FLOSS Project Planets

Caktus Consulting Group: Django Logging Configuration: How the Default Settings Interfere with Yours

Planet Python - Tue, 2015-01-27 11:04

My colleague Vinod recently found the answer on Stack Overflow to something that's been bugging me for a long time - why do my Django logging configurations so often not do what I think they should?

Short answer

If you want your logging configuration to behave sensibly, set LOGGING_CONFIG to None in your Django settings, and do the logging configuration from scratch using the Python APIs:

LOGGING_CONFIG = None LOGGING = {...} # whatever you want import logging.config logging.config.dictConfig(LOGGING) Explanation

The kernel of the explanation is in this Stack Overflow answer by jcotton; kudos to jcotton for the answer: before processing your settings, Django establishes a default configuration for Python's logging system, but you can't override it the way you would think, because disable_existing_loggers doesn't work quite the way the Django documentation implies.

The Django documentation for disable_existing_loggers in 1.6, 1.7, and dev (as of January 8, 2015) says "If the disable_existing_loggers key in the LOGGING dictConfig is set to True (which is the default) the default configuration is completely overridden." (emphasis added)

That made me think that I could set disable_existing_loggers to True (or leave it out) and Django's previously established default configuration would have no effect.

Unfortunately, that's not what happens. The disable_existing_loggers flag only does literally what it says: it disables the existing loggers, which is different from deleting them. The result is that they stay in place, they don't log any messages, but they also don't propagate any messages to any other loggers that might otherwise have logged them, regardless of whether they're configured to do so.

What if you try the other option, and set disable_existing_loggers to False? Then your configuration is merged with the previous one (the default configuration that Django has already set up), without disabling the existing loggers. If you use Django's LOGGING setting with the default LOGGING_CONFIG, there is no setting that will simply replace Django's default configuration.

Because Django installs several django loggers, the result is that unless you happened to have specified your own configuration for each of them (replacing Django's default loggers), you have some hidden loggers possibly blocking what you expect to happen.

For example - when I wasn't sure what was going on in a Django project, sometimes I'd try just adding a root logger, to the console or to a file, so I could see everything. I didn't know that the default Django loggers were blocking most log messages from Django itself from ever reaching the root logger, and I would get very frustrated trying to see what was wrong with my logging configuration. In fact, my own logging configuration was probably fine; it was just being blocked by a hidden, overriding configuration I didn't know about.

We could work around the problem by carefully providing our own configuration for each logger included in the Django default logging configuration, but that's subject to breaking if the Django default configuration changes.

The most fool-proof solution is to disable Django's own log configuration mechanism by setting LOGGING_CONFIG to None, then setting the log configuration explicitly ourselves using the Python logging APIs. There's an example above.

The nitty-gritty

The Python documentation is more accurate: "disable_existing_loggers – If specified as False, loggers which exist when this call is made are left enabled. The default is True because this enables old behavior in a backward- compatible way. This behavior is to disable any existing loggers unless they or their ancestors are explicitly named in the logging configuration."

In other words, disable_existing_loggers does literally what it says: it leaves existing loggers in place, it just changes them to disabled.

Unfortunately, Python doesn't seem to document exactly what it means for a logger to be disabled, or even how to do it. The code seems to set a disabled attribute on the logger object. The effect is to stop the logger from calling any of its handlers on a log event. An additional effect of not calling any handlers is to also block propagation of the event to any parent loggers.

Status of the problem

There's been some recent discussion on the developers' list about at least improving the documentation, with a core developer offering to review anything submitted. And that's where things stand.

Categories: FLOSS Project Planets

Aten Design Group: Creating Custom Ctools Layout Plugins with Yeoman

Planet Drupal - Tue, 2015-01-27 10:30

As a front-end developer working with Drupal, I often need to create custom Ctools layout plugins. Ctools is an essential suite of tools for Drupal developers and the basis of many popular modules, including Views, Panels, Context and Display Suite. Its layout plugins provide a flexible alternative to Drupal’s core page region system.

Creating a custom Ctools layout plugin for Drupal is actually quite easy. You define your layout in a .info file, create the html structure in a template (*.tpl.php), style it in a stylesheet (*.css or *.scss) and provide a thumbnail image so the site administrator has an idea of what it looks like. Each of these files follows similar but slightly different naming conventions. This can be tedious when you need to create a number of custom layouts for a project as we often do at Aten.

My previous workflow looked like this.

  1. Find another layout plugin – either an existing custom layout or one from the Panels module.
  2. Copy that folder into the plugins folder in my module or theme.
  3. Rename the folder to match my plugin.
  4. Rename all the files to match my plugin’s name, using the appropriate naming convention and file extensions.
  5. Edit the .info file to point to the appropriate files and change the array of regions to match the new layout.
  6. Edit the template file to match the newly created regions.
  7. Write the CSS to style the layout.
  8. Create a new thumbnail image.

A lot of these steps consist of copy, paste, find and replace – the kind of stuff that’s better suited for computers. That's where Yeoman comes in. Yeoman is a scaffolding tool. It's most often used to quickly create boilerplate code that can be customized to your needs.

I recently published a Yeoman generator that automatically creates a ctools layout plugin based on a few simple settings. Now my workflow looks like this:

  1. Create a directory for my plugin.
  2. Type yo ctools-layout.
  3. Answer questions about my layout.
  4. Add any extra markup to the template file.
  5. Write the CSS to style the layout.
  6. Create a new thumbnail image.

The new workflow eliminates the tedious tasks and allows me to focus on the code that makes a given layout unique: markup, style and a thumbnail.

Here’s how to use it.

Install Yeoman *note: Yeoman is a Node.js tool, so you need to install Node.js in order to use it.

To install Yeoman type the following into your terminal:

npm install yo -g

The -g flag installs this package globally. Doing so allows you to run the yo command outside of an existing node project. A common Yeoman use case is scaffolding out a brand new project, after all.

Note: Depending on your environment, you may need to run these commands with sudo.

Now you have the general Yeoman application. But to be useful, you need some generators.

npm install ctools-layout-generator -g

The ctools layout generator assumes you already have a custom module or theme that you are adding a layout to. For this example we'll assume this custom layout is in our theme. From your theme's root directory create a new directory for your layout plugin, change to your new directory and run the ctools_layout generator command.

mkdir plugins/layout/landing_page cd plugins/layout/landing_page yo ctools_layout

Yeoman will prompt you with a few questions about your layout, such as the name of your layout, the name of the module or theme it exists in and the regions you want to include. After answering the questions, Yeoman creates all the necessary files needed for a working layout.

The ctools layout generator makes no assumptions about what your layout looks like or the actual CSS styles and markup needed to make it functional. That's your world! It's completely up to you. It simply takes your list of regions and adds them to the layout's .inc file and to the template file in which you can add the appropriate markup.

Similarly, the generator will add a placeholder .png thumbnail of your layout. The generator has no idea what you have in mind for your layout, so you'll want to create your own thumbnail and save it over the placeholder. The thumbnail is important as it gives the end user a good idea of what the layout looks like. I've shared a Photoshop template that I use for creating layout thumbnails.

I hope you find this useful. If run into any problems or have feedback, please create an issue on github.

P.S. In case yeoman isn’t your thing, there is a drush plugin that has similar functionality and works for more than just layouts.

Categories: FLOSS Project Planets

Plasma 5.2 for openSUSE? You bet!

Planet KDE - Tue, 2015-01-27 10:27

The ever-amazing Plasma team from KDE just put out a new release of Plasma. I won’t spend much describing how big of an improvement it is – the release announcement at KDE has all the details needed to whet your appetite.

And of course, now it’s the turn of distributions to get out packages for the users at large.

This is also the case for openSUSE. The KDE:Frameworks5 repository hosts the new 5.2 goodness for released distributions (13.1 and 13.2) and Tumbleweed. Packages have also been submitted to Tumbleweed proper (pending legal review, so it will take some time).

Don’t forget the rule of thumb, in case you find problems: bugs in the packages should be directed towards the openSUSE bugzilla, while issues in the actual software should be reported to KDE. You can also discuss your experience on the KDE Community Forums.

Categories: FLOSS Project Planets

Gábor Hojtsy: Drupal 8 multilingual tidbits 17: content translation basics

Planet Drupal - Tue, 2015-01-27 10:27

I just updated all prior 16 posts in this series with up to date screenshots and text over the weekend and here is the new post!

In the introduction to content and configuration translation piece we discussed what is considered content in Drupal 8. This is a somewhat misleading term because custom blocks, custom menu items and even user entities (user profiles) are considered content in terms of their implementation.

Content is always stored as entities. The main difference between configuration and content entities is configuration is usually created on the backend (think views, vocabularies, etc.) while content is usually created on the frontend (think free tagging taxonomy terms, comments, blog posts). This is not a black and white differentiation but it helps think of the categories. The other key differentiator is content entities usually get to have configurable fields. You can add new fields to user profiles, taxonomy terms or comments. Again there are exceptions, for example custom menu items cannot get configurable fields in core. Finally, there are even content entities that will not be stored, in Drupal 8 contact form submissions are content entities that live only until they are sent via email. For this tidbit we are concerned for content entities that are stored and multilingual.

Categories: FLOSS Project Planets

Django Weblog: Django Fellowship fundraising goal achieved!

Planet Python - Tue, 2015-01-27 09:43

YAY! Thanks to the amazing help from the Django community all over the world, we just crossed the Django Fellowship Fundraising campaign goal of US $30,000 with a significant donation from the Django Under The Hood conference and the Django Dutch Association.

You. Are. All. Awesome.

We are incredibly grateful for your continuous support and encouragement. More than 150 companies and individuals helped us to continue the Django Fellowship Program in just under 6 days. This exceeds all of our wildest expectations. The Django community is what makes all the work that the contributors and volunteers put into development of Django worthwhile. Thanks to you, we will be able to develop and maintain Django in a more stable and consistent way, with better code reviews and timely releases.

The next goal

Of course, there is always more that can be done and we don’t want to stop here. We also realize that ending this campaign just after 6 days would mean that lots of people and companies would not get an opportunity to contribute and help the cause they care about.

This is why we’ve decided to extend the goal to US $50,000, which would allow the Django Software Foundation to expand the program even further.

Once we reach the goal of US $50,000, we will focus on making the program sustainable by making it easy for everyone to create a smaller recurring donation and fill the Django heart with pixels of love on a monthly basis. This will allow the Foundation to carry on with the work without contributing a significant resources and time for fundraising campaign every quarter.

Help us spread the word

Despite an amazing effort coming from the whole community, we know that our message hasn't reached everyone yet. And there are a lot more Django users and companies that can help us make it happen. So please, talk to the companies you work for and let us know how we can help them. There are always alternative ways to donate or partner with the Django Software Foundation. We would be more than happy to find a solution that works for everyone and we’re very open to hear your thoughts. Get in touch with us here.

Categories: FLOSS Project Planets

Jingjie Jiang: Yet another post.

Planet Debian - Tue, 2015-01-27 09:21
In the middle of OPW internship

I originally thought taking part in FOSSOPW is a great chance to lift my coding skills and I shouldn’t miss it. As time passes by, I now have a new thought towards it.

# 1 It do improves your coding skill.

Zack, Matthieu and I often have discussions on coding style. For example, once Zack said, “For code like this, you should explicitly use an if/else clause, not if-return.” I was totally unaware of this sort of issue. Actually I even didn’t know how I should call this problem. Matthieu gave me a detailed FYI link on this in no time.

Besides, my completeness of thinking is also trained. Recently, I was fixing a “HTTP GET Method ?suite=suite-name” issue. It’s a trivial task. And you know most trivial tasks require lots of scattered modification on the source code base. I did have fixed most places, such as the pages of “/src/packagename” and “/search/”. Zack did a thorough review, and pointed out that the pages rendered by “/prefix” has some malformed urls in the HTML. Waiiiit, I should have noticed it. But somehow I missed it. Maybe because my mind was wandering at that time? This made me think, I shall have a thorough view of what I should do before getting my hands dirty. Or more preferably, if I could write down what I exactly want to achieve before coding, then silly problems definitely wouldn’t occur. This may sound a little bit like TDD. ;).

# 2 It makes you look like a (not-that-good) ninja.

I use a macbook. It’s not my fault! I’ve tried several times, but I never successfully find a laptop that is not capable of boiling eggs when running Debian. (and especially KDE+Debian). So I have no way but switched to OSX. The development of Debsources happens on a remote Ubuntu LTS (now Debian SID, haha) virtual machine. Of course I have to install all the dependency on my own, e.g., Postgres, set up port-forwarding, e.g., ssh -D, write automate shell scripts, e.g., dash, but more importantly, I am forced to live under the dark terminal with no GUI. You know the feeling when pain hurts? Yes, exactly! But I survived. How shall I call myself now? A dedicated with-a-lot-of-useless-plugin-installed vimmer? A fond-of-fancy-window tmux-er? Yep, both. I finally found a comfort zone under the black-white-blinking screen. I wonder how people feel when they see a girl hanging out in the library, facing a full-screened black console, typing at a speed of 140wpm (Yeah, I am kidding). I don’t know, but please don’t call me a geek. Show me your respect, I am a ninja!

# 3 It tells you communication is the most important.

I bet anyone who has participated in a group-based project would understand what I mean. For one perspective, communication helps to eliminate misunderstanding. So I won’t doing some useless stuff for all day and finally find out that it totally doesn’t meet the requirement. On the other hand, it speeds up your learning process. I often have problems on git. So in the email I will complain if I mess up with the git repo. After a short while, my dear mentors will reply in detail on how to correctly do the git stuff.

My OPW journey is cool! ;).
Categories: FLOSS Project Planets

Drupal Easy: Creating a Talent Underpinning

Planet Drupal - Tue, 2015-01-27 09:09

Having just completed presenting the Drupal career training portion of AcquiaU, we are anticipating great experiences for all ten students as they begin their eight weeks of rotations within three different business groups within Acquia. The past two months have been a whirlwind of teaching, learning and team building, which provided great insight into a forward-thinking approach to building Drupal talent, made possible by the commitment of Acquia.

We are pleased to have contributed to the new AcquiaU with the customization of our Drupal Career Online curriculum. I’d like to share some great lessons learned, as well as introduce the ten people who were lucky enough (luck favors the prepared) to be selected for this amazing program.

-->

read more

Categories: FLOSS Project Planets

Makina Corpus: Turning hackability into a use case

Planet Drupal - Tue, 2015-01-27 07:45
When a CMS does not allow happy hacking anymore, it loses a very valid use case.
Categories: FLOSS Project Planets

Thomas Goirand: OpenStack debian image available from cdimage.debian.org

Planet Debian - Tue, 2015-01-27 07:30

About a year and a half after I started writing the openstack-debian-images package, I’m very happy to announce to everyone that, thanks to Steve McIntyre’s help, the official OpenStack Debian image is now generated at the same time as the official Debian CD ISO images. If you are a cloud user, if you use OpenStack on a private cloud, or if you are a public cloud operator, then you may want to download the weekly build of the OpenStack image from here:

http://cdimage.debian.org/cdimage/openstack/testing/

Note that for the moment, there’s only the amd64 arch available, but I don’t think this is a problem: so far, I haven’t found any public cloud provider offering anything else than Intel 64 bits arch. Maybe this will change over the course of this year, and we will need arm64, but this can be added later on.

Now, for later plans: I still have 2 bugs to fix on the openstack-debian-images package (the default 1GB size is now just a bit too small for Jessie, and the script exits with zero in case of error), but nothing that prevents its use right now. I don’t think it will be a problem for the release team to accept these small changes before Jessie is out.

When generating the image, Steve also wants to generate a sources.tar.gz containing all the source packages that we include on the image. He already has the script (which is used as a hook script when running the build-openstack-debian-image script), and I am planning to add it as a documentation in /usr/share/doc/openstack-debian-images.

Last, probably it would be a good idea to install grub-xen, just as Ian Campbell suggested to make it possible for this image to run in AWS or other Xen based clouds. I would need to be able to test this though. If you can contribute with this kind of test, please get in touch.

Feel free to play with all of this, and customize your Jessie images if you need to. The script is (on purpose) very small (around 400 lines of shell script) and easy to understand (no function, it’s mostly linear from top to bottom of the file), so it is also very easy to hack, plus it has a convenient hook script facility where you can do all sorts of things (copying files, apt-get install stuff, running things in the chroot, etc.).

Again, thanks so much to Steve for working on using the script during the CD builds. This feels me with joy that Debian finally has official images for OpenStack.

Categories: FLOSS Project Planets

Python Diary: Building a Telnet client in my PyGame VGA Console project

Planet Python - Tue, 2015-01-27 07:00

I am sure most of you recall my post on the VGA compatible framebuffer display in PyGame I released. I am equally sure that you also heard of my open source hacking simulation engine I released yesterday. Well, this evening I thought I'd create a new example app for my PyGame VGA framebuffer project, this app is in the form of a basic telnet client which can talk to my hacking simulation engine server. This client will eventually be used in my Hacker's Edge massively multiplayer online hacking universe game, or MMOHUG for short. While the server for the game world will be closed source, the desktop client will be open sourced and available to anyone to modify and improve or use for their own similar game. Here is a screenshot of how it currently looks:

Here is how simple it was to create such a program using my powerful VGA framebuffer console for PyGame:

import asynchat, sys, asyncore, socket, threading, time import vgaconsole, cmd, pygame, sys, shlex, subprocess class TelnetClient(asynchat.async_chat): def __init__(self, console): asynchat.async_chat.__init__(self) self.console = console self.set_terminator(None) self.create_socket(socket.AF_INET, socket.SOCK_STREAM) console.stdio.write('Connecting to Hacker\'s Edge...') def handle_connect(self): self.console.stdio.write('connected!\n') def handle_close(self): self.console.stdio.write('Disconnected.\n') self.close() def transmit(self, data): self.push(data+'\r\n') def process_iac(self, iac): if iac[2] == chr(1): if iac[1] == chr(251): self.console.mask_input = '*' elif iac[1] == chr(252): self.console.mask_input = None def collect_incoming_data(self, data): if chr(255) in data: iac = data.index(chr(255)) self.process_iac(data[iac:iac+3]) if iac == 0: data = data[3:] else: data = data[:iac]+data[iac+3:] self.console.stdio.write(data.replace('\r\n', '\n')) class ConsoleApp(vgaconsole.VGAConsole): cursor_klass = vgaconsole.AnimatedCursor def init(self): self.set_color(2,0) self.telnet = TelnetClient(self) def parse(self): self.stdio.write('\n') line = self.stdio.read() self.telnet.transmit(line) def main(): pygame.display.init() screen = pygame.display.set_mode((640,400),0,8) pygame.display.set_caption("Hacker's Edge Single Player client") vga = ConsoleApp(screen) vga.init() vga.draw() pygame.display.update() try: vga.telnet.connect(('hackers-edge.com', 4000)) client_thread = threading.Thread(target=asyncore.loop, kwargs={'timeout':1}) client_thread.start() except socket.gaierror, e: vga.stdio.write('failed!\n%s' % e) while True: vgaconsole.clock.tick(30) events = pygame.event.get() for e in events: if e.type == vgaconsole.QUIT: vga.telnet.close() client_thread.join() pygame.quit() sys.exit() if vga.telnet.connected: if e.type == vgaconsole.KEYDOWN and e.key == 13: vga.parse() else: vga.handle_event(e) try: vga.draw() except: print sys.exc_info() pass pygame.display.update() if __name__ == '__main__': main()

Isn't that easy? I hopefully made this VGA console easy to program and integrate into mostly any Python app that needs a cross-platform SDL console available. It's available via my Bitbucket page like every other open source project I have.

Categories: FLOSS Project Planets

Why screen lockers on X11 cannot be secure

Planet KDE - Tue, 2015-01-27 06:49

Today we released Plasma 5.2 and this new release comes with two fixes for security vulnerabilities in our screen locker implementation. As I found, exploited, reported and fixed these vulnerabilities I decided to put them a little bit into context.

The first vulnerability concerns our QtQuick user interface for the lock screen. Through the Look and Feel package it was possible to send the login information to a remote location. That’s pretty bad but luckily also only a theoretical problem: we have not yet implemented a way to install new Look and Feel packages from the Internet. So we found the issue before any harm was done.

The second vulnerability is more interesting as it is heavily related to the usage of X11 by the screen locker. To put this vulnerability into context I want to discuss screen lockers on X11 in general. In a previous post I explained that a screen locker has two primary tasks:

  1. Blocking input devices, so that an attacker cannot interact with the running session
  2. Blanking the screen to prevent private information being leaked

From the first requirement we can also derive a requirement that no application should get the input events except the lock screen and that the screen gets locked after a defined idle time. And from the second requirement we can derive that no application should have access to any screen content while the screen is being locked.

With these extended requirements we are already getting into areas where we cannot have a secure screen locker on X11. X11 is too old and too insecure to make it possible to fulfill the requirements. Why is that the case?

X11 on a protocol level doesn’t know anything of screen lockers. This means there is no privileged process which acts as the one and only screen locker. No, a screen locker is just an X11 client like any other (remote or local) X11 client connected to the same X server. This means the screen locker can only use the core functionality available to “emulate” screen locking. Also the X server doesn’t know that the screen is locked as it doesn’t understand the concept. If the screen locker can only use core functionality to emulate screen locking then any other client can do the same and prevent the screen locker from locking the screen, can’t it? And yes that is the case: opening a context menu on any window prevents the screen locker from activating.

That’s quite a bummer: any process connected to the X server can block the screen locker. Even more it could fake your screen locker. How hard would that be? Well I asked that question myself and needed about half an hour to implement an application which looks and behaves like the screen locker provided by Plasma 5. This is so trivial that I don’t see a point in not sharing the code:

#include <QGuiApplication> #include <QQuickView> #include <QQmlContext> #include <QScreen> #include <QStandardPaths> #include <QtQml> class Sessions : public QObject { Q_OBJECT Q_PROPERTY(bool startNewSessionSupported READ trueVal CONSTANT) Q_PROPERTY(bool switchUserSupported READ trueVal CONSTANT) public: explicit Sessions(QObject *parent = 0) : QObject(parent) {} bool trueVal() const { return true; } }; int main(int argc, char **argv) { QGuiApplication app(argc, argv); const QString file = QStandardPaths::locate(QStandardPaths::GenericDataLocation, QStringLiteral("plasma/look-and-feel/org.kde.breeze.desktop/contents/lockscreen/LockScreen.qml")); qmlRegisterType<Sessions>("org.kde.kscreenlocker", 1, 0, "Sessions"); QQuickView view; QQmlContext *c = view.engine()->rootContext(); c->setContextProperty(QStringLiteral("kscreenlocker_userName"), QStringLiteral("Martin Graesslin")); c->setContextProperty(QStringLiteral("kscreenlocker_userImage"), QImage()); view.setFlags(Qt::BypassWindowManagerHint); view.setResizeMode(QQuickView::SizeRootObjectToView); view.setSource(QUrl::fromLocalFile(file)); view.show(); view.setGeometry(view.screen()->geometry()); view.setKeyboardGrabEnabled(true); view.setMouseGrabEnabled(true); return app.exec(); } #include "main.moc"

This looks like and behaves like the real screen locker, but it isn’t. A user has no chance to recognize that this is not the real locker. Now if it’s that simple to replace the screen locker why should anyone go a complicated way to attack the lock screen? At least I wouldn’t.

And is there nothing which could be done to protect the real locker? Well obviously a good idea is to mark the one and only screen locker as authentic. But how to do that in a secure way on X11? We cannot e.g. show a specific user selected image. This would conflict with another problem with screen lockers on X11: it’s not possible to prevent that other windows grab screen content. So whatever the screen locker displays is also available to all other X11 clients. Also the window manager cannot help like preventing fullscreen windows to open fullscreen as can be seen in the code fragment above: it’s possible to bypass the window manager. Built in feature by X11.

Many of these issues could be considered as non-problematic using the old pragma of “if it runs, it’s trusted”. While I personally disagree, it just doesn’t hold for X11. If only clients of one user were connected to the X server one could say so. But X11 allows clients from other users and even remote clients. And this opens a complete new problem scope. Whenever you use ssh -X you open up your local system to remote attack vectors. If you don’t control the remote side it could mean that the client you start is modified in a way to prevent your screen from locking or to install a fake locker. I know that network transparency is a feature many users love, but it’s just a security night mare. Don’t use it!

Overall we see that attacking a screen locker or preventing that it opens up is really trivial on X11. That’s an inherent problem on the architecture and no implementation can solve them, no matter what the authors tell how secure it is. Compared to these basic attack vectors the vulnerability I found is rather obscure and it takes a considerable amount of understanding how X11 works.

Nevertheless we fixed the issue. And interestingly I chose to use the technology which will solve all those problems: Wayland. While we don’t use Wayland as the windowing system we use a custom domain-specific Wayland-based protocol for the communication between the parts our screen locker architecture. This uses the new libraries developed for later usage in kwin_wayland.

As we are speaking of Wayland: how will Wayland improve the situation? In the case of Plasma the screen locker daemon will be moved from ksmserver to kwin, so that the compositor has more control over it. Screen locking is a dedicated mode supported by the compositor. Whether a context menu is open or not doesn’t matter any more, the screen can be locked. Also the compositor controls input events. If it has the knowledge that the screen is locked, it can ensure that no input goes to the wrong client. Last but not least the compositor controls taking screenshots and thus can prevent that clients can grab the output of the lock screen.

Categories: FLOSS Project Planets

PyCon: A look at how Caktus Group built PyCon 2015, Libya's SMS voter registration, and more

Planet Python - Tue, 2015-01-27 06:42
Each July, the launch of the upcoming year's conference website is a huge moment for the PyCon team and community. It's a beacon to everyone that another PyCon is on the way, and a sign that the various teams that shape the event are already hard at work to prepare for it. For yet another year, we have a beautiful site in front of us: https://us.pycon.org/2015, designed and implemented by long time sponsor Caktus Group.

As with years past, the site is built on Django and Symposion, a conference management framework in use by several conferences in the Python community and otherwise. Caktus' prior involvement with that combination of technologies meant "we were able to concentrate on bug fixes and small features that make a big difference to the conference organizers," according to Rebecca Muraya, Caktus' lead developer on the PyCon 2015 site. Having been around the block with that stack has resulted in a higher quality site, and left more time to spend on the visual aspects of the site.

"One of the few requirements was the design should have color and energy and something that tied to the Palais [des congrès de Montréal]," Trevor Ray, lead designer, said of our request to include the vibrant colors found inside and out of the venue. Beyond the structure, what happens inside was equally as important to represent in the design, especially the talks - both on stage and in the hallways.


"Fueled by this idea, we focused on creating a design that communicated the idea of diversity, mingling crowds, and the energy you feel while you’re at a truly great conference. We wanted the colors to talk about PyCon, not only the Palais," said Trevor of the flowing snake-like colored ribbon.
Having spent nearly all of my time outside of talks the last few years, I saw this immediately. The free flowing nature of the color stream crossing back on itself, looping around, randomly appearing out of the sides as you scroll down the front page - that's a walk through the halls of PyCon to me. The size, direction, and shape of each color in the ribbon changing represents the different conversations with different groups going in slightly different directions at each step.

"It was both a great challenge and a wonderful opportunity to create a design for PyCon 2015. With the great feedback of the PyCon organizers and the input from the entire Caktus team I think the project has been a great success," said Trevor.

All the while, Caktus has been busy continuing work with iN DEMAND, one of the largest providers of pay-per-view and video on demand services. According to Hao Nguygen, through their work with iN DEMAND they've uploaded 1.3 petabytes of movies into the system. They're also working with the International Rescue Committee, a group which helped over 13 million people affected by humanitarian crises around the world. "Our portfolio really emphasizes projects that are complex and highly scalable since that, for us, is where it gets interesting, where high quality code matters most," says Hao.

One of the most interesting pieces of their portfolio is the work they've done to implement SMS voter registration in Libya. Due to the ubiquity of SMS technology in Libya, where there are 163 cell phone subscriptions per 100 Libyans as of 2013, the government mandated that registration be carried out via SMS.

In order to build the system, Caktus went with RapidSMS, a Django-based SMS framework. "We’ve implemented RapidSMS applications for UNICEF in Rwanda, Malawi, and Zambia," said Tobias McNulty, CEO of Caktus, experience which helped them build the Libyan system that saw 1.5 million registrants across two elections.

Tobias went on to mention how political instability raised the stakes not only for delivery of the project within time and budget constraints, but how that instability led to the need for a system that
didn't rely on in-person registration. A Caktus case study mentioned 78 in-person registration stations having been forcibly closed by violence in December 2013, among the many reasons why an SMS system was needed by the Libyan High National Elections Commission.

"Our software integrates with Vumi, an application focused on connecting to mobile network operators in a very scalable fashion," said Vinod Kurup, Caktus' lead developer on the registration project. The application is built on top of Twisted, with heavy use of Celery to offload their message processing. Deployment is managed with Fabric and Salt. They also got a lot of use out of Django and a host of Django libraries under the hood.

"As you can see, one of the major reasons that Python is attractive is that it can handle so many diverse aspects of the application, from the web, to the SMS backend, to asynchronous processing, to mobile network connectivity, to deployment," continued Vinod. "The combination of simplicity and power made it an obvious choice for this project."


Beyond development projects, Caktus is currently building out classroom space and curriculum for their upcoming Python and Django courses. Called Astro Code School, the three and twelve week courses are heading for a spring time launch, with plans for corporate training as well.

As for PyCon itself, Caktus is looking forward to getting back to Montreal for another year. "Aside from manning our booth, we’re hoping to attend talks, say hello to folks we know, and meet new people," says Hao, so go up and introduce yourself. They're also sponsoring Django Girls and PyLadies as well!
Categories: FLOSS Project Planets

InternetDevels: Drupal module for messages just like in Facebook

Planet Drupal - Tue, 2015-01-27 05:00

We worked hard during a few days and developed our own module called Private message with node.js.

Read more
Categories: FLOSS Project Planets

guix @ Savannah: GNU Guix at FOSDEM

GNU Planet! - Tue, 2015-01-27 04:33

Guix will be present at FOSDEM in Brussels, Belgium, with a talk entitled "The Emacs of Distros" this Saturday, at 3PM, in room H.1302.

The talk will give an update on developments in Guix and the Guix System Distribution since last year, and will explain and demo the overall philosophy behind its design---how Guix seeks to empower users.

Hope to see you there!

Categories: FLOSS Project Planets

ShiningPanda: And the winner is...

Planet Python - Tue, 2015-01-27 02:00

As you may know, requires.io is all about being notified of outdated dependencies on PyPI packages.

Therefore we are a privileged observer of the Python community, and it was high time we release some data!

We'll share some more in the upcoming weeks, but let's start with the most popular packages expressed as the percentage of repositories (followed by requires.io) that depends on them:

The result will not come as a surprise: Django is number one with almost 33% of the projects depending on it. We were also quite happy to notice that quality related tools (like coverage, mock, flake8, etc.) rank quite high on the list, evidence that the Python community cares a lot about code quality!

To package maintainers: not on the list? Send us an email and we'll share figures with you.

Stay tuned!

Categories: FLOSS Project Planets

Steve Kemp: Recording gym-visits on Linux.

Planet Debian - Mon, 2015-01-26 19:00

I go to the gym every couple of days. I lift things up, then put them down, and sometimes I repeat this process another 30 times. When I'm done I write down what I've done, how many times I did the lifty-droppy thing, and so on.

I want to see pretty graphs. I want to have records of different things. I guess I just need some simple text-boxes:

deadlift 3 x 7 @ 210lbs.

etc. Sometimes I use machines so I'd say instead:

converging seated-row 3 x 8 @ 150lbs

Anyway that's it. I want a simple GUI, a bit like a spreadsheet where I can easily add rows of each session. (A session might have 10-15 exercises in it, so not many.) I imagine some kind of SQLite database for the back-end. Or CSV. Either works.

Writing GUI software is hard. I guess I should look at GtK or Qt over the next few days and see if it is going to be easier to do it online via a jQuery + CGI system instead. To be honest I expect doing it "online" is liable to be more popular, but I think a desktop toy-application is just as useful.

Categories: FLOSS Project Planets

Justin Mason: Links for 2015-01-26

Planet Apache - Mon, 2015-01-26 18:58
Categories: FLOSS Project Planets

Appnovation Technologies: 5 Cool Drupal Websites

Planet Drupal - Mon, 2015-01-26 18:27
It’s hard enough trying to find cool websites in general, let alone cool websites made using Drupal. var switchTo5x = false;stLight.options({"publisher":"dr-75626d0b-d9b4-2fdb-6d29-1a20f61d683"});
Categories: FLOSS Project Planets

Brett Cannon: Alternative voting systems for Canada

Planet Python - Mon, 2015-01-26 17:56

With 2015 bringing a federal election where current polling suggests that either the Liberals or Conservatives could have a minority government based on how people vote, I’m rather interested in how election systems could influence the outcome. Last month there was an article about two alternative voting systems and how they would influence the elections. While reading into these systems I also found out that voting system reform is not a new thing in Canada and that both the NDP and Liberals have actually discussed changing how federal elections work after the 2015 election. With the importance of this election being so high – the Conservatives have been the ruling party since 2006 with a majority since 2011 and so it is expected they will at minimum lose their majority stance – I decided to try and learn what alternative voting systems are being proposed and how they would influence the political landscape in Canada.

Quick primer on Canada’s federal government

Canada’s government is based on the Westminster system where there is Parliament made up of representatives elected by the public. Each member of Parliament – known as an MP – is elected by a riding of which the largest is just over 180,000 people but hovers more around 100,000 nationally (which I have been told is one of the best ratios of people to representative in the world). The political party with the most number of representatives appoint the prime minister – who is always the party leader – who is known at the PM. Federal elections are called whenever Parliament is dissolved which typically occurs when a majority of MPs vote for elections to occur.

One key thing to realize about this kind of system is that whenever a party has a majority government – which cannot last longer than 5 years by law and what Canada currently has – they can basically pass any law they want as long as the Senate signs off on it (which they almost always do). The only check on Parliament then comes from the Queen of England and the Governor General who is the Queen’s representative in Canada. Either of these two people can dissolve Parliament and are the only people who can do so (when Parliament votes to dissolve Parliament it’s just a suggestion to the Governor General).

We also have five national parties: Conservatives, Liberals, NDP, Greens, and Bloc Quebecois. The first three are the big ones while the Greens are fairly new and only have 2 MPs and the Bloc is exclusively from Quebec and only have 2 MPs. In other words fairness in voting is a big deal here since voting is not a binary choice.

First-past-the-post voting (what the Conservatives want and what the current system is)

The voting system currently used in Canada is called first-past-the-post (abbreviated FPTP). In this system you get a single vote and you cast it for the person who you want to win. The person with the largest number of votes wins the election. Very simple.

Unfortunately it also leads to disproportionate representation. Let’s pretend we have a total of 3 MPs named Brett, Andrea and Gidget. Each MP represents a riding made up of 10 people. Brett is a Liberal and gets elected by 6 votes with the other 4 going to the Greens. Andrea is also elected by a 6-4 vote along Liberal/Greens party lines. Gidget, though, gets all 10 votes in her riding and she is a Green representative. So while Parliament would be split 2-1 Liberal/Greens, the 30 voters actually voted 12-18 Liberal/Greens. In other words while people as a region voted more for Greens than Liberals, because of the way first-past-the-post works the Liberals are actually the party in power.

This example shows why sacrificial voting is caused by first-past-the-post. In our example, it obviously is not worth voting for the Greens if you know they won’t win your riding, regardless of whether you think they are the best party to run Canada. And so people end up voting for the best party they think can win instead of the best party period. While a two-party system like they have in the United States doesn’t really need to worry about this so much, in Canada where there are five officially recognized political parties at the federal level, sacrificial voting is definitely something one has to take into consideration, e.g. I might prefer the Greens but if I would rather the Liberals win out in a close race against the Conservatives I would be compelled to vote for the Liberals to help make sure the least bad result which actually has a chance of occurring.

Alternative voting (what the Liberals want)

Also known as instant-runoff voting, alternative voting – abbreviated AV – is a voting system where you rank the candidates in order of preference. Once all votes are cast each ballot counts as a single vote for the person’s top choice. If no one got a majority of votes, then the candidate with the fewest votes is eliminated and then the ballots are counted again. In this next round, though, any ballot that cast the now-eliminated candidate as their primary choice shift to having their second pick count as their vote. This process of elimination and shifting who gets the vote from a ballot continues until someone gets a majority of votes. Or another way of looking at it is imagine everyone casts their votes for their top choice, if there is no clear winner then the least popular person is eliminated, and then there is an instant-runoff where everyone votes again with one less person to consider (this is where the name of the system comes from).

In Canada, AV is used to elect the leaders of the Liberal and Conservative parties. It’s also used in Australia to elect members of their House of Representatives.

AV does a better job of proportional representation than FPTP which is obviously good. It also makes key ridings less important as you may not win a riding simply by having the most #1 votes if it’s less than a majority while someone else has a majority of #2 votes.

FPTP is not flawless though, as it does lead to collusion between parties in telling people to vote specific parties lower than another one. The idea is that I will tell my constituents to put you second if you tell your constituents to put me second. So there is room to influence votes with AV.

Mixed-member proportional representation (what the NDP and Greens want)

Abbreviated MMP, mixed-member proportional representation has a somewhat interesting history in Canada. Back in 2004, the Law Commission of Canada – de-funded since 2011 – released a report suggesting MMP would be a good voting system for Canada (PDF; relevant discussion of MMP is in Section 4.4 starting on page 83 of the printed text, page 105 of the PDF). So what is MMP and why was it suggested for Canada (and is already used in New Zealand and Germany among others for their federal elections)?

In MMP you vote for two separate things. First you vote for the party you want to lead the federal government. Second, you vote for the person you want to represent you. In both FPTP and AV this is one and the same vote which means if you don’t like the person running in your riding but they represent the party you want to run the country then you have to decide which is more important to you. But in MMP who you think can represent your riding the best is not conflated with what political party should be setting the agenda in Ottawa. Think of it as you’re voting for the party you want running the federal government and you’re separately suggesting the individual you want to personally represent you regardless of what party they represent.

The other interesting aspect of MMP is how these two seemingly separate votes consolidate with each other so that you end up with a representative government that is proportional to what your region wants. For each riding, the representative MP that you directly voted for wins based on first-past-the-post. These elected riding MPs make up 2/3 of all MPs representing a region (which can be as big as a province). The remaining 1/3 of MPs are filled based on how many MPs a party would need to top up their MP count to more accurate represent the party vote in the region.

These “filler” MPs are called list MPs because they are essentially pulled from a list provided by the party (the Law Commission of Canada suggested letting people either vote for specific list MPs that they preferred or simply vote for a party and let that party choose which list MP would get that vote, that way people can choose how involved they want to be in choosing their list MPs; pulling from the list exclusively is called closed list MPs, always voting for the list MP is called open list, and allowing either is called mixed list).

Consider a region with 10 MPs: 6 riding MPs and 4 list MPs. Let’s also say that the Liberals got 50% of the party vote along with 3 riding MPs elected. That would mean the Liberals get 2 list MPs since the region said they should make up 50% of the government but fell short in the riding MP votes by 2 representatives. Notice how voting for a riding MP does not mean you can vote for your party twice; if you voted in a Liberal MP and voted for the Liberal party you don’t get to make 2 MPs suddenly appear for the Liberals, just that you got to help select one of the Liberal MPs directly because you liked them personally. A good example of how this whole thing works can be found in the Law Commission of Canada’s findings on printed page 94.

A huge effect of MMP is that minority parties can get much larger representation in government. Since your party vote directly correlates to proportional representation for your region it means you can vote for e.g., the Greens knowing that your votes actually counts towards them representing you in Parliament. This more favourable representation is why the NDP actually brought a vote on MMP this past December and have a petition to try and change the voting system in Canada after the 2015 election.

MMP is not perfect, though. Your vote can still not count the same as someone in another region based on how the number of MPs a region represents is divided. In some places that use MMP they solve this by having the list MPs be filled in nationally so that everyone’s vote is equal (this wouldn’t work in Canada for historical reasons, but basically certain provinces and all territories have minimum representation guarantees in Parliament and so having overflow representation would break those guarantees). But compared to both FPTP and AV, MMP usually has the better representation of voter intent.

The other issue is the size of the ballot. With a mixed list vote you would have a ballot listing all of the riding MPs you have to choose from and then you would have the mixed list vote where you either vote for a party generally or vote for a list MP specifically which could be as long as 15 people. I have looked at the example ballot and it isn’t complex, but it definitely isn’t small if you have up to 5 parties listing 15 people each for their listing MP votes (this is more of a technicality and is a solvable problem, but it is something to consider).

My personal opinion

After reading about all of these voting systems, I have to admit that MMP appeals to me the most. It comes the closest to making sure my vote for a party actually leads to representation by that party in Parliament. I also appreciate that my personal representation in Parliament by an MP is a separate vote and does not impact which party I want to represent me.

It also has the side-effect that majority governments would become a rarity. With small parties able to win more seats it leads to more compromise and teamwork between parties in order to get legislation passed. MMP just seems the most fair, and as a Canadian I like being fair.

Categories: FLOSS Project Planets

Daniel Pocock: Get your Nagios issues as an iCalendar feed

Planet Debian - Mon, 2015-01-26 16:37

The other day I demonstrated how to get your Github issues/bugs as an iCalendar feed.

I'm planning to take this concept further and I just whipped up another Python script, exposing Nagios issues as an iCalendar feed.

The script is nagios-icalendar. Usage is explained concisely in the README file, it takes just minutes to get up and running.

One interesting feature is that you can append a contact name to the URL and just get the issues for that contact, e.g.:

http://nagios-server.example.org:5001?contact=daniel Screenshots

Here I demonstrate using Mozilla Lightning / Iceowl-extension to aggregate issues from Nagios, the Fedora instance of Bugzilla and Lumicall's Github issues into a single to-do list.

Categories: FLOSS Project Planets
Syndicate content