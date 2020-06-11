Language Selection

Fedora and Red Hat Leftovers

Submitted by Roy Schestowitz on Friday 12th of June 2020 10:52:41 PM
Red Hat
  • Fedora program update: 2020-24

    Here’s your report of what has happened in Fedora this week. Congratulations to the winners of the Fedora 32 elections. I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

  • Facilitation, collaboration, and webcams: A story about Principles of Authentic Participation

    This post does not describe what the Principles are (click that link to learn more about them). This post describes the story behind the Principles, and how our Sustain Working Group worked together over three months of virtual facilitation during the COVID–19 crisis to build these Principles.

    [...]

    After lunch, I gathered folks for the discussion group to discuss what authentic participation means. If we could propose a basic set of principles that we agree on, could this be a useful tool for the pain points of stories shared in the morning session?

    The afternoon discussion was insightful, but lacked firm conclusions. We had great ideas and lots of stories, but nothing to tie them together. I collected email addresses of folks who wanted to continue engaging on the Principles of Authentic Participation. However, I wasn’t sure what the next step would be at the time.

    At the Summit, I committed to facilitation of a public Discourse forum discussion, but some attendees voiced that Discourse was not accessible for them. To compromise without exhausting myself across too many platforms, I promised to host a few online discussions for folks to gather and talk about these things again later.

  • Red Hat Insights Twitter chat
  • Event streaming and data federation: A citizen integrator’s story

    Businesses are seeking to benefit from every customer interaction with real-time personalized experience. Targeting each customer with relevant offers can greatly improve customer loyalty, but we must first understand the customer. We have to be able to draw on data and other resources from diverse systems, such as marketing, customer service, fraud, and business operations. With the advent of modern technologies and agile methodologies, we also want to be able to empower citizen integrators (typically business users who understand business and client needs) to create custom software. What we need is one single functional domain where the information is harmonized in a homogeneous way.

  • Digital transformation in financial services without breaking the bank

    Like many organizations, financial services companies identify digital transformation as a top business priority. But their journey may be more complicated, as their infrastructures are often a blend of legacy platforms and processes, with core software built on proprietary vendors’ technology, and app development practices still tied – at least to some extent – to waterfall methodologies.

    Financial services firms are facing real challenges that, while somewhat germane to all companies on a digitization journey, may be hitting them a little harder. For example, the cost of long-term contracts with proprietary software vendors continue to increase, while limiting their flexibility to accomodate ever-evolving market demands.

    Because of costs of these commodity infrastructure and application architectures – which, by the way, rarely drive competitive differentiation – we’ve observed an increase in agile procurement as a means to alleviate these issues.

  • 3 lessons from remote meetings we’re taking back to the office

    For those of us fortunate enough to work remotely during this pandemic, we'll likely be camped out in our home offices for a while yet. The transition back to in-person work will take time and be geographically patchy.

    As I've talked with colleagues who are working remotely, many people say this period is temporary and makeshift: "Once it's safe to return to the office, we can resume all our old habits and processes." But in truth, this period of working from home and our eventual return to the office are deeply entwined. The choices and changes we make now will impact the ways we work once we step back into our offices, laboratories, classrooms, and other workspaces.

    Rather than viewing this moment as temporary and makeshift, we should see it as formative. By investing in and improving our online meeting experience now, we can build the foundation for a better work environment that persists long after the pandemic. We can use this moment to recalibrate our culture and systems, so they are more robust, resilient, and inclusive. Those of us in scientific fields can use this moment to deliberately shift toward kinder science.

Security: Updates, Sysadmin, and Speculation Mitigation Fixes

  • Security updates for Friday

    Security updates have been issued by CentOS (tomcat), Debian (intel-microcode, libphp-phpmailer, mysql-connector-java, python-django, thunderbird, and xawtv), Fedora (kernel and thunderbird), Gentoo (perl), openSUSE (libexif and vim), Oracle (dotnet, kernel, microcode_ctl, and tomcat), Red Hat (net-snmp), Scientific Linux (libexif and tomcat), Slackware (kernel), and SUSE (adns, audiofile, ed, kvm, nodejs12, and xen).

  • Sysadmin security: Auditing your perimeter and access points

    When assessing corporate security, you need to approach it with the attitude that you are an outsider and want access. You must learn to view your network and your corporate facility from the outside, the same way as a potential attacker does. Performing internal scans is a good thing, but you also need to assess your external security. Is your network an easy mark for attackers? Is your corporate facility secure? Are employees safe? Can you gain access to valuable assets inside your network from the outside with minimal effort? Some companies hire outside security consultants who, as part of their service, attempt to breach corporate security just as real attackers would. They phish, they probe, they attempt to tailgate, they call into the office with legitimate-sounding requests, and they also attempt to gain physical access to employee areas and secured data centers.

  • x86/urgent Updates Sent In To Linux 5.8 With The Speculation Mitigation Fixes

    The first round of "x86/urgent" fixes have been sent in to Linux 5.8 just ahead of this weekend's 5.8-rc1 milestone while many of these fixes are marked for back-porting to the stable series. Making this pull of x86/urgent fixes notable is that it does include the work I first reported on a few days ago regarding a Google engineer uncovering some holes in Linux's Spectre mitigation handling. Some handling could result in some mitigation behavior being unfairly applied to AMD CPUs and in other fixes for addressing an issue that applications could be silently vulnerable to Spectre Variant Two attacks when thinking they are mitigated but in fact not. There is also a fix for a buggy optimization that could lead to Spectre V4 SSBD mitigation to be disabled for child processes.

GNU/Linux on Raspberry Pi and Jetson Xavier NX

KDE and GNOME: Calamares, Cantor and Fractal

  • Calamares extensions and out-of-tree modules

    Calamares is a universal Linux installer framework. It provides a distribution- and desktop-agnostic set of tools that Linux distributions (and potentially FreeBSD as well) can use to build an installer for Live media (that is, ISO images). It is broadly themable, brandable, configurable and tweakable – the core repository contains 54 modules for various parts of the install process. Even 54 modules can’t do justice to all the breadth of things-people-might-want for Linux, so Calamares encourages people to write their own modules to solve specific problems. Calamares is also an eager upstream, so if the problem is specific, but affects lots of people, or can be made generally useful, then Calamares is eager to incorporate those modules into the “core” of the software product. To help and support people developing modules, Calamares should provide all the necessary bits for development: it has a C++ API and some CMake stuff that needs doing, for instance, and module-developers will need that.

  • Cantor Integrated Documentation : Week 1 and 2 Progress

    Hello KDE people!! It's been almost couple of weeks of the coding period already, and it has been hectic already. I was mostly able to stick to the timeline I had proposed, just loosing couple of days here and there. None the less, I am here presenting my progress on the project. [...] I have also tried customizing the official documentation. I personally did not liked the layout of the official documentation, so I tried to add some styling to it. Currently I am in process of doing it. Adding style to hundreds of HTML files was a challenge and tedious task to be completed manually. I again utilized Python's power and created a script to link the main CSS file to the HTML files.

  • Refactoring Fractal: Remove Backend (I)

    After a week and a half of starting work on Fractal in the GSoC and figuring things out, I could remove all state from one half of the backend, or what is called in Fractal as Backend. Confusing, right? Let me explain further. Actually the core of the application is split between two structs: one called AppOp, where most of the data is managed, and another one called Backend, out of the app crate, in fractal-matrix-api, where the calls to the server are done. They communicate between through message passing, but Backend stores some state that isn’t present in AppOp, or it’s even duplicated. So there are two sources of truth for state. That makes the process of implementing multi-account support harder and more error-prone than it should be. There are two paths to the solution here: remove AppOp and move all data to Backend or do the same in the opposite direction. I chose the latter because I wouldn’t have to transfer as much state as in the former case. Moreover, this way I can remove both loops and spawn threads directly and call functions directly from it instead of passing messages and matching against them (while spawning new threads anyways). Beware that these threads are kernel threads, not green threads or coroutines (aka Futures), so this is a very grotesque way of doing network requests without blocking the GUI as it is currently. It’s something that will be tackled in the future, though.

OpenZFS removed offensive terminology from its code

On Wednesday evening, ZFS founding developer Matthew Ahrens submitted what should have been a simple, non-controversial pull request to the OpenZFS project: wherever possible without causing technical issues, the patch removed references to "slaves" and replaced them with "dependents." This patch in question doesn't change the way the code functions—it simply changes variable names in a way that brings them in conformance with Linux upstream device-mapper terminology, in 48 total lines of code (42 removed and 48 added; with one comment block expanded slightly to be more descriptive). But this being the Internet, unfortunately, outraged naysayers descended on the pull request, and the comments were quickly closed to non-contributors. I first became aware of this as the moderator of the r/zfs subreddit where the overflow spilled once comments on the PR itself were no longer possible. Read more

