Gentoo Monthly Newsletter: October 2013

You missed us? We are back! :)

gentoo-gmn-back

Introduction

So GMN is back! :) As you can see, we moved away from GuideXML and moved to the 2013 era. You can also subscribe to this blog using the form on your left. If you are interested in contributing, have a look at the end of this newsletter.

Gentoo News

Gentoo at Google Summer of Code 2013

RAP

RAP is an abbreviation for “Rap Ain’t Prefix”. It is a variant of Gentoo Prefix that uses its own libc instead of that of the host. By depending only on the Kernel, it expands the horizon of Gentoo Prefix into the systems as handhold Android, multiarch Debian/Ubuntu and ancient (5 years+) GNU/Linux with a libc lacking crucial modern features like fortify. It eases the maintenance of Prefix by being more identical to Gentoo vanilla.

Although the Prefix team has been keeping the possibility in mind and have made several unsuccessful attempts earlier, it was Ruud (redlizard) Koolen (now a Gentoo developer) who brought the first implementation into reality. Benda (heroxbd) Xu from the Prefix team joined the effort of RAP for his Gentoo on Android project under Google Summer of Code 2013, mentored by Luca (lu_zero) Barbato.

RAP specification has been tracked by a GLEP draft. The draft is endorsed by the council and will be further refined after recovery of the GLEP process.

RAP is in a usable state for end users in the two overlays initiated by redlizard and heroxbd, whose development are related closely. With the ultimate goal of offering RAP with Gentoo officially, the development in the overlays will be merged to gx86 tree. The major remaining refinements are:

  • RAP profiles to be integrated with those of prefix and default
  • RAP toolchain patches to be refined and accepted by the toolchain herd and upstream

Contact the RAP developers by mailing list gentoo-alt@lists.gentoo.org or IRC #gentoo-prefix on freenode for further information.

identity.gentoo.org

Pavlos Ratis and Michal Gorny (under the mentorship of Theo Chatzimichos and the great help of Robin Johnson and Matt Summers) were both working on our upcoming identity.gentoo.org website. It is going to be our LDAP frontend, which will be connected with various Gentoo services as well (eg Overlays, Git repositories and Planet). Additionally, it will act as an OpenID provider, which will allow us to connect it to our various Gentoo websites, and use only one account for all of them.

Pavlos has been working on the LDAP part. He implemented the login, signup, attribute settings and password recovery pages, all of the above working against a clone of our production Gentoo LDAP configuration. For the future, privileged accounts through groups are planned as well. Read his final report.

Michal has been working on the OpenID provider, as well to two factor authentication. The website supports authentication with SSH, SSL certs and OTP tokens on top of the traditional username/password authentication. Read his final report.

The team gave much weight on unit and integration tests as well, having around 80% coverage so far. Acceptance tests with selenium are also planned. Also, a large number of work has been done on upstream libraries, like django-ldapdb, django-auth-ldap, even a patch in Django itself was submitted.

The plan for the near future is to finish the groups support first, and then deploy a testing instance for developers’ only. Around February of 2014 the website should be hopefully ready for production usage, although it will remain a developer-only service for quite some time.

In case you are interested in helping, the code is in Github, and you can contact the team in the mail identity@gentoo.org, or in the IRC channel #gentoo-www in Freenode.

Puppet Portage module

The Puppet Portage module provides various Gentoo related features. While it used to be tight to Portage only, Vikraman Choudhury (under the mentorship of Adrien Thebo and Theo Chatzimichos) added support for a number of other Gentoo tools, like layman, eselect, webapp-config, and additionally he did tons of bugfixing. The features are going to be released soon in version 2.1.0 in the PuppetLabs Forge.

SELinux System Administration

Sven Vermeulen, a Gentoo Hardened and Documentation developer, has made his first book publication: SELinux System Administration.

“The book first starts with the fundamentals of SELinux – concepts you really need to grasp before diving into SELinux. Then, it goes on about switching SELinux state (disabling, permissive, granular permissive, etc.), logging, managing SELinux users and roles, handling process domains, etc.” is how Sven summarizes his book.

Do you want to know more about SELinux on Gentoo? Read the excellent wiki page.

Read more about this on his blog. ;)

Gentoo Council News

The October 2013 council meeting was comparatively uneventful. Completely replacing the current Gentoo Code of Conduct with a new text did not find a majority; instead a decision about more gradual incorporation of improvements was deferred to the next meeting.

As a consequence of the decisions taken during the September 2013 council meetings, the m68k, s390, and sh profiles have in the meantime been modified to automatically accept testing/unstable keywords. Stable keywords of these arches can and will now be replaced by unstable/testing keywords in ebuilds.

In addition, the council had concluded in its September 2013 meetings that sufficient documentation on initramfs and similar early boot mechanisms is available. As a consequence a news item has been published- Gentoo Linux systems which have / and /usr on separate file systems but do not use an
initramfs will not be supported starting on 01-Nov-2013, and all users with such setups are encouraged to migrate to an initramfs.

Conferences

LinuxDays 2013 in Prague, CZ

LinuxDays is an annual Linux conference that takes place in Czech Technical University in Prague. This conference has big value for our community, as last year it was co-hosted with the Gentoo Miniconf. The conference was a big success this year, having around 500 visitors. Many presentations and workshops took place, the highlight being the 3D printer workshop. Gentoo was also there with a booth, organized by the Czech Gentoo Developers and Contributors, many of whom had presentations around various topics (Autotools, Puppet etc.).

Photos

Gentoo Developer Moves

Summary

Gentoo is made up of 247 active developers, of which 36 are currently away.
Gentoo has recruited a total of 788 developers since its inception.

Moves

The following developers have recently changed roles

Additions

The following developers have recently joined the project

Portage

This section summarizes the current state of the portage tree.

Architectures 44
Categories 159
Packages 16924
Ebuilds 36928
Architecture Stable Testing Total % of Packages
alpha 3569 534 4103 24.24%
amd64 10350 6055 16405 96.93%
amd64-fbsd 4 1562 1566 9.25%
arm 2509 1616 4125 24.37%
hppa 2993 472 3465 20.47%
ia64 3108 595 3703 21.88%
m68k 524 87 611 3.61%
mips 0 2243 2243 13.25%
ppc 6832 2399 9231 54.54%
ppc64 4281 908 5189 30.66%
s390 1640 122 1762 10.41%
sh 1865 173 2038 12.04%
sparc 4073 918 4991 29.49%
sparc-fbsd 0 326 326 1.93%
x86 11132 5153 16285 96.22%
x86-fbsd 0 3193 3193 18.87%

gmn-portage-stats-2013-10

Security

The following GLSAs have been released by the Security Team

GLSA Package Description Bug
201310-21 www-apps/mediawiki MediaWiki: Multiple vulnerabilities 460352
201310-20 sys-power/acpid acpid2: Privilege escalation 434522
201310-19 net-misc/x2goserver X2Go Server: Arbitrary code execution 472582
201310-18 net-libs/gnutls GnuTLS: Multiple vulnerabilities 455560
201310-17 sys-devel/pmake pmake: Insecure temporary file usage 367891
201310-16 net-analyzer/tptest TPTEST: Arbitrary code execution 261191
201310-15 sys-devel/automake GNU Automake: Multiple vulnerabilities 295357
201310-14 sys-apps/groff Groff: Multiple Vulnerabilities 386335
201310-13 media-video/mplayer MPlayer: Multiple vulnerabilities 253649
201310-12 media-video/ffmpeg FFmpeg: Multiple vulnerabilities 285719
201310-11 dev-perl/Parallel-ForkManager Perl Parallel-ForkManager Module: Insecure temporary file usage 389839
201310-10 net-libs/polarssl PolarSSL: Multiple vulnerabilities 358783
201310-09 dev-python/setuptools Setuptools: Man-in-the-Middle attack 479964
201310-08 net-misc/quagga Quagga: Multiple vulnerabilities 408507
201310-07 media-libs/openjpeg OpenJPEG: User-assisted execution of arbitrary code 412895
201310-06 net-wireless/aircrack-ng Aircrack-ng: User-assisted execution of arbitrary code 311797
201310-05 media-libs/gegl GEGL: User-assisted execution of arbitrary code 442016
201310-04 www-servers/nginx nginx: Multiple vulnerabilities 458726
201310-03 app-text/poppler Poppler: Multiple vulnerabilities 263028
201310-02 net-mail/isync isync: Man-in-the-Middle attack 458420
201310-01 dev-perl/Module-Signature Perl Module-Signature module: Arbitrary code execution 472428

Infrastructure

Sponsors

LeaseWeb provided us a new box.

Puppet

Our Cfengine to Puppet migration is still ongoing. The past month we’ve been
working on the upcoming 2.1.0 release of the Puppet Portage module (which by the way has been moved under the Gentoo Github organization). Also, there has been much effort and testing to provide Gentoo support to the
following puppet modules:

Some of our patches have already been accepted upstream, but more work is
required, and more modules will be needed to be tested or patched in order to
have decent Gentoo support. If you are interested in helping, contact Theo.

Package Removals/Additions

Removals

Package Developer Date
dev-games/neoengine creffett 03 Oct 2013
dev-games/neotools creffett 03 Oct 2013
dev-python/pyme mgorny 05 Oct 2013
net-irc/ezbounce pacho 12 Oct 2013
app-misc/gpsdrive pacho 12 Oct 2013
sys-fs/cdfs pacho 12 Oct 2013
virtual/python-json pacho 12 Oct 2013
dev-php/symfony pacho 12 Oct 2013
dev-vcs/bzr-svn pacho 12 Oct 2013
dev-tex/natbib dilfridge 12 Oct 2013
sys-firmware/amd-ucode hwoarang 21 Oct 2013
virtual/pyparsing mgorny 22 Oct 2013

Additions

Package Developer Date
dev-libs/liblouis teiresias 02 Oct 2013
dev-java/felix-gogo-runtime tomwij 02 Oct 2013
dev-java/felix-utils tomwij 02 Oct 2013
dev-java/felix-shell tomwij 02 Oct 2013
dev-java/struts-xwork tomwij 02 Oct 2013
dev-java/struts-core tomwij 02 Oct 2013
dev-java/struts-plugins tomwij 02 Oct 2013
dev-lang/execline williamh 02 Oct 2013
sys-apps/s6 williamh 02 Oct 2013
dev-python/xmltodict radhermit 04 Oct 2013
x11-libs/xcb-util-cursor chithanh 04 Oct 2013
dev-libs/clens ulm 04 Oct 2013
app-crypt/tc-play alonbl 05 Oct 2013
dev-python/pygal yngwin 06 Oct 2013
dev-python/pyptlib blueness 06 Oct 2013
x11-libs/libXaw3dXft hasufell 06 Oct 2013
media-gfx/xpaint hasufell 06 Oct 2013
dev-ruby/activerecord-deprecated_finders graaff 07 Oct 2013
dev-ruby/sprockets-rails graaff 07 Oct 2013
app-admin/r10k vikraman 07 Oct 2013
dev-java/j2ssh ercpe 08 Oct 2013
dev-java/junrar ercpe 08 Oct 2013
dev-python/simplegui hasufell 08 Oct 2013
dev-ruby/protected_attributes graaff 09 Oct 2013
dev-python/json-tools radhermit 10 Oct 2013
dev-util/xxdi hasufell 11 Oct 2013
dev-java/unkrig-nullanalysis ercpe 11 Oct 2013
dev-java/janino ercpe 11 Oct 2013
kde-base/ktnef johu 11 Oct 2013
media-libs/waffle mattst88 12 Oct 2013
dev-java/testng tomwij 12 Oct 2013
dev-libs/libevdev chithanh 13 Oct 2013
dev-libs/go-fuse zerochaos 21 Oct 2013
sys-fs/go-mtpfs zerochaos 21 Oct 2013
app-arch/lziprecover polynomial-c 21 Oct 2013
dev-ruby/tokyocabinet a3li 21 Oct 2013
app-backup/bareos mschiff 21 Oct 2013
dev-python/dogpile-core prometheanfire 22 Oct 2013
dev-python/dogpile-cache prometheanfire 22 Oct 2013
dev-libs/qcodeedit jlec 22 Oct 2013
dev-python/lesscpy prometheanfire 23 Oct 2013
dev-python/python-ceilometerclient prometheanfire 23 Oct 2013
dev-python/python-troveclient prometheanfire 23 Oct 2013
dev-java/glassfish-xmlrpc-api tomwij 23 Oct 2013
dev-java/glassfish-ejb-api tomwij 23 Oct 2013
dev-java/spring-instrument tomwij 23 Oct 2013
java-virtuals/xmlrpc-api tomwij 23 Oct 2013
java-virtuals/ejb-api tomwij 23 Oct 2013
dev-java/glassfish-interceptor-api tomwij 23 Oct 2013
java-virtuals/interceptor-api tomwij 23 Oct 2013
dev-java/jdbc2-stdext tomwij 24 Oct 2013
dev-java/hibernate-annotations tomwij 24 Oct 2013
dev-ruby/jquery-ui-rails graaff 25 Oct 2013
media-fonts/hermit yngwin 25 Oct 2013
media-libs/libmygpo-qt yngwin 26 Oct 2013
net-firewall/shorewall-init constanze 26 Oct 2013
sys-apps/lmctfy patrick 27 Oct 2013
dev-libs/hidapi blueness 27 Oct 2013
net-libs/libkpeople johu 29 Oct 2013
app-misc/conmux hwoarang 29 Oct 2013
net-libs/libqinfinity johu 29 Oct 2013
kde-misc/kte-collaborative johu 29 Oct 2013
net-misc/livestreamer hwoarang 30 Oct 2013

Bugzilla

The Gentoo community uses Bugzilla to record and track bugs, notifications, suggestions and other interactions with the development team.

Activity

The following tables and charts summarize the activity on Bugzilla between 30 September 2013 and 31 October 2013. Not fixed means bugs that were resolved as NEEDINFO, WONTFIX, CANTFIX, INVALID or UPSTREAM.gmn-activity-2013-10

Bug Activity Number
New 1731
Closed 1010
Not fixed 214
Duplicates 169
Total 5094
Blocker 4
Critical 15
Major 67

Closed bug ranking

The developers and teams who have closed the most bugs during this period are as follows.

gmn-closed-2013-10

Rank Team/Developer Bug Count
1 Gentoo Security 114
2 Gentoo KDE team 42
3 Gentoo's Team for Core System packages 36
4 Gentoo Linux Gnome Desktop Team 34
5 Default Assignee for Orphaned Packages 27
6 Python Gentoo Team 25
7 Qt Bug Alias 18
8 Gentoo Prefix 18
9 Tom Wijsman (TomWij) 17
10 Others 678

Assigned bug ranking

The developers and teams who have been assigned the most bugs during this period are as follows.

gmn-opened-2013-10

Rank Team/Developer/ Bug Count
1 Gentoo Linux bug wranglers 131
2 Gentoo Security 76
3 Python Gentoo Team 68
4 Gentoo's Team for Core System packages 61
5 Gentoo KDE team 59
6 Gentoo Linux Gnome Desktop Team 52
7 Portage team 43
8 Gentoo X packagers 38
9 Gentoo Toolchain Maintainers 32
10 Others 1170

Tips of the Month

Did you know you can switch the locale of your Gentoo box using the locale eselect module?

Get a package’s metadata using one of the following commands

  • equery meta package
  • epkginfo app-misc/package
  • cat ${PORTDIR}/app-misc/package/metadata.xml

Send us your favorite Gentoo script or tip at gmn@gentoo.org

Getting Involved?

Interested in helping out? The GMN relies on volunteers and members of the community for content every month. If you are interested in writing for the GMN or thinking of another way to contribute, please send an e-mail to gmn@gentoo.org.

Bookmark the permalink.

Comments are closed.