Fedora Hub

March 29, 2017

Fedora Magazine

Tether a digital camera using Entangle

Ever wanted to be able to control your digital camera or DSLR from Fedora? Entangle — an application to tether digital cameras — allows you to take a shot, tweak settings, and view the shot all from the comfort of your desktop. Simply connect your camera up via USB, launch Entangle, and start taking photos.

The Entangle user interface allows you to tweak the settings of the shot — for example aperture, shutter speed, and ISO settings — right from your desktop, without having to play with these settings on the camera itself. Entangle also makes it easy to view statistics and details about the shots you have taken, without having to view them on the small screen of your camera.

Screenshot of entangle on Fedora

Entangle uses the Picture Transfer Protocol (PTP) to control digital cameras and DSLRs from within Fedora. Specifically, Entangle uses the remote capture functionality implemented in libgphoto2. Entangle upstream states in the FAQ, that the best supported cameras are Nikon or Canon DSLRs — they have the widest range of functions, and are tested extensively on libgphoto2.

Installing Entangle

To Install Entangle, search for it in the Software application:

Entangle in the Software app

Alternatively, install using dnf on the commandline, using the command:

sudo dnf install entangle

 

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

Save

by Ryan Lerch at March 29, 2017 05:00 AM

xkcd.com

March 27, 2017

Fedora Magazine

Using cloud-init to initialize Fedora Cloud VMs on oVirt

This article shows how to use cloud-init on the oVirt management platform. With cloud-init, you can start up a Fedora Cloud Base Image template, configured for network and logins, without logging into the virtual machine.

What is oVirt?

oVirt is a free, open-source virtualization management platform with an easy web interface.

What is cloud-init?

The cloud-init tool provides early initialization and setup of a virtual machine (VM). This usually happens during the startup of the guest operating system on the VM.

What can I do with cloud-init in oVirt?

oVirt allows you to configure:

  • an initial user account including password and your SSH key
  • a hostname
  • the timezone of the VM
  • DNS settings and networks on the VM

Additionally, it allows you to pass a custom cloud-init script. That script gives you even more control over the VM.

Virtual machine requirements

To use cloud-init with a virtual machine, the cloud-init package must be installed on the VM in question. Packages for cloud-init are available in most distributions’ package repositories, including Fedora.

The VM you’re booting should have the cloud-init package preinstalled and configured to start automatically on boot.

cloud-init configuration within oVirt

There are two ways to configure the cloud-init parameters:

  • Permanent: Saves a configuration, which is useful for stateless VMs that discard all changes after shutdown.
  • Temporary: Passes configuration via the run once dialog used only for the current run of the VM.

How to permanently setup cloud-init parameters for a VM in oVirt

  1. Log in to the user portal or the administration portal of your oVirt instance.
  2. In case of the user portal, select the Extended link in the upper left corner to get the list of your VMs. (This step is not required for the Administration portal.)
  3. Select the VM in the list you want to configure.
  4. Select the Edit link which is now active in the list header.
  5. The Edit Virtual Machine dialog then opens. Now choose the Initial Run section on the left hand side of the dialog. This is usually the third entry from the top. (Note: If the Initial Run section is not present, select the Show Advanced Options in the bottom left area of the dialog to reveal hidden options.) Mark the check box Use Cloud-Init/Sysprep. This will reveal the available options.

Now configure the options as desired and select OK. oVirt applies the configuration to the VM the next time it’s started.

How to temporarily setup cloud-init parameters for a VM in oVirt via Run-Once

  1. Log in to the user or administration portal of your oVirt instance.
  2. If using the user portal, select the Extended link in the upper left corner to get the list of your VMs. (This step is not required for the administration portal.)
  3. Select the VM you’d like to configure in the list.
  4. Select the Run-Once link in the list header. The Run Virtual Machine(s) dialog appears.
  5. Now choose the Initial Run section.
  6. Mark the check box Use Cloud-Init. This will reveal the available options.

Now configure the options as desired and select OK. The VM starts with these options configured and applied. The information entered is not persistent. It’s discarded on shutdown of the VM. However, changes you apply inside the VM persist, as long as the VM isn’t stateless.

Hands on with the Fedora Cloud Base Image

From the oVirt administration portal, one imports a virtual machine disks from an predefined image. oVirt comes with a glance repository with many Linux distribution images. Several versions of CentOS 7, Ubuntu, and Fedora are included.

Importing the image

This example uses the Fedora 25 Cloud Base Image. Within the Storage section of the administration portal, select the ovirt-image-repository entry in the table. A list of available images to import appears in the lower pane.

Image selection in the oVirt Administration Portal

Image selection in the oVirt Administration Portal

Right click on the entry to setup the import. You can import to the datacenter and storage domain of choice as a new disk or template. This example imports as a disk.

The Import Image Dialog in oVirt

Import Image Dialog in oVirt

Setting up the virtual machine

After the disk image has been imported, switch to the Virtual Machines section and create a New VM. In the dialog choose Linux as the operating system. Configure it to be optimized for Server usage. Next, set a name for the virtual machine. The name of virtual machines in oVirt may not contain spaces.

Next attach the disk image to the virtual machine in the Instance Images section. The imported disk image should be called GlanceDisk followed by a dash and some numbers and letters. However, if you opted to rename it in the import dialog, look for the name you assigned there.

New Virtual Machine Dialog in oVirt

New Virtual Machine Dialog in oVirt

Now, configure the network interfaces. For this scenario add two adapters and set them to the appropriate network. The correct network depends on your configuration. By default the network is called ovirtmgmt/ovirtmgmt. In your environment, or in more complex scenarios, this might be different.

Change the amount of memory and number of CPUs in the System section of the dialog as needed.

Getting started with cloud-init

Now you can configure the virtual machine details from the Initial Run section of the dialog. Check the Cloud-Init/Sysprep checkbox to make the options visible.

Setting up cloud-init in the oVirt 'New Virtual Machine' dialog

Setting up cloud-init in the oVirt ‘New Virtual Machine’ dialog

Set a hostname as desired. This example uses f25.magazine.example.com. Next, set up a time zone by checking the Configure Time Zone checkbox and choosing the appropriate time zone.

Setting up authentication

The oVirt Cloud-Init configuration dialog lets users create new users and set their password. Additionally it lets you supply a SSH key for the root user. This key is added to the authorized-keys so you can establish a password-less SSH connection to the VM.

VM edit dialog - Cloud Init options - Adding authentication options

VM edit dialog – Cloud Init options – Adding authentication options

Networking options

oVirt offers a straightforward way to configure networks via cloud-init. To use the functionality, check the Network checkbox. Here you can set up DNS servers, DNS search domains, and network interface configurations.

To add an interface configuration, click the Add new button. Give the network a name, which may not contain spaces or special characters.

You may choose a dynamic network configuration, which is usually the default. It’s a good idea to check the Start on Boot checkbox, so the network configuration will be processed when the VM boots.

If you have no DHCP available, or if you prefer a fixed IP, choose the Static option from the Boot Protocol drop down. Then edit the IP address, Netmask and Gateway for your interface.

VM dialog - Cloud Init options - Network configuration

VM dialog – Cloud Init options – Network configuration

Finishing up

Once all information is configured, select OK and start the VM. If the VM is configured correctly and the cloud-init package is enabled to start on boot, it will find the configuration and apply all the settings.

In case of persistent information, oVirt marks a VM as initialized after the VM’s first runM. Once it is marked as initialized, the cloud-init information is no longer passed to the VM. This is not the case if the VM is stateless. A stateless VM discards all changes applied after the run, and therefore the VM won’t be marked as initialized.

 

Save

Save

by Vinzenz 'evilissimo' Feenstra at March 27, 2017 08:19 AM

xkcd.com

March 24, 2017

Fedora Magazine

How to use Java and other NPAPI plugins in Firefox

Mozilla decided to stop supporting NPAPI plugins for Firefox browser two years ago. NPAPI plugins are binary components integrated to the browser. Some well known NPAPI plugins are Flash, Java, and the GNOME Shell web extension.

The stock Firefox 52 browser disables these components. The exception is Flash, but Firefox will remove its support in the future, too. Fortunately, Fedora users still have options to bypass that plugin ban.

Enable plugins in Fedora Firefox browser

This may be the easiest choice for now. Firefox 52 allows you to override the plugin block using a preference setting in about:config. In Firefox, enter about:config in the location bar, and confirm the warning dialog. Then right click anywhere on the option list and add a new Boolean option named plugin.load_flash_only and set it to false.

Be aware this entry could be removed anytime without further warning, and is strictly unofficial.

Install Firefox 52 ESR

This is the official to run NPAPI plugins by Firefox now. However, at the end of this year Firefox 52 ESR (Extended Support Release) is planned to be discontinued.

The Firefox 52 ESR binary package is provided from Mozilla site. Download and unpack the tar archive somewhere in your home directory and launch the browser. You can then register it as a default browser. It also updates itself automatically when a new release is available.

You can have more than one browser installed. To choose the default in Fedora Workstation, go to the Settings control panel, and select Details, Default Applications.

Use dedicated browser for plugins only

This will be the final option when Firefox 52 ESR reaches its end of life. You can still use an old and unsupported browser, but it may contain flaws and vulnerabilities which won’t be fixed. A typical use case may be an internal system which needs a Java plugin but is otherwise secured. Never use an old browser for public web pages, since the browser may have known, exploitable flaws.

You can use a different browser profile for such a dedicated browser. Open the Terminal app, change directory to the old browser, and run this command:

./firefox -ProfileManager -no-remote

To launch the browser:

./firefox -P your_dedicated_profile -no-remote

by Martin Stransky at March 24, 2017 08:00 AM

xkcd.com

March 22, 2017

Fedora Magazine

Tools for PDF modification on Fedora

There are many options in the Fedora repositories for quickly modifying the page order of a PDF document. In Fedora, two of the easiest-to-use GUI tools for modifying PDFs are PDFMod and PDFShuffler. While GUI tools are well suited to this task, if you need a command line tool, the pdfseparate and pdfunite commands provided by the poppler-utils package can modify PDFs directly from your Terminal. All These tools allow you to remove, add, and rearrange pages and export it to a new document.

These tools are also useful when creating PDFs with Inkscape. Inkscape currently only supports single-page export of PDFs, so you can use these tools in your workflow to join PDFs together after using Inkscape. Inkscape also supports importing a single pages of PDFs, so if you need to edit the actual content of a PDF Document, give Inkscape a try.

PDFmod & PDFShuffler

Both PDFmod and PDFShuffler are available in the Fedora repositories. Install them from the Software app in Fedora Workstation, or via the command line with DNF:

sudo dnf install pdfmod pdfshuffler

PDFMod and PDFShuffler are very similar applications — they look and function pretty much the same way. Once you have imported one or more PDFs into them, they provide a display of all the pages in the document, ready for you to start your modifications.

Screenshot of PDF Mod and PDF Shuffler

PDF Mod on the left; PDFShuffler on the right

Rearrange the order of the pages by selecting (using Shift + Click and Ctrl + Click to select multiples), and drag ‘n’ drop them to their desired location in the Document. The same goes for removing pages; Select, then press delete. When you are done, simply save your document as a new PDF file.

pdfseparate and pdfunite

The popper-utils package provides several different commands for interacting with and modifying PDF files. However, the two commands that help us the most here are pdfseparate and pdfunite. Use dnf on the command line to install poppler-utils:

sudo dnf install poppler-utils

pdfseparate extracts pages into multiple PDFs that we can later merge together with pdfunite. To extract all the pages of a document into individual files, use:

pdfseparate ColoringBook.pdf ColoringBook-page_%d.pdf

To export a range of pages — say just pages 3,4,5,6,7,8 and 9 of a PDF — use the command:

pdfseparate -f 3 -l 9 ColoringBook.pdf ColoringBook-page_%d.pdf

Finally, after using pdfseparate, if we wanted to create a new document (NewColoringBook.pdf) with ColoringBook-page_3.pdf and ColoringBook-page_3.pdf we could use the following pdfunite command:

pdfunite ColoringBook-page_3.pdf ColoringBook-page_7.pdf NewColoringBook.pdf

 

Save

Save

Save

Save

by Ryan Lerch at March 22, 2017 09:53 AM

xkcd.com

March 20, 2017

Fedora Magazine

How to install Fedora as a VirtualBox guest

There are many ways to give Fedora a try if you are currently using another operating system. One way that will have little impact on your current operating system is to create a live USB of Fedora, and boot directly into it. Alternatively, you could use virtualization technology such as VirtualBox to run a Fedora install. The virtualization approach allows you work on on your Fedora install without haveing to to reboot the system every time you need to use Fedora. Additionally, even if your main operating system is Fedora or not, and you want to do some hack or test some software on a spare installation without harming your main system, having the option to start from zero again and again without losing your other works. You can even restore a backup of your virtualized system if something in your test goes wrong.

Note that if you are currently running Fedora as your main machine, VirtualBox may not be the best choice for virtualization, because it is not in the Fedora repositories. In this case, using KVM / Libvirt is probably a better approach. However, if your main system is Windows or OSX, you can use VirtualBox to create a Fedora guest.

What is VirtualBox

Oracle VM VirtualBox is, as stated in the homepage “a powerful x86 and AMD64/Intel64 virtualization product for enterprise as well as home use“. Virtualization lets you to run an entire operating system inside a virtual machine. A virtual machine is a piece of software that runs on top of your system and, in brief, emulates a PC hardware (however, in reality the subject is a little bit more complex).

You can install the VirtualBox software, configure a virtual machine, and run another operating system, like installing it on another PC. You can configure the virtual machine (VM) configuring various kind of hardware: how much RAM, what kind of chipset (PIIX3 or ICH9), how many (virtual) CPUs, up to four network cards and which model, how many (virtual) hard disks, boot order, audio device and a bunch of other things.
You can install as many VMs you want, and run them at the same time, well, in this case as many as your physical hardware is able to support (you can imagine what happens if you try to start ten VMs with 1GB of RAM each, and your PC have 4GB of RAM).

VirtualBox is a multi platform software: in the sense that it is released for a lot of operating systems (Linux, Windows, MacOS and Solaris/Illumos). VirtualBox is developed by Oracle and, since version 4, it is free software released under the GNU General Public License version 2 (GPLv2).

Installing Fedora as a VirtualBox guest

Start Oracle VM VirtualBox Manager

In this tutorial, we assume you already have VirtualBox installed. It is a straightforward task: download the Windows or MacOS X installer from the VirtualBox website. Generally speaking, the version that you can download from the Oracle VirtualBox website is more recent than the one you can find in 3rd party repositories.

Once VirtualBox is installed, start it, and you will see the configuration and management dashboard: Oracle VM VirtualBox Manager. Also this interface is pretty simple and straightforward.

Download the Fedora ISO

In order to install Fedora, you need the installation media. You can download Fedora from https://getfedora.org/ Any of the Fedora downloads will work. You can grab the full Fedora Workstation ISO, the slim netinstall ISO, or even a spin of the Fedora desktop environment: maybe XFCE or LXDE desktop environment will runs smoothly inside a virtualized platform.

Create an empty virtual machine

The graphical interface will guide you through the VM creation. Basically the default options should fit your basic needs.

Click on the “New” icon. Write the name of the VM. Type and Version should be automagically reflect the operating system you are going to install: based on this, some basic options will be automatically adapted to fit the operating system minimal requirements.

Click on “Next”. Now you must select the amount of RAM to assign to the VM. Please note that the more you assign to the VM, the lesser will remains to your host operating system: if there is a lack of available memory on the host OS, the system will start to swap, affecting even the VM performances. So pay attention in balancing the RAM size of the VM: however the configuration interface will alert you if you are exaggerating. By the way 1024 MB is a good starting point.

Now it is time to configure the VM disk. Default choiches are ok, except for the size: 8GB is too small for a usable Fedora workstation, so let’s use at least 20GB. Also in this case, you are taking up space to the host system: you must take that into account if you are planning to use many virtual machines or you’re short in disk space.

 

Remember that you can add as many (virtual) disks as you want. So, for instance, if you end up filling the virtual machine disk space, you can add a second disk. It is more easy than adding an hard disk to your desktop PC or your notebook.

Ready to start with the machine configuration

The virtual machine is now ready. You can change some options by clicking the Settings option from the toolbar.

Network

The network options allow you to configure more than one interface, and the kind of network. You can configure your VM mainly in these ways:

  • NAT: the VM will be like in a private network not accessible from the outside. It can freely reach the same sites you are allowed to with your host syestem. The VM will get an IP from the VirtualBox internal DHCP, then, to go on the network, such address will be translated in the IP of the host system. This option is suitable if you have not to reach the VM from the rest of the network, i.e. you don’t run network services on the VM. At the same time you can reach the outside network.
  • Bridged Adapter: in this case you must think as a new network card on your host PC. The VM is directly attached to your LAN, so you must assign a static IP in the same subnetwork of the host system, or use your LAN DHCP. In this way the VM will have a reachable IP, at least from the LAN, so you can configure some network services and reach them from any host in the LAN.

There is a third way that worth mentioning. You can configure the main interface as NAT, and a second interface as Host-only Adapter: in that way the VM can reach the outside network using NAT, but it is at the same time reachable, but unlike Bridged mode, it is reachable solely and exclusively from your PC.

Installation media

You need to select the installation disk. So go in Storage and select the ISO file previously downloaded.

Select Empty in the IDE controller, then the CD icon. Select the ISO image and press OK.

Start up the VM and let’s install Fedora

It is now the time to start the virtual machine. By default it will start from the virtual CD. You must think to a virtual machine, like it is a physical one: you can boot up, shut down gently, abruptly power off, it has memory, disks, network card, and even a sound card if you want.

Let’s click on the green arrow. The virtual machine will start.

You can ignore the overlay message complaining something related to mouse pointer and keyboard integration. We will manage to solve that later.

The boot process begins and you can go ahead with the normal installation process.

You will see the (virtual) network interface, and the 20GB (virtual) Hard Disk.

It is a good choice to leave the default partitioning scheme. In fact by default Fedora will set up a LVM, logical volume manager. LVM could be useless in a notebook, where you will never add a second hard drive. In a virtual machine you can easily add pretty as many disks as you want, as said before, so using LVM is a good choice in order to further expand available filesystem space inside the VM.

Go ahead with the installation process and reboot the system.

Final steps

Update Fedora

As for every installation, inside a VM or not, the first thing to do is a system update. Then login on Fedora with the user configured during the installation process and complete the first login steps. To update the Fedora install in your VM, open a Terminal and type:

sudo dnf -y update

Installing the Guest Additions

VirtualBox Guest Additions are device drivers and system applications that help to optimize the operating system installed inside the VM, useful for better performance and usability, like a better mouse and keyboard integration, window scaling and resizing, better video performances, and clipboard integration. Guest Additions need to be installed inside the VM, not on your host OS.

Then let’s insert the Guest Additions CD, by clicking on Devices -> Insert Guest Additions CD image… A window should appear asking you if you want to allow autorun of the CD content.

Click on “Cancel” because you need to install some additional packages in order to fully install the Guest Additions.
Open a terminal and type, even if some packages may be already installed:

sudo dnf -y install gcc automake make kernel-headers kernel-devel perl

Once finished, actually install the Additions by running the script

sudo /run/media/user/VBOXADDITIONS*/VBoxLinuxAdditions.run

Reboot the VM.

Make a clone

The clone is a copy of the newly created machine. When you are ready, stop the VM. In the Manager select the VM and in the Machine drop down menù, select “Clone…”

The main difference between Full and Linked clones is that latter cloning process is faster and consumes less size on your hard disk, at least initially, by contrast you cannot delete the virtual disk of the source VM, and cloned VMs cannot be exported to a different computer without moving the original as well.

Final thoughts

VirtualBox is a very convenient way to try Fedora if you don’t already use it, whitout having to partition or format your PC or configuring dual booting. If you already are a Fedora user, VirtualBox is a very effective way for testing purposes without the fear to break your system: you can reinstall the VM as many times as you want, or better, as stated before, you can use clones to restart your test from a fresh installation without wasting time in the installation process.

Save

Save

Save

Save

Save

by Alessio Ciregia at March 20, 2017 08:00 AM

xkcd.com

March 17, 2017

Fedora Magazine

The End of the Line for EPEL-5

For the last 10 years, the Fedora Project has been building packages for the same release of another operating system. However on March 31st, 2017, that will come to an end when Red Hat Enterprise Linux (RHEL) version 5 moves out of production.

A Short History of EPEL

RHEL is a downstream rebuild of a subset of Fedora releases that Red Hat feels it can adequetely support over a multi-year lifetime. While these packages make for a full operating system, there have always been a need by system administrators for ‘more’ packages. Before RHEL-5, many of these packages would be built and supplied by various rebuilders. With Fedora Extras growing to include many of the packages, and several of the rebuilders having joined Fedora, there was an idea of combining forces and creating a dedicated sub-project who would rebuild Fedora packages with specific RHEL releases and then distribute them from Fedora’s centralized servers.

After much debate and a failure to come up with a catchy name, the Extra Packages for Enterprise Linux (or EPEL) sub-project of Fedora was created. While at first rebuilding packages for RHEL-4, the main goal was to have as many packages available for RHEL-5 when it arrived. It took a lot of hard work getting the plague builders in place, but most of the work was in crafting the rules and guidelines that EPEL would use for the next 10 years. As anyone can see from the old mail archives, the debates were fierce from both various Fedora contributors feeling this took away focus from moving Fedora releases forward to outside contributors worried about conflicts with existing installed packages.

In the end, EPEL-5 went live sometime in April of 2007 and over the next 10 years grew to a repository of over 5000 source packages and 200,000 unique ip addresses checking in per day at its peak of 240,000 in early 2013. While every package built for EPEL is done with the RHEL packages, all of these packages have been useful for the various community rebuilds (CentOS, Scientific Linux, Amazon Linux) of RHEL. This meant that growth in those eco-systems brought more users into using EPEL and helping on packaging as later RHEL releases came out. However as these newer releases and rebuilds grew in usage, the number of EPEL-5 users has gradually fallen to around 160,000 unique ip addresses per day. Also over that time, the number of packages supported by developers has fallen and the repository has shrunk in size to 2000 source packages.<>

Part of the shrinkage was due to the original rules put in place back in 2007. At that time, Red Hat Enterprise Linux releases were only thought to have an active life time of 6 years before being end of lifed. It was thought that for such a ‘limited’ lifetime, packages could be ‘frozen’ in EPEL like they were in the RHEL release. This meant that whenever possible fixes should be backported and major changes would not be allowed. Time and packaging stands still for no human, and packages would be continually pruned from EPEL-5 as packagers no longer wanted to try and backport fixes. While various rules were loosened to allow for larger changes in packages, the packaging rules that Fedora used have continually moved and improved from 2007. This has made trying to rebuild a package from newer releases harder and harder with the older operating systems.

What Happens on March 31st 2017

As stated before, on March 31st Red Hat will end of life and no longer put updates out for RHEL-5 for regular customers. This means that
Fedora and the various rebuild distributors will start various archive processes. For the EPEL project this means that we will follow the steps that happen every year with Fedora releases.

  1. On March 27th, no new builds will be allowed to be pushed for EPEL-5 so that the repository is essentially frozen. This will allow mirrors to have a clear tree of all files.
  2. All packages in EPEL-5 will be hardlinked on the master mirror from /pub/epel/5/ and /pub/epel/testing/5/ to /pub/archives/epel/. This will start happening on the 27th so all mirrors of archives can populate their disks.
  3. Because March 31st happens on a Friday, and system administrators do not like Friday surprises, there will be no change then. On April 3rd, mirrormanager will be updated to point to the archives.
  4. On April 6th, the /pub/epel/5/ trees will be removed and mirrors will update accordingly.

For a system administrator who has cron jobs which do yum updates, there should be minimal hassle. The systems will continue to update and even install any packages which were in the archives at that time. There will be breakage for system administrators who have scripts which directly download files from mirrors. Those scripts will need to change to the new canonical location of /pub/archive/epel/5/.

While irksome, this is a blessing in disguise for many system administrators who will still be using an older Linux. Because packages have been regularly removed from EPEL-5, the various support mailing lists and irc channels have regular requests from system administrators wondering where some package they needed has gone. After the archive is done, this won’t be a problem because no more packages will be removed :).

For system administrators who have been hit by this problem, the older EPEL packages are still available though in a much slower method. All EPEL packages are built in the Fedora Koji system, and so older builds of packages can be found using Koji search.

by Stephen J Smoogen at March 17, 2017 07:31 AM

xkcd.com

March 15, 2017

Fedora Magazine

Record a Screencast with the EasyScreenCast extension

Fedora Workstation — thanks to the GNOME Desktop — has a simple built-in function to take a screencast. However, if you require more control over how you take your screencasts, use the EasyScreenCast GNOME extension. This awesome extension has many additional features when compared to the built-in screencasting tool, including the taking videos of your screen longer than 30 seconds, audio recording from your microphone, and the ability to overlay your webcam output in your screen videos.

The EasyScreenCast extension is easily installed on Fedora Workstation via the GNOME Shell extensions website, and the source of the extension is available on Github.

Recording a Screencast

After installing the extension, the EasyScreenCast icon will appear in the right of the top bar in Fedora Workstation. This is the menu you use for starting and stopping a screencast, as well as choosing the parameters for your screencast.

EasyScreenCast provides 4 modes for framing your videos, you can screencast your entire desktop (even if you have more than one monitor) or alternatively, can select a specific monitor. The other two modes are screencasting a specific window, or you can select an area of your screen to record.

Once you have decided on a mode, simply press the Start Recording item to start your screencast. The EasyScreenCast icon will turn red to indicate you are recording. When finished, choose the Stop Screencast item, and your video will play automatically from where it is saved ( ~/Videos/ by default.)

 

 

Recording sound and webcam video

The extension also allows you to record sound from your microphone, and overlay another video stream using your webcam as input. The options dialog provides the ability to tweak the quality of the webcam video, as well as the size and position of the overlay in the final result.

Note however, that during the recording of your screencast, the webcam video will not be on the screen, so it is useful to frame the shot of yourself first with a utility like Cheese.

Options, Options, Options

The options dialog provides a lot of additional options and features to play with how you record your screencasts, including:

  • Enabling a keyboard shortcut for starting and stopping screencasts
  • Showing a border around the recording area, to help you frame your video while it is recording
  • Turning on and off the notifications that pop up when a screencast begins recording
  • Not showing the cursor in your screencasts
  • Adjusting the quality and format of your screencasts with custom GStreamer pipelines

X? or Wayland?

EasyScreenCast still uses the built-in screencast functions of GNOME Shell, so, in theory, it works even when running the default Wayland session. Note, however, that that is a Known Issue with GNOME shell screen recording (and EasyScreenCast too), that may cause you some issues under Wayland.

by Ryan Lerch at March 15, 2017 09:25 AM

xkcd.com

March 13, 2017

Fedora Magazine

How to install Chromium in Fedora

Google’s Chrome is one of the most popular Web browsers in the world. It includes support for a number of nonfree or encumbered formats often found on websites. However, some users prefer to avoid these formats. Instead, they prefer to use and promote free, open source, and unencumbered software. The open source Chromium browser provides an ideal solution for these users.

Recognize that this browser is not functionally equivalent to Chrome. Because it specifically removes support for some formats, some websites may not function as expected. However, many sites provide fallbacks that work with free formats.

Chromium on Fedora 25

Chromium on Fedora 25

How to install Chromium

Originally this package was only available through a COPR repository. However, now the package is freely available in Fedora through the official repositories. To install it, you can use the Software tool in Fedora Workstation. Search for chromium and then install the official package.

Alternately use dnf along with the sudo command:

sudo dnf install chromium

Now select the app in the GNOME Shell or your desktop menu and take this open source browser for a spin!

Additional notes

The Fedora wiki has a short page with notes on running Chromium. It also explains how to run some specific plugins in this open source browser.

Save

Save

Save

Save

by Paul W. Frields at March 13, 2017 08:00 AM

xkcd.com

March 10, 2017

Fedora Magazine

Integrating scripts in Nautilus to perform useful tasks

Files (also known as Nautilus) is the default file browser in Fedora Workstation. One of the super-handy, yet lesser known features in Nautilus is the ability to add scripts to run against one or more files. You can use this feature to script simple tasks like converting files from one format to another.

In this tutorial, we will cover how to set up Nautilus to add scripts, and create a simple bash script to convert images to JPEG format using the ImageMagick convert command. This will allow you to select one or more image files in Nautilus, and execute the script to convert them all to the JPEG format.

1. Create the scripts directory

The first step into adding scripts to Files is to create the directory where it expects your scripts to be. If it doesn’t exist already, create the following directory:

mkdir -p ~/.local/share/nautilus/scripts/

2. Create the script

Next, using your favourite text editor, create your script in the scripts directory we just made:

vi ~/.local/share/nautilus/scripts/convert_to_jpeg

Then, add the code. The following script converts all the files currently selected in Nautilus, and converts them to JPEG using the ImageMagick convert command:

#!/bin/bash

echo -e "$NAUTILUS_SCRIPT_SELECTED_FILE_PATHS" | xargs -i convert "{}" "{}.jpg"

Note that we are using a variable here called $NAUTILUS_SCRIPT_SELECTED_FILE_PATHS. This contains a list of the full paths of all the files that were selected in Nautilus when we invoked the script. Two other useful variables provided are $NAUTILUS_SCRIPT_CURRENT_URI and $NAUTILUS_SCRIPT_SELECTED_URIS. (Update: Script is fixed to allow for files that have spaces in their names.)

3. Make the script executable

The final step is to make your script executable, so it will show up in the Nautilus context menu:

chmod +x ~/.local/share/nautilus/scripts/convert_to_jpeg

4. Test!

Now your script will appear in Nautilus. To test it out, select one or more files, right click, and choose Scripts > convert_to_jpeg.

A GIF of the convert_to_png Nautilus script in action

Voilà! If imagemagick is able to convert the format(s) you selected, you now have JPEG versions of them created in the same directory for you.

 

Providing Feedback from your scripts

Some of the scripts you create may benefit from providing some information back to the user. One of the easiest ways to do this in a bash script is using Zenity. Zenity allows you to provide a range of windows and alerts that pop up for the user, all invoked from the command line. It is also useful when you are trying to debug your scripts.

Other Ideas

  • Libreoffice offers the opportunity to print files using the command line. Using this, you could also create a script to print one or more Libreoffice documents without opening Libreoffice. The following is a sample script:
    #!/bin/bash
    
    libreoffice -p "$@"
  • convert files to PDF
  • convert video and music files
  • Show specific details on a file or directory (you can use Zenity to display the feedback)

Save

Save

Save

Save

Save

Save

Save

by Alessio Ciregia at March 10, 2017 11:33 AM

xkcd.com

March 09, 2017

Fedora Magazine

How to install Wireshark network analyzer on Fedora

Wireshark is popular tool for network protocol analysis used by education institutions and in the industry. It offers both terminal and graphical user interfaces and both are available on Fedora. You can use it either for real-time network analysis or to inspect files with captured traffic such as pcap files.

For many years, the primary framework for the graphical user interface (GUI) used to be GTK, but since version 2.0, Qt became the framework of a choice. Nevertheless the old GUI is still available and you can choose which one you want to use.

How to install

In order to install the Wireshark GUI from repositories, simply type…

$ sudo dnf install wireshark-qt

…into a terminal. This will install both Qt and the CLI version of Wireshark. At this point, you can use Wireshark as root, but it is generally considered a bad practice. Therefore, we will set up permissions for regular users to capture on network interfaces (see below about security implications).

Setting permissions

During installation, a system group called wireshark was created. Users in this group can capture network traffic. All you need to do is to add your user account into the group like this, substituting your username for username:

$ sudo usermod -a -G wireshark username

Then log out and in again a you are ready to go!

Wireshark capture menu

Wireshark Qt GUI

How to capture packets with Wireshark

In order to start your first capture, select “Capture” in top menu, then pick one interface (e.g. loopback) or just tick the “Enable promiscuous mode on all interfaces” option and press the “Start” button. You should see network traffic now.

If you are curious how this privilege escalation works, take a look at dumpcap, which does the magic.

Discussion about security

Every privilege escalation mechanism comes with a certain amount of risk. As I said in the previous section, dumpcap does the magic of capturing network traffic. In order to do so, it needs to have certain privileges (specifically CAP_NET_RAW and CAP_NET_ADMIN, see man capabilities for more information). That being said, dumpcap could possibly harm your network configuration and cause serious troubles, so be cautious with whom you give these capabilities (whom you place into the wireshark group).

Another thing to keep in mind when using Wireshark is that protocol dissectors tend to be buggy due to enormous amount of protocols and code needed to dissect them all. Take for instance the number of lines of code in C files only for dissectors:

$ cat epan/dissectors/*.c | wc -l
3178870

If you want to capture live traffic, it is better to use a simple capture utility (tcpdump, dumpcap) and dissect the traffic afterwards in a safe, isolated environment.

See what else Fedora offers

dnf is not just about installation and updates! You can also use it to find out what else is provided in repositories. Use the search module to look for available packages and filter (with grep) those starting with wireshark, as these are sub-packages of the main Wireshark RPM package.

$ dnf search wireshark | grep '^wireshark'
wireshark.x86_64 : Network traffic analyzer
wireshark-qt.x86_64 : Wireshark's Qt-based GUI
wireshark-gtk.x86_64 : Wireshark's GTK+-based GUI
wireshark-debuginfo.x86_64 : Debug information for package wireshark
wireshark-devel.i686 : Development headers and libraries for wireshark
wireshark-devel.x86_64 : Development headers and libraries for wireshark
wireshark-cli.x86_64 : Network traffic analyzer
wireshark-cli.i686 : Network traffic analyzer

As you can see from the output, a GTK+-based GUI is also available.

Install multiple GUIs and switch between them

If you want to try the old GTK+ GUI, install it in a similar fashion as the previous one.

$ sudo dnf install wireshark-gtk

Now you need to use a tool called alternatives to switch among them:

$ sudo alternatives --config wireshark
There are 2 programs which provide 'wireshark'.

Selection Command
-----------------------------------------------
*+ 1 /usr/sbin/wireshark-qt
2 /usr/sbin/wireshark-gtk

Enter to keep the current selection[+], or type selection number: 2

Now if you run Wireshark, e.g. from GNOME Shell, it will automatically start the GTK+ version. Anyway you can always just call wireshark-gtk or wireshark-qt directly from a terminal.

Wireshark GTK+ GUI

Further reading

Wireshark offers wide range of tools, filters, dissectors etc. You can read more about its capabilities in the official documentation.

As mentioned earlier, there is also a CLI version called tshark. It is useful if you need to run network analysis remotely, for instance over SSH. There is also tcpdump which can be used in a similar fashion, but that’s for another article!


Image courtesy Juan Di Nella – originally posted to Unsplash as Untitled.

by Martin Sehnoutka at March 09, 2017 12:09 PM

March 08, 2017

xkcd.com

March 06, 2017

Fedora Magazine

Get the most out of GNOME notifications

For many users, GNOME 3, also known as Gnome Shell, is the definitive desktop interface. It’s clean and simple, without too many twinkles or distractions. That said, this article describes some tricks to change the GNOME notifications experience.

Notifications Alert extension

Notifications in GNOME appear just under the clock, usually for a limited time. So it’s easy to miss a notification. For instance, you might be on a phone call or focused on some task. In order to read them, you must click on the clock to see the list of unread notifications.

This extension comes in handy because the clock bar starts to flash as soon as there’s an unread notification. In the previous version, the flash color was red, which wasn’t as attractive. In the latest versions you can choose with which color the clock flashes.

https://extensions.gnome.org/extension/258/notifications-alert-on-user-menu/

Thunderbird

The default mail and productivity application in GNOME is Evolution. However, Thunderbird is still popular with many Fedora users.

As soon as new mail arrives, Thunderbird shows by default a notification box in the corner of the screen. The box isn’t well integrated with GNOME.

In this case there are a couple of maintained Thunderbird add-ons. One of the best is GNotifier, which integrates well with the native notification system. In addition, you can select the mailboxes to trigger notifications. You can also go deep to create filters and aggregations:

https://addons.mozilla.org/en-US/firefox/addon/gnotifier/

Skype

Most Skype users on Linux are probably using the legacy Linux client. A new Skype client for Linux is in development, now in Beta. It remains to be seen how well the notification integration works. Until then, the GNOME extension Skype Integration is a must:

https://extensions.gnome.org/extension/696/skype-integration/

Android notification

It’s sometimes useful to get notified on the desktop when an SMS arrives on your Android smartphone. Other notifications coming from your smartphone apps may be useful as well. In this case the most suitable alternative is Nuntius. This software works via Bluetooth, so you must have the right hardware on your PC. (Usually this isn’t a problem on notebooks.)

You must install the Android app from the Play Store, then use dnf with sudo to install package on Fedora:

sudo dnf install nuntius

Pair your phone and your PC via Bluetooth, and voilà.

Shell notifications

You probably often launch a long lasting task in the terminal, such as:

  • Fetching a download with wget
  • Compiling software
  • Cloning a git repository

Usually, you’ll focus on another work while waiting the operation to complete. You may put the terminal window in the background. How will you know if the operation is complete? Luckily in Fedora, a notification appears when the job is complete.

But what if you want to integrate GNOME notifications in one of your scripts? In this case you can use libnotify, a desktop notification library. Specifically, use the notify-send command in your scripts to send notifications to the GNOME desktop. For more information, use this command:

notify-send --help

Hopefully this article has given you some new ways to use GNOME notifications!

by Alessio Ciregia at March 06, 2017 08:00 AM

xkcd.com

March 03, 2017

Fedora Magazine

Master efficient typing with Ibus typing booster

The Ibus typing booster is a predictive text input method. The project goal is to empower existing keyboard layouts with predictions to allow users to boost their typing speed without compromising on data accuracy. This project started in 2010 with an first focus on only a few languages. Over the years, many improvements and innovative features were added.

Ibus typing booster supports almost all languages except Chinese, Japanese, Albanian, and a few others. This article explains various features and how it helps you master efficient typing.

Installing Ibus

Ibus typing booster is installed by default. If it is not available on your system, install it with this command.

$ sudo dnf install ibus-typing-booster

It uses the Hunspell dictionaries in the background for predictions. While it is not mandatory, it may help to install the Hunspell dictionaries for your language. However, even if a dictionary is not available, you still get predictions from your own typed words. You can install the Hunspell dictionaries as follows.

$ sudo dnf install hunspell-<langcode>

Here, langcode is an ISO 639-1/2/3 code. For example, en represents English and fr represents French.

Enabling input

You can see an example below about how to enable input with the typing booster for your preferred language. In this example, we add the Hindi typing booster to our input selection.

Selecting another language input with the Ibus typing booster

How to select another language input to add the Ibus typing booster as an option

Selecting Hindi typing booster IME from Gnome panel

Selecting keymap for Hindi

From the dropdown, you can select either Inscript or Itrans

Key features

Predictions

Based on partial input, word predictions are listed in a lookup table from dictionaries. These words are improved over time by frequency of use. As users use the Ibus typing booster more, its predictions improve. Words not available in dictionaries are automatically added to a local user dictionary. Users train it with their own custom word list or additional dictionaries. In the case of a wrongly typed word being added to the local dictionary, it can be deleted it with Ctrl + <entry number in lookup table>.

If a dictionary is not installed, the user gets a message in the lookup table.

/usr/share/myspell/<langcode>.doc not found. Please install hunspell dictionary.

If you receive this message, install the Hunspell dictionaries and restart Ibus by typing ibus restart in a terminal window.

Predictions for Hindi

Predictions for Hindi

Predictions for English

Predictions for English

Multilingual input

Out of all world languages, English is third in the number of first language speakers. Around a half-billion speakers use English as a second language. This means many speakers switch between English and their native language keyboard layout. This is problematic when your native language uses a script other than Latin. For example, Hindi uses the Devanagari script type.

Multilingual input

Multilingual input by selecting Hindi.

Multilingual input change text by ctr+up key

Control+Up key changes script for preedit text.

The multilingual feature of Ibus improves this issue. With a single layout, the user types two different languages. To enable multilingual mode, go to the setup options and enable “Add direct input”.

Unicode emoji

It is also possible for the Ibus typing booster to ease typing emoji characters. In the settings menu, enable Unicode emoji input from the dropdown options. Alternatively, you can use the shortcut AltGr + F6. Typing the word “smile” shows the corresponding emoji in the lookup table.

Since the Ibus typing booster is multilingual, even if you type the emoji name in a non-English language, the corresponding emoji will appear.

Please note that the Unicode emoji support is enabled by default. It can slow down your typing experience, since it searches through all emoji data. You can enable and disable emoji support when you need it with the AltGr + F6 shortcut.

Emoji for Smile word

Emoji for Smile word on last line.

We want your feedback!

Mike Fabian is doing great work on the Ibus typing booster and continually tries to improve it for users. The project has more detailed documentation about its features on its website.

If you have ideas to improve the typing booster or find any bugs, feel free to file a bug or RFE.

Save

by Pravin Satpute at March 03, 2017 08:00 AM

xkcd.com

March 01, 2017

Fedora Magazine

Python 3.6.0 in Fedora 26

On December 23, 2016, the Python community released Python 3.6.0, the latest version of the popular programming language. The upcoming Fedora 26 release will include Python 3.6.0.

Users running Fedora Rawhide already enjoy Python 3.6. For those who want to experience the new Python features in Fedora 25 or Fedora 24, a python36 package is now available.

sudo dnf install python36

You can then invoke the new version’s shell with the command python36 or python3.6.

Python 3.6.0 (default, Jan 31 2017, 00:05:46) 
[GCC 6.3.1 20161221 (Red Hat 6.3.1-1)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> 

Python 3.6 comes with many new enhancements and optimizations. This article gives a quick overview of what to expect. For a full list of new features check out the upstream docs.

Major changes

Formatted string literals (f-strings)

Python 3.6 offers compile time processing of format strings with the new f-string literals:

print(f"There were {len(docs)} found. First title: {docs[0].title}.")

These have dual benefits. The new literals are faster than runtime formatting, since the string gets broken up into text segments and field expressions at compile time. This results in zero runtime string parsing overhead. They are also easier to read, since you don’t need to mentally map expressions to their corresponding fields. They’re right there in the string. The literals are especially helpful for scripting use cases.

The order of elements in **kwargs

Keyword arguments now preserve their order. So collections.OrderedDict(first=1, second=2, third=2) finally works the way you would expect it to work. Previously the apparent key order in the source code would be lost in the process of calling the constructor.

Secrets module

The new secrets module provides handy helpers for secure token generation in various formats (e.g. bytes, hex strings, base64 strings) with a reasonable default amount of entropy.

Underscores in numeric literals

Underscores in numeric literals let you break up magic constants to make them easier to read. For instance, you can denote constants like 10_000_000.0, 0xCAFE_F00D, 0b_0011_1111_0100_1110.

File system path protocol

Many more standard library APIs, including the builtin open(), now support pathlib.Path and pathlib.PurePath objects through the new os.fspath() protocol. This change also means many third party libraries also indirectly gain support for these protocols, since they implicitly delegate the task of opening a path to a standard library API.

OpenSSL and hashlib

OpenSSL 1.1.0 is supported, along with additional hashing (BLAKE2, SHA-3, SHAKE) and key derivation (scrypt) algorithms.

Other notable changes

From a security perspective, os.urandom() now also provides a guarantee to either block or return a result suitable for cryptographic use. This means code that needs to run when the system entropy pool hasn’t been initialized yet should switch to use either:

  • the random module, if it doesn’t need cryptographic grade randomness, or
  • the new os.getrandom() API, to use the non-blocking variant of the syscall.

For folks using the new native async/await syntax for coroutine based service development, that syntax has been extended with provisional support for asynchronous comprehensions, generator definitions, and generation functions. This allows asynchronous code access to many more of the niceties developers are accustomed to when working with purely synchronous code.

For developers using mypy or one of the other type inference engines for Python, provisional support has been added for declarative variable annotations that allow inference engines to complain when values bound to the variable don’t abide by the expected constraint. The interpreter itself pays no attention to these annotations at runtime, just as it doesn’t check function annotations.

For developers writing internationalized applications, the Unicode database has been updated to 9.0.0.

For those debugging more complex applications, the new PYTHONMALLOC environment variable lets you either switch the runtime’s memory allocator into debug mode (PYTHONMALLOC=debug) or bypass it entirely (PYTHONMALLOC=malloc). Details can be found here.

Also related to application debugging, the -X tracemalloc option now provides a resource allocation traceback when printing ResourceWarning for resources that are cleaned up non-deterministically.

There have also been a range of performance improvement made to CPython. This change has been aided significantly by work on a new benchmarking utility (perf) and a new benchmark suite for Python interpreters (performance). Check out speed.python.org for 3.5 vs 3.6 performance data.

Try out Python 3.6

If you have a Python project, with a good set of tests of course, now is the right time to start running them in Python 3.6. Make use of the available Python testing tools like tox, to make sure your software runs correctly with different Python versions. For more information, refer to the Fedora Developer portal.

by Charalampos Stratakis at March 01, 2017 08:00 AM

xkcd.com

February 28, 2017

Fedora黑

February 27, 2017

Fedora Magazine

Automate building Fedora Atomic Host

Atomic Host from Project Atomic is a lightweight, container-based OS built upon the principle of immutable infrastructure using the LDK (Linux, Docker, Kubernetes) stack. Atomic Hosts are built from standard RPM packages composed into filesystem trees using rpm-ostree.

Atomic Host comes with certain packages pre-installed. It does not allow installing packages randomly, to introduce and maintain the only-container workflow. But Atomic Host allows adding RPM packages to OSTree to build an Atomic Host which boots into its own OSTree. This guide describes the method for the automation of building an Atomic Host. At the end of this article, you’ll able to create a VM from a QCOW2 image, which will use OSTree. This VM can also be used for testing purpose (please feel free to open an issue in that case)!

One of the primary benefits to Atomic Host and OSTree is the ability to configure once, deploy many times using custom OSTree images.

The procedure and playbook below enable you to create your own Atomic Host OSTree image. This is the first step in creating your own distributions of Atomic Host to install on your cloud servers. Note that it will install a bunch of requirements on your local server, as well as using system resources heavily. As such, you may want to run it on a development machine instead of your personal laptop.

Getting started

To get started, you will need to have these requirements.

$ sudo dnf install ansible python2-dnf

Next, you need to clone the Build-Atomic-Host git repo on your working machine.

$ git clone https://github.com/trishnaguha/build-atomic-host.git
$ cd build-atomic-host

Create VM from the QCOW2 image

The following commands create a VM from the QCOW2 image, where username is atomic-user and password is atomic. Here, atomic-node is the instance name.

$ sudo sh create-vm.sh atomic-node /path/to/fedora-atomic25.qcow2
# For example: /var/lib/libvirt/images/Fedora-Atomic-25-20170131.0.x86_64.qcow2

Install requirements and start HTTP server

The tree is made available via a web server. The following Ansible playbook installs the requirements, creates the directory structure, initializes the OSTree repository and starts the HTTP server on TCP port 35000.

$ ansible-playbook setup.yml --ask-sudo-pass

Use ip addr to check IP Address of the HTTP server.

This is how it looks when you check for the IP address of the running HTTP server with the above command.
According to the output, the IP address of the running HTTP server is 192.168.121.1.

Give OSTree a name and add IP address

Replace the variables given in vars/atomic.yml with the OSTree name and HTTP server IP address. For instance:

# Variables for Atomic host
atomicname: my-atomic
httpserver: 192.168.121.1

Here, my-atomic is the OSTree name and 192.168.121.1 is the HTTP server IP address we discovered above.

Run all-in-one playbook

The following playbook composes the OSTree, performs SSH-setup and rebases on the created tree.

$ ansible-playbook main.yml --ask-sudo-pass

Check IP and reboot

The following command returns IP Address of the running Atomic instance.

$ sudo virsh domifaddr atomic-node

Now, log in via SSH to the Atomic Host and reboot it so that it reboots into the created OSTree:

$ ssh atomic-user@<atomic-hostIP>
$ sudo systemctl reboot

Wait for a few minutes after the reboot so that you do not get “connection refused” by the host while SSH-ing.

Verify: SSH to the Atomic Host

$ ssh atomic-user@192.168.121.221
[atomic-user@atomic-node ~]$ sudo rpm-ostree status
State: idle
Deployments:
● my-atomic:fedora-atomic/25/x86_64/docker-host
       Version: 25.1 (2017-02-07 05:34:46)
        Commit: 15b70198b8ec7fd54271f9672578544ff03d1f61df8d7f0fa262ff7519438eb6
        OSName: fedora-atomic

  fedora-atomic:fedora-atomic/25/x86_64/docker-host
       Version: 25.51 (2017-01-30 20:09:59)
        Commit: f294635a1dc62d9ae52151a5fa897085cac8eaa601c52e9a4bc376e9ecee11dd
        OSName: fedora-atomic

Now you have the updated OSTree.

In a future post, we will see the automation of building an Atomic Host using the OSTree with customized packages (addition / deletion of packages). You can have a look at the documentation to refer to the process of composing OSTree.

Special thanks

Shout-out for the following folks:

by Trishna Guha at February 27, 2017 08:00 AM

xkcd.com

February 24, 2017

Fedora Magazine

Gitlab, Pelican and Let’s Encrypt for a secure blog

SSL security allows users to trust the authenticity of a site’s content. While you can host an SSL blog on both GitHub and GitLab pages, only GitLab supports SSL for custom domains. This article shows you how to use Pelican and Let’s Encrypt to produce a secure blog hosted on GitLab pages. If you’d like to learn more about Pelican on Fedora, check out the Pelican article previously posted on Fedora Magazine.

Why use SSL security on your blog? One reason is that search engines like Google are moving toward downgrading search results for sites that don’t use it. The Fedora Infrastructure community team team is considering requiring HTTPS for blogs to be published on the Fedora Planet feed.

Create Directory Structure

The first step is to create the directory structure to support the verification process used by Let’s Encrypt. This process involves serving a page from a hidden directory. First, change directory to your Pelican blog content, substituting the correct directory name:

cd ~/myblog

Now create the directory:

mkdir -p .well-known/acme-challenge

Install Certbot

Next, install certbot so you can request a certificate from your computer:

sudo dnf install certbot

Generate The Certificate

After the install is complete, run the command to generate a certificate for a remote site.

certbot certonly -a manual -d yoursite.com --config-dir ~/letsencrypt/config --work-dir ~/letsencrypt/work --logs-dir ~/letsencrypt/logs

Replace yoursite.com with your actual domain name. At the prompt, you must accept that the IP address of your computer is being logged.

The results will be as follows. The log string for the file name and contents will be different:

Make sure your web server displays the following content at
 http://yoursite.com/.well-known/acme-challenge/uF2HODXEnO98ZRBLhDwFR0yOpGkyg0UyP4QZHImDfd1 before continuing:

uF2HODXEnO98ZRBLhDwFR0yOpGkyg0UyP4QZHImJ8qY.imp4JScFS23eaYWG4tF5e9TSRfGwDuFMmkQTiqN73t8

The important part of the output from certbot is above. The rest of the output (seen below) is only used when running the certbot command directly on the server:

If you don't have HTTP server configured, you can run the following
 command on the target server (as root):
mkdir -p /tmp/certbot/public_html/.well-known/acme-challenge
 cd /tmp/certbot/public_html
 printf "%s" uF2HODXEnO98ZRBLhDwFR0yOpGkyg0UyP4QZHImJ8qY.imp4JScFS23eaYWG4tF5e9TSRfGwDuFMmkQTiqN73t8 > .well-known/acme-challenge/uF2HODXEnO98ZRBLhDwFR0yOpGkyg0UyP4QZHImDfd1
# run only once per server: $(command -v python2 || command -v python2.7 || command -v python2.6) -c \ "import BaseHTTPServer, SimpleHTTPServer; \ s = BaseHTTPServer.HTTPServer(('', 80), SimpleHTTPServer.SimpleHTTPRequestHandler); \ s.serve_forever()" Press ENTER to continue

At this point the certbot program waits until you’re ready for the page to be served. To make this happen you must create the necessary file.

Create Verification File

nano content/.well-known/acme-challenge/uF2HODXEnO98ZRBLhDwFR0yOpGkyg0UyP4QZHImDfd1

Once the file is saved you need to generate the site using Pelican.

make html

You can now test the server locally. If everything has worked you can use Pelican to publish your site.

make publish

Modify GitLab YML File

You cannot push the output folder to GitLab using normal git commands. Once you have pushed the site to GitLab, modify the .gitlab-ci.yml file so that it builds the page.

  script:
  - mkdir .public
  - cp -r * .public
  - mv .public public
  - mkdir public/.well-known
  - mkdir public/.well-known/acme-challenge
  - mv .well-known/acme-challenge/uF2HODXEnO98ZRBLhDwFR0yOpGkyg0UyP4QZHImJ8qY public/.well-known/acme-challenge/
  artifacts:
    paths:
    - public
  only:
  - master

Without the last three lines under the script section GitLab won’t create the hidden page.

Once you commit and push this file, GitLab processes your files and creates the site. Once it’s finished, browse the site and ensure that you get the correct results. Finally, go back to the terminal window running certbot and hit Enter to continue.

IMPORTANT NOTES:
 - Congratulations! Your certificate and chain have been saved at
 /home/cprofitt/letsencrypt/config/live/hub.cprofitt.com/fullchain.pem.
 Your cert will expire on 2017-05-19. To obtain a new or tweaked
 version of this certificate in the future, simply run certbot
 again. To non-interactively renew *all* of your certificates, run
 "certbot renew"
 - If you like Certbot, please consider supporting our work by:

Donating to ISRG / Let's Encrypt:   https://letsencrypt.org/donate
 Donating to EFF:                    https://eff.org/donate-le

Create Custom Domain Using The Certificate

At this point a number of files have been created. You can now create a new domain for your GitLab page.

 

Select New Domain:

To complete the process:

  • For the Certificate (PEM) use the file in letsencrypt/config/archive/yoursite.com/fullchain1.pem
  • For the Key (PEM) use the file in letsencrypt/config/archive/yoursite.com/privkey1.pem

Open up both files and paste the contents into the appropriate fields shown in the image above. Then click Create New Domain. Within moments, your site serves pages using the SSL certificate. Remember that you must renew the Let’s Encrypt certificate every 90 days.

Your pages are now using SSL. Congratulations!

Save

by Charles Profitt at February 24, 2017 08:00 AM

xkcd.com

February 23, 2017

Fedora Magazine

3 mind mapping tools in Fedora

In a previous Magazine article, we covered tracking your time and tasks. In that article we mentioned some mind mapping tools. Now we’ll cover three mind mapping apps you can use in Fedora. You can use these tools to generate and manipulate maps that show your thoughts. Mind maps can help you to improve your creativity and effectiveness. You can use them for time management, to organize tasks, to overview complex contexts, to sort your ideas, and more.

Labyrinth

labyrinth at gshell Mind Mapping Tool

Selecting Labyrinth in GNOME Shell

Labyrinth may not be intuitive at first. However, it is intended to be lightweight. It is also well-integrated with GNOME and runs smoothly. After you become familiar with the way it works, you’ll be able to create simple mind maps and save them like maps or images.

labyrinth mmap Mind Mapping Tool

labyrinth map

Installation is easy using dnf along with the sudo command:

$ sudo dnf install labyrinth

When you start Labyrinth, the first screen is not the map itself, but rather a project manager:

labyrinth welcome screen Mind Mapping Tool

Labyrinth welcome screen

Then, click New and start drawing a diagram of what’s on your mind. Features in Labyrinth include:

  • Scaling and scrollable canvas (infinite sized maps!)
  • Support for text attributes (bold, italics, underline and font selection)
  • Arrow navigation of thoughts
  • Foreground and background colouring of nodes
  • Import and export labyrinth files for maps in the form of tarballs
  • SVG export
  • PDF export
  • Save browser window state across instances (UNIX/Linux build only)
  • Selection using bounding box
  • Searching in the browser window

Labyrinth is made with Python, GTK+, and Cairo so it works smoothly in GTK-based desktops like GNOME, MATE, and Cinnamon. It’s licensed under the GPLv2.

View Your Mind (VYM)

VYM is another useful mind mapping tool packaged in Fedora. It’s a mature application, with a lot of features included. It’s easy to use and intuitive. Furthermore, the export tool is pretty powerful, and allows you to export to numerous formats, including HTML or LibreOffice.

vym at gshell Mind Mapping Tool

Selecting VYM in the GNOME Shell

The main screen shows the first map, so you can start work immediately. VYM has keyboard shortcuts that make your work easier. It also includes icons and signs to make your mind map more expressive.

vym welcome screen Mind Mapping Tool

VYM welcome screen

Another interesting thing about VYM is that the project website is entirely made in VYM itself. Check it out here. The list of features is quite long, and includes:

  • Import of Freemind maps
  • Function to export from tomboy to vym
  • Export to CSV spreadsheet
  • Autosave
  • Editor for scripts
  • Syntax highlighting for editor
  • Export of map to HTML or XML

A quick example:

vym mindmap Mind Mapping Tool

Example VYM mindmap

To install it, use this command:

$ sudo dnf install vym

VYM is written in C++ and the Qt framework. It uses the GPL license, with an exception to port it to Microsoft Windows systems.

FreeMind

FreeMind is a premier free mind-mapping software written in Java. It aims to be a high productivity tool. Its main features include:

  • Ability to follow HTML links stored in the nodes
  • Folding, an essential property of FreeMind
  • Fast one-click navigation
  • Smart Drag and Drop, including copying nodes or node styles, dragging and dropping of multiple selected nodes, and dropping texts or a list of files from external sources
  • Smart copying and pasting from and into the application
  • Export to HTML
  • Find facility, which shows found items one by one as you do Find next, and the map is unfolded only for the current item
  • Editing of long multiline nodes
  • Decorating nodes with built-in icons, colors and different fonts
freemind at gshell Mind Mapping Tool

Selecting FreeMind in GNOME Shell

The main screen allows you to work immediately. Like the other tools featured here, it’s easy, has keyboard shortcuts to speed your work, and exports to numerous formats.

freemind map

Example freemind map

To install it, run this command:

$ sudo dnf install freemind

FreeMind is written in Java and licensed under the GPLv3.

Start mapping your mind

The tools you need to organize, plan, and get clarity on your thoughts are in Fedora. So what are you waiting for? Start mind mapping!

by Eduard Lucena at February 23, 2017 08:00 AM

February 22, 2017

xkcd.com

February 20, 2017

Fedora Magazine

How to install WordPress on Fedora

WordPress started as a simple blogging system, but has evolved into a reputable content management system. It’s also one of the most popular open source projects. Furthermore, it’s easy to set up WordPress on your Fedora system.

Install the packages

Fedora provides a set of pre-packaged software to make installation easy. Open a terminal, and at the command prompt, use sudo to install the following packages.

sudo dnf install @"Web Server" wordpress php-mysqlnd mariadb-server

This example assumes you’ll run the web and database servers on the same machine. This is often the case for students and developers alike.

Enable the web and database services to start at boot time, then start them immediately:

sudo systemctl enable httpd.service mariadb.service
sudo systemctl start httpd.service mariadb.service

Set up the database server

If this is your first use of MariaDB, you should create a password for your root user. Store it somewhere secure and safe, in case you forget it. Don’t use the system’s own root (administrator) password.

sudo mysqladmin -u root password

Next, create a database. You can host more than one WordPress site on a machine. Therefore, you may want to choose a distinctive name for yours. For instance, this example uses mywpsite. The -p switch prompts you for a password. You’ll need that, since you’ve added a password for root.

sudo mysqladmin create mywpsite -u root -p

Next, set up a special privileged user and password for the database. The web app uses these credentials to run. Use the standard mysql client program for this step. The -D mysql option attaches to the built-in mysql database where privileges are stored.

Your input is shown in boldface in the example below. Make sure to use a strong password and not password itself.

$ sudo mysql -D mysql -u root -p
Enter password:
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A

Welcome to the MariaDB monitor.  Commands end with ; or \g.
Your MariaDB connection id is 6
Server version: 10.1.18-MariaDB MariaDB Server

Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [mysql]> GRANT ALL PRIVILEGES ON mywpsite.* TO 'sqluser'@'localhost' IDENTIFIED BY 'password';
Query OK, 0 rows affected (0.00 sec)

MariaDB [mysql]> FLUSH PRIVILEGES;
Query OK, 0 rows affected (0.01 sec)

MariaDB [mysql]> QUIT;
Bye

Set up the web server

Next, tune the SELinux parameters so the web server can perform necessary functions.

sudo setsebool -P httpd_can_network_connect_db=1
sudo setsebool -P httpd_can_sendmail=1

Next, edit the configuration file for the web server to allow connections. The file to edit is /etc/httpd/conf.d/wordpress.conf. Change the following line:

Require local

Instead, edit it as follows:

Require all granted

Next, configure your firewall so it allows traffic on port 80 (HTTP):

sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --reload

 

Configure WordPress

Next, edit the /etc/wordpress/wp-config.php file. Provide the database settings needed so WordPress can use the database you provided. Here are the lines to change. Search for each and edit the required setting:

// ** MySQL settings - You can get this info from your web host ** //
/** The name of the database for WordPress */
define('DB_NAME', 'database_name_here');

/** MySQL database username */
define('DB_USER', 'username_here');

/** MySQL database password */
define('DB_PASSWORD', 'password_here');

/** MySQL hostname */
define('DB_HOST', 'localhost');

The DB_HOST setting should stay localhost if you’re serving the database on the same system as the web server.

Finally, restart the web server:

systemctl restart httpd

Visit the WordPress site

Next, you’re ready to configure the web app itself. Open a web browser on the system, or a connected system. Then browse to the IP address of your WordPress host, followed by /wordpress. For instance, your URL might be http://192.168.122.210/wordpress. If you’re on the same box, you can use http://localhost/wordpress. This step begins the setup process:

Fill out the information required. Remember to use a strong password for this account, since it has administrator access to the entire WordPress blog. Once done, select Install WordPress at the bottom.

A login screen appears so you can verify the WordPress username and password you just entered. Login, and the following screen appears:

You’re now ready to create content. There are thousands of themes and plugins available to customize your site. For more information on how to proceed, visit the WordPress website.

by Paul W. Frields at February 20, 2017 08:00 AM

xkcd.com

February 17, 2017

Fedora Magazine

Saving laptop power with powertop

If there’s one thing you want from a laptop, it’s long battery life. You want every drop of power you can get to work, read, or just be entertained on a long jaunt. So it’s good to know where your power is going.

You can use the powertop utility to see what’s drawing power when your system’s not plugged in. This utility only runs on the Terminal, so you’ll need to open a Terminal to get it. Then run this command:

sudo dnf install powertop

powertop needs access to hardware to measure power usage. So you have to run it with special privileges too:

sudo powertop

The powertop display looks similar to this screenshot. Power usage on your system will likely be different:

powertop-screenshot

The utility has several screens. You can switch between them using the Tab and Shift+Tab keys. To quit, hit the Esc key. The shortcuts are also listed at the bottom of the screen for your convenience.

The utility shows you power usage for various hardware and drivers. But it also displays interesting numbers like how many times your system wakes up each second. (Processors are so fast that they often sleep for the majority of a second of uptime.)

If you want to maximize battery power, you want to minimize wakeups. One way to do this is to use powertop‘s Tunables page. “Bad” indicates a setting that’s not saving power, although it might be good for performance. “Good” indicates a power saving setting is in effect. You can hit Enter on any tunable to switch it to the other setting.

The powertop package also provides a service that automatically sets all tunables to “Good” for optimal power saving. To use it, run this command:

sudo systemctl start powertop.service

If you’d like the service to run automatically when you boot, run this command:

sudo systemctl enable powertop.service

Caveat about this service and tunables: Certain tunables may risk your data, or (on some odd hardware) may cause your system to behave erratically. For instance, the “VM writeback timeout” setting affects how long the system waits before writing changed data to storage. This means a power saving setting trades off data security. If the system loses all power for some reason, you could lose up to 15 seconds’ of changed data, rather than the default 5. However, for most laptop users this isn’t an issue, since your system should warn you about low battery.

by Paul W. Frields at February 17, 2017 08:00 AM

xkcd.com

February 16, 2017

Fedora黑

Fedora Magazine

Hello, Modern Paste!

Fedora offers a pastebin service for its users and contributors. A pastebin lets you save text on a website for a length of time. This helps you exchange data easily with other users. For example, you can post error messages for help with a bug or other issue.

If you use Fedora’s fpaste pastebin service, you’re in for some exciting changes. Fedora has switched to Modern Paste for your pastebin needs.

Welcome our new Modern Paste overlord

Modern Paste is an actively maintained, free software pastebin app. It’s written in Python and aims to be “visually pleasing, feature-rich, [and] mobile friendly.” It features a pleasant user interface, built on top of popular JavaScript libraries. For instance, it uses Code Mirror for syntax highlighting.

Demo of Modern Paste with code snippet

The Fedora team will soon integrate Modern Paste with the Fedora Accounts System (FAS). When that happens, contributors will be able to control their pastes, view old pastes, and delete them at will. They’ll also be able to attach small binary files like screenshots to pastes.

Best of all, the fpaste command line tool that comes with Fedora works without interruption. All Fedora users can continue to use fpaste to get help in community support forums.

We invite you to check out the new service. We also invite you to report issues to the Fedora Infrastructure team. You can find the team in the #fedora-apps channel on IRC Freenode.

The Fedora team would also like to thank the upstream project for their assistance and collaboration.

by Ricky Elrod at February 16, 2017 08:00 AM

February 15, 2017

Fedora Magazine

How to install supplemental wallpapers

Supplemental wallpapers make each release of Fedora a joy to run. This article explains how to install and select them on your Fedora system.

Backgrounds for everyone

The Fedora team works hard to make each release beautiful. Of course, we start with the desktops created by upstream projects. Then the Fedora Design team also creates an elegant official wallpaper. Finally, contributors also submit more background wallpapers for users who like to change their desktop.

By the way, here is that collection for the recent (at this writing) Fedora 25 release. Are you an artist or photographer? Maybe you’d like to contribute to the Fedora 26 set. If so, you can read more here.

These wallpapers are free to use, modify, and redistribute. In fact, you can find all the tools you need in Fedora for this, such as GIMP, Inkscape, and Rawstudio.

Installing the supplemental wallpapers

The supplemental wallpapers in Fedora are easy to install. Use sudo and the dnf tool to install the correct package for your desktop environment. For Fedora 25 Workstation, run this command:

sudo dnf install f25-backgrounds-extras-gnome   # for GNOME or Cinnamon

For other desktops, use one of these commands:

sudo dnf install f25-backgrounds-extras-kde     # for KDE
sudo dnf install f25-backgrounds-extras-mate    # for Mate
sudo dnf install f25-backgrounds-extras-xfce    # for XFCE

Furthermore, you can select additional wallpapers from earlier releases. Each collection comes from Fedora contributors around the world.

Selecting a wallpaper

Next, use your desktop environment’s settings tool to change the background. On most desktops, you can right-click an empty desktop area with your mouse for this setting. For instance, on Fedora Workstation, right-click the desktop. Then choose Change Background….

Next, select either the Background or the Lock Screen to change one of the wallpapers.

Now you can choose any wallpapers to your liking, and make Fedora your own. Enjoy!

by Paul W. Frields at February 15, 2017 08:00 AM

xkcd.com

February 13, 2017

Fedora Magazine

Getting Started with Taskwarrior

Taskwarrior is a flexible command-line task management program. In their own words:

Taskwarrior manages your TODO list from your command line. It is flexible, fast, efficient, unobtrusive, does its job then gets out of your way.

Taskwarrior is highly customizable, but can also be used “right out of the box.” In this article, we’ll show you the basic commands to add and complete tasks. Then we’ll cover a couple more advanced commands. And finally, we’ll show you some basic configuration settings to begin customizing your setup.

Installing Taskwarrior

Taskwarrior is available in the Fedora repositories, so installing it is simple:

sudo dnf install task

Once installed, run task. This first run will create a ~/.taskrc file for you.

$ task
A configuration file could not be found in ~

Would you like a sample /home/link/.taskrc created, so Taskwarrior can proceed? (yes/no) yes
[task next]
No matches.

Adding Tasks

Adding tasks is fast and unobtrusive.

$ task add Plant the wheat
Created task 1.

Run task or task list to show upcoming tasks.

$ task list

ID Age Description         Urg 
 1 8s  Plant the wheat        0

1 task

Let’s add a few more tasks to round out the example.

$ task add Tend the wheat
Created task 2.
$ task add Cut the wheat
Created task 3.
$ task add Take the wheat to the mill to be ground into flour
Created task 4.
$ task add Bake a cake
Created task 5.

Run task again to view the list.

[task next]

ID Age  Description                                        Urg 
 1 3min Plant the wheat                                       0
 2 22s  Tend the wheat                                        0
 3 16s  Cut the wheat                                         0
 4 8s   Take the wheat to the mill to be ground into flour    0
 5 2s   Bake a cake                                           0

5 tasks

Completing Tasks

To mark a task as complete, look up its ID and run:

$ task 1 done
Completed task 1 'Plant the wheat'.
Completed 1 task.

You can also mark a task done with its description.

$ task 'Tend the wheat' done
Completed task 1 'Tend the wheat'.
Completed 1 task.

With add, list and done, you’re all ready to get started with Taskwarrior.

Setting Due Dates

Many tasks do not require a due date:

task add Finish the article on Taskwarrior

But sometimes, setting a due date is just the kind of motivation you need to get productive. Use the due modifier when adding a task to set a specific due date.

task add Finish the article on Taskwarrior due:tomorrow

due is highly flexible. It accepts specific dates (“2017-02-02”), or ISO-8601 (“2017-02-02T20:53:00Z”), or even relative time (“8hrs”). See the Date & Time documentation for all the examples.

Dates go beyond due dates too. Taskwarrior has scheduled, wait, and until.

task add Proof the article on Taskwarrior scheduled:thurs

Once the date (Thursday in this example) passes, the task is tagged with the READY virtual tag. It will then show up in the ready report.

$ task ready

ID Age   S  Description                                        Urg 
 1 2s    1d Proof the article on Taskwarrior                      5

To remove a date, modify the task with a blank value:

$ task 1 modify scheduled:

Searching Tasks

No task list is complete without the ability to search with regular expressions, right?

$ task '/.* the wheat/' list

ID Age   Project Description                                            Urg 
 2 42min         Take the wheat to the mill to be ground into flour        0
 1 42min Home    Cut the wheat                                             1

2 tasks

Customizing Taskwarrior

Remember that file we created back in the beginning (~/.taskrc). Let’s take at the defaults:

# [Created by task 2.5.1 2/9/2017 16:39:14]
# Taskwarrior program configuration file.
# For more documentation, see http://taskwarrior.org or try 'man task', 'man task-color',
# 'man task-sync' or 'man taskrc'

# Here is an example of entries that use the default, override and blank values
#   variable=foo   -- By specifying a value, this overrides the default
#   variable=      -- By specifying no value, this means no default
#   #variable=foo  -- By commenting out the line, or deleting it, this uses the default

# Use the command 'task show' to see all defaults and overrides

# Files
data.location=~/.task

# Color theme (uncomment one to use)
#include /usr//usr/share/task/light-16.theme
#include /usr//usr/share/task/light-256.theme
#include /usr//usr/share/task/dark-16.theme
#include /usr//usr/share/task/dark-256.theme
#include /usr//usr/share/task/dark-red-256.theme
#include /usr//usr/share/task/dark-green-256.theme
#include /usr//usr/share/task/dark-blue-256.theme
#include /usr//usr/share/task/dark-violets-256.theme
#include /usr//usr/share/task/dark-yellow-green.theme
#include /usr//usr/share/task/dark-gray-256.theme
#include /usr//usr/share/task/dark-gray-blue-256.theme
#include /usr//usr/share/task/solarized-dark-256.theme
#include /usr//usr/share/task/solarized-light-256.theme
#include /usr//usr/share/task/no-color.theme

The only active option right now is data.location=~/.task. To view active configuration settings (including the built-in defaults), run show.

task show

To change a setting, use config.

$ task config displayweeknumber no
Are you sure you want to add 'displayweeknumber' with a value of 'no'? (yes/no) yes
Config file /home/link/.taskrc modified.

Examples

These are just some of the things you can do with Taskwarrior.

Assign a project to your tasks:

task 'Fix leak in the roof' modify project:Home

Use start to mark what you were working on. This can help you remember what you were working on after the weekend:

task 'Fix bug #141291' start

Use relevant tags:

task add 'Clean gutters' +weekend +house

Be sure to read the complete documentation to learn all the ways you can catalog and organize your tasks.

by Link Dupont at February 13, 2017 08:00 AM

xkcd.com

February 10, 2017

Fedora Magazine

Use tmux for a more powerful terminal

Some Fedora users spend most or all their time at a command line terminal. The terminal gives you access to your whole system, as well as thousands of powerful utilities. However, it only shows you one command line session at a time by default. Even with a large terminal window, the entire window only shows one session. This wastes space, especially on large monitors and high resolution laptop screens. But what if you could break up that terminal into multiple sessions? This is precisely where tmux is handy — some say indispensable.

Install and start tmux

The tmux utility gets its name from being a terminal muxer, or multiplexer. In other words, it can break your single terminal session into multiple sessions. It manages both windows and panes:

  • window is a single view — that is, an assortment of things shown in your terminal.
  • pane is one part of that view, often a terminal session.

To get started, install the tmux utility on your system. You’ll need to have sudo setup for your user account (check out this article for instructions if needed).

sudo dnf -y install tmux

Run the utility to get started:

tmux

The status bar

At first, it might seem like nothing happens, other than a status bar that appears at the bottom of the terminal:

Start of tmux session

 

The bottom bar shows you:

  • [0] – You’re in the first session that was created by the tmux server. Numbering starts with 0. The server tracks all sessions whether they’re still alive or not.
  • 0:username@host:~ – Information about the first window of that session. Numbering starts with 0. The terminal in the active pane of the window is owned by username at hostname host. The current directory is (the home directory).
  • * – Shows that you’re currently in this window.
  • “hostname” – the hostname of the tmux server you’re using.
  • Also, the date and time on that particular host is shown.

The information bar will change as you add more windows and panes to the session.

Basics of tmux

Stretch your terminal window to make it much larger. Now let’s experiment with a few simple commands to create additional panes. All commands by default start with Ctrl+b.

  • Hit Ctrl+b, “ to split the current single pane horizontally. Now you have two command line panes in the window, one on top and one on bottom. Notice that the new bottom pane is your active pane.
  • Hit Ctrl+b, % to split the current pane vertically. Now you have three command line panes in the window. The new bottom right pane is your active pane.

tmux window with three panes

Notice the highlighted border around your current pane. To navigate around panes, do any of the following:

  • Hit Ctrl+b and then an arrow key.
  • Hit Ctrl+b, q. Numbers appear on the panes briefly. During this time, you can hit the number for the pane you want.

Now, try using the panes to run different commands. For instance, try this:

  • Use ls to show directory contents in the top pane.
  • Start vi in the bottom left pane to edit a text file.
  • Run top in the bottom right pane to monitor processes on your system.

The display will look something like this:

tmux session with three panes running different commands

So far, this example has only used one window with multiple panes. You can also run multiple windows in your session.

  • To create a new window, hit Ctrl+b, c. Notice that the status bar now shows two windows running. (Keen readers will see this in the screenshot above.)
  • To move to the previous window, hit Ctrl+b, p.
  • If you want to move to the next window, hit Ctrl+b, n.
  • To immediately move to a specific window (0-9), hit Ctrl+b followed by the window number.

If you’re wondering how to close a pane, simply quit that specific command line shell using exitlogout, or Ctrl+d. Once you close all panes in a window, that window disappears as well.

Detaching and attaching

One of the most powerful features of tmux is the ability to detach and reattach to a session. You can leave your windows and panes running when you detach. Moreover, you can even logout of the system entirely. Then later you can login to the same system, reattach to the tmux session, and see all your windows and panes where you left them. The commands you were running stay running while you’re detached.

To detach from a session, hit Ctrl+b, d. The session disappears and you’ll be back at the standard single shell. To reattach to the session, use this command:

tmux attach-session

This function is also a lifesaver when your network connection to a host is shaky. If your connection fails, all the processes in the session will stay running. Once your connection is back up, you can resume your work as if nothing happened.

And if that weren’t enough, on top of multiple windows and panes per session, you can also run multiple sessions. You can list these and then attach to the correct one by number or name:

tmux list-sessions

Further reading

This article only scratches the surface of tmux’s capabilities. You can manipulate your sessions in many other ways:

  • Swap one pane with another
  • Move a pane to another window (in the same or a different session!)
  • Set keybindings that perform your favorite commands automatically
  • Configure a ~/.tmux.conf file with your favorite settings by default so each new session looks the way you like

For a full explanation of all commands, check out these references:


Image courtesy of Reginar — originally posted to Unsplash.

by Paul W. Frields at February 10, 2017 08:00 AM

xkcd.com

February 08, 2017

Fedora Magazine

5 security tips for shared and public computers

For many of us, the most important part of security is making our personal data safe. The best security will withstand any abuse, theoretically. However, in the real world, you can’t cover all possible situations of abuse. Therefore, the best strategy is to use multiple techniques for increasing security. Most normal people don’t need complicated schemes and cryptography to be safe. But it’s good to make it hard for intruders to get access to your data.

It may sound silly, but the computer in a library, a classroom, or a lab — or your friend’s phone for that matter — aren’t yours. Even cloud or cloud services in general are usually just someone else’s computer. In general, treat any devices you don’t own as if they’re owned by a villain — in other words, someone who wants your data for evil purposes.

Here are some simple ways you can increase your data security against miscreants or intruders.

Close open sessions

When you’re finished with the device, log out of services such as Facebook or other sites. This helps keep an evildoer from reopening the windows and having access to your account.

Clean browser and other cache

Clear all your history, passwords, and cookies from the browser you used. Don’t assume this is the default behavior on logout. Depending on the platform, check caches as well. You can delete the ~/.cache folder if you’re on a modern Linux system.

Empty the trash

Remove any items left behind on the desktop, if applicable, and empty the account’s Trash or Recycle Bin.

Use service security options

Enable login notifications or approvals for your services and accounts. Some services have an option that notifies you when someone logs into your account from a new device or location. You’ll also get a notice when you login legitimately. But it’s helpful to know if someone tries to use your login unexpectedly from another computer or location.

Other services may allow you to approve any login activity via an email notice. Access is only granted if you approve via a link in the email you receive. Check your services to see if they offer either of these security options.

Limit sensitive data

The easiest way to keep data safe on a computer you don’t own is not to process it to begin with. Try to avoid or limit work that needs sensitive information. For example, you might not want to access bank or credit card accounts, or secure systems for your workplace.

You may want to consider using a Live USB-based operating system for these purposes. Live USB limits or even completely avoids any data storage on the host computer system where you run it. You can download a Live Fedora Workstation operating system for use on a USB stick, for example.

by Sylvia Sánchez at February 08, 2017 08:00 AM

xkcd.com

February 06, 2017

Fedora Magazine

Michael Larabel: How Do You Fedora?

We recently interviewed Michael Larabel on how he uses Fedora. This is part of a series on the Fedora Magazine. The series profiles Fedora users and how they use Fedora to get things done. Contact us on the feedback form to express your interest in becoming a interviewee.

Who is Michael Larabel?

Michael Larabel is an entrepreneur, software engineer, and technology analyst. Larabel founded Phoronix Media in 2004. Phoronix is the leading destination for Linux hardware reviews and enthusiast-oriented Linux news. Michael also develops an automated open source benchmarking suite named the Phoronix Test Suite. The results from the suite are published on OpenBenchmarking.org.

Michael was also the lead developer involved in a startup that was building a home monitoring and communication device to help those with neurodegenerative conditions and the elderly. That startup stalled due to burdensome regulations in the US around commercial health related devices. The device leveraged Linux and Larabel hopes to bring the project back to life one day. “I hope one day to find the time to clean-up and improve the code as it could be an interesting open-source project.”

When not working on Phoronix or related projects, Larabel prefers to spend time working on home improvements or construction projects. He also enjoys organic gardening and German/Bavarian beers. The key for Michael’s hobbies is productive work, “I enjoy most anything as a hobby as long as I am engaging in some form of productive work rather than just watching TV or other leisurely activities.”

With his penchant for meaninful productive hobbies and an enjoyment of home improvements it was easy to understand Larabel’s choices for childhood heroes. “My childhood heroes would be Bob Vila and Steve Thomas from some good home improvement shows in the US.” Michael originally funded his purchase of computer equipment through construction work. “Many of my childhood years initially picking up building scraps on construction sites for the Habitat for Humanity non-profit before advancing to doing basic construction work to afford computer hardware.”

Michael started using Linux in 2002 with Mandrake Linux. He has “many great memories of former distributions like Yoper, MEPIS, KateOS, and many others.” The early difficulties of getting Linux up and running is what prompted him to start Phoronix.com.

The Fedora Community

Larabel has been covering Fedora on Phoronix since the Fedora Core days. At one point he was also a maintainer on the earlier ATI fglrx driver packaging for Fedora systems from the binary driver’s installer. Michael believe the Fedora community is “more technically focused than many other Linux/open-source communities. Less politics, more technical fun, and the right balance of involvement from Red Hat or any corporate overlord in relation to the project.”

Larabel would like to see the Fedora community adopt release code names again. He has fond memories of the code name Beefy Miracle. “That year at LinuxTag in Berlin the Fedora booth was giving out the ‘Beefy Miracle’ hot dogs, which was next to the openSUSE booth handing out their “openSUSE Old Toad” beer, making for good laughs and recharging while socializing with open-source contributors.”

Michael credits the Fedora project with shipping many technical advancements. These included AIGLX, virt-manager, an experimental Btrfs root install option. Most recently he cites Fedora as “being the first tier-one Linux distribution using Wayland by default.” Larabel believes that Fedora “is a great Linux distribution for any technical users / enthusiasts and while it’s not a rolling-release distribution its updates to packages like Mesa and the Linux kernel do make for a nice medium.”

What Hardware?

Larabel has over sixty systems running Linux. His main production system is running Fedora 25. “My main system is an MSI Cubibox with an Intel Core i5 Kabylake CPU, 8GB of memory, and Samsung SSD.” That system in paired with an ASUS 27 inch 4K display. His main keyboard is an Amazon Basics USB Keyboard. Despite costing just $10 USD Larabel has found them surprisingly durable. “The mice I use are generally from Razer, and while I would love for the company to provide native Linux support, at least there are third-party software options.”

michael larabel living room

When it comes to graphics cards Larabel’s recommendations depend on what users are looking for. “If you care about open-source drivers, definitely go for AMD. But if you want something that ‘just works’ and delivers the best possible performance and all of the advertised features, NVIDIA has proven themselves going back more than one decade.”

michael larabel work area

What Software?

Michael runs a mix of the latest stable release as well as Fedora Rawhide on several systems. “With my main system running Fedora 25, the programs I generally only ever use are Thunderbird, Firefox, Pidgin, GNOME Terminal, Gedit, LibreOffice, gFTP, and GIMP.” He also runs Git and the Phoronix Test Suite from the terminal. His production system is stock Fedora 25 with no extensions, plug-ins, or tweak tools.

screenshot-from-2017-01-25-19-13-37

From the GNOME Terminal, all of the usual GNU suspects, Git, and, of course, the Phoronix Test Suite. My main desktop is surprisingly close to a stock Fedora 25 experience with really not getting into any extensions / plug-ins / tweak tools.

screenshot-from-2017-01-25-19-14-36

by Charles Profitt at February 06, 2017 08:00 AM

xkcd.com

February 03, 2017

Fedora Magazine

Find Fedora at FOSDEM 2017!

It’s that time of year again for a new iteration of FOSDEM! FOSDEM, or the Free and Open Source Software Developers’ European Meeting, is held every year in late January or early February in Brussels, Belgium. FOSDEM 2017 is taking place over this coming weekend on February 4th and 5th. At this year’s conference, an estimated 8,000 or more attendees are expected. Several open source contributors, communities, and projects are represented at this event.

As one of the largest open source conferences in Europe, there are many Fedora Project developers and representatives attending the event. In addition to our community stand, you will find 24 speakers from the community giving talks over the weekend. If you’re getting ready to make it into Brussels, here’s how to keep Fedora a part of your weekend.

Community stand at FOSDEM 2017

FOSDEM 2017 Attendee badge can be found at the Fedora community stand

FOSDEM 2017 Attendee badge can be found at the Fedora community stand

For another year, Fedora will have our community stand at the conference managed by our Fedora Ambassadors. You will be able to find a number of Fedora contributors to say hello to and ask questions. In addition to our Ambassadors, there are a number of developers and other contributors around the conference who will stop in to visit our table. This is a great chance to meet up with some of our contributors and understand more about the inner workings of the Fedora Project!

Additionally, the Fedora team will have plenty of goodies to share during the weekend! This includes stickers, accessories, wearables, and more, but they tend to go quickly! Be sure to make a stop earlier in the conference to see what kind of items we have at the table. Also again this year, we will have the FOSDEM 2017 Attendee badge for collecting!

Find Fedora speakers

In addition to our community stand, there are now 24 Fedora contributors who will be speaking during FOSDEM this weekend. While they are Fedora contributors, not all of our talks are specifically related to Fedora! Many of the talks show a diverse range of activities that our contributors are involved with as well. Special thanks to Alberto Rodriguez Sanchez, Dhanesh Sabane, and others for helping build this list.

You can find a more verbose version of this list on the Fedora Community Blog.

Come say hello!

No matter where you find yourself in FOSDEM this weekend, there will be a Fedora presence throughout the event. Don’t be afraid to seek out our Ambassadors and representatives to say hello! Happy FOSDEM, and see you this weekend!


The feature image for this post is a remix of the official FOSDEM ’17 Flyer, CC-BY.

by Justin W. Flory at February 03, 2017 08:00 AM

xkcd.com

February 01, 2017

xkcd.com

January 30, 2017

Fedora Magazine

Submissions now open for the Fedora 26 supplemental wallpapers

Each release, the Fedora Design team works with the community on a set of 16 additional wallpapers. Users can install and use these to supplement the standard wallpaper. Submissions are now open for the Fedora 26 Supplemental Wallpapers, and will remain open until March 22, 2017

You always wanted to start contributing to Fedora but don’t know how? Contributing a supplemental wallpaper is one of the easiest way to start as a Fedora Contributor.

What exactly are the supplemental wallpapers?

Supplemental wallpapers are the non-default wallpapers provided with Fedora. Each release, the Fedora Design team works with the community on a set of 16 additional wallpapers. Users can install and use these to supplement the standard wallpaper.

Dates and deadlines

The submission phase opens January 30 2017 and ends March 22 at 23:59 UTC.

Important note, submissions during the last hours can in certain circumstances not get into the election, if there is no time to do the legal research.

The legal research is done by hand and very time consuming, so please help by following the guidelines correctly and submit only work that has the correct license.

The voting will open automatically 23 March 2017 and will be open until April 6 2017 at 23:59 UTC

How to contribute to this package

Fedora uses for the submission the application Nuancier for managing the submissions and the voting process.

For an submission you need an Fedora account. If you have none, you have to create one before here. For being allowed to vote, you must have membership in another group as cla_done or cla_fpca.

For inspiration you can look to former submissions and the  previous winners. Here are some of the last election:

Fedora 25 wallpaper - Droplet On Pebble Fedora 25 wallpaper -Winter in Bohemia Fedora 26 wallpaper - Cherry Blossom Fedora 25 wallpaper - Zen Fedora 25 wallpaper - Matterhorn Fedora 25 wallpaper - Milky Way over the Mang Fedora 25 wallpaper - Raindrop Fedora 25 wallpaper - Manhattan Fedora 25 wallpaper - Grytviken Fedora 25 wallpaper - Forrest Path Fedora 25 wallpaper - Soft Blue Fedora 25 wallpaper - Caion Do Xingo Fedora 25 wallpaper - Chihuly Fedora 25 wallpaper - color Fedora 25 wallpaper - Poetry The Bois de Vincennes

The number of submissions a contributor can make is limited. A participant can only upload two submissions to Nuancier. In case you submit multiple versions of the same image, the team will choose one version of it and accept it as one submission, and deny the other one.

Submissions which was submitted already before and was not selected get rejected. Starting with this election also creations which have not an essential height get rejected.

Denied submissions also count, so if you make two contributions and both are rejected, you cannot submit more. Use your best judgment for your submissions.

Badges

You can also earn badges for contributing. One badge is for an accepted submission. Another badge is if your submission is a chosen wallpaper. A third is awarded if you participate in the voting process. You have to claim this badge during the voting process, as it is not granted automatically.

Regulations for Submissions

Subject matter

  • Must not contain brand names or trademarks of any kind (including Fedora itself).
  • Must not contain material that is inappropriate, offensive, indecent, obscene, hateful, tortuous, defamatory, slanderous or libelous.
    • No sexually explicit or provocative subject matter.
    • No images of weapons or violent imagery.
    • No alcohol, smoking, or drug use imagery.
  • Must not contain material that promotes bigotry, racism, hatred or harm against any group or individual or promotes discrimination based on race, gender, religion, nationality, disability, sexual orientation or age.
  • Must not contain material that is unlawful, in violation of or contrary to the laws or regulations in the jurisdiction where the work is created
  • No religious, political, or nationalist imagery (including flags).
  • No images of hats, particularly fedoras.
    • This is a matter of respect for our primary sponsor, Red Hat, Inc., and is not negotiable. Of course, passive appearance of hats, such as those upon heads in a crowd, are allowed.
  • No version numbers. End users might prefer to continue to use an older theme, or use the latest theme in their older version of Fedora. To enable that choice, do not use any version numbers within the Fedora artwork.
  • No text. Text should not be used in the background because the artwork is intended for a global audience and to be reused by derivative distributions.
  • Should not contain images of people (contemporary, historical, or fictional).
  • Should not contain images of pets or captive / mistreated animals.

 Technical requirements

  • Submitted wallpapers must use a format that can be read by software available in Fedora Package Collection. Preferred image formats is PNG.
  • Originals for landscape formats must be a minimum of 1600 pixels wide and 1200 pixels high. The larger the better. Photographic submissions should be made at the highest resolution the camera is capable of.
  • Submitted wallpapers should be provided in a 16 x 9 aspect ratio if possible.
  • No watermarks, signatures, photographer or creator names, or messages may be included in any part of the work.

Other requirements

  • Submissions must not contain material that violates or infringes anothers rights, including but not limited to privacy, publicity or intellectual property rights, or that constitutes copyright infringement.
  • If your submissions include or derive from artwork created by other people, please make sure the license of the original work you incorporate is compatible with Fedora and that you are not violating any of the provisions of its license.
  • Make sure you provide attribution to artists that license their work with a CC Attribution clause.
  • Submission should have the consent and approval of the author or creator
  • Submissions are thereby licensed to the public for reuse under CC-BY-SA unless another accepted approved liberal open source license.
    See a list of approved licenses for Fedora.
  • Note that we can not accept NC (no commercial use) or ND (no derrivatives) submissions!

by Sirko Kemter at January 30, 2017 08:00 AM

xkcd.com

January 27, 2017

xkcd.com

Fedora Magazine

Using the YubiKey4 with Fedora

A YubiKey is a hardware authentication device that can be used for various one-time password (OTP) and authentication methods. This article explains some of the ways to use the the YubiKey4 with Fedora. Other versions may be incompatible or require additional configuration.

What is a YubiKey?

From the Yubico site: “A YubiKey is a small device that you register with a service or site that supports two-factor authentication. Two-factor authentication means that each time you log in, the service will request proof that you have your YubiKey in addition to your regular username and password. Phishing, malware, and other attack methods don’t work because they would need both your physical key and your passwords to breach your accounts.”

Two-factor authentication with the Yubico Authenticator tool

The Yubico Authenticator tool lets you generate OATH one-time password codes with your YubiKey. It can store up to 32 OATH event-based HOTP and time-based TOTP credentials on the device itself, which makes it easy to use across multiple computers. The software is freely available in Fedora in the `yubioath-desktop` package, and also provides a yubioath-cli command-line tool. If you desire the gui version after install invoke yubioath-gui.

Using the Yubico Authenticator for two-factor authentication

Using the Yubico Authenticator for two-factor authentication with the YubiKey

GPG smartcard for SSH authentication

The YubiKey4 contains an OpenPGP smartcard applet, which lets you import and GPG keys on the hardware. You can also use these keys for SSH authentication to remote machines with the `gpg-agent`. This allows you to use GPG and SSH without storing any private keys on your computer at all.

You’ll first want to go through the “Importing Keys” instructions for setting up your GPG keys. Then there is a great guide created by a number of Fedora contributors for configuring GPG and GNOME to use your YubiKey as a GPG smartcard for SSH authentication.

FIDO Universal 2nd Factor

U2F is an open authentication standard that enables internet users to securely access any number of online services, with one single device, instantly and with no drivers or client software needed.

Fedora ships the `pam-u2f` package which provides an easy way to integrate the Yubikey (or other U2F-compliant authenticators) into your existing user authentication infrastructure.

Authentication with PAM

You can use your YubiKey to log in to your Fedora machines by configuring PAM with the pam_yubico module. There are detailed instructions for how to do this on the Fedora Wiki.

Other resources

by lmacken at January 27, 2017 04:00 AM

January 26, 2017

Fedora黑