Post Syndicated from jake original https://lwn.net/Articles/747654/rss
Anders Hovmöller has posted an account of migrating a large application to Python 3. There were multiple steps on the journey and plenty of lessons learned. “Our philosophy was always to go py2 ￫py2/py3 ￫ py3 because we just could not realistically do a big bang in production, an intuition that was proven right in surprising ways. This meant that 2to3 was a non starter which I think is probably common. We tried a while to use 2to3 to detect Python 3 compatibility issues but quickly found that untenable too. Basically it suggests changes that will break your code in Python 2. No good.
The conclusion was to use six, which is a library to make it easy to build a codebase that is valid in both in Python 2 and 3.”
Post Syndicated from jake original https://lwn.net/Articles/747439/rss
Security updates have been issued by Debian (quagga), Mageia (freetype2, kernel-linus, and kernel-tmb), openSUSE (chromium, GraphicsMagick, mupdf, openssl-steam, and xen), Slackware (irssi), SUSE (glibc and quagga), and Ubuntu (quagga).
Post Syndicated from jake original https://lwn.net/Articles/747380/rss
Linux Journal takes a look at the newly announced LinuxBoot project. LWN covered a related talk back in November. “Modern firmware generally consists of two main parts: hardware initialization (early stages) and OS loading (late stages). These parts may be divided further depending on the implementation, but the overall flow is similar across boot firmware. The late stages have gained many capabilities over the years and often have an environment with drivers, utilities, a shell, a graphical menu (sometimes with 3D animations) and much more. Runtime components may remain resident and active after firmware exits. Firmware, which used to fit in an 8 KiB ROM, now contains an OS used to boot another OS and doesn’t always stop running after the OS boots. LinuxBoot replaces the late stages with a Linux kernel and initramfs, which are used to load and execute the next stage, whatever it may be and wherever it may come from. The Linux kernel included in LinuxBoot is called the ‘boot kernel’ to distinguish it from the ‘target kernel’ that is to be booted and may be something other than Linux.”
Post Syndicated from jake original https://lwn.net/Articles/747344/rss
Security updates have been issued by Debian (jackson-databind, leptonlib, libvorbis, python-crypto, and xen), Fedora (apache-commons-email, ca-certificates, libreoffice, libxml2, mujs, p7zip, python-django, sox, and torbrowser-launcher), openSUSE (libreoffice), SUSE (libreoffice), and Ubuntu (advancecomp, erlang, and freetype).
Post Syndicated from jake original https://lwn.net/Articles/747187/rss
A scientist with a rather unusual name, Meow-Ludo Meow-Meow, gave a talk at
about the current trends in “do it yourself” (DIY) biology or
“biohacking”. He is perhaps most famous for being
prosecuted for implanting an Opal card RFID chip into his hand; the
Opal card is used for public transportation fares in Sydney. He gave more
details about his implant as well as describing some other biohacking
projects in an engaging presentation.
Post Syndicated from jake original https://lwn.net/Articles/747005/rss
The 2018 USENIX
Enigma conference was held for the third time in January. Among
many interesting talks, three presentations dealing with human security
behaviors stood out. This article covers the key messages of these talks,
namely the finding that humans are social in their security
behaviors: their decision to adopt a good security practice is hardly ever
an isolated decision.
Subscribers can read on for the report by guest author Christian
Post Syndicated from jake original https://lwn.net/Articles/747122/rss
Volker Lendecke is one of the first contributors to Samba,
having submitted his first patches in 1994. In addition to developing
other important file-sharing tools, he’s heavily involved in development of
the winbind service, which is implemented in winbindd. Although the core Active Directory (AD) domain controller
(DC) code was written by his colleague Stefan Metzmacher, winbind is a
crucial component of Samba’s AD functionality.
In his information-packed talk at FOSDEM
said he aimed to give a high-level
overview of what AD and Samba authentication is, and in particular the
communication pathways and trust relationships between the parts of
Samba that authenticate a Samba user in an AD environment.
Post Syndicated from jake original https://lwn.net/Articles/747098/rss
Much as some of us would love never to have to deal with Windows,
it exists. It wants to authenticate its users and share
resources like files and printers over the network. Although many
enterprises use Microsoft tools to do this, there is a free alternative,
in the form of Samba. While Samba 3 has been happily providing
authentication along with file and print sharing to Windows clients for
the Microsoft world has been slowly moving toward Active Directory (AD).
Meanwhile, Samba 4, which adds a free reimplementation of AD on Linux, has
been increasingly ready for deployment. Three short talks at FOSDEM 2018
provided three different views of Samba 4, also known as Samba-AD,
and left behind a pretty clear picture that Samba 4 is truly
ready for use.
Subscribers can read on for a report from guest author Tom Yates on the first two of those talks; stay tuned for another on the third soon.
Post Syndicated from jake original https://lwn.net/Articles/747021/rss
Linux networking maintainer David Miller has put out a call for proposals for a two-day networking track at this year’s Linux Plumbers Conference (LPC). “We are seeking talks of 40 minutes in length, accompanied by papers
of 2 to 10 pages in length.” The deadline for proposals is July 11. LPC will be held November 13-15 in Vancouver and the networking track will be held the first two days.
Post Syndicated from jake original https://lwn.net/Articles/747020/rss
In ACMQueue magazine, Bridget Kromhout writes about containers and why they are not the solution to every problem. The article is subtitled:
“Complex socio-technical systems are hard;
film at 11.”
“Don’t get me wrong—containers are delightful! But let’s be real: we’re unlikely to solve the vast majority of problems in a given organization via the judicious application of kernel features. If you have contention between your ops team and your dev team(s)—and maybe they’re all facing off with some ill-considered DevOps silo inexplicably stuck between them—then cgroups and namespaces won’t have a prayer of solving that.
Development teams love the idea of shipping their dependencies bundled with their apps, imagining limitless portability. Someone in security is weeping for the unpatched CVEs, but feature velocity is so desirable that security’s pleas go unheard. Platform operators are happy (well, less surly) knowing they can upgrade the underlying infrastructure without affecting the dependencies for any applications, until they realize the heavyweight app containers shipping a full operating system aren’t being maintained at all.”
Post Syndicated from jake original https://lwn.net/Articles/747019/rss
On his blog, Tom Tromey looks at just-in-time (JIT) compilation for Emacs and what he has done differently in his implementation from what was done in earlier efforts. He also looks at potential enhancements to his JIT: “Calling a function in Emacs Lisp is quite expensive. A call from the JIT requires marshalling the arguments into an array, then calling Ffuncall; which then might dispatch to a C function (a “subr”), the bytecode interpreter, or the ordinary interpreter. In some cases this may require allocation.
This overhead applies to nearly every call — but the C implementation of Emacs is free to call various primitive functions directly, without using Ffuncall to indirect through some Lisp symbol.
Now, these direct calls aren’t without a cost: they prevent the modification of some functions from Lisp. Sometimes this is a pain (it might be handy to hack on load from Lisp), but in many cases it is unimportant.
So, one idea for the JIT is to keep a list of such functions and then emit direct calls rather than indirect ones.”
Post Syndicated from jake original https://lwn.net/Articles/746988/rss
Security updates have been issued by Arch Linux (clamav), Debian (mailman, mpv, and simplesamlphp), Fedora (tomcat-native), openSUSE (docker, docker-runc, containerd,, kernel, mupdf, and python-mistune), Red Hat (kernel), and Ubuntu (mailman and postgresql-9.3, postgresql-9.5, postgresql-9.6).
Post Syndicated from jake original https://lwn.net/Articles/746915/rss
Security updates have been issued by Debian (django-anymail, libtasn1-6, and postgresql-9.1), Fedora (w3m), Mageia (389-ds-base, gcc, libtasn1, and p7zip), openSUSE (flatpak, ImageMagick, libjpeg-turbo, libsndfile, mariadb, plasma5-workspace, pound, and spice-vdagent), Oracle (kernel), Red Hat (flash-plugin), SUSE (docker, docker-runc, containerd, golang-github-docker-libnetwork and kernel), and Ubuntu (libvirt, miniupnpc, and QEMU).
Post Syndicated from jake original https://lwn.net/Articles/745942/rss
Karen Sandler has been giving conference talks about free software and open
for the better part of a decade at this point. LWN briefly covered a 2010 LinuxCon talk and a 2012 linux.conf.au (LCA) talk; her talk at
LCA 2012 was her first full-length keynote, she said. In this year’s
reviewed her history (including her love for LCA based in part on that 2012
and gave an update on the status of the source code for the device she
has implanted on her heart.
Post Syndicated from jake original https://lwn.net/Articles/746386/rss
The popular interpreted language Python shares a mode of interaction
with many other languages, from Lisp to APL to Julia: the REPL (read-eval-print-loop)
allows the user to experiment with and explore their code, while maintaining a
workspace of global variables and functions. This is in contrast with
languages such as Fortran and C, which must be compiled and run as complete
programs (a mode of operation available to the REPL-enabled languages as
well). But using a REPL is a solitary task; one can write a program to
share based on their explorations, but the REPL session itself not easily
shareable. So REPLs have gotten more sophisticated over time, evolving
into shareable notebooks, such as what IPython, and its more recent
descendant, Jupyter, have. Here we look at Jupyter: its history,
notebooks, and how it enables better collaboration in languages well beyond
its Python roots.
Post Syndicated from jake original https://lwn.net/Articles/746345/rss
Longtime embedded Linux development company Free Electrons has just changed its name to Bootlin due to a trademark dispute (with “FREE SAS, a French telecom operator, known as the owner of the free.fr website“). It is possible that Free Electrons may lose access to its “free-electrons.com” domain name as part of the dispute, so links to the many resources that Free Electrons hosts (including documentation and conference videos) should be updated to use “bootlin.com”. “The services we offer are different, we target a different audience (professionals instead of individuals), and most of our communication efforts are in English, to reach an international audience. Therefore Michael Opdenacker and Free Electrons’ management believe that there is no risk of confusion between Free Electrons and FREE SAS.
However, FREE SAS has filed in excess of 100 oppositions and District Court actions against trademarks or name containing “free”. In view of the resources needed to fight this case, Free Electrons has decided to change name without waiting for the decision of the District Court.
This will allow us to stay focused on our projects rather than exhausting ourselves fighting a long legal battle.”
Post Syndicated from jake original https://lwn.net/Articles/746326/rss
Security updates have been issued by CentOS (systemd and thunderbird), Debian (squid and squid3), Fedora (firefox), Mageia (java-1.8.0-openjdk and sox), openSUSE (ecryptfs-utils and libXfont), Oracle (systemd and thunderbird), Scientific Linux (thunderbird), and Ubuntu (dovecot and w3m).
Post Syndicated from jake original https://lwn.net/Articles/746207/rss
Over at Opensource.com, Christine Peterson has published her account of coining the term “open source”. Originally written in 2006, her story on the origin of the term has now been published for the first time. The 20 year anniversary of the adoption of “open source” is being celebrated this year by the Open Source Initiative at various conferences (recently at linux.conf.au, at FOSDEM on February 3, and others). “Between meetings that week, I was still focused on the need for a better name and came up with the term “open source software.” While not ideal, it struck me as good enough. I ran it by at least four others: Eric Drexler, Mark Miller, and Todd Anderson liked it, while a friend in marketing and public relations felt the term “open” had been overused and abused and believed we could do better. He was right in theory; however, I didn’t have a better idea, so I thought I would try to go ahead and introduce it. In hindsight, I should have simply proposed it to Eric Raymond, but I didn’t know him well at the time, so I took an indirect strategy instead.
Todd had agreed strongly about the need for a new term and offered to assist in getting the term introduced. This was helpful because, as a non-programmer, my influence within the free software community was weak. My work in nanotechnology education at Foresight was a plus, but not enough for me to be taken very seriously on free software questions. As a Linux programmer, Todd would be listened to more closely.”
Post Syndicated from jake original https://lwn.net/Articles/746078/rss
Security updates have been issued by Debian (chromium-browser, krb5, and smarty3), Fedora (firefox, GraphicsMagick, and moodle), Mageia (rsync), openSUSE (bind, chromium, freeimage, gd, GraphicsMagick, libtasn1, libvirt, nodejs6, php7, systemd, and webkit2gtk3), Red Hat (chromium-browser, systemd, and thunderbird), Scientific Linux (systemd), and Ubuntu (curl, firefox, and ruby2.3).
Post Syndicated from jake original https://lwn.net/Articles/745817/rss
For anyone who has followed Daniel Vetter’s talks over the last year or
two, it is fairly clear that he is not happy with the kernel
development process and the role played by kernel maintainers. In a
strongly worded talk at linux.conf.au (LCA) 2018 in Sydney, he further explored
topic (that he also raised at
LCA 2017) in a talk entitled “Burning down the castle”. In his view,
kernel development is broken and it is unlikely to improve anytime soon.