="wp-block-heading" id="launching-the-outer-incus-vm">Launching the outer Incus VM</h2> <p>We launch the outer VM. Get a shell into the outer VM, install Incus and those utilities that show whether KVM virtualization works. Then, we launch an Alpine VM in the outer VM. We get an error regarding Secure Boot (the Alpine Linux kernel is not signed), remove the stuck VM and launch again with Secure Boot disabled. Finally, we get a shell into the inner VM.</p> <pre class="wp-block-code"><code>$ <kbd>incus launch images:debian/12 outervm --vm</kbd>Launching outervm$ <kbd>incus shell outervm</kbd>root@outervm:~# # Install Incus according to the documentation. root@outervm:~# <kbd>sudo apt install -y cpu-checker libvirt-clients</kbd>...root@outervm:~# <kbd>virt-host-validate </kbd> QEMU: Checking for hardware virtualization : PASS QEMU: Checking if device /dev/kvm exists : PASS QEMU: Checking if device /dev/kvm is accessible : PASS QEMU: Checking if device /dev/vhost-net exists : PASS QEMU: Checking if device /dev/net/tun exists : PASS...root@outervm:~# <kbd>incus launch images:alpine/edge innervm --vm</kbd>Launching innervmError: Failed instance creation: The image used by this instance is incompatible with secureboot. Please set security.secureboot=false on the instanceroot@outervm:~# <kbd>incus delete innervm</kbd>root@outervm:~# <kbd>incus launch images:alpine/edge innervm --vm --config security.secureboot=false</kbd>Launching innervmroot@outervm:~# <kbd>incus list -c ns4t</kbd>+---------+---------+-----------------------+-----------------+| NAME | STATE | IPV4 | TYPE |+---------+---------+-----------------------+-----------------+| innervm | RUNNING | 10.227.169.165 (eth0) | VIRTUAL-MACHINE |+---------+---------+-----------------------+-----------------+root@outervm:~# <kbd>uname -a</kbd>Linux outervm 6.1.0-18-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.1.76-1 (2024-02-01) x86_64 GNU/Linuxroot@outervm:~# incus shell innervminnervm:~# <kbd>uname -a</kbd>Linux innervm 6.6.22-1-virt #2-Alpine SMP PREEMPT_DYNAMIC Thu, 14 Mar 2024 02:12:52 +0000 x86_64 Linuxinnervm:~# </code></pre> <figure class="wp-block-image size-large"><a href="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-from-2024-03-27-15-39-25.png?ssl=1"><img alt="" class="wp-image-46740" data-attachment-id="46740" data-comments-opened="1" data-image-caption="" data-image-description="" data-image-meta="{&quot;aperture&quot;:&quot;0&quot;,&quot;credit&quot;:&quot;&quot;,&quot;camera&quot;:&quot;&quot;,&quot;caption&quot;:&quot;&quot;,&quot;created_timestamp&quot;:&quot;0&quot;,&quot;copyright&quot;:&quot;&quot;,&quot;focal_length&quot;:&quot;0&quot;,&quot;iso&quot;:&quot;0&quot;,&quot;shutter_speed&quot;:&quot;0&quot;,&quot;title&quot;:&quot;&quot;,&quot;orientation&quot;:&quot;0&quot;}" data-image-title="Screenshot-from-2024-03-27-15-39-25" data-large-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-from-2024-03-27-15-39-25.png?fit=750%2C449&amp;ssl=1" data-medium-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-from-2024-03-27-15-39-25.png?fit=300%2C180&amp;ssl=1" data-orig-file="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-from-2024-03-27-15-39-25.png?fit=1270%2C760&amp;ssl=1" data-orig-size="1270,760" data-permalink="https://blog.simos.info/how-to-run-an-incus-vm-inside-an-incus-vm-nested-virtualization/screenshot-from-2024-03-27-15-39-25/" data-recalc-dims="1" height="449" src="https://i0.wp.com/blog.simos.info/wp-content/uploads/2024/03/Screenshot-from-2024-03-27-15-39-25.png?resize=750%2C449&amp;ssl=1" width="750" /></a></figure> <h2 class="wp-block-heading" id="conclusion">Conclusion</h2> <p>We saw how to verify whether our host is able to work with hardware virtualization. This involves checking both the computer firmware settings (BIOS/UEFI) and the host Linux kernel.</p> <p>Then, we created an outer VM with Incus, got a shell into there, installed Incus, and launched an inner (<strong><em>nested</em></strong>) VM. </p> <p>I wonder whether we can go further and create a VM inside the inner VM. If you go through these and try to create an inner inner VM, post the error message. It does not feel like it should be possible.</p><div class="saboxplugin-wrap"><div class="saboxplugin-tab"><div class="saboxplugin-gravatar"><img alt="Simos Xenitellis" class="avatar avatar-100 photo" height="100" src="https://secure.gravatar.com/avatar/5c04c6b5f513d926ea9d77782a3843a1?s=100&amp;d=wavatar&amp;r=g" width="100" /></div><div class="saboxplugin-authorname"><a class="vcard author" href="https://blog.simos.info/author/simos/" rel="author"><span class="fn">Simos Xenitellis</span></a></div><div class="saboxplugin-desc"><div></div></div><div class="saboxplugin-web "><a href="https://blog.simos.info/" target="_self">blog.simos.info/</a></div><div class="clearfix"></div></div></div></description> <pubDate>Wed, 27 Mar 2024 13:40:48 +0000</pubDate></item><item> <title>Stuart Langridge: The Matrix has you, part 2</title> <guid isPermaLink="false">tag:www.kryogenix.org,2024-03-24:/days/2024/03/24/the-matrix-has-you-part-2/</guid> <link>https://www.kryogenix.org/days/2024/03/24/the-matrix-has-you-part-2/</link> <description><p>I’ve recently <a href="https://mastodon.social/@sil/112144967827317228">switched back from vscode to Sublime Text</a>, which means that after all the time I spent training my fingers to type “<code>code somefile.txt</code>” instead of “<code>subl somefile.txt</code>” I now need to undo all that conditioning and go back to <code>subl</code> again. So I thought, hey, maybe I should dump a little shell script called <code>code</code> in my <code>bin</code> folder which admonished me in some amusing way, thus Pavlov-ing myself into learning to do it right.</p><p>And then I thought, hey, what’d be cool is if I had that Matrix-esque “raining code” effect in the Terminal and then it was superimposed with a box saying “<span class="caps">STOP</span> <span class="caps">TYPING</span> code <span class="caps">AND</span> <span class="caps">USE</span> subl <span class="caps">INSTEAD</span>”, like the “<span class="caps">SYSTEM</span> <span class="caps">ERROR</span>” message at the end of the first movie.</p><p>And then I thought: someone’s already done this, right? And they have; it is called <a href="https://github.com/abishekvashok/cmatrix"><code>cmatrix</code></a>. But I don’t like cmatrix because it doesn’t do the colours right; the text just sorta stops rather than fading away like the movie does, and it feels unreal and too sharp for me. Now, don’t get me wrong, I understand why this is; terminals support a full proper range of colour these days, but writing a program which gets released to actual people and which can deal with the bewildering array of terminal settings out there is a miserable waste of everyone’s time. But I’m not writing this for anyone else; it only has to work in <em>my</em> terminal (in true <a href="https://www.kryogenix.org/days/2007/03/18/works-on-my-machine/">works on my machine</a> fashion). And this will give me a chance to noodle about with Python terminal libraries such as <a href="https://pypi.org/project/blessed/">blessed</a> to make something interesting. Hence, <a href="https://kryogenix.org/random/matrix24.py">matrix24.py</a>:</p><video controls="controls" src="https://kryogenix.org/random/matrix-24bit.mp4"></video> <p>It’s a bodge all round, and it still doesn’t look right, and <a href="http://jessica.tech/">Jess</a> pointed out that making something cool happen when I make a mistake is the opposite of conditioning, but I got to fiddle about with a new library for a bit, so that was fun. Can I do something productive now?</p><p>(title from <a href="https://www.kryogenix.org/days/2003/06/18/mtrx/">a classic post about the Matrix</a> which still makes me laugh even after all these years, although it is very unfair to Keanu Reeves who is a cool bloke and should be emulated in his approach to life)</p></description> <pubDate>Sun, 24 Mar 2024 15:40:00 +0000</pubDate></item> </channel></rss> If you would like to create a banner that links to this page (i.e. this validation result), do the following:
Download the "valid RSS" banner.
Upload the image to your own server. (This step is important. Please do not link directly to the image on this server.)
Add this HTML to your page (change the image src attribute if necessary):
If you would like to create a text link instead, here is the URL you can use:
http://www.feedvalidator.org/check.cgi?url=http%3A//planet.ubuntu.com/rss20.xml
