Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:Curious.. (Score 2) 170

Not /opt ... /snap actually ...

If you install it you'll see you get a 'Core' Ubuntu system in /snap/something-or-other and then overlayed on that is the snap in /snap/app-of-some-kind

So basically they use a not-quite-namespace (pivot-root to be precise) with no container tech to do a "super chroot" (via pivot-root) into an minimal Ubuntu installation to run the app overlayed on that ...

Comment Re:What restricts them? (Score 1) 274

In theory AppArmor ... except confinement only works under Mir ...

And as for the cross distro stuff in the PR statement? The Arch build disables the confinement tech (since it's a Canonical special and not upstreamed) and the Fedora COPR in addition to that only "works" with selinux not enforcing.

Comment Re:Snappy Appy APP! (not the app guy) (Score 2) 274

Snapd seems to be spreading with the same wildfire potential that systemd did.

Not really ... it was pushed to AUR which anyone can do and is in COPR like anyone can do.

No one from the Fedora side has worked on this, the Canonical employee who has that COPR is not a Fedora packager and the various desktop communities have been coordinating on Flatpak

I'd strongly suggest never taking a Canonical Press Release at face value given the recent history with them...

Comment Re:Still no compelling systemd use case (Score 1) 924

THAT'S EXACTLY THE POINT. Need something /sbin/init didn't already do? Have it launch another, specialized service manager of your choosing. Have it launch several! Original inetd, xinetd, crond, supervise/daemontools, linux-ha / heartbeat, ... plenty of options. Have it integrate with other systems however you need it to. That's why you're an administrator.

The problem is that this results in race conditions and "who watches the watchdog" type of scenarios. Plus if the intermediate supervisor dies for some reason the children with then be reparented to PID1, ie the basic simple init, and the restarted supervisor would then lose sight of them properly (ie no longer a parent so can't wait() on them).

Fedora can't even do that any more... Fedora IS the upstream and there's basically no one who can push back at the Fedora level for a dumb upstream systemd decision

Note quite. Fedora is not the upstream for systemd, systemd is its own upstream and frankly has been driven more by CoreOS needs than Fedora ones recently (with the whole resolved and networkd stuff which are not used in Fedora since we use NetworkManager). Check the number of patches in the F24 spec for instance. The discussion is ongoing at the moment and this will become a F25 change that gets debated by FESCO. It's likely that the Server and Workstation product, for instance, may split in their behaviours here given the different use cases.

systemd was and is a power grab, plain and simple

No it is an attempt to fix our broken init landscape (it's notable that no one wanted to keep sysvinit as the default in the Debian CTTE decision) and solved not only the sysvinit problems but the upstart ones as well.

Go back and look at any of the small decisions over time from Fedora 15 onward made to make it extremely inconvenient to use any other init system anywhere in the ecosystem.

Fedora is a well integrated distribution with a set scope of things supported clearly defined. Just as we don't support a BSD kernel the fundamental frameworks are made clear so that the stuff packaged can be well tested against that base.

People who didn't want to use systemd absolutely were being subjected to it against our will. To claim otherwise is ludicrous.

You are entirely free to use Slackware, Gentoo, Debian, Devuan or any other non-systemd distro you wish. It's notable that Arch and Suse switched to systemd of their own free will and neither are downstream of Fedora or subject to decisions there.

Comment Re:WTF (Score 1) 924

Note that systemd-230 has only just been released so it's only arrived in Rawhide.

Fedora 24 will still ship with systemd-229

You can switch to this behaviour by changing your logind.conf on F23 or F24 but obviously that won't entirely act as systemd-230 since it won't have the same code path.

The question has been raised about this being adopted in F25 and no doubt FESCO will have to make a decision as a system wide change.

There is a reasonable likelihood this default behaviour in Fedora will be rejected - or at least only in the Workstation product with the Server product maintaining the old behaviour.

Comment Re:Zombie (Score 1) 233

You're using pkill but then grepping the result of ps for the state of the while loop?

while pgrep sco &> /dev/null
do
    pkill -9 sco
done

Of course that will only kill sco once as as soon as no sco is in the process table the while loop will exit ... given how sco behaves though perhaps we should do:

while true
do
    if pgrep sco &> /dev/null
    then
        pkill -9 sco
    fi
sleep 1
done

Comment Re:Love my PostgreSQL, not mySQL (Score 1) 104

(Do you think Oracle will ever let MySQL grow so it can challenge Oracle's flagship product?)

This is where MariaDB comes in of course and unless you really love Oracle the only sane thing to do these days is to use that instead if you *need* MySQL ...

That being said I prefer postgresql myself.

Comment Re:Apache Openoffice is "dormant"? (Score 1) 236

Recently I put in a bug report for AOO and after a few months they had a fix incorporated into a new release. It seems like there is still life there.

Link to bug ID? I question your value of 'recent' given there hasn't been an Apache OpenOffice release since August 2014 ...

Comment Re:OpenOffice vs LibreOffice (Score 1) 236

Local user arbitrary code execution when opening a specially crafted document (via the HWP filter, document can have any extension to disguise it a bit).

CVE disclosed in April 2015 with LibreOffice having a fix out the same month (within a week tops of disclosure) ...

Apache OpenOffice is still exploitable at the present time with 4.1.2 due to fix the bug (by removing the HWP filter entirely as opposed to fixing the filter) ... but they've been struggling to get this built and released for months at this point.

Comment Re:OpenOffice vs LibreOffice (Score 3, Informative) 236

I wrote about this on reddit only recently ... Link to the discussion there

Copied in full to here:

So back when Sun maintained OpenOffice.org and sold StarOffice they had a Contributor License Agreement that required handing over ownership of patches to them so they could sell the closed source supported suite and license out to IBM for Symphony.

To get around this bureaucracy and to not sign over ownership for patches most distributions used go-oo.org (aka ooo-build) that was the source code of OpenOffice.org with a bunch of patches on top to help compatibility with MS Office and some other things that Sun could or did not want in the upstream oo.org code.

When Oracle bought Sun they left oo.org languishing with no maintenance for months. This was naturally unacceptable to the various linux distros and they didn't want to be beholden to Oracle's whims (for good reason given the state of the various projects that used to be with Sun). Due to this they got together and formed The Document Foundation and took the go-oo.org code (which was basically what this group used and collaborated on anyway) and forked it to LibreOffice.

Fast forward some more time and Oracle decide they don't want anything to do with OpenOffice.org after all and essentially (with IBM's help ... presumably so there would be a sort of maintained base for Symphony) dumped it on the Apache Software Foundation. As per their requirements it went through an incubation process and all the code was relicensed to the Apache Public License. This was months after LibreOffice had been created and worked on and most consider it a pretty petty move rather than giving the brand to TDF to work with.

From that point on it's pretty much been IBM driving Apache OpenOffice (as they renamed oo.org to) although they appear to have stopped caring about it mid to end last year. The amount of development work on AOO is minimal compared to LO and the number of active committers is in the teens (at best) for AOO compared to the hundreds for LO.

Due to the way the licensing works out LO can merge in any fixes (there were some in the early days, not many now as can be seen in the CVE issue I mentioned) but AOO cannot merge in work from LO.

The last release of AOO was August 2014 and if you go look at the changelogs from 3.4 (the first AOO release as opposed to oo.org IIRC... mostly rebranding) up to the 4.1.1 then you'll see there's been minimal work - mostly translations. Anything developed/fixed in AOO is either merged into LO or improved/obsoleted by other work. Compare these to the release notes for each LO release from the forking point of 3.3 and it really is quite significant - the heavy work on clean up and better build systems for LO lower the barrier to entry for LO contribution by the common person too.

The proposed AOO release of 4.1.2 is going forwards at the moment - driven mostly by only a few people Apache OpenOffice Dev mail archives.

To give an idea how bad this has got the no-interaction code execution as privileges of user bug by a special HWP file was announced publicly last April. It was fixed in LibreOffice the same month and users would have had the update notification and been protected. Anyone using Apache OpenOffice is still vulnerable and although there was a disclosure on the security part of the AOO site at the time, the workaround was to 'delete .dll/.so' ... not a release with a fix and unless anyone actively went to check up on this they would not have known the issue.

To add to this (if it's not enough already) AOO can still only read and not write docx/xlsx/pptx (OOXML) files produced by MS Office whereas LibreOffice can write these as well... and LO fixes a lot of layout bugs in the translation of the formats.

Finally don't be confused by the version number jumps and think significant progress has been made in AOO compared to the ancient OpenOffice.org... There have only been a few actual releases in this time under the Apache umbrella ... compare this to the release schedule of LibreOffice.

Okay that ended up being a lot more history and writing than I was planning on - I hope you see why AOO is slowly dying and why anyone sane and following along with the history will be using LibreOffice instead if they care about performance, compatibility or security.... and if you made it this far you earned yourself a cookie ;)

Comment Re:MS Office will still reign supreme (Score 1) 164

The likelihood is that they have Software Assurance anyway so are covered for whatever version of MS Office they choose to run on whatever version of Windows they want to support.

If the IS staff deem an upgrade required there will be a time/people cost of sorts (although remember the staff will be employed doing X anyway so it's more a scheduling priority) but not an licensing upgrade cost.

Slashdot Top Deals

Stinginess with privileges is kindness in disguise. -- Guide to VAX/VMS Security, Sep. 1984

Working...