Re: [Sugar-devel] UI experiments: pop-up menus and hot corners
Funny you should ask, I'm just getting my feet wet in module development in fedora, and now looking to compile a hello.ko for the xo1. I've got a few questions though, so I'll start a new post with questions unless there are some notes on getting started? (eg setting up required header files 'yum install kernel-devel' wasn't right, so perhaps I have to effectively cross compile even on the xo ?) Its been a long time coming, but I hope to actually do something useful this time. James. 2010/7/6 Bernie Innocenti ber...@codewiz.org On Mon, 2010-07-05 at 17:34 +0100, Gary Martin wrote: Just showing the name under the pulsing icon might be a useful extra, but ideally the launch time should be as short as possible so might look odd briefly flashing up the text (the pulse animation is meant to be a transition, just unfortunate that most startups are still more than a second or three). Who would be interested in working on startup optimization? Besides Tomeu's ongoing work on PyGI, I think we could gain a lot by shaving off huge modules such as numpy and sharing pre-rendered svg icons in some memory-mappable cache file. -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Server-devel] Latest on capacity of the school server
On 6 July 2010 17:49, Sridhar Dhanapalan srid...@laptop.org.au wrote: On 2 July 2010 03:45, David Leeming da...@leeming-consulting.com wrote: What experience do we have on the latest thinking about the capacity of a single server? Here in Kosrae they have good 24/7 power availability and air-conditioned offices in five of the schools. We can therefore specify powerful machines, even dedicated server models if need be. If we segregate off each of the 24 class groups, would a single powerful machine server be able to handle 500 students in 24 classes (courses) simultaneously? (of course in practice that maximum load will rarely occur). 6) 250-500 XOs: 5-15 APs, XS with dual-core 2GHz+ CPU and 4GB RAM, gigabit network. Site issues will be the primary concern. We have reckoned for 30 active XOs per AP. Sridhar others How do 7200rpm SATA hard drive speeds match up under this much simultaneous load? Tim ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Sugar-devel] UI experiments: pop-up menus and hot corners
On Tue, Jul 6, 2010 at 05:26, Gary Martin garycmar...@googlemail.com wrote: On 6 Jul 2010, at 03:33, Bernie Innocenti wrote: On Mon, 2010-07-05 at 17:34 +0100, Gary Martin wrote: Just showing the name under the pulsing icon might be a useful extra, but ideally the launch time should be as short as possible so might look odd briefly flashing up the text (the pulse animation is meant to be a transition, just unfortunate that most startups are still more than a second or three). Who would be interested in working on startup optimization? Well happy to help test, but seems above my technical water line. Wade experimented (and there are patches in trac I think) with a pulse animation effect that was quicker to transition but then paused slightly at max/min. Seem to remember it took another ~couple of seconds off startup, but never made it through to a release (was part of his work on the activity startup failure message that did thankfully land). Besides Tomeu's ongoing work on PyGI, I think we could gain a lot by shaving off huge modules such as numpy and sharing pre-rendered svg icons in some memory-mappable cache file. I didn't think any of Glucose used numpy? I thought it was there for Fructose (Activities) only if they needed. FWIW I have a couple of Activity projects that would use numpy but I'm not there yet. Pre-rendering is tricky as both stroke/fill colour, and image size are variable. I was hopeful after seeing Mart Raudsepp's email a week ago to the dev list about Cairo's slow rendering on XO hardware (and possible future improvements), but Wade pointed out the pulsing animation is currently a Hipocanvas thing. It was the case some time ago that Hippo would decide to request a full screen redraw at every pulse, but it was fixed to be smarter about what needs being redrawn. Or are we talking about another bug in Hippo? Regards, Tomeu Regards, --Gary -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Server-devel] Latest on capacity of the school server
Thanks, that is very useful. Have you actually deployed any schools with 250-500 yet, Sridhar? David Leeming From: Tim McNamara [mailto:paperl...@timmcnamara.co.nz] Sent: Tuesday, 6 July 2010 6:16 p.m. To: Sridhar Dhanapalan Cc: David Leeming; XS Devel Subject: Re: [Server-devel] Latest on capacity of the school server On 6 July 2010 17:49, Sridhar Dhanapalan srid...@laptop.org.au wrote: On 2 July 2010 03:45, David Leeming da...@leeming-consulting.com wrote: What experience do we have on the latest thinking about the capacity of a single server? Here in Kosrae they have good 24/7 power availability and air-conditioned offices in five of the schools. We can therefore specify powerful machines, even dedicated server models if need be. If we segregate off each of the 24 class groups, would a single powerful machine server be able to handle 500 students in 24 classes (courses) simultaneously? (of course in practice that maximum load will rarely occur). 6) 250-500 XOs: 5-15 APs, XS with dual-core 2GHz+ CPU and 4GB RAM, gigabit network. Site issues will be the primary concern. We have reckoned for 30 active XOs per AP. Sridhar others How do 7200rpm SATA hard drive speeds match up under this much simultaneous load? Tim ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Activity packaging
On Mon, 2010-07-05 at 16:20 +0200, Tomeu Vizoso wrote: Sorry about the confusion, these questions were about the move from xo bundles to packages :( Ah! Communication FAIL! :) Ok, I think the requirements for activity bundles could be: 1) Support multiple CPU architectures 2) Support multiple distros (and different versions of same distro) 3) Centralized build cluster (submit one source package, get multiple binary packages) 4) Support inter-bundle dependencies (e.g.: GCompris + voices, OOo4Kids + dictionaries) 5) Support activity - OS dependencies (e.g.: espeak for Speak, squeak for etoys...) 6) Work with any programming language (setup.py is python-centric) 7) Easy to learn for activity writers without too much distro-hacking experience These requirements would fit well both rpm and deb, with OpenSUSE Build Service or their native build clusters. To obtain (2) and (7), we might want to wrap the native packages with a distro-neutral meta-format, similar to the current activity.info files. I don't know the details yet, but I guess this is pretty much what Aleksey is doing with his 0sugar redesign. I think switching to a native package format is essential: currently, both the Fedora and Ubuntu teams are spending a lot of time to re-packaging just a few activities, resulting in duplicated effort and increased time-to-market for activities. -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Activity packaging
On 07/06/2010 11:51 AM, Bernie Innocenti wrote: Ok, I think the requirements for activity bundles could be: 1) Support multiple CPU architectures 2) Support multiple distros (and different versions of same distro) 3) Centralized build cluster (submit one source package, get multiple binary packages) 4) Support inter-bundle dependencies (e.g.: GCompris + voices, OOo4Kids + dictionaries) 5) Support activity - OS dependencies (e.g.: espeak for Speak, squeak for etoys...) 6) Work with any programming language (setup.py is python-centric) 7) Easy to learn for activity writers without too much distro-hacking experience These requirements would fit well both rpm and deb, with OpenSUSE Build Service or their native build clusters. I think you are missing an important requirement: installation without elevated permissions. --Ben P.S. This cross-posting is getting ridiculous. signature.asc Description: OpenPGP digital signature ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] Clocks on XOs
On Mon, 2010-07-05 at 08:22 -0600, Daniel Drake wrote: On 3 July 2010 16:52, Bernie Innocenti ber...@codewiz.org wrote: I checked: olpc-update-query only sets the clock if it's off by more than 24hours, so it cannot serve as a replacement for ntpdate. What's the requirement for super-accurate clocks on the XO? It doesn't have to be super-accurate, just good enough to show a clock with a meaningful time. Laptops with anti-theft enabled can get the time from the OATS server when it's off by more than 24 hours. Unlocked laptops don't have a way to synchronize the time at all. All we need to fix it is a trivial shell script. Why not do it? NOTE: whoever is interested in supporting configurations that take away root access from users will probably want to remove this functionality as well. Very sad :-( -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] UI experiments: pop-up menus and hot corners
Err, we've dropped sugar-devel off the cc list again :-) On Mon, 2010-07-05 at 10:37 -0400, Christian Marc Schmidt wrote: We are looking to schedule a design meeting next Saturday (July 10), at 10:30am EST (2:30 UTC/GMT). We'll be reviewing designs for the proposed Start new/Resume functionality in Home view. Please join! This Saturday I'll be in Belo Horizonte, probably without Internet connection. I'll try to join in if I can. Thanks, Christian On Sun, Jul 4, 2010 at 7:05 PM, Bernie Innocenti ber...@codewiz.org wrote: On Sun, 2010-07-04 at 23:42 +0100, Gary Martin wrote: P.S. We keep slipping on a date/time for the next irc #sugar-meeting design meeting, folks are most welcome, Christian has some nice mockups he's been polishing up for publication. We're trying again for tomorrow/Monday, but no time confirmed just yet. Tomorrow (monday) I'll be in Caacupé all day and I might be offline most of the time. Please, give me some advance notice if the meeting is happening tomorrow. p.s. The Journal user-interface was invented, with a filter capability. Now a full screen dialogue user-interface would be duplicating what the Journal can show. I myself am not comfortable with duplication. I agree with Mikus, but I'd like to see the mock-ups -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
[Server-devel] sample Moodle course
We are putting together a sample course in Moodle to test load performance of XS on various hardware. This is part of a Masters thesis project (Benjamin Tran, who is on this list). While recognizing that there is no such thing as a totally representative course, we are thinking of putting together something that has PDF resources, maybe eXe items, quiz, forum, etc. Please chime in with suggestions. Is there a place where we can host this and build it up? http://schoolserver.sugarlabs.org/ seems to be running Moodle, but I'm not sure what the policies are about creation, hosting, etc. http://demo.moodle.net/ wipes clean every hour, so that's not a good candidate. Suggestions? Sameer -- Dr. Sameer Verma, Ph.D. Associate Professor, Information Systems Director, Campus Business Solutions San Francisco State University http://verma.sfsu.edu/ http://opensource.sfsu.edu/ http://cbs.sfsu.edu/ http://is.sfsu.edu/ ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] XO Registration Failed with XS
On Mon, Jul 5, 2010 at 4:41 AM, ganesh gajre gnowledge.gan...@gmail.com wrote: I had upgraded and test on the xo build OS-802. I check the given path for school server /usr/lib/python2.5/site-packages/ there I don't find jarabe directory. That is for the XO not for the XS. Also, the registering of XO to server still big hassle for me. It's very important for me to bind all the XO to the Server. Daniel Drake has a patch that makes registration automatic. This leads to some problems so we cannot put it inthe general version of Sugar, but you may decide to include it in your build. cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] How to access site files quickly?
On Mon, Jul 5, 2010 at 4:10 AM, David Leeming da...@leeming-consulting.com wrote: Is there a possibility of uploading to Site files in bulk (by administrators aware of the risks)? Yes. A zipfile. Once it's in moodle you can unzip it. cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] [Sugar-devel] Schoolserver security
On Sat, Jul 3, 2010 at 8:09 AM, Bernie Innocenti ber...@codewiz.org wrote: El Thu, 01-07-2010 a las 20:55 -0600, Daniel Drake escribió: Child connects to a network, perhaps just to go online outside of school. The network has an XS. The laptop registers. The journal is backed up to the server. Ok, this is a serious security issue. Ho hum. Remove the serious and I'll agree. Low pri at the moment. How about asking the user to confirm registration to an unknown server, like ssh does? For slightly improved security, we could hash the ssh fingerprint to a color pair, so the teacher could say your schoolserver is blue and red, don't register to any other. Nope. It'd be easy to brute force (gentle force?) to get the appropriate colours. As you've already figured out, asking a 6-y-o to check an ssh fingerprint is not the fix either... A real fix is to upgrade the reg protocol to be signed -- we can copy the OAT protocol, and use/reuse the OAT keys. To be secure then, the XS needs to have a valid OAT delegation. plenty of scary webapps. *You* are a scary webapp ;-) In more serious terms, I hope you can tone down the level of scare about security. For starters: We don't handle bank acct or CC info. And we don't require users to login to their own user sessions. cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Sugar-devel] Clocks on XOs
On 6 July 2010 10:10, Bernie Innocenti ber...@codewiz.org wrote: Laptops with anti-theft enabled can get the time from the OATS server when it's off by more than 24 hours. Unlocked laptops don't have a way to synchronize the time at all. All we need to fix it is a trivial shell script. Why not do it? I think it's fine that individual deployments can do it. But it shouldn't be done globally because it weakens the security system. A globally acceptable solution could be to decrease the safety guard on the olpc-update-query check so that it corrects the time if it is (e.g.) more than 1 hour out. Daniel ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Server-devel] Latest on capacity of the school server
On Thu, Jul 1, 2010 at 1:45 PM, David Leeming da...@leeming-consulting.com wrote: What experience do we have on the latest thinking about the capacity of a single server? Here in Kosrae they have good 24/7 power availability and air-conditioned offices in five of the schools. We can therefore specify powerful machines, even dedicated server models if need be. If we segregate off each of the 24 class groups, would a single powerful machine server be able to handle 500 students in 24 classes (courses) simultaneously? (of course in practice that maximum load will rarely occur). The XS will be ok. Add RAM (webapps and proxy are memory-bound) and a large HD. What *will* melt with 500 active users is the WiFi infra. floors, 12 classrooms per floor, in U-shape layout. I would place one AP per classroom spread evenly around the school – that would be about 20 students per AP. The APs set up all on eth1 LAN with the same SSID. If we use multiple servers, we’d use different SSIDs for each. I have not deployed such a large site before so any comments on this would be appreciated. One AP per 20 is more than good. We've seen some good APs handle 40~50 (with modest traffic). Do NOT go for multiple servers. Therein lies madness. In PNG SDP’s project in North Fly, PNG, we are using small “eboxes” because of the need to run on solar power. We have deployed one full-campus wireless/server installation, quite a small school (160 total, 80 users in the first roll out). These users are divided into 3 class groups, as Moodle courses. So they are segregated. We have had feedback that it still gets slow / congested when all users are on simultaneously (80 users in 3 separate courses). Interesting. Ask them for a day and time when it was sliggush within the last couple of weeks. sysstat is running on the XS. Look at the /var/log/sa/sar* files (or call the 'sar' command for today's output) . It keeps approx 1 month IIRC. Filenames end with the 'day-of-the-month' number. I don’t have an opportunity to visit the school and Damn - anyone with the skills to find those files for you? cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] Moodle is disabled at the moment - Any Possible Solution
Dear All, We are fourth year students of University of Colombo School of Computing ,following Information and Communication Technology degree .Currently we are developing an Infromation portal for Sri Lanka OLPC project. We installed XS 0.6 in one location and we retrived a copy of its moodle instance to a flash drive.Then we installed that moodle instance in xampp in a windows machine.When we accessing the moodle through local host it indicates moodle is disabled at the moment.We could not find out possible solutions for the problem. Can you please send any suggestions to get a new version of the moodle instance of XS 0.6. We would be obliged if you could send us possible guidlines for the above mentioned issue. Regards, OLPC Group - Hasikala Wickramaarachchi Janaki Meewellewa Geetha Munasinghe ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] XO Registration Failed with XS
hello, I am trying to register my xo's with the school server we setup at our place, from which some XO's got registered with XS, but some are failed to register. The steps I do as follow: 1. We don't have any active antenna or 2 network cards so we use Wireless router which act as DHCP server for 172.18.0.255 range. 2. On Schoolserver, I tried very hard to bind 'lanbond0' device with eth0 but I failed to do that, so I use a simple hack, I down all the Virtual interfaces including 'lanbond0' and all mshbond and give ip address of lanbond0 i.e 172.18.0.1 to eth0, which by default connect to all internal services of school server. 3. Now I am able to ping from my XO to XS via Router. 4. In each XO i had change the server address located at XO-- Control panel-- network--Server: my server name/hostname, also I change /etc/hosts file entry to 172.18.0.1 my server hostname, because I had not setup a DNS server yet. 5. I am able to ping using hostname of server and even able to register some XO properly. 6. Some XO's failed to register so I upgrade the build OS to latest one 802, after doing this some of get registered. But not all, some of the XO still showing me a same problem after upgrading build OS. What will be the reason for XO not registering to XS if it's ping properly, talk to XS? It's very important to register all the XO with XS because lot of services like idmgr, backup XO and moodle will workout once it get registered with XS. Please provide me the solution for this. -- Ganesh (Dragger) Be a FOSSERS, use GNU/Linux ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
[Server-devel] Schoolserver security
El Thu, 01-07-2010 a las 20:55 -0600, Daniel Drake escribió: Child connects to a network, perhaps just to go online outside of school. The network has an XS. The laptop registers. The journal is backed up to the server. Ok, this is a serious security issue. How about asking the user to confirm registration to an unknown server, like ssh does? For slightly improved security, we could hash the ssh fingerprint to a color pair, so the teacher could say your schoolserver is blue and red, don't register to any other. Sadly, adding this UI requirement means that this feature won't be ready n time for this release :-( I think the current XO-XS communication is secure enough in the places where it needs to be. But registration indeed is a big problem and it could do with a rethink which would probably involve some kind of key-based auth to achieve the best results in terms of user experience. Well, communication being secure does not help much if the registration step is fatally flawed. Anyone passing nearby a school can make their computer register to the schoolserver with any made up serial number, then steal all journals, fill up the hard-drive with junk... probably even hijack the schoolserver, as it's a Fedora 9 without security patches, running plenty of scary webapps. We could be plug both this hole and the auto-registration security issue by making laptops receive their private ssh keys from the OATS server and distribute the matching public keys to the schoolserver. The same could be done with SSL client and server certificates. Thanks to your earlier work and Inventario, Paraguay already has all the infrastructure in place to do this, but it's kind of demanding for most deployments, especially those without a centralized anti-theft server. Can you think of a simpler scheme to perform mutual authentication. -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Server-devel] Latest on capacity of the school server
On Tue, Jul 6, 2010 at 3:15 AM, Tim McNamara paperl...@timmcnamara.co.nz wrote: Sridhar others How do 7200rpm SATA hard drive speeds match up under this much simultaneous load? HD speeds won't make any noticeable difference. Your bottlenecks are - RAM - HD access -- split the load across more disks. Specifically: put PostgreSQL data in a separate disk. - RAM! :-) - HD! - RAM - (repeat on RAM and HD several times...) - CPU cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
bitfrost assertion checks were lost
A few months ago we enabled Python optimizations in the OLPC builds causing python's assert statement to do nothing. Martin Langhoff pointed out that we're dropping some important parts of bitfrost's code with this change - we do want to be making these checks. Here's a patch to restore the previous behaviour, review appreciated. diff --git a/bitfrost/__init__.py b/bitfrost/__init__.py index e69de29..d3e691f 100644 --- a/bitfrost/__init__.py +++ b/bitfrost/__init__.py @@ -0,0 +1,10 @@ +def _assert(expr): + +When compiled with -O, assertions are dropped. However, bitfrost uses +assertions in various places as part of the security-sensitive code flow. +All assertions have been switched to use this function so that the previous +unoptimized behaviour is kept. + +if not expr: +raise AssertionError + diff --git a/bitfrost/leases/core.py b/bitfrost/leases/core.py index e8fbbcb..3818bd6 100644 --- a/bitfrost/leases/core.py +++ b/bitfrost/leases/core.py @@ -29,6 +29,7 @@ http://wiki.laptop.org/go/Firmware_Key_and_Signature_Formats#Antitheft.2FActivat import bitfrost.util.json as json +from bitfrost import _assert from bitfrost.leases.crypto import verify_lease from bitfrost.leases.errors import * from bitfrost.leases.keys import LEASE_KEYS @@ -50,13 +51,13 @@ def find_lease (this_sn, this_uuid, lease_contents): # perhaps this is a singleton lease version, leases = 1, { this_sn: lease_contents } try: -assert isinstance(version, int) +_assert(isinstance(version, int)) if version != 1: # version of the multiple-lease marshalling, *not* the version # of the lease itself. raise UnsupportedLeaseFormat(version) -assert isinstance(leases, dict) -assert len(leases.keys()) 0 +_assert(isinstance(leases, dict)) +_assert(len(leases.keys()) 0) except: raise InvalidLeaseData() diff --git a/bitfrost/leases/crypto.py b/bitfrost/leases/crypto.py index de38f50..f28434e 100644 --- a/bitfrost/leases/crypto.py +++ b/bitfrost/leases/crypto.py @@ -26,6 +26,7 @@ for use when checking security tokens. import time, re, sys +from bitfrost import _assert from bitfrost.leases.errors import * import bitfrost.util.pyverify as pyverify # libtomcrypt binding @@ -45,8 +46,8 @@ def _find_matching_key(keyid, valid_keys): # key01: data\n # 3 2 2 N 1 try: -assert k[0:7] == 'key01: ' -assert k[-1] == '\n' +_assert(k[0:7] == 'key01: ') +_assert(k[-1] == '\n') key = k[7:-1].decode('hex') except: pass # our keylist has an invalid key =( @@ -77,7 +78,7 @@ def date_cmp(a, b): a, b = str(a), str(b) -assert len(a) == 16 and len(b) == 16 +_assert(len(a) == 16 and len(b) == 16) if a == b: return 0 # special-case infinity. if a == T00Z: return 1 @@ -108,28 +109,28 @@ def check_expiration_func(): def _verify_sig01(certified_data, sig, valid_keys, __): Decode and verify a signature in the sig01 format. try: -assert isinstance(sig, str) -assert len(sig) (3+2+2+6+1+64+1+1) +_assert(isinstance(sig, str)) +_assert(len(sig) (3+2+2+6+1+64+1+1)) # minus 38 -assert sig[0:7] == 'sig01: ' +_assert(sig[0:7] == 'sig01: ') hashname = sig[7:13] -assert hashname == 'sha256' -assert sig[13] == ' ' +_assert(hashname == 'sha256') +_assert(sig[13] == ' ') keyid = sig[14:78] -assert len(keyid) == 64 -assert sig[78] == ' ' -assert sig[-1] == '\n' +_assert(len(keyid) == 64) +_assert(sig[78] == ' ') +_assert(sig[-1] == '\n') sig = sig[79:-1].decode('hex') except: raise InvalidSignatureData() # find a matching key in valid_keys, which will be a parsed key list. key = _find_matching_key(keyid, valid_keys) -assert key is not None +_assert(key is not None) # Crypto check try: -assert hashname == 'sha256' +_assert(hashname == 'sha256') pyverify.verify_buffer(key, certified_data, sig) except: raise VerificationFailure() @@ -139,13 +140,13 @@ def _verify_sig01(certified_data, sig, valid_keys, __): def _verify_sig02(certified_data, sig, valid_keys, sn): Decode and verify a signature in the sig01 format. try: -assert isinstance(sig, str) -assert len(sig) (3+2+2+6+1+64+1+16+1+1) -assert sig[0:7] == 'sig02: ' -assert sig[-1] == '\n' +_assert(isinstance(sig, str)) +_assert(len(sig) (3+2+2+6+1+64+1+16+1+1)) +_assert(sig[0:7] == 'sig02: ') +_assert(sig[-1] == '\n') sgs = sig[7:].split() -assert len(sgs) 0 -assert (len(sgs) % 4) == 0 +
Anti-theft vs RTC (Was Re: NetworkManager time sync)
csc...@laptop.org said: While we have your attention on this topic... Do you not think that this is a security issue? In that a thief could put a laptop on a network with rigged DNS and have control over the time/date on the laptop? A sane security system would let the user control their local time, without jeopardizing security based on server (or firmware) time. That's hard to do if the user is root. I'm far from a wizard on this area, but I think the key idea is that there is only one RTC and there isn't any reasonable way for the firmware to hide it from the OS. So if you let the user become root, they can set the RTC back and keep using an old lease as long as they can hide from the anti-theft server at boot time. I think a thief could do useful work on a stolen XO as long as they are willing to run with the clock set incorrectly (to bypass the firmware boot-time checks) and they are smart enough to disable any non-firmware security checks. They would have to avoid booting near an anti-theft (school) server and/or hide behind a firewall that would filter it out. Is there a good high level description of how the current anti-theft works? I've found these: http://wiki.laptop.org/go/Antitheft_HowTo http://wiki.laptop.org/go/XS-activation http://wiki.laptop.org/go/OLPC_Bitfrost The first two are full of commands to type to use the current anti-theft setup, but there isn't much discussion of the big picture. The Bitfrost doc was last edited in Feb 2007. I haven't found a discussion of the set-the-clock-back case. The Bitfrost doc describes an anti-theft daemon running on the XO at: http://wiki.laptop.org/go/OLPC_Bitfrost#P_THEFT:_anti-theft_protection It also expects file protection for the critical parts of the OS as described here: http://wiki.laptop.org/go/OLPC_Bitfrost#P_SF_CORE Has that been implemented? If so, how, and where do I find more info? I don't remember any discussion of that topic. There is also discussion of maintaining a per program view of the RTC at: http://wiki.laptop.org/go/OLPC_Bitfrost#P_RTC:_real_time_clock_protection I don't think that's been implemented either. It's probably possible to make the anti-theft stuff significantly more robust in this area. I think it would be a lot of work. The two chunks of Bitfrost above would be a good start. I'm not sure they are sufficient and/or there may be simpler ways. Security is hard. -- These are my opinions, not necessarily my employer's. I hate spam. ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Activity packaging
On Tue, Jul 6, 2010 at 1:50 PM, John Gilmore g...@toad.com wrote: I think you are missing an important requirement: installation without elevated permissions. Enhancing deb or rpm to be able to do this would be a win all around. Yes, it's been in the To Do list for dpkg and rpm for as long as I've been using Linux -- I asked about this for rpms in '98. Sadly, the rate of development around rpm and dpkg is... well... slow... rpm has a leg up, anyway, in that it has (limited? buggy?) support for relocatable rpms. It would be amazing for the overall health of Linux distros if someone took this on and worked on it all the way to getting it done and merged. Packages (and maint scripts) would need to be updated/adapted to support this, and of course it's not appropriate for all packages. cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] UI experiments: pop-up menus and hot corners
On 6 Jul 2010, at 10:16, Tomeu Vizoso to...@sugarlabs.org wrote: On Tue, Jul 6, 2010 at 05:26, Gary Martin garycmar...@googlemail.com wrote: On 6 Jul 2010, at 03:33, Bernie Innocenti wrote: On Mon, 2010-07-05 at 17:34 +0100, Gary Martin wrote: Just showing the name under the pulsing icon might be a useful extra, but ideally the launch time should be as short as possible so might look odd briefly flashing up the text (the pulse animation is meant to be a transition, just unfortunate that most startups are still more than a second or three). Who would be interested in working on startup optimization? Well happy to help test, but seems above my technical water line. Wade experimented (and there are patches in trac I think) with a pulse animation effect that was quicker to transition but then paused slightly at max/min. Seem to remember it took another ~couple of seconds off startup, but never made it through to a release (was part of his work on the activity startup failure message that did thankfully land). Besides Tomeu's ongoing work on PyGI, I think we could gain a lot by shaving off huge modules such as numpy and sharing pre-rendered svg icons in some memory-mappable cache file. I didn't think any of Glucose used numpy? I thought it was there for Fructose (Activities) only if they needed. FWIW I have a couple of Activity projects that would use numpy but I'm not there yet. Pre-rendering is tricky as both stroke/fill colour, and image size are variable. I was hopeful after seeing Mart Raudsepp's email a week ago to the dev list about Cairo's slow rendering on XO hardware (and possible future improvements), but Wade pointed out the pulsing animation is currently a Hipocanvas thing. It was the case some time ago that Hippo would decide to request a full screen redraw at every pulse, but it was fixed to be smarter about what needs being redrawn. Or are we talking about another bug in Hippo? Activity start-up times are significantly better than they used to be, so no specific bug that I'm aware of, was just hopeful of any opportunities to further improve performance Regards, --Gary Regards, Tomeu Regards, --Gary -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] Activity packaging
On Tue, Jul 06, 2010 at 11:51:00AM -0400, Bernie Innocenti wrote: On Mon, 2010-07-05 at 16:20 +0200, Tomeu Vizoso wrote: Sorry about the confusion, these questions were about the move from xo bundles to packages :( Ah! Communication FAIL! :) Ok, I think the requirements for activity bundles could be: 1) Support multiple CPU architectures 2) Support multiple distros (and different versions of same distro) 3) Centralized build cluster (submit one source package, get multiple binary packages) 4) Support inter-bundle dependencies (e.g.: GCompris + voices, OOo4Kids + dictionaries) 5) Support activity - OS dependencies (e.g.: espeak for Speak, squeak for etoys...) 6) Work with any programming language (setup.py is python-centric) 7) Easy to learn for activity writers without too much distro-hacking experience These requirements would fit well both rpm and deb, with OpenSUSE Build Service or their native build clusters. To obtain (2) and (7), we might want to wrap the native packages with a distro-neutral meta-format, similar to the current activity.info files. I don't know the details yet, but I guess this is pretty much what Aleksey is doing with his 0sugar redesign. Just to mention how it could look like on high level http://wiki.sugarlabs.org/go/Activity_Team/Zero_Sugar#How_it_works_at_a_glance i.e. for activity developer, process should look like pretty straight forward, everything what he needs is a spec file. Spec file is not like regular activity.info (some kind of metadata file that is used in runtime) but a regular spec file like .spec in rpm. Some examples of real (but for now only built only for 0install) http://wiki.sugarlabs.org/go/Activity_Team/Zero_Sugar/0sugar.info_Specification#Python_library http://wiki.sugarlabs.org/go/Activity_Team/Zero_Sugar/0sugar.info_Specification#Vala_library and how it will look like for activities http://wiki.sugarlabs.org/go/Activity_Team/Zero_Sugar/0sugar.info_Specification#Python_activity The milestones I'm planing are: * Having just 0sugar.info spec file (and 0distro build time dependency on obs), build native packages on bunch of rpm and deb based distros on OBS. I'm planing to have rpm and deb packages for Sucrose, Polyol, GC, OOo4Kids built from only 0sugar.info spec files in two weeks * Having just 0sugar.info and 0sugar tool, distribute homemade blobs (already works) and blobs built on OBS via 0install * merge all things together and make it useful within sugar - move all packaging related stuff from current glucose to some kind of packaging core with using 0install as an unified packaging engine, such core could be e.g. a dbus service (but could be a library as well) e.g. for now, shell does things like: decides what activities to use, from /usr or from ~/Activities, plain versions vs. dotted versions (sounds a bit amusing). All these tasks will be handled within new packaging core - switch from bundle_id identification to http urls for activities, (at some point it sounds like urls for microformat updates) it could be really useful if user on any sugar box could run activity just by mentioning its url * new UI, how it could look like with new packaging infrastructure So, Zero Sugar will be useful already in two weeks e.g. it should be possible to attach Sugar:Platform:Factory repo from obs to have development sucrose on major rpm/deb distros (http://wiki.opensuse.org/openSUSE:Build_Service_supported_build_targets) or install sugarized GC (in form of application or activity) from native packages. The rest of steps could be implemented in parallel manner. I think switching to a native package format is essential: currently, both the Fedora and Ubuntu teams are spending a lot of time to re-packaging just a few activities, resulting in duplicated effort and increased time-to-market for activities. just an OBS feature that could be used as is if most of activities will accessible from obs http://wiki.sugarlabs.org/go/Activity_Team/Zero_Sugar/Use_Cases#Per_user_Sugar_on_a_stick -- Aleksey ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] UI experiments: pop-up menus and hot corners
Activity start-up times are significantly better than they used to be, so no specific bug that I'm aware of, was just hopeful of any opportunities to further improve performance It's my impression that activity start-up times are affected by the size (by that I mean memory usage) of the activity. If on the XO-1 I start up a large activity (e.g., Help, TamTamSynth, etc) for the first time, it takes a number of seconds for me to see the activity's own screen. Smaller activities (e.g., Bounce, Arithmetic) seem to start more quickly. mikus ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: Activity packaging
On Tue, 2010-07-06 at 12:02 -0400, Benjamin M. Schwartz wrote: I think you are missing an important requirement: installation without elevated permissions. XO and SoaS distributions are configured for sudo with no password. Rainbow has been bit-rotting for the past 2 years and nobody volunteered to work on it. The bottom line is that *nowadays*, any activity can escalate root privileges. Before someone screams in horror, consider this: the only valuable data on the laptop belongs to user olpc. A non-privileged account can already effectively do anything that a spammer would like to do. Even in a Rainbow-enabled environment, privileged vs unprivileged installation isn't by itself the source of security issues. Packages could easily be checked to ensure that all bundled files are within a specific path, like we currently do with the zip files. Post-install scriptlets can be disabled. Even with these limitations, a native packaging system is still years ahead of us in terms of robustness and feature-completeness. P.S. This cross-posting is getting ridiculous. Mikus keeps moving this thread to other lists because he won't subscribe to sugar-devel. (why?? ask him). -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] Clocks on XOs
On Tue, 2010-07-06 at 11:21 -0600, Daniel Drake wrote: I think it's fine that individual deployments can do it. But it shouldn't be done globally because it weakens the security system. Which security system, the theft deterrence? Well, granting root access from the console already weakens it to the point of being useless. Who would bother to setup a fake DHCP, DNS and NTP server when it takes 20 seconds to crack it from the console? :-) Where you thinking of a different scenario? A globally acceptable solution could be to decrease the safety guard on the olpc-update-query check so that it corrects the time if it is (e.g.) more than 1 hour out. This isn't globally acceptable: many (most?) laptops run without a OATS server, so their clock would remain wrong forever. PS: I just found yet another laptop which won't activate because the clock was set to 15 July 2000 (not 2010!). Do you see many of these? -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Server-devel] Latest on capacity of the school server
OK good advice thanks. Power and available operating environment are an issue in the PNG schools. High temp and humidity and need to run on solar power, but not make it so expensive it can't be replicated in many schools. We will see how the small eboxes cope and add RAM, and yes we will get you that data when one of the team can get there. We're working on local tech skills. David Leeming -Original Message- From: Martin Langhoff [mailto:martin.langh...@gmail.com] Sent: Wednesday, 7 July 2010 3:22 a.m. To: David Leeming Cc: XS Devel Subject: Re: [Server-devel] Latest on capacity of the school server On Thu, Jul 1, 2010 at 1:45 PM, David Leeming da...@leeming-consulting.com wrote: What experience do we have on the latest thinking about the capacity of a single server? Here in Kosrae they have good 24/7 power availability and air-conditioned offices in five of the schools. We can therefore specify powerful machines, even dedicated server models if need be. If we segregate off each of the 24 class groups, would a single powerful machine server be able to handle 500 students in 24 classes (courses) simultaneously? (of course in practice that maximum load will rarely occur). The XS will be ok. Add RAM (webapps and proxy are memory-bound) and a large HD. What *will* melt with 500 active users is the WiFi infra. floors, 12 classrooms per floor, in U-shape layout. I would place one AP per classroom spread evenly around the school that would be about 20 students per AP. The APs set up all on eth1 LAN with the same SSID. If we use multiple servers, wed use different SSIDs for each. I have not deployed such a large site before so any comments on this would be appreciated. One AP per 20 is more than good. We've seen some good APs handle 40~50 (with modest traffic). Do NOT go for multiple servers. Therein lies madness. In PNG SDPs project in North Fly, PNG, we are using small eboxes because of the need to run on solar power. We have deployed one full-campus wireless/server installation, quite a small school (160 total, 80 users in the first roll out). These users are divided into 3 class groups, as Moodle courses. So they are segregated. We have had feedback that it still gets slow / congested when all users are on simultaneously (80 users in 3 separate courses). Interesting. Ask them for a day and time when it was sliggush within the last couple of weeks. sysstat is running on the XS. Look at the /var/log/sa/sar* files (or call the 'sar' command for today's output) ... It keeps approx 1 month IIRC. Filenames end with the 'day-of-the-month' number. I dont have an opportunity to visit the school and Damn - anyone with the skills to find those files for you? cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: [Sugar-devel] Clocks on XOs
On Sat, Jul 3, 2010 at 9:54 AM, Bernie Innocenti ber...@codewiz.org wrote: Likely so, but the software should be able to compensate for it. After discussing it on IRC, it seems that olpc-update-query should automatically update the clock from the OATS server. Do _not_ rely on this for accurate clock setting. It only kicks in if - the clock is really off - the XS has delegated OATS keys NetworkManager used to call ntpdate when it setup a connection. Was that an OLPC addition? We figured out that the ntp package has never been present on the XO images. Um? I thought it was there -- perhaps in much older builds? ... There's no way to practical way to implement effective anti-theft without taking away root from the user. And once we take away root access, we've also taken away olpc's principle #1: child ownership. Not true on several levels. We can control the clock in OFW for the case where the time is reset to the past. Not implemented (yet) but planned. cheers, m -- martin.langh...@gmail.com mar...@laptop.org -- School Server Architect - ask interesting questions - don't get distracted with shiny stuff - working code first - http://wiki.laptop.org/go/User:Martinlanghoff ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] Activity packaging
On Tue, 2010-07-06 at 19:56 +, Aleksey Lim wrote: Just to mention how it could look like on high level http://wiki.sugarlabs.org/go/Activity_Team/Zero_Sugar#How_it_works_at_a_glance Will it also remove the need to ship fat bundles, as we do now? I mean, will it produce separate packages for each architecture/os or just one large package with many binaries in it? I tend to prefer the first way, like rpm and deb do. - move all packaging related stuff from current glucose to some kind of packaging core with using 0install as an unified packaging engine, such core could be e.g. a dbus service (but could be a library as well) e.g. for now, shell does things like: decides what activities to use, from /usr or from ~/Activities, plain versions vs. dotted versions (sounds a bit amusing). All these tasks will be handled within new packaging core Wouldn't PackageKit be a perfect match for this? So, Zero Sugar will be useful already in two weeks e.g. it should be possible to attach Sugar:Platform:Factory repo from obs to have development sucrose on major rpm/deb distros (http://wiki.opensuse.org/openSUSE:Build_Service_supported_build_targets) or install sugarized GC (in form of application or activity) from native packages. It's an amazing piece of work, Aleksey!! Considering that you're tackling on the hardest problem in the Sugar universe, I'm very impressed by the progress you've made in such a short amount of time. -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] Clocks on XOs
On 6 July 2010 15:03, Bernie Innocenti ber...@codewiz.org wrote: Well, granting root access from the console already weakens it to the point of being useless. Who would bother to setup a fake DHCP, DNS and NTP server when it takes 20 seconds to crack it from the console? :-) Right. So with that logic, lets just throw out the whole security system. Ignoring the fact that some deployments ship without root access. And that there are efforts to solve that in the future. Having ntp sync like this weakens the security system because it means that when you fix one problem (of easy root access, for example), you still have other ones that make your system easily defeatable. Instead, if you choose not to add more holes, once you fix the existing ones then you have a fully secure system. This isn't globally acceptable: many (most?) laptops run without a OATS server, so their clock would remain wrong forever. This picture is rapidly changing. PS: I just found yet another laptop which won't activate because the clock was set to 15 July 2000 (not 2010!). Do you see many of these? This was probably a human error in the Fix_clock repair process that happened on that laptop. Daniel ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
[Server-devel] slides from March OLPC-SF presentation on XS
Long overdue, but I've finally uploaded my slides from the March presentation at OLPC-SF. http://www.slideshare.net/sverma/xs-olpc-school-server You'll have to log in to get the PDF (site has a Flash-based slideshow). I'll post the PDF and ODP somewhere online shortly. cheers, Sameer -- Dr. Sameer Verma, Ph.D. Associate Professor, Information Systems Director, Campus Business Solutions San Francisco State University http://verma.sfsu.edu/ http://opensource.sfsu.edu/ http://cbs.sfsu.edu/ http://is.sfsu.edu/ ___ Server-devel mailing list server-de...@lists.laptop.org http://lists.laptop.org/listinfo/server-devel
Re: bitfrost assertion checks were lost
On Tue, Jul 06, 2010 at 12:27:24PM -0600, Daniel Drake wrote: A few months ago we enabled Python optimizations in the OLPC builds causing python's assert statement to do nothing. Martin Langhoff pointed out that we're dropping some important parts of bitfrost's code with this change - we do want to be making these checks. Here's a patch to restore the previous behaviour, review appreciated. Since the git commit ea73e4a was slightly later, I reviewed that. No issues found. I've also tested to my satisfaction that assert(False) does nothing when python -O is run, and raising AssertionError is still possible. Reviewed-by: James Cameron qu...@laptop.org -- James Cameron http://quozl.linux.org.au/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] UI experiments: pop-up menus and hot corners
On Tue, 2010-07-06 at 20:06 +0100, Gary Martin wrote: Activity start-up times are significantly better than they used to be, so no specific bug that I'm aware of, was just hopeful of any opportunities to further improve performance On F11-0.88, I often see long startup times. I have some non-conclusive clues to think on: 1) using top from the console, I see the CPU split (50%/50%) between sugar-session and the loading activity 2) activities using 0sugar seem to take forever to run 3) Browse and Record are amongst the worst offenders -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] UI experiments: pop-up menus and hot corners
On 6 Jul 2010, at 04:26, Gary Martin garycmar...@googlemail.com wrote: Pre-rendering is tricky as both stroke/fill colour, and image size are variable. I think Benjamin had this more or less working at some point, I don't remember why we didn't land it. Marco ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
F11-for-XO1.5 Release 10.1.1 Release Candidate 5
http://wiki.laptop.org/go/F11_for_1.5 http://build.laptop.org/10.1.1/os206 Compressed image size: 705.55mb (+0.10mb since build 205) This is the fifth RC build for the 10.1.1 release. Changes: * #10202: Reinstitute asserts in the Bitfrost package. * #10122: Fix Distance activity not working well on XO-1.5 Package changes since build 205: -bitfrost-1.0.8-1.fc11.i586 +bitfrost-1.0.9-1.fc11.i586 ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] Clocks on XOs
On Tue, 2010-07-06 at 16:36 -0600, Daniel Drake wrote: On 6 July 2010 15:03, Bernie Innocenti ber...@codewiz.org wrote: Well, granting root access from the console already weakens it to the point of being useless. Who would bother to setup a fake DHCP, DNS and NTP server when it takes 20 seconds to crack it from the console? :-) Right. So with that logic, lets just throw out the whole security system. Ignoring the fact that some deployments ship without root access. Is the practice of completely locking-down the laptops something we'd even want to encourage? Assuming we don't, why should we cripple time-syncing for everyone just to simplify an unsupported customization? And that there are efforts to solve that in the future. Oh, I was unaware of this. Who is working on it, and what's the exact plan? Having ntp sync like this weakens the security system because it means that when you fix one problem (of easy root access, for example), you still have other ones that make your system easily defeatable. Instead, if you choose not to add more holes, once you fix the existing ones then you have a fully secure system. Easy root access is not a security bug, it's a feature that OLPC deliberately chose to give to all users. I even submitted a mingetty patch adding --loginpause which we use to drop into the root console. Why? Because, without root access, children would own the XO the same way consumers own the iPhone and the TiVo. They could crash the physical thing on the floor and burn it, but not flip one bit without government's authorization. I may sound a bit melodramatic, but a project of this kind wouldn't have inspired me to volunteer even for one day. Moralities apart, I guess anyone would agree on the purely technical statement that we can't make OATS work effectively without also taking away root privileges (or the best parts of it). Any half-hearted compromise is likely to be as ineffective as it is annoying. This isn't globally acceptable: many (most?) laptops run without a OATS server, so their clock would remain wrong forever. This picture is rapidly changing. I thought the default was changed one year ago from locked to unlocked. I would be surprised if many deployments had the technical skills to deal comfortably with the complexity of the activation system, when it is very challenging even for us. We probably disagree here, but I think that in most cases OATS costs more to maintain than its actual economical benefit. Admittedly, it works very well at addressing a problem of fear that may play a big role in influencing decision makers. Come on, we all secretly know this and play dumb :-) -- // Bernie Innocenti - http://codewiz.org/ \X/ Sugar Labs - http://sugarlabs.org/ ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel
Re: [Sugar-devel] Activity packaging
On Tue, Jul 06, 2010 at 05:59:04PM -0400, Bernie Innocenti wrote: On Tue, 2010-07-06 at 19:56 +, Aleksey Lim wrote: Just to mention how it could look like on high level http://wiki.sugarlabs.org/go/Activity_Team/Zero_Sugar#How_it_works_at_a_glance Will it also remove the need to ship fat bundles, as we do now? I mean, will it produce separate packages for each architecture/os or just one large package with many binaries in it? I tend to prefer the first way, like rpm and deb do. There is no any bundles in core design i.e. if you are talking about fat bundles we are talking about distribution method, in my mind such distribution methods could be: * via distro repos on obs(or other build farm), users attach these repos * via 0install, user just type sugar-activity/0lauch http-url to start activity or any software * for sneakernet, 0sugar tool could generate bundles like ./setup.py dist_xo does, imho there is not huge need in having smart/fat bundles like I tried to to with 0installed bundles; but anyway later practice will make it more clear - move all packaging related stuff from current glucose to some kind of packaging core with using 0install as an unified packaging engine, such core could be e.g. a dbus service (but could be a library as well) e.g. for now, shell does things like: decides what activities to use, from /usr or from ~/Activities, plain versions vs. dotted versions (sounds a bit amusing). All these tasks will be handled within new packaging core Wouldn't PackageKit be a perfect match for this? Firstly, 0install already can install native packages via PackageKit and secondly (keeping in mind your reply to Benjamin), talking about *only* native packages we loose one simple and core-for-sugar thing, any sugar user should be, at the end, a doer. For example, if we have TuxPaint activity and many doers are experimenting (change C code and compile) with it, what can do a person, who decides to try all these TuxPaint activities, having native packages as only distribution method? ask all doers use the same repo (sounds useless); attach repos per doer (conflicts); handle all issues by himself (not useful as well). With having 0install (which is already exists and works) as engine, we handle these issues automatically. Using 0install doesn't mean that everything is ok with 0install from sugar pov, e.g. one of core sugar workflows when user need only place activity to ~/Activities to make it useful is absent in 0install (it designed as regular packaging system e.g. there is no need in changing some software in /usr/lib). So, 0install is required later hacking but it effectively solve last of packaging issues - how to *launch*(not install) arbitrary activity in heterogeneous environment. So, Zero Sugar will be useful already in two weeks e.g. it should be possible to attach Sugar:Platform:Factory repo from obs to have development sucrose on major rpm/deb distros (http://wiki.opensuse.org/openSUSE:Build_Service_supported_build_targets) or install sugarized GC (in form of application or activity) from native packages. It's an amazing piece of work, Aleksey!! Considering that you're tackling on the hardest problem in the Sugar universe, I'm very impressed by the progress you've made in such a short amount of time. Well, not so short amount of time, my first commit to jhconvert (my first experience in meta packaging) was Fri Dec 05 01:29:55 + 2008 -- Aleksey ___ Devel mailing list Devel@lists.laptop.org http://lists.laptop.org/listinfo/devel