wlug May 2016

wlug@list.waikato.ac.nz

16 participants
45 discussions

by Lawrence D'Oliveiro

A Google engineer has published a detailed exposé on how Microsoft Windows handles file and directory pathnames (as opposed to how it is documented to handle them) <http://googleprojectzero.blogspot.com/2016/02/the-definitive-guide-on-win32…> (found from <http://www.theregister.co.uk/2016/03/01/windows_path_hacks/>). Most of it, it could be argued, makes some sort of sense from a backward-compatibility rationale. Except for the reserved device names (PRN, NUL, CON etc): Now if just specifying these paths explicitly was all that this process handled it would be annoying but not the end of the world. However it’s much worse. The conversion process actively tries to convert any path with the device name last, even if the path is a Drive Absolute path. To make matters even worse the device name can have arbitrary trailing characters as long the trailing characters are separated from the device by a dot or a colon. The name can then also have trailing spaces. ... Why it does the check is beyond me as it seems to serve no actual purpose. Also note the removal of trailing suffixes, which can come in handy if something is actively trying to guard against this behavior. For example, if an application was mindful and was checking for a filename that matched one of the reserved names you can just bypass that check by appending an arbitrary suffix.

5 years, 1 month

Op-ed: Oracle attorney says Google’s court victory might kill the GPL

by Peter Reutemann

"The developer community may be celebrating today what it perceives as a victory in Oracle v. Google. Google won a verdict that an unauthorized, commercial, competitive, harmful use of software in billions of products is fair use. No copyright expert would have ever predicted such a use would be considered fair. Before celebrating, developers should take a closer look. Not only will creators everywhere suffer from this decision if it remains intact, but the free software movement itself now faces substantial jeopardy." -- source: http://arstechnica.com/tech-policy/2016/05/op-ed-oracle-attorney-says-googl… Interesting article, I have to say. The verdict might throw a spanner in what is considered "derivative work" in terms of GPL code. Companies using GPL libraries will no longer have to open-source their code, as it is simple considered fair use? Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 4 months

Tor Browser 6.0: Ditches SHA-1 Support, Uses DuckDuckGo For Default Search Results

by Peter Reutemann

"The version 6.0 of Tor Browser, a free software for enabling anonymous communication, is now available to download. The new version introduces several changes, including disabling SHA-1 support, and removing Mac Gatekeeper issue. Another big change is that Tor now uses DuckDuckGo for search results by default. The Tor Project, people behind Tor, add that the "updater is not relying on the signature alone, but is checking the hash of the downloaded update file as well before applying it." More details on NetworkWorld." -- source: https://tech.slashdot.org/story/16/05/31/1643234 Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 4 months

Issue with systemd

by Ian Young

>From this week's Distrowatch. Could be a problem in some circumstances. The systemd project tends to stir up debate with each new feature it implements. One of the most recent changes to systemd (available in version 230), forces user processes to terminate when the user logs out. On some systems, such behaviour makes sense and effectively cleans up misbehaving processes when the user leaves. However, many administrators and developers rely on processes continuing to run to perform tests, backups or other tasks after they log off. Guus Sliepen summed up the concerns of the latter group quite nicely in a Debian bug report: It is now indeed the case that any background processes that were still running are killed automatically when the user logs out of a session, whether it was a desktop session, a VT session, or when you SSHed into a machine. Now you can no longer expect a long running background processes to continue after logging out. I believe this breaks the expectations of many users. For example, you can no longer start a screen or tmux session, log out, and expect to come back to it. For this reason, I think it is a bad decision on the part of the systemd maintainers to enable this feature by default, and it should rather be disabled by default in Debian." A similar discussion is taking place on a Fedora mailing list. The new default systemd behaviour can be disabled (either by distributions or system administrators) by editing the logind configuration file.

5 years, 4 months

Re: [wlug] Issue with systemd

by Andrew Crosby

To my mind, this seems like a useful feature. Odd choice to have it turned on by default though given the historic convention. Cheers Andrew On 30 May 2016 22:47, "Michael Cree" <mcree(a)orcon.net.nz> wrote: On Mon, May 30, 2016 at 10:22:13AM +0000, Ian Young wrote: > It is now indeed the case that any background processes > that were still running are killed automatically when the user logs > out of a session, whether it was a desktop session, a VT session, or > when you SSHed into a machine. Now you can no longer expect a long > running background processes to continue after logging out. I believe > this breaks the expectations of many users. Yes, it breaks the well established practice that the controlling terminal sends all its child processes a HUP signal on logout, and that the default signal handler will kill such processes, and if the process wants to remain running it therefore establishes a signal handler to properly receive and handle the HUP signal so that it is not terminated. If processes are not being terminated on logout when they should be, then it is the non-terminating processes fault as the process has taken action to set up a non-default signal hangler to receive the HUP signal to achieve this effect. It is most certainly not the responsibility of systemd to kill processes on logout! With these critical and non-sensical changes to system behaviour that is well without the established remit of the init process the systemd developers are fast losing what little respect I might have had for them. Cheers Michael. _______________________________________________ wlug mailing list | wlug(a)list.waikato.ac.nz Unsubscribe: https://list.waikato.ac.nz/mailman/listinfo/wlug

5 years, 4 months

Apropos...

by Lawrence D'Oliveiro

<https://twitter.com/nicholasbishop/status/737014814342533121/photo/1>

5 years, 4 months

Whom to contact for a public mirror for a Linux distribution?

by Michael Doerner - Technologywise

Hi all I am involved with a Linux distribution called "Koozali SME server" (https://wiki.contribs.org/Main_Page). Unfortunately we lost our mirror in NZ (Oceania) due to very sad circumstances and I am looking whether there is a chance to add that distro to one of the existing public mirrors. I am following the Wiki http://wiki.wlug.org.nz/NewZealandLinuxMirrors and would like to ask at University of Canterbury (Hm, there is a directory on their mirror server called "contrib" and I wonder whether there was something planned at some time ago). If someone here knows how to get in contact (email?) with an admin person there, I would appreciate any hint. Thanks Michael Doerner

5 years, 5 months

Google to bring official Android support to the Raspberry Pi 3

by Peter Reutemann

"The Raspberry Pi 3 is not hurting for operating system choices. The tiny ARM computer is supported by several Linux distributions and even has a version of Windows 10 IoT core available. Now, it looks like the Pi is about to get official support for one of the most popular operating systems out there: Android. In Google's Android Open Source Project (AOSP) repository, a new device tree recently popped up for the Raspberry Pi 3." -- source: http://arstechnica.com/gadgets/2016/05/google-to-bring-official-android-sup… Cheers, Peter -- Peter Reutemann Dept. of Computer Science University of Waikato, NZ +64 (7) 858-5174 http://www.cms.waikato.ac.nz/~fracpete/ http://www.data-mining.co.nz/

5 years, 5 months

Behold, The Raspberry π Citrix Client

by Lawrence D'Oliveiro

Citrix have unveiled their new desktop thin client built around a Raspberry π 3 <http://www.theregister.co.uk/2016/05/24/citrix_bakes_up_raspberry_pi_client/>, for USD89. "In classic disruptive fashion, the Raspberry Pi has already taken a significant share of the education PC market with over 8 million devices shipped," Citrix VP of emerging solutions Chris Fleck said...

5 years, 5 months

live edition of forthcoming Slackware release

by Ian Young

Anyone who takes an interest in Slackware may like to check out a live version recently made available. Mentioned in this week's Distrowatch Weekly. Link to project blog below. http://alien.slackbook.org/blog/stable-1-0-0-release-of-liveslak/

5 years, 5 months

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

wlug May 2016