March 01, 2015

Disclaimer: I received a free a copy of “How Linux Works 2n Edition” to review from NoStarch Press.

How Linux Works CoverHow Linux Works 2n Edition book cover.

I enjoy doing these occasional reviews: it’s a good excuse to read a new book, learn something new (there’s always something to learn, every day) and to move my eyes aways from a light emitting digital device (yeah, apart from when I actually write the review…). And since I fully read the books, that’s why usually it takes some time to review them all.

I have to admit I love NoStarch books: lovely cover arts, a nice book form factor, well written and edited content, multiple formats to choose from (paper, digital DRM-free versions). And “How Linux Works” is no less.

The Review: How Linux Works by Brian Ward

17 chapters strong, the book opens with a general overview of a Linux system providing the reader with a really clean explanation of the differences between the kernel space and the user space, moving to a quick overview of the shell system.

From Chapter 3, the pace changes, and it’s here where the author starts diving into into the real Linux system. Devices, device types, sysfs and how they are implemented at the kernel level are an introduction to concepts that will be taken further in Chapter 4, where file systems, a generic overview on how they fit into the kernel, and the most used and common commands to work with partitions, are introduced.

I consider Chapter 5 and Chapter 6 to be the strength of the book: how the Linux boot process works, what GRUB is, does and how to configure it, all clearly explained with detailed steps of the overall boot process. And then, as a natural consequence after the boot phase, the init systems are introduced and the reader is taken further into the user space land.

Chapter 6 covers basically everything that is needed nowadays to understand the init process: systemd, upstart and sys-v are all explained in their glory details (although the latter is the less detailed): how they are configured, where their configurations are located and the different terminologies each adopts are easy to understand.

From here on, the book covers all that is necessary: logging, users, /etc and login methods with a focus on PAM (Chapter 7); processes, resources, CPU & I/O and all the commands to help you in performance diagnosis (Chapter 8); network, network configuration, a concise but exhaustive introduction to the network layers, the kernel routing table and internet/network user space applications (Chapter 9, 10).

Chapter 11 takes us back to the shell with an extensive coverage of its most useful and used commands, that will lead as to know all the file sharing programs available at our fingertips (Chapter 12).

The remaining chapters cover the user space environment: startup files, desktop environment and window manager, D-Bus, CUPS; development tools (compilers, debuggers) and how to compile software.

Of all the book, I found these last chapters (counting also Chapter 12) to be the less interesting: probably because most of the concepts described were already known, or they were covering not (that) much interesting subjects to me.

In the End…

The book is really well organized, technically accurate and up-to-date with the recent modern Linux technologies. A really great Linux power-user book that doesn’t spend too much time in a graphical environment, but concentrates on command line tools and the depths of how a Linux system is glued together. Read it if you want to expand and deepen your Linux knowledge.

The post Book Review: How Linux Works appeared first on Milo Casagrande.

on March 01, 2015 02:47 PM

What a month for Ubuntu! First Ubuntu Phone has been announced and sales have started! Finally, after two years of work, we will have feedbacks from real consumers.

Also, on a personal level, it has been a great month. I went to London for the Ubuntu Phone launch. I did laser surgery to my right eye to correct myopia (I had 8 diopters), and in March I’ll do the left one. And I also had time to do some articles and a lot of code.


First of all, thanks to all you who follow me, this blog has a number of visitors I never expect. Without calculating who read articles on Ubuntu Planet or in a RSS Reader, this blog had 24,797 page views by 6,098 unique visitors in 28 days. Thanks to all! And I only wrote 4 articles!

Stats are calculated by CloudFare, I don’t have Analytics or others trackers on the site. It just counts the number of request it has.


More than visit, what astonished me is the number of donations: I had 3 donations for an amount of 30 euros! I’ll use them to buy a VPS, so thanks to all!

What I did

Now, it’s time to describe what I did in Feb. Considering the surgery, the uni and the journey to London for the Ubuntu Phone launch I’m quite satisfied for what I did.

Browser app

I started to work, with oSoMoN, on settings for the browser app. I haven’t a timeline for this, but we did some progress, and in next weeks we’ll land first branches.

This is a screenshot on how it will appear the first version when we’ll have implemented all features we want for the first land.


Calculator Reboot

We’re working hard to replace the default calculator with the new one, news on this side will arrive in next weeks


I spent a lot of time this month reviewing code of other guys, mainly for reminders and docviewer app. Reviews are fundamentally for Ubuntu: every change to the code has to be approved by someone after a careful review: in this way we’re sure we have a good codebase and a good implementation of things. Reviews are very timeconsuming: you’ve to read and understand the code, then you have to test it and think how the change impacts the user experience.

Other than that, I did usual things: bug report, some code for ubuntu-it, promotion of Ubuntu on social networks, support on italian forum and on IRC and so on.

Have you ever thought to help the Ubuntu development? There are a lot of things to do, and you don’t have to be a developer: we need translators, tester, promoter and so. Try to take a look here, and, if you have any doubt, write me. I’ll be more than happy to address you to the right place to start to contribute.

You know, I’m a student and I do all this in my free time. So, if you like my work and want to support me, just send me a Thank you! by email or offer me a coffee :-)


on March 01, 2015 01:00 PM

February 28, 2015

One of the thing I appreciate most on Ubuntu Phones are scopes: they are a totally new way to interact with contents. Unfortunately, after the presentation of the BQ Aquaris I’ve seen a lot of bloggers saying “Scopes aren’t innovative, Android has widgets for years”.

My first reaction was “C’mon, how could you say that? It’s obvious you haven’t tested them”. Then I understood that, yes, we have to blame bloggers because they talk about things they don’t know, but at the same time we weren’t good enough to explain why scopes are so cool, and why could be game changer (but they still need some work, as I’ll evidence at the end of the post).


Ubuntu’s scopes are like individual home screens for different kinds of content, giving you access to everything from movies and music to local services and social media, without having to go through individual apps.

I don’t have a Youtube app, but I can see the best of Youtube without going on the browser.

youtube scope

Basically, they try to find the best result for your queries. This is one of the main differences with Android’s widgets: scopes have a search bar, and they update themself according to your search.

So I can see all Telegram messages I have about Ubuntu:

telegram scope

Also, sources of scopes (so where they take their informations) aren’t only installed apps, but could be anything: a website, a RSS feed, the scope itself, other scopes. Android’s widgets are only a quick link to their app.

Another interesting feature is department: if you want you can split a scope in departments, to have filters for informations. So, in the scope about near points of interesting, I can look for taxis, or restaurants, or so on:

poi scope

I hope it’s clear enough why scopes aren’t widgets. If we want to find a similarity in the Android world, scopes are like Google Now (but better).

Google Now

(I talk always about Android because I never tried a Windows Phone, or iOs)

Scopes are like Google Now because, without any query, they both try to provide us informations we need in that moment (on this side, Google Now is better because it has more informations about us).

home scope

But scopes will be better, because Google Now uses only one resource, Google, while scopes could use every resource on the web.

At the moment, scopes miss some things Google Now have, like flights search, but it misses some things scopes already provide.

What? One of the biggest company on Earth doesn’t have something a little company was able to provide in just a couple of years?

Yes. Because opensource always wins.

And scopes are opensource, and could use any source they want. Google Now is integrated with every Google app. Scopes are integrated with every app. So with a scope I can search my Telegram messages, or my Evernote notes (not yet, but we’re working on Evernote scope).

But scopes don’t win only about integration with apps. They win also on (some atm, all in a future) searches. I love beers, so let’s try to search for a good Orval:


With a scope I have the result without having to open the browser.

Other than beers, I love to code. I don’t know everything, so sometimes I need some documentation; let’s try to find how print works in Python.


A link to the documentation, thanks Google, very useful. What about giving me the documentation itself, as Ubuntu scopes do?

And I can go on on this way for a lot of things.

Okay, I hope is clear my point here: the concept of scopes is the same of Google Now, but scopes are opensource and more powerful, now we only need developers to implement them. Luckily, it’s very easy to develop them, as Carla wrote on her blog.

What’s missing?

Scopes are amazing, but I think they need a couple of things to became a gamechanger in mobile world:

  • Voice search: voice search is critical nowadays: the less I have to look to the screen, the better is.
  • Scope of scopes: one thing I miss a lot is a scope using reply to my query by all scopes and returns me best results. At the moment I have to swype to choose the right scope (like, for beers, untappd): I prefer to do a search, without swiping, and have the best result.

But this is only the start of a great adventure. We have room to improve.

Because, remember, on long run opensource wins. Always.


I made this article (and other opensource contributions) in my spare time because I love what I’m doing. If you are enjoying it and you want to buy me a beer click here.

on February 28, 2015 01:00 PM

Lubuntu 15.04 Beta 1

Lubuntu Blog

We’re preparing Lubuntu 15.04, Vivid Vervet, for distribution in April 2015. With this Beta pre-release, we are now at the stage of being semi stable. However pre-releases are not suitable for a production environment.

Note: this is an beta pre-release. Lubuntu pre-releases are NOT recommended for:
  • regular users who are not aware of pre-release issues
  • anyone who needs a stable system
  • anyone uncomfortable running a possibly frequently broken system
  • anyone in a production environment with data or workflows that need to be reliable 

Lubuntu Pre-releases ARE recommended for:
  • regular users who want to help us test by finding, reporting, and/or fixing bugs
  • Lubuntu developers

Read the release notes before downloading.
on February 28, 2015 12:47 AM

February 27, 2015

The first Beta of the Vivid Vervet (to become 15.04) has now been released!

Pre-releases of the Vivid Vervet are *not* encouraged for anyone needing a stable system or anyone who is not comfortable running into occasional, even frequent breakage. They are, however, recommended for Ubuntu flavour developers and those who want to help in testing, reporting and fixing bugs as we work towards getting this release ready.

Beta 1 includes a number of software updates that are ready for wider testing. This is quite an early set of images, so you should expect some bugs.

While these Beta 1 images have been tested and work, except as noted in the release notes, Ubuntu developers are continuing to improve the Vivid Vervet. In particular, once newer daily images are available, system installation bugs identified in the Beta 1 installer should be verified against the current daily image before being reported in Launchpad. Using an obsolete image to re-report bugs that have already been fixed wastes your time and the time of developers who are busy trying to make 15.04 the best Ubuntu release yet. Always ensure your system is up to date before reporting bugs.

This Beta features images for Kubuntu, Lubuntu, Ubuntu GNOME, UbuntuKylin, Ubuntu Mate, Xubuntu and the Ubuntu Cloud images.


Kubuntu uses KDE software and now features the new Plasma 5 desktop.

The Beta 1 images can be downloaded at:

More information on Kubuntu Beta 1 can be found here:


Lubuntu is a flavour of Ubuntu based on LXDE and focused on providing a very lightweight distribution.

The Beta 1 images can be downloaded at:

Ubuntu GNOME

Ubuntu GNOME is a flavour of Ubuntu featuring the GNOME desktop environment.Vivid Vervet Beta 1 Released

The Beta 1 images can be downloaded at:

More information on Ubuntu GNOME Beta 1 can be found here:


UbuntuKylin is a flavour of Ubuntu that is more suitable for Chinese users.

The Beta 1 images can be downloaded at:

More information on UbuntuKylin Beta 1 can be found here:

Ubuntu Mate

Ubuntu Mate is a flavour of Ubuntu featuring the Mate desktop environment.

The Beta 1 images can be downloaded at:

More information on Ubuntu Mate Beta 1 can be found here:


Xubuntu is a flavour of Ubuntu shipping with the XFCE desktop environment.

The Beta 1 images can be downloaded at:

More information on Xubuntu Beta-1 can be found here:

Ubuntu Cloud

Ubuntu Cloud images can be run on Amazon EC2, Openstack, SmartOS and many other clouds.

The Beta 1 images can be downloaded at:

Regular daily images for Ubuntu can be found at:

If you’re interested in following the changes as we further develop Vivid, we suggest that you subscribe to the ubuntu-devel-announce list. This is a low-traffic list (a few posts a week) carrying announcements of approved specifications, policy changes, alpha and beta releases and other interesting events.

A big thank you to the developers and testers for their efforts to pull together this Beta release!

Originally posted to the ubuntu-devel-announce mailing list on Thu Feb 26 19:30:02 UTC 2015 by Elfy, on behalf of the Ubuntu release team.

on February 27, 2015 11:16 PM

Last week's post got a lot of interesting discussion on reddit and phoronix which is pretty cool. The reception was mixed but the thing that I felt a lot stronger about was risk and reward and the idea came up in a different way yesterday on a petition for Blizzard to port their games. Here is the quote for the interesting part:

"Rachel has taken the time to check out this petition and is putting in a request for others high up at Blizzard to also check out the petition. They may also look in to using Kickstarter as a means to help cover the cost of creating native Linux clients for us."

The prospect interested me, so I went to reddit and asked what they thought about it but the main issue people were talking about was not trusting Kickstarter projects in general because they lack the assurances that you will get what you paid for. But the thing that struck me more about the entire situation was I started off by thinking sure id throw 50 euro into the pot and get all my games that I already paid for ported but the thing I was left thinking going to bed later that night was why not poll their users about how many actually use Linux? If I already paid for the games and other people have paid for the games too you are setting kind of a bad precedent.

What I felt the best way of doing the Kickstarter would be this, aim much lower than the cost of the port intentionally because they already have sales even if they don't count them because we use either Windows in a dual boot or WINE to play the games. It would be fair to do it this way. And secondly the Kickstarter would be just to pay for the Linux devs not for buying any particular games. In that way you would be just donating to get all your games ported. Lastly it would have to be a 1 off thing IMO I wouldn't want this happening every few months and I wouldn't want every developer coming to us looking to Kickstart their ports. The only exceptions I'd put to that rule though would be the biggest of the AAA titles, so like this post is about Blizzard games, Ubisoft, EA...etc.

I wonder if they would send it to a porting company as well. They have the devs for Mac obviously and they could port it but I wonder would a revenue share for the Linux versions of their games along with the Kickstarter and a little bit on top to account for potential previous users like me. To put some context I've spent 400 Euro ish on Blizzard games since 2000 and given the outcry from people banned from D3's launch on Linux I'm definitely not the only Linux user they aren't supporting with their games. So they definitely should seriously consider every option to port the game even if it isn't lucrative.


on February 27, 2015 08:35 PM

Full Circle #94

Ronnie Tucker

This month:
* Command & Conquer
* How-To : Block Calls, LibreOffice, and Using i2P
* Graphics : Inkscape.
* Linux Labs: BTRFS
* Book Review: Practical Data Science Cookbook
* Ubuntu Games: War Thunder
plus: News, Arduino, Q&A, and soooo much more.

Get it while it’s hot!

on February 27, 2015 08:21 PM

I just watched Jono's talk from SCALE [1] entitled "Ubuntu: The Past, Present, and Future."

It's really quite an interesting talk, so I'm recommending it to you, my dear readers. I think he did a great job describing the key moments in Ubuntu's history. (Click image to view.)

Towards the end of the talk, Jono makes some startling predictions. Do you agree with them?


[1] Just why people insist on naming a conference after a kernel still baffles and disappoints me. Do we name car shows after carburetors? Didn't think so. ;)

on February 27, 2015 06:12 PM


Softpedia showcases Kubuntu Vivid Beta 1 with a screenshot tour.

on February 27, 2015 02:23 PM

I already blogged about the help app I was working on a bit in the last time. I wanted to go into a bit more detail now that we reached a new milestone.

What’s the idea behind it?

In a conversation in the Community team we noticed that there’s a lot of knowledge we gathered in the course of having used Ubuntu on a phone for a long time and that it might make sense to share tips and tricks, FAQ, suggestions and lots more with new device users in a simple way.

The idea was to share things like “here’s how to use edge swipes to do X” (maybe an animated GIF?) and “if you want to do Y, install the Z app from the store” in an organised and clever fashion. Obviously we would want this to be easily editable (Markdown) and have easy translations (Launchpad), work well on the phone (Ubuntu HTML5 UI toolkit) and work well on the web (Ubuntu Design Web guidelines) too.

What’s the state of things now?

There’s not much content yet and it doesn’t look perfect, but we have all the infrastructure set up. You can now start contributing! :-)

screenshot of web editionscreenshot of web edition
screenshot of phone app editionscreenshot of phone app edition


What’s still left to be done?

  • We need HTML/CSS gurus who can help beautifying the themes.
  • We need people to share their tips and tricks and favourite bits of their Ubuntu devices experience.
  • We need hackers who can help in a few places.
  • We need translators.

What you need to do? For translations: you can do it in Launchpad easily. For everything else:

$ bzr branch lp:ubuntu-devices-help
$ cd ubuntu-devices-help
$ less HACKING

We’ve come a long way in the last week and with the easy of Markdown text and easy Launchpad translations, we should quickly be in a state where we can offer this in the Ubuntu software store and publish the content on the web as well.

If you want to write some content, translate, beautify or fix a few bugs, your help is going to be appreciated. Just ping myself, Nick Skaggs or David Planella on #ubuntu-app-devel.

on February 27, 2015 10:53 AM

February 26, 2015


Yet another successful milestone :)

Ubuntu GNOME Team is glad to announce the release of Beta 1 of Ubuntu GNOME Vivid Vervet (15.04).

What’s new and how to get it?

Please do read the release notes:

As always, thanks a million to each and everyone who has helped, supported and contributed to make this yet another successful milestone!

We have great testers and without their endless support, we don’t think we can ever make it. Please, keep the great work up!

Thank you!

on February 26, 2015 11:23 PM

PostBooks has been successful on Debian and Ubuntu for a while now and for all those who asked, it is finally coming to Fedora.

The review request has just been submitted and the spec files have also been submitted to xTuple as pull requests so future upstream releases can be used with rpmbuild to create packages.

Can you help?

A few small things outstanding:

  • Putting a launcher icon in the GNOME menus
  • Packaging the schemas - they are in separate packages on Debian/Ubuntu. Download them here and load the one you want into your PostgreSQL instance using the instructions from the Debian package.

Community support

The xTuple forum is a great place to ask any questions and get to know the community.


Here is a quick look at the login screen on a Fedora 19 host:

on February 26, 2015 09:08 PM

The Xubuntu team is pleased to announce the immediate release of Xubuntu 15.04 Beta 1. This is the first beta towards the final release in April.

The first beta release also marks the end of the period to land new features in the form of Ubuntu Feature Freeze. This means any new updates to packages should be bug fixes only, the Xubuntu team is committed to fixing as many of the bugs as possible before the final release.

Please note the important install known issue below and at Bug 1425690: “New windows are created offscreen”

The Beta 1 release is available for download by torrents and direct downloads from

Highlights and known issues

New features and enhancements

  • LightDM GTK Greeter Settings tool added
  • development wallpaper introduced
  • xfce4-power-manager now handles light-locker’s settings in its “Security” tab
  • xfce4-panel now has an intelligent hiding mode
  • xfwm4 has window previews, better support for CSD and corner-tiling
  • the display dialog now has improved support for multiple monitors
  • the appearance dialog shows previews of themes’ palettes and icon-themes
  • Thunar now has improved keyboard navigation

Known Issues

Currently installing is only functioning correctly from the livesession install icon.

  • From either the boot screen OR the try/install dialogue – directly installing has windows created offscreen, this can be either the first install option screen, or where that works – the final Installation Complete dialogue goes offscreen. (1425690)
  • It is possible to move the offscreen windows, ensure that ubiqity is focused (alt+tab) then with alt+space+m and then Move the offscreen dialogues can be moved so they are visible.
  • If you boot to Try from the boot screen or from the Try/Install dialogue – tests have shown that these options function correctly.

Other Known Issues

  • wrapper bug on clean installs (1425401)
  • Mugshot camera does not initialize (1414443)

New application versions in the Xubuntu packageset

  • Thunar 1.6.5
  • Catfish
  • Xfwm4 4.11.3
  • xfce4-panel (4.11.2)
  • lightdm-gtk-greeter (2.0.0)
  • xfce4-settings (4.11.4)
  • xfce4-power-manager (1.4.2)
  • xfce4-whiskermenu-plugin (1.4.3)
  • Menulibre (2.0.6-1ubuntu1)
  • Mugshot (

Other changes

  • Albatross, Bluebird, and Orion are no longer installed by default
on February 26, 2015 07:20 PM
The first Beta of Vivid (to become 15.04) has now been released!

The Beta-1 images can be downloaded from:

More information on Kubuntu Beta-1 can be found here:
on February 26, 2015 06:14 PM

February 25, 2015

Back when we announced that the Ubuntu 14.04 LTS Cloud Images on Azure were using the Hardware Enablement Kernel (HWE), the immediate feedback was "what about 12.04?"

Well, the next Ubuntu 12.04 Cloud Images on Microsoft Azure will start using the HWE kernel. We have been working with Microsoft to validate using the 3.13 kernel on 12.04 and are pleased with the results and the stability. We spent a lot of time thinking about and testing this change, and in conference with the Ubuntu Kernel, Foundations and Cloud Image teams, feel this change will give the best experience on Microsoft Azure. 

By default, the HWE kernel is used on official images for Ubuntu 12.04 on VMware Air, Google Compute Engine, and now Microsoft Azure. 

Any 12.04 Image published to Azure with a serial later than 20140225 will default to the new HWE kernel. 

Users who want to upgrade their existing instance can simply run:
  • sudo apt-get update
  • sudo apt-get install linux-image-hwe-generic linux-cloud-tools-generic-lts-trusty
  • reboot
on February 25, 2015 11:46 PM

Bad Voltage Live 2015

Stuart Langridge

This week we did the first Bad Voltage live show, at the SCaLE conference in Los Angeles. It was the first time that Bryan, Jono, Jeremy, and I had actually all been in the same place. And it was a really good laugh.

We’d been planning this for some time, as you can imagine. The show normally has discussions about technical things, reviews, and amusing things, and the live show had that in spades. It also had hundreds of glowsticks, fifty rubber ducks, Bryan Lunduke dressed in a towel, Jeremy giving us all insects to eat (which we all did, apart from Jono who has still not eaten an insect because he is a little child), a very very young child saying that Jono and I are bobbins, a chap on a video calling Jono something considerably more offensive which we were forced to bleep out, a shower made from a tent, shots of Fireball rum, some Creme Eggs, a trivia quiz run by Jorge Castro, and competitions where audience members won a System76 Galago UltraPro laptop, a PogoLinux server, and a BananaPi from Owncloud. And lots of people liked it.

I rather enjoyed the discussions. We had two. The first was about the idea of having a “developer mode” for Linux desktops. This was actually a result of an idea posted to G+ by Sam Hewitt where he said

How controversial would a “developer mode” be for a Linux desktop environment? For instance it would hide things like the terminal, debug tools, etc. from an application overview/menu/launcher.

Now, I happen to think that this is a good idea. Bryan (and the SCaLE audience generally) do not. I have some reservations, and you can read about those on the G+ post and watch the discussion in the show video, but it’s a really interesting topic; it shows up how people think about their desktop, what assumptions we make about it, and how the mainstream think perhaps differently from some existing Ubuntu users.

We also discussed the recently-released Ubuntu phone. My detailed review is still being written, but this was a good chance to talk about the phone and whether it’s brilliant or bollocks.

So, watch the show! It’s available on YouTube at and you should watch it; you’ll like it. Tell us about what you thought of the show on our forum at And next year, come to SCaLE. It’s a really great conference, and I for one would like to say a really big thank you to Ilan and Gareth, who were super-duper helpful and then were prepared to dress up in clown outfits for the show. Nice one, chaps. Couldn’t have done it without you.

I’d also like to personally thank Melissa Sealy, who is the most helpful member of hotel staff I have ever met. We were putting up posters that Jono designed around the hotel and she showed up (she’s some sort of all-powerful floor manager or something) and we expected the Mother Of All Bollockings for sticking the posters on the walls. And indeed, she said: don’t stick posters on my walls, you horrible reprobates. And then she said: but you can stick them on boards and put the boards on easels, no problem. And then found us eight easels. And then later on when we were sorting out the beer for the live event she sorted everything out. And she knew about the secret after-hours party in one of the conference rooms and found it amusing. Nice one, Melissa. Your bosses at the Hilton LAX ought to give you a pay rise or a big bunch of flowers or something.

Come to Bad Voltage Live when we do another one. And watch this one here.

on February 25, 2015 09:39 PM

Ubuntu IT scope
Ubuntu IT scope

This time, instead of writing a review about  the BQ Aquaris 4.5 Ubuntu Phone,   I am going to tell you about  my first Ubuntu Touch Scope.
Yes, I made it! That's what's great about Ubuntu, you can be a "normal" user or you can hack on it and create your Apps and Scopes.
So, how did I do it? Well it's really easy, just follow what I did and you will be able to have your own scope on Ubuntu Touch too!

First of all you need to add a PPA for installing scopecreator, Scope-creator is a command line tool that can be used to get a scope running on your phone in a few minutes:

sudo add-apt-repository ppa:cwayne18/ppa
sudo apt-get update
$ sudo apt-get install scopecreator

Now with Scope-creator installed,  let's create the scope:

scopecreator create [template] [package_name] [scope_name] 

template can be: youtube, twitter or rss
package_name is your package namespace  from
scope_name is the name of the scope you wish to create 

for instance, for my scope, I used:

$ scopecreator create youtube carla-sella ubuntuit

Now you cd to the directory created by scopecreator (remember to do this step, it's important) and launch:

$ scopecreator edit config

this way you will edit the manifest.json file for setting the configuration, this is what mine looks like:

    "name": "ubuntuit.carla-sella",
    "description": "Ubuntu IT scope",
    "framework": "ubuntu-sdk-14.10",
    "architecture": "armhf",
    "title": "Ubuntu IT",
    "hooks": {
        "ubuntuit": {
            "scope": "ubuntuit",
            "apparmor": "scope-security.json"
    "version": "0.1",
    "maintainer": "Carla Sella <>"


Next you need to set up the branding with:

$ scopecreator edit branding 

and here is my .ini file:

DisplayName=Ubuntu IT
Description=Canale Youtube di Ubuntu IT
Author=Canonical Ltd.


The appearance section contains colors and logos for you scope.

You need to replace the logo.png file under ubuntuit/images directory (in your case, it will be scope_name/images) with you logo for you scope.

Then you need to run:

$ scopecreator edit channels

for editing the channels.json file that contains the list of  playlists or channels that you will then find in the dropdown menu of the scope you are creating.

Here is my channels.json file:

    "maxResults": "20",
    "playlists": [
        "id": "PLwAH7Zr7rsAz2wco0Xo3aJq0hudob02xU",
        "reminder": "Ubuntu-it Q&A"
        "id": "PLwAH7Zr7rsAyavUegFH9ePMHXfSrBxU2c",
        "reminder": "Ubuntu-it News"
        "id": "PLwAH7Zr7rsAwZ9HOKxw76Q4ymiE0QeiZV",
        "reminder": "#contribuiamo"
        "id": "PLwAH7Zr7rsAz5mfP1S7GTcp33Qy_-qJSl",
        "reminder": "Release Parties!"
        "id": "PLwAH7Zr7rsAwqGypJwh-3r1mFh1eO_1FL",
        "reminder": "Promozione Ubuntu"
        "id": "PLFA125E510B290777",
        "reminder": "Screencast"
        "id": "PL960786605FC8BA7C",
        "reminder": "Liberi di..."


Ubuntu IT scope's dropdown menu

Finally, attach your ubuntu phone to your computer's USB port, and launch:

$ scopecreator build

This way scopecreator will install the scope on your phone so you can test it before asking to publish it in the Ubuntu Software Center.

Ubuntu IT scope in Ubuntu Software Center
Ubuntu IT scope in the Ubuntu Software Center

For publishing your scope you need to go to, log in or create an account and select "new application", fill in the required information and you're done!!

It's easy, so what are you waiting for ? go and create your scope :-D.

You can read more detailed information about creating scopes for Ubuntu here, I created my scope reading from here:

on February 25, 2015 05:51 PM

After some minor debates with others, the NGINX Stable and Mainline PPAs have been updated to include builds for the armhf architecture. This means that individuals running Ubuntu Precise 12.04, Trusty 14.04, Utopic 14.10, or Vivid 15.04 (although I have no idea why you’d be using this version in production) on armv7 architecture (which is armhf architecture) will be able to add the PPA and install the NGINX packages as if they were on a standard 64bit or 32bit server.

Shoutout to William Grant for helping to get the two staging PPAs I use for building the packages set up with ARM builds. Didn’t take much to do, but each little bit of assistance to move the PPAs forward towards the modern era helps, so thanks, William Grant for your assistance in turning on ARM builds for the PPAs.

on February 25, 2015 03:17 AM

February 24, 2015

Meeting Minutes

IRC Log of the meeting.

Meeting minutes.


20150224 Meeting Agenda

Release Metrics and Incoming Bugs

Release metrics and incoming bug data can be reviewed at the following link:


Status: Vivid Development Kernel

We are preparing to shove our 3.19 based kernel following beta freeze.
When it lands, please do test and let us know your results.
Important upcoming dates:
Thurs Feb 26 – Beta 1 (~2 days away)
Thurs Mar 26 – Final Beta (~4 weeks away)
Thurs Apr 09 – Kernel Freeze (~6 weeks away)

Status: CVE’s

The current CVE status can be reviewed at the following link:

Status: Stable, Security, and Bugfix Kernel Updates – Utopic/Trusty/Precise/Lucid

Status for the main kernels, until today:

  • Lucid – Testing
  • Precise – Testing
  • Trusty – Testing
  • Utopic – Testing

    Current opened tracking bugs details:


    For SRUs, SRU report is a good source of information:



    Current cycle had ended. Waiting for next cycle to start on Mar. 08.

    cycle: 06-Feb through 28-Feb
    06-Feb Last day for kernel commits for this cycle
    08-Feb – 14-Feb Kernel prep week.
    15-Feb – 28-Feb Bug verification; Regression testing; Release

Open Discussion or Questions? Raise your hand to be recognized

No open discussions.

on February 24, 2015 06:04 PM

Announcing the Ubuntu Porting guide 2.0

Ubuntu App Developer Blog

In the last few weeks, Ubuntu has reached a major milestone with the first flash sales of the BQ Aquarius - Ubuntu Edition. This is only the beginning of seeing Ubuntu on a wider selection of phones and tablets, and thanks to an incredibly enthusiast porting community, more devices have been part of that show. Some of these skilled porters have even set up their own image server to provide updates over-the-air!

To ease the porting process, the Porting Guide has been updated to reflect the current procedure of enabling new devices. From setting up your dev environment, to configuring the kernel and debugging AppArmor, it covers the main points of making a fully working port. Currently focusing on AOSP ports, it will be extended in due time to detail CyanogenMod-specific processes.

If you are interested in porting, please make sure you provide feedback on any issues and roadblocks that could arise, either on Launchpad or on the ubuntu-phone mailing-list.

Thank you and good work, fellow devices adventurers!

on February 24, 2015 05:46 PM

ZeptoLab, the studio that made the famous “Cut the Rope” game a couple of years back, has officially ported the title for the Ubuntu platform and is now available in the store.

Cut the Rope is a game that reached peak fame a couple of years ago and it was all the rage, but now it’s the first major title to be ported for the Ubuntu platform. To be fair, a few other games have been made available until now, including 2048 and Flappy Bird. Cut the Rope is the first big caliber game to land in the Store and even if it’s an old one, it’s still an important milestone.


Submitted by: Silviu Stahie

on February 24, 2015 11:26 AM

Welcome to the Ubuntu Weekly Newsletter. This is issue #405 for the week February 16 – 22, 2015, and the full version is available here.

In this issue we cover:

The issue of The Ubuntu Weekly Newsletter is brought to you by:

  • Paul White
  • Chris Williams
  • Ian Nicholson
  • Elizabeth K. Joseph
  • Mary Frances Hull
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, content in this issue is licensed under a Creative Commons Attribution 3.0 License BY SA Creative Commons License

on February 24, 2015 03:41 AM

When Work Gets Messy

Stephen Michael Kellat

I hate getting anywhere close to asking for help.

In January I was required by work to step down from Xubuntu Team due to the nature of work duties. Missing too many IRC meetings for months and months makes membership in that body notional rather than actual. As quite a bit of LoCo Council work takes place during e-mail I can keep up there though my e-mails may come at odd hours of day.

Due to issues cropping up at a high executive level at work, my working season this year may be truncated compared to last year. While I had a working season I was covered by "unemployment compensation" through the remainder of the calendar year to keep food on the table. Certain requirements have to be met for said funding to be available, though.

As things currently stand, my teammates and I are at risk of being sent into an extended period of leave without pay in as little as 36 business days. We've only been back on the job for six weeks. Due to unusual instructions and operating cuts issued from a very high executive level, our time back on the job has been punctuated so far with strange changes where we're turning customers away and are effectively forcing customers to rely on self-help options whether they understand how to use them or not.

Right now is not the time to get worried and start fleshing out contingencies. Among my team at work we're expecting to start that at some point within the next two weeks but not immediately today. Management promises nothing and we expect no promises from management.

With as hamstrung as the local job market currently is and the amount of drag created by seeing my employer's name on my resume, I would likely have to start fundraising to be employed on a project. Though and Patreon are put forward as options, they're not really oriented to funding the projects that I would be likely to work on. One local project needing attention is cleaning up Sunshine Law and Public Records compliance for a small special services district that would not be able to pay for such let alone deploy any F/LOSS for use by that agency such as LibreOffice. That would be a place for *buntu to shine. Another would be helping deploy self-hosted services for entities like local churches that frankly don't have much financially but could stash an RPi 2 running Snappy somewhere.

I still have to nail down fiscal agents. I still have to nail down figures. It is doable to lay the framework for raising cash. Whether or not anybody would support work is something I still have to consider. Then again, narrowing down the specifics of the work itself has to happen too. There is still time to do that though too much uncertainty in the mix coming from the current employer.

More may be written about this. As my mother would say to me growing up, nobody will know something is wrong unless you say something. At present the small-c canonical GnuPG key for contacting me is 9C4B2D87.

on February 24, 2015 12:00 AM

February 23, 2015

Over the past year or more I was focused on identifying power consuming processes on various mobile devices.  One of many strategies to reducing power is to remove unnecessary file system activity, such as extraneous logging, repeated file writes, unnecessary file re-reads and to reduce metadata updates.

Fnotifystat is a utility I wrote to help identify such file system activity. My desire was to make the tool as small as possible for small embedded devices and to be relatively flexible without the need of using perf just in case the target device did not have perf built into the kernel by default.

By default, fnotifystat will dump out every second any file system open/close/read/write operations across all mounted file systems, however, one can specify the delay in seconds and the number of times to dump out statistics.   fnotifystat uses the fanotify(7) interface to get file activity across the system, hence it needs to be run with CAP_SYS_ADMIN capability.

An open(2), read(2)/write(2) and close(2) sequence by a process can produce multiple events, so fnotifystat has a -m option to merge events and hence reduce the amount of output.  A verbose -v option will output all file events if one desires to see the full system activity.

If one desires to just monitor a specific collection of processes, one can specify a list of the process ID(s) or process names using the -p option, for example:

sudo fnotifystat -p firefox,thunderbird

fnotifystat catch events on all mounted file systems, but one can restrict that by specifying just path(s) one is interested in using the -i (include) option, for example:

sudo fnotifystat -i /proc

..and one can exclude paths using the -x option.

More information and examples can be found on the fnotifystat project page and the manual also contains more details and some examples too.

Fnotifystat 0.01.10 is available in Ubuntu Vivid Vervet 15.04 and can also be installed for older releases from my power management tools PPA.
on February 23, 2015 05:28 PM

Introducing lxcfs

Serge Hallyn

Last year around this time, we were announcing the availability of cgmanager, a daemon allowing users and programs to easily administer and delegate cgroups over a dbus interface. It was key to supporting nested containers and unprivileged users.

While its dbus interface turned out to have tremendous benefits (I wasn’t sold at first), there are programs which want to continue using the cgroup file interface. To support use of these in a container with the same delegation benefits of cgmanager, there is now lxcfs.

Lxcfs is a fuse filesystem mainly designed for use by lxc containers. On a Ubuntu 15.04 system, it will be used by default to provide two things: first, a virtualized view of some /proc files; and secondly, filtered access to the host’s cgroup filesystems.

The proc files filtered by lxcfs are cpuinfo, meminfo, stat, and uptime. These are filtered using cgroup information to show only the cpus and memory which are available to the reading task. They can be seen on the host under /var/lib/lxcfs/proc, and containers by default will bind-mount the proc files over the container’s proc files. There have been several attempts to push this virtualization into /proc itself, but those have been rejected. The proposed alternative was to write a library which all userspace would use to get filtered /proc information. Unfortunately no such effort seems to be taking off, and if it took off now it wouldn’t help with legacy containers. In contrast, lxcfs works perfectly with 12.04 and 14.04 containers.

The cgroups are mounted per-host-mounted-hierarchy under /var/lib/lxcfs/cgroup/. When a container is started, each filtered hierarchy will be bind-mounted under /sys/fs/cgroup/* in the container. The container cannot see any information for ancestor cgroups, so for instance /var/lib/lxcfs/cgroup/freezer will contain only a directory called ‘lxc’ or ‘user.slice’.

Lxcfs was instrumental in allowing us to boot systemd containers, both privileged and unprivileged. It also, through its proc filtering, answers a frequent years-old request. We do hope that kernel support for cgroup namespaces will eventually allow us to drop the cgroup part of lxcfs. Since we’ll need to support LTS containers for some time, that will definitely require cgroup namespace support for non-unified hierarchies, but that’s not out of the realm of possibilities.

Lxcfs is packaged in ubuntu 15.04, the source is hosted at, and news can be tracked at

In summary, on a 15.04 host, you can now create a container the usual way,

lxc-create -t download -n v1 — -d ubuntu -r vivid -a amd64

The resulting container will have “correct” results for uptime, top, etc.

root@v1:~# uptime
03:09:08 up 0 min, 0 users, load average: 0.02, 0.13, 0.12

It will get cgroup hierarchies under /sys/fs/cgroup:

root@v1:~# find /sys/fs/cgroup/freezer/

And, it can run systemd as init.

on February 23, 2015 04:24 PM

February 22, 2015

In a previous post I talked about the experiences of writing my first five applications for Ubuntu Phone. Since then, I've written three more.

As before, all these apps are GPL 3 licensed and available on Launchpad. What's new is now you can browse them online due to a great unofficial web appstore made by Brian Douglass. This solves one of my previous gripes about not being able to find new applications.

One thing I have changed is I've started to use the standard page header. This makes it easy to add more pages (e.g. help, high scores). I initially wasn't a fan of the header due to the amount of space it took up but for simple apps it works well and it makes them predictable to use. I also went back and updated Dotty to use this style.

Let me introduce...

It's a simple utility to simulate dice rolling. Not much more to say. 431 lines of QML.

I was playing with uTorch and watching a spy movie and thinking "hey, wouldn't it be cool to flash the camera and send morse code messages. I wonder if the phone responds fast enough to do that." Apparently it does. 584 lines of QML.

So I thought, now I have this nice dice code from Dice Roller, it would be cool to make a full dice game with it. I've played a fair bit of Yahtzee in my time and searching Wikipedia I found there was a similar public domain game called Yatzy. 999 lines of QML.

on February 22, 2015 08:09 AM

The Xubuntu team hears stories about how it is used in organizations all over the world. In this “Xubuntu at..” series of interviews, we seek to interview organizations who wish to share their stories. If your organization is using Xubuntu and you want to share what you’re doing with us please contact Elizabeth K. Joseph at to discuss details about your organization.

Late last year we heard from developer Greg Blumenthal when he told us that he’d been deploying Xubuntu to customers who were “extremely happy” with their new systems. This month we took some time to ask him some questions about his work and the deployments.

Can you tell us a bit about yourself and the organizations you work with?

I am a freelance LAMP developer. Most of my clients are Mexican debt collection agencies, although I also work with food processing companies, telemarketers, and B2B VoIP companies.

What influenced your decision to use Free/Open Source Software for your customers?

Stability, ease of installation, ease of management, timely security updates. Interestingly, cost is NOT an issue here, as pirate copies of Windows are readily available.

What made you select Xubuntu specifically?

Low memory footprint, ease of installation on older systems, and ease of configuration to appear as familiar as possible to the end-users.

Can you tell us a bit about your Xubuntu setup?

I remove games, xchat, and other work distractions, and add openssh-server (allowing remote management), ntp, samba, and a SIP client (usually Zoiper or SFLphone). Everything is configures for Spanish with either Spanish or Latin American keyboards. I even install it in Spanish, even though English is my first language.

Is there anything else you wish to share with us about your work or how you use Xubuntu?

The biggest challenge is always sound. Whether it is ALSA or PulseAudio, I spend more time and effort managing sound issues for my clients than all other issues combined.

Huge thanks to Greg for taking the time to talk to us, and best of luck in his continued work with Xubuntu!

on February 22, 2015 12:42 AM

February 21, 2015

When I created the “Snappy Chatroom” package for WebRTC Video chat on snappy I used node.js to provide the necessary server bits. During building the snap I noticed how hard it is to actually put the necessary binaries and node modules in place. Especially if you want your snap to be arch independent (javascript is arch independent, so indeed our snap package should be too).

The best way I found was to actually build node.js from source on the respective target arch and run “npm install” for the necessary modules, then tarring up the matching dirs and putting them into my snap package tree.

This is quite some effort !!!

I’m a lazy programmer and surely do not want do that every time I update the package. Luckily there are already binaries of node for all architectures in the Ubuntu archive and it is not to hard to make use of them to run npm install in a qemu-user-static chroot for all target arches and to automate the creation for the respective tarballs. As little bonus i thought it would be nice to have it automatically generate the proper snap execution environment in form of a service startup script (with properly set LD_LIBRARY_PATh etc) so you only need to point node to the to-execute .js file.

This brought me to write node-snapper, a tool that does exactly do the above. It makes it easy to just maintain the actual code I care about in a tree (the site itself and the packaging data for the snap). I leave the caring for node itself or for the modules to the archive, respectively the npm upstreams and just pull in their work as needed.

See for the upstream code.

To outline how node-snapper works I took some notes below how I roll the chatroom snap as an example.

Using node-snapper:

First we create a work dir for our snap package.

ogra@anubis:~$ mkdir package

To create the nodejs and npm module setup for our snap package we use node-snapper, let’s branch this so we can use it later.

ogra@anubis:~$ bzr branch lp:node-snapper

Now we move into the package dir and let node-snapper create the tarballs with the “express”, “”, “” and “ws” node modules since chatroom makes use of all of them.

ogra@anubis:~$ cd package
ogra@anubis:~/package$ sudo ../node-snapper/node-snapper express ws

This created three files.

ogra@anubis:~/package$ ls
amd64-dir.tgz  armhf-dir.tgz

We unpack the tarballs and remove them.

ogra@anubis:~/package$ tar xf amd64-dir.tgz
ogra@anubis:~/package$ tar xf armhf-dir.tgz
ogra@anubis:~/package$ ls
amd64  amd64-dir.tgz  armhf  armhf-dir.tgz
ogra@anubis:~/package$ rm *.tgz
ogra@anubis:~/package$ ls
amd64  armhf

… and branch the chatroom site and packaging code branch.

ogra@anubis:~/package$ bzr branch lp:~ogra/+junk/chatroom
ogra@anubis:~/package$ ls site/
add.png      cam_on.png    expand.png      fullscreen.png  mute.png   server.js  unmute.png
cam_off.png  collapse.png  index.html      script.js  style.css
ogra@anubis:~/package$ ls meta/
icon.png  icon.svg  package.yaml

The file we want node to execute on startup is the server.js file in the “site” dir in our snap package. We edit so that the MY_EXECUTABLE variable looks like:


This is it, we are ready to roll a .snap package out of this

ogra@anubis:~/package$ cd ..
ogra@anubis:~$ snappy build package
ogra@anubis:~$ ls
chatroom.ogra_0.1-5_multi.snap  package

As you can see, node-snapper makes supplying javascript nodejs code as snap package a breeze. You only need to keep your site and package files in a git or bzr tree and node-snapper will always provide you the latest nodejs setup and npm installed modules as needed just at package build time.

Indeed we now want to test our snap package. I have a RPi2 running snappy at with enabled developer mode, so I can easily use snappy-remote to install the package.

ogra@anubis:~$ snappy-remote --url=ssh:// install chatroom.ogra_0.1-5_multi.snap

The service should start automatically. Opening chromium, pointing it to and approving access to microphone and camera will now give us a Video chat (pointing an android phone to it at the same time enables you to talk to yourself while watching you from different angles ;) … note that the mute button is very helpful when doing this …)

I hope we will see some more node.js projects land in the snappy app store soon. A PPA with node-snapper to make it easier installable should be ready next week and if I see there is demand I will also push it to universe in the Ubuntu archive.

I hope you found that little howto helpful :)

on February 21, 2015 05:42 PM

After what seems like an eternity, a new release of Xfce is finally just around the corner.  Xfce 4.10 was released in 2012, and since then development has happened in small bursts for each project.  Once a release date was set, interest spiked and development along with it.

The continued development has been recorded by ToZ on the Xfce Forums, and Skunnyk in his blog (parts 1, 2, and 3).  Both are worth a look to see how far Xfce has come in recent months.  If you’re looking for screenshots, you’ll find a few at those links and a gallery at the end of this post.

With just one week until the determined release date (February 28), string freeze is behind us and all that remains is bug fixes.  If you’ve got some development skills, why not swing by the Xfce Bugzilla and provide some patches?  Right now your patches have the best chance of being noticed and merged, so your hard work won’t go to waste!  And development is not the only way to contribute…

Areas for Contribution

Check out the Xfce Contribute page for more details

  • Fixing “easy“, “critical“, and any other bugs you never want to see again
  • Reviewing bugs and patches: Some bugs date back to 2007 and there is a good possibility they are no longer valid. If you don’t think one applies any longer, comment on it indicating as much.
  • Testing: With the sudden influx of fixes and new releases, we need testers more than ever.  Take the new releases for a spin and let us know if you see anything… odd.
  • Translations: Is your native language missing from Xfce? Is the choice of words not quite right?  Help us out!


The following screenshots are not an exhaustive list of the new features, but rather a select list of highlights in the upcoming release.

A clean screenshot showing off the desktop and panel shadows (new in xfwm4) Per-monitor configuration was greatly improved during the development cycle. CSDs (client-side decorations) work out of the box with compositing enabled in xfwm4. Many enhancements have been added to the alt-tab switcher. Window previews, a list view, nicer highlights for windows. Quickly pick a theme with the new color previews. New icon theme previews show off the most common icons in each theme. A new drag-and-drop configuration and the ability to add a "primary" display. A quick selection tool for common display configurations. Lots of bugfixes, and a new percentage bar indicating free space in the Properties dialog. Intelligent hiding is new with this release. The panel will hide to avoid covering up windows. Control power events based on inactivity. Fine-grained control over display power settings. See a wealth of power information for attached devices The power manager panel plugin allows quick brightness settings and shows battery life for attached devices. The Xfce Screenshooter can now upload screenshots to Imgur
on February 21, 2015 04:06 PM
Lubuntu developers are proud to announce that (with a delay of two weeks) version 14.04.2 of the fast and lightweight operating system is now available for download via this link.

Release Manager Walter Lapchynski explains: we had to delay the release for two weeks because of problems with X meta-packages which caused us numerous re-spins. But we wanted to do it right in order to maintain stability of existing installations and – on the other hand - roll up accumulated stable updates into updated images to reduce download requirements for new deployments.
Jens Leineweber, Head of Lubuntu Press adds in: and because we want our users to experience a stable environment even for computers with low resources, we decided to not release a .2 version of the alternate installation. That's due to the fact, that we were not able to fix all the bugs brought to our attention.

One major issue the team is fighting with is the debian-installer that causes troubles. Once again Walter Lapchynski: we've been asked a lot lately to stop doing alternates in lieu of netboot, but that's not really a good solution.

The Lubuntu Team will now team up with the Ubuntu Release Team and Servers Team to develop a possible low resource version of the Ubiquity installer.

Caution: before you install Lubuntu, we advice you to have a read of the Release notes!
on February 21, 2015 01:28 AM

February 20, 2015

Now that apport-noui, a package to automatically report crashes to the Ubuntu Error Tracker without user interaction, has been proven to work well on Ubuntu devices I was wondering what it would take to get it running on my Mythbuntu 14.04 install as I was tired of getting the occasional apport dialog when I was trying to watch TV.

I had to backport a couple of apport fixes and also backported one whoopsie fix that will log the OOPS ID of any reported crashes to /var/log/syslog. I’ve put these updated versions of apport and whoopsie in my PPA, however they are acceptable for a Stable Release Update and depending on the interest I will upload them to the SRU queue.

I added my PPA to my 14.04 system:

sudo add-apt-repository ppa:brian-murray/ppa

I then installed the apport-noui package on it.

sudo apt-get install apport-noui

I’ve been running it for about a week now and looked in my /var/crash/ directory on my Mythtv system to discover a .crash and a correpsonding .uploaded file. The .uploaded file means that the crash was sent to the Ubuntu Error Tracker.

While I could inspect the .crash file on my system to see what it is about let’s look for the OOPS ID in /var/log/syslog.

Feb 20 10:38:54 flash whoopsie[8223]: Parsing
Feb 20 10:38:54 flash whoopsie[8223]: Uploading
Feb 20 10:38:56 flash whoopsie[8223]: Sent; server replied with: No error
Feb 20 10:38:56 flash whoopsie[8223]: Response code: 200
Feb 20 10:38:56 flash whoopsie[8223]: Reported OOPS ID

The crash can be found at the Error Tracker at On the problem instance page we can see a line labelled Problem and that is a link to the bucket for these crashes. These crashes seem to occur pretty frequently, so I’ve opened a Launchpad bug report corresponding to the crash.

Let me know if you think this is useful (or if you have any issues) and I’ll work on getting this into the Trusty and Utopic SRU queues.

on February 20, 2015 09:53 PM

Are LXC and Docker secure?

Andrea Corbellini

Since its initial release in 2008, LXC has become widespread among servers. Today, it is becoming the preferred deployment strategy in many contexts, also thanks to Docker and, more recently, LXD.

LXC and Docker are used not only to achieve modular architecture design, but also as a way to run untrusted code in an isolated environment.

We can agree that the LXC and Docker ecosystems are great and work well, but there’s an important question that I believe everyone should ask, but too few people are asking: are LXC and Docker secure?

Broken Chain

A system is as safe as its weakest component.

In order to answer this question, I won’t go deep into the details of what LXC and Docker are. The web is full of information on namespaces and cgroups. Rather, I’d like to show what LXC and Docker can do, what they cannot do, and what their default configuration allows them to do. My hope is to provide a quick checklist for those who want to go with LXC/Docker, but are unsure on what they need to pay attention to.

What LXC and Docker can do

As we all know, LXC confines processes mainly thanks to two Linux kernel features: namespaces and cgroups. These provide ways to control and limit access to resource such as memory or filesystem. So, for example, you can limit the bandwidth used by processes inside a container, you can limit the priority of the CPU scheduler, and so on.

As it is well known, processes inside a LXC guest cannot:

  • directly interact with the host processes, or with other LXC containers;
  • access the root filesystem, unless configured otherwise;
  • access special devices (block devices, network interfaces, …), unless configured otherwise;
  • mount arbitrary filesystems;
  • execute special ioctls, special syscalls or special interrupts, that would affect the behavior host.

And at the same time, processes inside an LXC guest can find an environment that is perfectly suitable to run a working operating system: I can run init, I can read from /proc, I can access the internet.

This is most of what LXC can do, and it’s also what you get by default. Docker (when used with the LXC backend) is a wrapper around LXC that provides utilities for easy deployment and management of the containers, so everything that applies to LXC, applies to Docker too.

If this sounds great, then beware that there are the things you should know…

You need a security context

LXC is somewhat incomplete. What I mean is that some parts of special filesystems like procfs or sysfs are not faked. For example, as of now, I can successfully change the value of host’s /proc/sys/kernel/panic or /sys/class/thermal/cooling_device0/cur_state.

The reason why LXC is “incomplete” doesn’t really matter (it’s actually the kernel to be incomplete, but anyhow…). What matters is that certain nasty actions can be forbade, not by LXC itself, but by an AppArmor/SELinux profile that blocks read and write access certain /proc and /sys components. The AppArmor rules were shipped in Ubuntu since 12.10 (Quantal), and have been included upstream since early 2014, together with the SELinux rules.

Therefore, a security context like AppArmor or SELinux is required to run LXC safely. Without it, the root user inside a guest can take control of the host.

Check that AppArmor or SELinux are running and are configured properly. If you want to go with Grsecurity, then remember to configure it manually.

Limit resource consumption

LXC offers ways to limit resource usage, but no special restrictions are put in place by default. You have to configure them by yourself.

With the default configuration, I can run fork-bombs, request huge memory maps, keep all CPUs busy, doing high loads of I/O. All of this without special privileges. Remember this when running untrusted code.

Uncontrolled memory consumption

To limit resource consumption in LXC, open the configuration file for your container and set the lxc.cgroup.&lt;system&gt; values you need.

For example, if you want to limit the container memory usage to 512 MiB, set lxc.cgroup.memory.limit_in_bytes = 512M. Note that the container with that option, once it exceeds the 512 MiB cap, will start using the swap without limits. If this is not what you want, then set lxc.cgroup.memory.memsw.max_usage_in_bytes = 512M. Note that to use both options you may need to add cgroup_enable=memory and swapaccount=1 to the kernel command line.

To have an overview of all possible options, check out Red Hat’s documentation or the Kernel documentation.

With Docker, the story is similar: just use --lxc-conf from the command line to set LXC’s options.

Limit disk usage

Something that LXC cannot do is limiting mass storage usage. Luckily, LXC integrates nicely with LVM (and brtfs, and zfs, and overlayfs), and you can use that for easily limiting disk usage. You can, for example, create a logical volume for each of your guests, and give that volume a limited size, so that space usage inside a guest cannot grow indefinitely.

The same holds for Docker.

Pay attention at /dev/random

Processes inside LXC guests, by default, can read from /dev/random and can consume the entropy of the host. This may cause troubles if you need big amounts of randomness (to generate keys or whatever).

If this is something that you don’t want, then configure LXC so that it denies access to the character devices 1:8 (random) and 1:9 (urandom). Denying access to the path /dev/random is not enough, as mknod is allowed inside guests.

Note however that doing so may break many applications inside the LXC guest that need randomness. Maybe consider using a different machine for processes that require randomness for security purposes.

Use unprivileged containers

Containers can be run from an unprivileged user. This means UID 0 of the guest can’t match UID 0 of the host, and many potential security holes can’t simply be exploited. Unfortunately, Docker has not support for unprivileged containers yet.

However, if Docker is not a requirement and you can do well with LXC, start experimenting with unprivileged containers and consider using them in production.

Programs like Apache will complain that it’s unable to change its ulimit (because setting the ulimit is a privilege of the real root user). If you need to run programs that require special privileges, either configure them so that they do not complain, or consider using capabilities (but do not abuse them, and be cautious, or you risk introducing more problems than the ones your are trying to solve!)


LXC, Docker and the entire ecosystem around them can be considered quite mature and stable. They’re surely production ready, and, if the right configuration is put in place, it can be pretty difficult to cause troubles to the host.

However, whether they can be considered secure or not is up to you: what are you using containers for? Who are you giving access to? What privileges are you giving, what actions are you restricting?

Always remember what LXC and Docker do by default, and what they do not do, especially when you use them to run untrusted code. Those that I have listed may only be a few of the problems that LXC, Docker and friends may expose. Remember to carefully review your configuration before opening the doors to others.

Further reading

If you liked this article, you’ll find these ones interesting too:

on February 20, 2015 04:36 PM

Queer-Positive Songs

Rhonda D'Vine

Just recently I stumbled upon one of these songs again and thought to myself: Are there more out there? With these songs I mean songs that could from its lyrics be considered queer-positive. Lyrics that cointain parts that speak about queer topics. To get you an idea of what I mean here are three songs as examples:

  • Saft by Die Fantastischen Vier: The excert from the lyrics I am refering to is: "doch im Grunde sucht jeder Mann eine Frau // Wobei so mancher Mann besser mit Männern kann // und so manche Frau lässt lieber Frauen ran" ("but basically every man looks for a woman // though some man prefer men // and some women prefer women").
  • Liebe schmeckt gut by Grossstadtgeflüster: Here the lyrics go like "Manche lieben sich selber // manche lieben unerkannt // manche drei oder fünf" ("some love themself // some love in secrecy // some three or five"). For a stereo sound version of the song watch this video instead, but I love the video. :)
  • Mein schönstes Kleid by Früchte des Zorns: This song is so much me. It starts off with "Eines Tages werd ich aus dem Haus geh'n und ich trag mein schönstes Kleid" ("One day I'll go out and I'll wear my most beautiful dress" sung by a male voice). I was made aware of it after the Poetry Night at debconf12 in Nicaragua. As long as people still think of people like me as "a dude in a dress" there is a lot work to do to fight transphobia and gain tolerance and acceptance.

Do you have further examples for me? I know that I already mentioned another one in my blog entry about Garbage for a start. I am aware that there probably are dedicated bands that out of their own history do a lot songs in that direction, but I also want to hear about songs in which it is only mentioned in a side note and not made the central topic of the whole song, making it an absolutely normal random by-note.

Like always, enjoy—and I'm looking forward to your suggestions!

/music | permanent link | Comments: 15 | Flattr this

on February 20, 2015 04:05 PM

The second update to our LTS release 14.04 is out now. This contains all the bug fixes added to 14.04 since its first release in April. Users of 14.04 can run the normal update procedure to get these bug fixes.

See the 14.04.2 release announcement.

Download 14.04.2 images.

on February 20, 2015 02:48 PM

Amongst the numerous submissions for speaking slots at the OpenStack Summit in Vancouver in May, you’ll find a select number of submissions from my team:

Multi-node OpenStack development on single system (Speakers: James Page, Corey Bryant)

Corey has been having some fun hacking on enabling deployment from source in the OpenStack Juju Charms for Ubuntu – come and hear about what we’ve done so far and how we’re trying to enable a multi-node OpenStack deployment from source in a single node using KVM and LXC container, with devstack style reloads!

Scaling automated testing of Ubuntu OpenStack (Speakers: James Page, Ryan Beisner, Liam Young)

The Ubuntu OpenStack team have a ever increasing challenge of supporting testing of numerous OpenStack versions on many different Ubuntu releases; we’ll be covering how we’ve used OpenStack itself to help us scale-out our testing infrastructure to support these activities, as well as some of the technologies and tools we use to deploy and test OpenStack itself.

OpenStack HA Nirvana on Ubuntu (Speaker: James Page)

We’ve been able to deploy OpenStack in Highly Available configurations using Juju and Ubuntu since the Portland Summit in 2013 – since then we have evolved and battle-tested our HA reference architecture into a rock-solid solution to ensure availability of cloud services to end users.  This session will cover the Ubuntu OpenStack HA reference architecture in detail – we might even manage a demo as well!

Testing Openstack with Openstack (Speaker: Ryan Beisner)

Ryan Beisner has been leading Ubuntu OpenStack QA for Canonical since 2014; he’ll be deep-diving on the challenges faced in ensuring the quality of Ubuntu OpenStack and how we’ve leveraged the awesome tool set we have in Ubuntu for deploying and testing OpenStack to support testing of OpenStack both virtually and on bare-metal 100’s of times a day.

also of interest, and building on and around the base technology that the Ubuntu OpenStack team delivers:

OpenStack IPv6 Support (Speaker: Edward Hope-Morley)

Ed’s team have made great in-roads into enabling Ubuntu OpenStack deployments in IPv6 only environments; he’ll be discussing the challenges encountered and how the team overcame them as well as setting out some suggested improvements that would make IPv6 support a first class citizen for OpenStack.

Autopiloting OpenStack (Speaker: Dean Henrichsmeyer)

Dean will be talking about how the Ubuntu OpenStack Autopilot pulls together all of the various technologies in Ubuntu (MAAS, Juju and OpenStack) to fully automate deployment and scale-out of complex OpenStack deployments on Ubuntu.

Containers for Dummies (Speaker: Tycho Andersen)

Tycho promises an enlightening and fun talk about containers introducing all the basic technologies in Linux that support containers – all done through the medium of pictures of cats!

You can find the full list of Canonical submissions here – see you all in Vancouver!

on February 20, 2015 09:58 AM

Edubuntu Long-Term Support

The Edubuntu team is proud to announce Edubuntu 14.04.2 LTS, which is the second Long Term Support (LTS) update as part of the Edubuntu 14.04 5 years support cycle. This point release includes all the bug fixes and improvements that have been applied via updates to Edubuntu 14.04 LTS since it has been released. It also includes updated hardware support and installer fixes. If you have an Edubuntu 14.04 LTS system and have applied all the available updates, then your system will already be on 14.04.2 LTS and there is no need to re-install. For new installations, installing from the updated media is recommended since it will be installable on more systems than before and will require less updates than installing from the original 14.04 LTS media.
  • Information on where to download the Edubuntu 14.04.2 LTS media is available from the Downloads page.
To ensure that the Edubuntu 14.04 LTS series will continue to work on the latest hardware as well as keeping quality high right out of the box, further point releases will be made available during its lifecycle. More information will be available on the release schedule page on the Ubuntu wiki.

See also

Thanks for your support and interest in Edubuntu!
on February 20, 2015 08:22 AM


Ubuntu GNOME Team is glad to announce the release of the second point release for Ubuntu GNOME 14.04 LTS.

  • Q: What are point releases for LTS versions of Ubuntu family?
  • A: Please, see the answer.
  • Q: What the difference between Ubuntu GNOME 14.04 and Ubuntu GNOME 14.04.2 LTS?
  • A: Linux Kernel 3.16, bug fixes and updated packages. Everything else should be the same as 14.04 LTS.

Get Ubuntu GNOME 14.04.2

  1. First of all, kindly do read the release notes. THIS IS VERY IMPORTANT!
  2. For NEW installations, you can download from here.
  3. Current users do NOT need to reinstall anything. You may only want to update your system, that is all. Again, please do read the release notes!

Special thanks
Special thanks to each and everyone who have taken the time to test Ubuntu GNOME 14.04.2 (and the other flavours as well) and helped to release yet another rock solid release with less bugs. Without our great testers, we shall never make it. Keep up the great work!

To contact Ubuntu GNOME:
Please see our full list of contact channels.

Thank you for choosing and using Ubuntu GNOME!

on February 20, 2015 12:10 AM

February 19, 2015

Para hacernos idea de estos 2 factores que importan y mucho, lo mejor será aportar ejemplos.

Formato JPG, pesos de imágenes varían entre 700KB - 1,3MB a 8Mpx y una resolución de 4352x2448.
Hay una opción de HD que las hace a 13Mpx.

Calidad de fotografía
Respecto a la batería, tras cargarla toda la noche y hacer un uso normal, alternando con 3G y WIFI, es tal que 15 horas de uso y 14% de autonomía restante.
Según se ve en el gráfico, la WIFI consumió mucha menos batería que el 3G.
De 8:00 a 23:30 con uso normal y queda un 14% de batería
on February 19, 2015 08:34 PM
I was interviewed in the Asturian RTPA Radio about the Ubuntu Phone.

on February 19, 2015 07:40 PM

Say hi to cuttlefish!

Sebastian Kügler

Cuttlefish icon previewer

Cuttlefish icon previewer

One of the things I’ve been sorely missing when doing UI design and development was a good way to preview icons. The icon picker which is shipped with KDE Frameworks is quite nice, but for development purposes it lacks a couple of handy features that allow previewing and picking icons based on how they’re rendered.

Over the christmas downtime, I found some spare cycles to sit down and hammer out a basic tool which allows me to streamline that workflow. In the course of writing this little tool, I realised that it’s not only useful for a developer (like me), but also for artists and designers who often work on or with icons. I decided to target these two groups (UI developers and designers) and try to streamline this tool as good as possible for their usecases.

Cuttlefish is the result of that work. It’s a small tool to list, pick and preview icons. It tries to follow the way we render icons in Plasma UIs as close as possible, in order to make the previews as realistic as possible. I have just shown this little tool to a bunch of fellow Plasma hackers here at the sprint, and it was very well received. I’ve collected a few suggestions what to improve, and of course, cuttlefish being brand-new, it still has a few rough edges.

You can get the source code using the following command:

git clone kde:scratch/sebas/cuttlefish
git clone kde:plasmate

and build it with the cmake.

Enjoy cuttlefish!

[Edit] We moved cuttlefish to the Plasmate repository, it’s now part of Plasma’s SDK.

on February 19, 2015 03:42 PM