From holt at laptop.org Thu Sep 18 11:24:54 2014 From: holt at laptop.org (Adam Holt) Date: Thu, 18 Sep 2014 11:24:54 -0400 Subject: [Server-devel] 11AM EDT Thurs School Server meetings from Sept 25 thru October Message-ID: Thanks all for meeting 1 hour later than usual starting Thurs Sept 25th (that'll be 11AM NYC Time) to bring our India colleagues on board over the coming month! Then after the North American time change of Nov 2nd, we'll go back to our usual 10AM EST weekly Thursday call :) -- Unsung Heroes of OLPC, interviewed live @ http://unleashkids.org ! -------------- next part -------------- An HTML attachment was scrubbed... URL: From tim at timmoody.com Wed Sep 24 09:13:37 2014 From: tim at timmoody.com (Tim Moody) Date: Wed, 24 Sep 2014 09:13:37 -0400 Subject: [Server-devel] [support-gang] Solved-- XSCE 5.1 MOODLE user/pwd ? In-Reply-To: <44ffa2d6.1676c.1488cd8f1c2.Webtop.45@charter.net> References: <44ffa2d6.1676c.1488cd8f1c2.Webtop.45@charter.net> Message-ID: Hi Nathan, I am unable to duplicate the problem you reported. I just did a fresh install of xsce 5.1 on the following platforms 64 bit VM XO-4 with 13.2.0 XO-4 with 13.2.1 XO-1.5 with 13.2.1 On all of them: I have {hosts, ["schoolserver.lan"]}. in /etc/ejabberd/ejabberd-xs.cfg. Using an XO-1 with HaitiOS I connected to the AP, registered, and took moodle off the portal. I was automatically logged in. Taking the olpc wiki url off of the XO home screen I reached the target. However, in each case I experienced some version of the browse + google problem where accessing google or a subsequent search crashes the browser. I also ran the xo-test-xsce test script and all tests passed except for iiab which had no content. Tim From: Nathan C. Riddle Sent: Friday, September 19, 2014 3:38 AM To: Community Support Volunteers -- who help respond to help AT laptop.org Subject: Re: [support-gang] Solved-- XSCE 5.1 MOODLE user/pwd ? Tim, Solved -- working. Compared 5.0 and 5.1 In file ejabberd-xs.cfg the hosts line is "schoolserver.lan" in 5.0 and and "schoolserver.--limit" in 5.1 Also, used 13.2.1 for 5.1 instead of 13.2.0 as in 5.0 . !3.2.1 comes with "schoolserver.--limit" in Settings>Network --- must be "schoolserver.lan' to register. if 'lan" used in all places then works. ejabberdctl connected-users also now reports connection. I guess this was a developer question. :) Nathan On Thu, Sep 18, 2014 at 1:48 PM, Tim Moody wrote: > Yes, I thought I disabled Pathagar, so equally surprised that it tried to install. The moodle problem sounds similar to something TK Kang reported. I am currently travelling, but plan to investigate. Date: Wed, 17 Sep 2014 09:36:21 -0400 From: nathanr333 at charter.net To: support-gang at lists.laptop.org Subject: Re: [support-gang] XSCE 5.1 MOODLE user/pwd ? George, This is casual "look-see" -- put at bottom of your list.Just reality checking to see if I missed something in docs.Pathagar not of interest here -- just mentioning as only noted error.Attached is pip.log from install and one retry. Nathan On Wed, Sep 17, 2014 at 11:21 AM, George Hunt wrote: > Thanks Nathan, Tim told me that he disabled pathagar, and indeed when I looked atrelease-5.1 release-5.1/roles/7-edu-apps/meta/main.yml it does appear to becommented out. So I'm curious as to how you might be getting a pathagar/django error. I've got house guests for the next day or two, but I'll attempt toreplicate the moodle problem when I have a moment. On Wed, Sep 17, 2014 at 2:03 AM, Nathan C. Riddle wrote: > This a new user to 5.1 XSCE and not a developer question.> > New install on XO-1.5, with registered 1st laptop XO-1 with 12.1.0.> Moodle asks for user/password as though XO-1 is unknown.> Is this new to 5.1 ?> > In case it is not new feature, the following applies:> > Connects to portal web page ok. XO-1 set to schoolserver.lan> AuthServ shows it present> ejabberdctl connected-users shows nothing.> XO- 1 shows in /library/users/ /library on SD card (16 GB, class 10)> Permissions on users directory 700> > On version 4 this would occasionally happen on laptop on going from> portal to Moddle. Solved by removing cookie and registering again .Did not> seem a problem on 5.0 . Does not work here.> > Only problem with install is pathgaar/django bombs near end. (Repeated> with fresh install with same result and retry gives same.)> _______________________________________________> support-gang mailing list> support-gang at lists.laptop.org > http://lists.laptop.org/listinfo/support-gang > >> ------------------------------> > _______________________________________________support-gang mailing listsupport-gang at lists.laptop.org http://lists.laptop.org/listinfo/support-gang _______________________________________________ support-gang mailing list support-gang at lists.laptop.org http://lists.laptop.org/listinfo/support-gang > > ------------------------------ > > _______________________________________________ support-gang mailing list support-gang at lists.laptop.org http://lists.laptop.org/listinfo/support-gang -------------------------------------------------------------------------------- _______________________________________________ support-gang mailing list support-gang at lists.laptop.org http://lists.laptop.org/listinfo/support-gang -------------- next part -------------- An HTML attachment was scrubbed... URL: From quozl at laptop.org Wed Sep 24 17:42:26 2014 From: quozl at laptop.org (James Cameron) Date: Thu, 25 Sep 2014 07:42:26 +1000 Subject: [Server-devel] [XSCE] Re: [support-gang] Solved-- XSCE 5.1 MOODLE user/pwd ? In-Reply-To: References: <44ffa2d6.1676c.1488cd8f1c2.Webtop.45@charter.net> Message-ID: <20140924214226.GF21355@us.netrek.org> On Wed, Sep 24, 2014 at 09:13:37AM -0400, Tim Moody wrote: > Hi Nathan, > > I am unable to duplicate the problem you reported. > > I just did a fresh install of xsce 5.1 on the following platforms > > 64 bit VM > XO-4 with 13.2.0 > XO-4 with 13.2.1 > XO-1.5 with 13.2.1 > > On all of them: > > I have {hosts, ["schoolserver.lan"]}. in /etc/ejabberd/ejabberd-xs.cfg. > > Using an XO-1 with HaitiOS I connected to the AP, registered, and took moodle > off the portal. I was automatically logged in. > > Taking the olpc wiki url off of the XO home screen I reached the target. > > However, in each case I experienced some version of the browse + google problem > where accessing google or a subsequent search crashes the browser. Should you be inclined to work further on this, the solution may be to rebuild the webkitgtk3 package without the processor instructions that the XO-1 lacks. I didn't manage it. http://lists.laptop.org/pipermail/devel/2014-August/038536.html > I also ran the xo-test-xsce test script and all tests passed except for iiab > which had no content. > > Tim > > From: [1]Nathan C. Riddle > Sent: Friday, September 19, 2014 3:38 AM > To: [2]Community Support Volunteers -- who help respond to help AT laptop.org > Subject: Re: [support-gang] Solved-- XSCE 5.1 MOODLE user/pwd ? > > Tim, > > Solved -- working. > Compared 5.0 and 5.1 > In file ejabberd-xs.cfg the hosts line is "schoolserver.lan" in 5.0 and and > "schoolserver.--limit" in 5.1 > Also, used 13.2.1 for 5.1 instead of 13.2.0 as in 5.0 . !3.2.1 comes with > "schoolserver.--limit" in Settings>Network --- must be "schoolserver.lan' to > register. > if 'lan" used in all places then works. ejabberdctl connected-users also now > reports connection. > > I guess this was a developer question. :) > > Nathan > > On Thu, Sep 18, 2014 at 1:48 PM, Tim Moody wrote: > > > Yes, I thought I disabled Pathagar, so equally surprised that it tried to > install. > The moodle problem sounds similar to something TK Kang reported. I am > currently travelling, but plan to investigate. > > Date: Wed, 17 Sep 2014 09:36:21 -0400 > From: [3]nathanr333 at charter.net > To: [4]support-gang at lists.laptop.org > Subject: Re: [support-gang] XSCE 5.1 MOODLE user/pwd ? > > George, > This is casual "look-see" -- put at bottom of your list.Just reality checking > to see if I missed something in docs.Pathagar not of interest here -- just > mentioning as only noted error.Attached is pip.log from install and one retry. > Nathan > > On Wed, Sep 17, 2014 at 11:21 AM, George Hunt wrote: > > Thanks Nathan, > Tim told me that he disabled pathagar, and indeed when I looked atrelease-5.1 > release-5.1/roles/7-edu-apps/meta/main.yml it does appear to becommented out. > So I'm curious as to how you might be getting a pathagar/django error. > I've got house guests for the next day or two, but I'll attempt toreplicate the > moodle problem when I have a moment. > On Wed, Sep 17, 2014 at 2:03 AM, Nathan C. Riddle <[5]nathanr333 at charter.net > > wrote: > > This a new user to 5.1 XSCE and not a developer question.> > New install on > XO-1.5, with registered 1st laptop XO-1 with 12.1.0.> Moodle asks for user/ > password as though XO-1 is unknown.> Is this new to 5.1 ?> > In case it is not > new feature, the following applies:> > Connects to portal web page ok. XO-1 > set to schoolserver.lan> AuthServ shows it present> ejabberdctl connected-users > shows nothing.> XO- 1 shows in /library/users/ /library on SD card (16 GB, > class 10)> Permissions on users directory 700> > On version 4 this would > occasionally happen on laptop on going from> portal to Moddle. Solved by > removing cookie and registering again .Did not> seem a problem on 5.0 . Does > not work here.> > Only problem with install is pathgaar/django bombs near end. > (Repeated> with fresh install with same result and retry gives same.)> > _______________________________________________> support-gang mailing list> [6] > support-gang at lists.laptop.org > [7]http://lists.laptop.org/listinfo/ > support-gang > > >> ------------------------------> > > _______________________________________________support-gang mailing [8] > listsupport-gang at lists.laptop.org [9]http://lists.laptop.org/listinfo/ > support-gang > _______________________________________________ > support-gang mailing list > [10]support-gang at lists.laptop.org > [11]http://lists.laptop.org/listinfo/support-gang > > > > > ------------------------------ > > > > _______________________________________________ > support-gang mailing list > [12]support-gang at lists.laptop.org > [13]http://lists.laptop.org/listinfo/support-gang > > ??????????????????????????????????????????????????????????????????????????????? > _______________________________________________ > support-gang mailing list > support-gang at lists.laptop.org > http://lists.laptop.org/listinfo/support-gang > > References: > > [1] mailto:nathanr333 at charter.net > [2] mailto:support-gang at lists.laptop.org > [3] javascript:parent.wgMail.openComposeWindow('nathanr333 at charter.net') > [4] javascript:parent.wgMail.openComposeWindow('support-gang at lists.laptop.org') > [5] javascript:parent.wgMail.openComposeWindow('nathanr333 at charter.net') > [6] javascript:parent.wgMail.openComposeWindow('support-gang at lists.laptop.org') > [7] http://lists.laptop.org/listinfo/support-gang > [8] javascript:parent.wgMail.openComposeWindow('listsupport-gang at lists.laptop.org') > [9] http://lists.laptop.org/listinfo/support-gang > [10] javascript:parent.wgMail.openComposeWindow('support-gang at lists.laptop.org') > [11] http://lists.laptop.org/listinfo/support-gang > [12] javascript:parent.wgMail.openComposeWindow('support-gang at lists.laptop.org') > [13] http://lists.laptop.org/listinfo/support-gang -- James Cameron http://quozl.linux.org.au/ From holt at laptop.org Thu Sep 25 00:24:51 2014 From: holt at laptop.org (Adam Holt) Date: Thu, 25 Sep 2014 00:24:51 -0400 Subject: [Server-devel] 11AM EDT Thurs School Server meetings from Sept 25 thru October In-Reply-To: References: Message-ID: Hope to see many of you 11AM NYC Time, in just under 11 hours. Agenda evolving here: https://docs.google.com/document/d/1o6QtzLb6e58YKWqMf_junux2XyBRLFm31un8YLcYslg Send yr Skype username in advance or join us on backchannel http://webchat.freenode.net Specify channel: #schoolserver Thanks! On Thu, Sep 18, 2014 at 11:24 AM, Adam Holt wrote: > Thanks all for meeting 1 hour later than usual starting Thurs Sept 25th > (that'll be 11AM NYC Time) to bring our India colleagues on board over the > coming month! > > Then after the North American time change of Nov 2nd, we'll go back to our > usual 10AM EST weekly Thursday call :) > > -- > Unsung Heroes of OLPC, interviewed live @ http://unleashkids.org ! > > -- > Unsung Heroes of OLPC, interviewed live @ http://unleashkids.org ! > -------------- next part -------------- An HTML attachment was scrubbed... URL: From aschoolf at gmail.com Thu Sep 25 19:04:45 2014 From: aschoolf at gmail.com (Anna) Date: Thu, 25 Sep 2014 18:04:45 -0500 Subject: [Server-devel] Fixing the Shellshocker bash exploit on the old FC9 based XS 0.6 Message-ID: The patch that fixes the "shellshocker" exploit isn't, from the best that I can tell, going to be released for Fedora versions older than 17. I just patched my XS 0.6 with this: curl -k https://shellshocker.net/fixbash | sh You'll need to be able to compile, I'm not sure of any other specific requirements since I installed the Development Tools group on this box a long time ago. You can find more information here: https://shellshocker.net/ Anna Schoolfield Birmingham -------------- next part -------------- An HTML attachment was scrubbed... URL: From samuel at greenfeld.org Thu Sep 25 22:14:56 2014 From: samuel at greenfeld.org (Samuel Greenfeld) Date: Thu, 25 Sep 2014 22:14:56 -0400 Subject: [Server-devel] Fixing the Shellshocker bash exploit on the old FC9 based XS 0.6 In-Reply-To: References: Message-ID: XS 0.7 school servers are based on CentOS 6.x, which still gets security updates. So you can log onto your XS 0.7 schoolserver as root, and "yum update bash" to get the latest version. Note that there is talk that the first fix may not be complete, so you may have to update bash twice. On Thu, Sep 25, 2014 at 7:04 PM, Anna wrote: > The patch that fixes the "shellshocker" exploit isn't, from the best that > I can tell, going to be released for Fedora versions older than 17. > > I just patched my XS 0.6 with this: > > curl -k https://shellshocker.net/fixbash | sh > > You'll need to be able to compile, I'm not sure of any other specific > requirements since I installed the Development Tools group on this box a > long time ago. > > You can find more information here: https://shellshocker.net/ > > Anna Schoolfield > Birmingham > > _______________________________________________ > Server-devel mailing list > Server-devel at lists.laptop.org > http://lists.laptop.org/listinfo/server-devel > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From aschoolf at gmail.com Thu Sep 25 23:12:06 2014 From: aschoolf at gmail.com (Anna) Date: Thu, 25 Sep 2014 22:12:06 -0500 Subject: [Server-devel] Fixing the Shellshocker bash exploit on the old FC9 based XS 0.6 In-Reply-To: References: Message-ID: Yup, the fix was only for CVE-2014-6271. My XS 0.6 is still vulnerable to CVE-2014-7169. I was just looking at my Apache access log to see if anyone was trying the exploits. Luckily this guy who hit me is a security researcher: 209.126.230.72 - - [24/Sep/2014:23:55:55 -0500] "GET / HTTP/1.0" 200 2692 "() { :; }; ping -c 11 209.126.230.74" "shellshock-scan ( http://blog.erratasec.com/2014/09/bash-shellshock-scan-of-internet.html)" But I don't think this person is up to any good: 89.207.135.125 - - [25/Sep/2014:07:04:51 -0500] "GET /cgi-sys/defaultwebpage.cgi HTTP/1.0" 404 77 "-" "() { :;}; /bin/ping -c 1 198.101.206.138" My .htaccess is set up to block user agents by keyword, like bot, crawler, google, bing, etc. I threw the word "ping" in there, at least that'll give a 403 to the above attempt. I'll keep an eye on https://ftp.gnu.org/gnu/bash/bash-4.3-patches/ and hope a patch for CVE-2014-7169 lands in there soon. Yes, I do need to stop procrastinating and replace this machine. This old Dell's power supply is going bad. Takes me about an hour of mysterious fiddling to get it powered back on after shutdown. Anna Schoolfield Birmingham On Thu, Sep 25, 2014 at 9:14 PM, Samuel Greenfeld wrote: > XS 0.7 school servers are based on CentOS 6.x, which still gets security > updates. > > So you can log onto your XS 0.7 schoolserver as root, and "yum update > bash" to get the latest version. > > Note that there is talk that the first fix may not be complete, so you may > have to update bash twice. > > > On Thu, Sep 25, 2014 at 7:04 PM, Anna wrote: > >> The patch that fixes the "shellshocker" exploit isn't, from the best that >> I can tell, going to be released for Fedora versions older than 17. >> >> I just patched my XS 0.6 with this: >> >> curl -k https://shellshocker.net/fixbash | sh >> >> You'll need to be able to compile, I'm not sure of any other specific >> requirements since I installed the Development Tools group on this box a >> long time ago. >> >> You can find more information here: https://shellshocker.net/ >> >> Anna Schoolfield >> Birmingham >> >> _______________________________________________ >> Server-devel mailing list >> Server-devel at lists.laptop.org >> http://lists.laptop.org/listinfo/server-devel >> >> > -------------- next part -------------- An HTML attachment was scrubbed... URL: From quozl at laptop.org Fri Sep 26 04:14:54 2014 From: quozl at laptop.org (James Cameron) Date: Fri, 26 Sep 2014 18:14:54 +1000 Subject: [Server-devel] Fixing the Shellshocker bash exploit on the old FC9 based XS 0.6 In-Reply-To: References: Message-ID: <20140926081454.GF26520@us.netrek.org> On Thu, Sep 25, 2014 at 06:04:45PM -0500, Anna wrote: > I just patched my XS 0.6 with this: > > curl -k https://shellshocker.net/fixbash | sh For me, one of these uncontrolled non-versioned scripts ended up building /usr/local/bin/bash and the system bash remained in use. Worth checking in case you hit that one. -- James Cameron http://quozl.linux.org.au/ From holt at laptop.org Fri Sep 26 18:08:00 2014 From: holt at laptop.org (Adam Holt) Date: Fri, 26 Sep 2014 18:08:00 -0400 Subject: [Server-devel] Fwd: Michael Kleiman documentary film "WEB" about OLPC now available online Message-ID: From: Sean DALY Date: Fri, Sep 26, 2014 at 5:44 PM Subject: Michael Kleiman documentary film "WEB" about OLPC now available online To: iaep , Sugar Labs Marketing < marketing at lists.sugarlabs.org> on iTunes, Google Play, Amazon Instant Video. article in The Next Web, with extended scenes not in the cinema release http://thenextweb.com/media/2014/09/26/web-personal-documentary-one-laptop-per-child-spread-internet/ Sean. -------------- next part -------------- An HTML attachment was scrubbed... URL: From aschoolf at gmail.com Fri Sep 26 19:38:52 2014 From: aschoolf at gmail.com (Anna) Date: Fri, 26 Sep 2014 18:38:52 -0500 Subject: [Server-devel] Fixing the Shellshocker bash exploit on the old FC9 based XS 0.6 In-Reply-To: <20140926081454.GF26520@us.netrek.org> References: <20140926081454.GF26520@us.netrek.org> Message-ID: I think my XS 0.6 is all patched now, at least for the current known vulnerabilities. Here's my current bash version, making sure it got updated everywhere: [root at schoolserver ~]# bash --version GNU bash, version 4.3.26(1)-release (i686-pc-linux-gnu) [root at schoolserver ~]# /bin/bash --version GNU bash, version 4.3.26(1)-release (i686-pc-linux-gnu) [root at schoolserver ~]# /usr/local/bin/bash --version GNU bash, version 4.3.26(1)-release (i686-pc-linux-gnu) [root at schoolserver ~]# /bin/sh --version GNU bash, version 4.3.26(1)-release (i686-pc-linux-gnu) The tests (pasted from the shellshocker.net site) and my results: ********************************** Exploit 1 (CVE-2014-6271) There are a few different ways to test if your system is vulnerable to shellshock. Try running the following command in a shell. env x='() { :;}; echo vulnerable' bash -c "echo this is a test" If you see "vulnerable" you need to update bash. Otherwise, you should be good to go. ----------------- [root at schoolserver ~]# env x='() { :;}; echo vulnerable' bash -c "echo this is a test" bash: warning: x: ignoring function definition attempt bash: error importing function definition for `x' this is a test ********************************** Exploit 2 (CVE-2014-7169) Even after upgrading bash you may still be vulnerable to this exploit. Try running the following code. env X='() { (a)=>\' bash -c "echo date"; cat echo ; rm -f echo If the above command outputs the current date (it may also show errors), you are still vulnerable. ----------------- [root at schoolserver ~]# env X='() { (a)=>\' bash -c "echo date"; cat echo ; rm -f echo bash: X: line 1: syntax error near unexpected token `=' bash: X: line 1: `' bash: error importing function definition for `X' date cat: echo: No such file or directory ********************************** Exploit 3 (???) Here is another variation of the exploit. Please leave a comment below if you know the CVE of this exploit. env -i X=' () { }; echo hello' bash -c 'date' If the above command outputs "hello", you are vulnerable. ----------------- [root at schoolserver ~]# env -i X=' () { }; echo hello' bash -c 'date' Fri Sep 26 18:18:24 CDT 2014 Anna Schoolfield Birmingham On Fri, Sep 26, 2014 at 3:14 AM, James Cameron wrote: > On Thu, Sep 25, 2014 at 06:04:45PM -0500, Anna wrote: > > I just patched my XS 0.6 with this: > > > > curl -k https://shellshocker.net/fixbash | sh > > For me, one of these uncontrolled non-versioned scripts ended up > building /usr/local/bin/bash and the system bash remained in use. > > Worth checking in case you hit that one. > > -- > James Cameron > http://quozl.linux.org.au/ > -------------- next part -------------- An HTML attachment was scrubbed... URL: From quozl at laptop.org Fri Sep 26 23:15:30 2014 From: quozl at laptop.org (James Cameron) Date: Sat, 27 Sep 2014 13:15:30 +1000 Subject: [Server-devel] Announcing the development of OLPC OS 14.1.0 Message-ID: <20140927031530.GH28993@us.netrek.org> Announcing our next release cycle: http://wiki.laptop.org/go/14.1.0 Our goal is to combine Fedora 20 with Sugar 0.102, on XO-1.75, and with dual-core and OpenGL support on XO-4. An early development signed build for XO-4 is available, build #2: http://wiki.laptop.org/go/Release_notes/14.1.0 Several problems have been identified and ticketed already: http://dev.laptop.org/report/51 The most significant are: - many keyboard and front panel keys do not respond correctly, - the Write activity and GNOME are missing, because they don't work, - ad-hoc networks may be partitioned when they should coalesce. Test reports are welcome on devel at lists.laptop.org thanks. We encourage community developers to use our olpc-os-builder repository to publish XO-1 and XO-1.5 builds of Fedora 20 with Sugar 0.102, and we can offer advice on that via the mailing lists. -- James Cameron http://quozl.linux.org.au/ From tim at timmoody.com Sat Sep 27 09:48:43 2014 From: tim at timmoody.com (Tim Moody) Date: Sat, 27 Sep 2014 09:48:43 -0400 Subject: [Server-devel] [UKids] Announcing the development of OLPC OS 14.1.0 In-Reply-To: <20140927031530.GH28993@us.netrek.org> References: <20140927031530.GH28993@us.netrek.org> Message-ID: A couple of questions: Do you do regression testing of the client side of XS functionality, such as idmgr registration, and if so, what server do you use? Do you think it is feasible to build a minimal Fedora 20 with keyboard, console on the screen, wifi support, and usb support? http://wiki.laptop.org/go/14.1.0 says olpc-os-builder is on Fedora 18. Is that a copy error or is cross-compiling possible? Tim -----Original Message----- From: James Cameron Sent: Friday, September 26, 2014 11:15 PM To: devel at lists.laptop.org ; testing at lists.laptop.org ; olpc at lists.fedoraproject.org ; support-gang at lists.laptop.org ; iaep at lists.sugarlabs.org ; unleashkids at googlegroups.com ; server-devel at lists.laptop.org ; sugar-devel at lists.sugarlabs.org Subject: [UKids] Announcing the development of OLPC OS 14.1.0 Announcing our next release cycle: http://wiki.laptop.org/go/14.1.0 Our goal is to combine Fedora 20 with Sugar 0.102, on XO-1.75, and with dual-core and OpenGL support on XO-4. An early development signed build for XO-4 is available, build #2: http://wiki.laptop.org/go/Release_notes/14.1.0 Several problems have been identified and ticketed already: http://dev.laptop.org/report/51 The most significant are: - many keyboard and front panel keys do not respond correctly, - the Write activity and GNOME are missing, because they don't work, - ad-hoc networks may be partitioned when they should coalesce. Test reports are welcome on devel at lists.laptop.org thanks. We encourage community developers to use our olpc-os-builder repository to publish XO-1 and XO-1.5 builds of Fedora 20 with Sugar 0.102, and we can offer advice on that via the mailing lists. -- James Cameron http://quozl.linux.org.au/ -- Unsung Heroes of OLPC, interviewed live @ http://unleashkids.org ! --- You received this message because you are subscribed to the Google Groups "Unleash Kids" group. To unsubscribe from this group and stop receiving emails from it, send an email to unleashkids+unsubscribe at googlegroups.com. For more options, visit https://groups.google.com/d/optout. From quozl at laptop.org Sun Sep 28 18:03:51 2014 From: quozl at laptop.org (James Cameron) Date: Mon, 29 Sep 2014 08:03:51 +1000 Subject: [Server-devel] Announcing the development of OLPC OS 14.1.0 In-Reply-To: References: <20140927031530.GH28993@us.netrek.org> Message-ID: <20140928220351.GA25810@us.netrek.org> [removed several lists from CC]. On Sat, Sep 27, 2014 at 09:48:43AM -0400, Tim Moody wrote: > A couple of questions: > > Do you do regression testing of the client side of XS functionality, > such as idmgr registration, and if so, what server do you use? No. Because of very limited resources. I don't know of any test environment setup procedure or test cases. > Do you think it is feasible to build a minimal Fedora 20 with > keyboard, console on the screen, wifi support, and usb support? Yes. Remove [sugar] from .ini file. > http://wiki.laptop.org/go/14.1.0 says olpc-os-builder is on Fedora > 18. Is that a copy error or is cross-compiling possible? Yes, we use Fedora 18 with olpc-os-builder on an XO-4 to generate these Fedora 20 builds. So to do deployments. This is not unusual, we've done it before. I'd call it distribution release cross-building. It isn't architecture cross-compiling, that remains elusive. We'd like to use Fedora 20, but cannot because of random heap corruption shown by yum or python: http://lists.laptop.org/pipermail/devel/2014-September/038562.html There's a risk this random corruption may affect normal use, but we haven't seen that yet. "yum update" isn't something we need to support. -- James Cameron http://quozl.linux.org.au/ From tim at timmoody.com Mon Sep 29 15:22:46 2014 From: tim at timmoody.com (Tim Moody) Date: Mon, 29 Sep 2014 15:22:46 -0400 Subject: [Server-devel] RFC - command server Message-ID: Because I want to get to a place where running ansible and loading content can be managed through an admin gui, I have started thinking about a command server, a sort of callable job queue. I want to give certain admin users the ability to launch commands which run as root and may be long-running. Such commands should survive a restart and it should be possible to monitor progress. I am leaning towards the following approach: 1. A command server based on ZeroMQ implemented as a systemd service which is always running as root. 2. Input to the command server is through a unix domain socket which is owned by root and rw only for anyone in a group whose members are apache and probably xsce-admin. 3. The command server uses sqlite for persistent storage owned by root and rw by owner. Probably the schema distinguishes between command requests and jobs. 4. A php or python script invoked by an ajax call from the admin gui invokes a command on the command server. The gui would be user/password protected. 5. The command server parses the request and checks if it has already been requested. If the command is new: 6. The command server logs the command into persistent storage and immediately returns a response with probably OK or Error depending. 7. It translates it into a shell command based on internal logic. It NEVER simply executes a command it gets from the gui. 8. The command server forks a child which runs the appropriate command in background, returns its pid, and terminates. The pid is put in persistent storage. If the command is a duplicate: 9. The command server verifies that the command is running and to the extent possible its percent of completion and returns status to the caller. 10. There would also be status commands to return a list of current jobs or status of an active job and perhaps jobs marked active that are not running. 11. If the command server crashes or the system is restarted, the command server attempts to restart active jobs. Possible commands are: rsync-iiab-content ? copy various iiab files to their destination in /library. The source is a parameter, but not the destination to keep from copying malware into /usr/bin, etc. Some attempt would also be made to verify the source to prevent malicious content. rsync-rachel-content ? similar rsynce-kiwix-content ? the list could grow runtag runansible reboot Tim -------------- next part -------------- An HTML attachment was scrubbed... URL: