Tag Archives: Debian

Switching to Mozilla Extended Support Releases

At first I wasn’t impressed with Mozilla’s plan for Extended Support Releases for Firefox and Thunderbird, and after sites complained that Firefox 10 was too old it made me switch to the normal release schedule. But now with Firefox 17 being the current ESR and release 24 around the corner it made me rethink everything again. Updating your browser every six weeks sounds fun, but in the end it should just work.

So first stop was Debian that appears to adopt the new ESR strategy and updated their own spin of Mozilla Firefox, Iceweasel, for version 10 to version 17 in their stable release of Debian. The same for Icedove, the Debian spin of Mozilla Thunderbird. Hopefully their testing release will have version 17 soon, but you can grab it from the unstable release without any real issue. I have been using Iceweasel 17 for about three weeks again and experienced no issues browsing the web. So the first step to Firefox ESR has been taken.

The next step it to switch a portable apps installation of Mozilla Firefox to ESR, but for that I have to wait for the next Extended Support Release which is be planned September 17, 2013 and then change the release channel from “release” to “esr” by hand in default\pref\channel-prefs.js. Or I should reinstall the ESR version of PortableApps Firefox now, but for that I need to do some import and exporting of data and settings. We will see what will come first.

WordPress “upgrades”

I have been a long time WordPress user and not very happy with it from time to time, but sometimes you just have to accept certain things. Using WordPress is one of them as it slow became the industry standard for weblogs. It also became the standard for trouble, quick updates and hacked weblogs. As I have to live with it, it became time to take a closer look at WordPress.

While WordPress has a lot of coding errors and that is something that can’t be fixed overnight, but what can be solved is the ability to install additional code. While it sounds a smart move to offers users a way to upgrade WordPress with one click in their browser or to install new plugins or themes, it is also a hazard. If a webserver is allowed to update the application it is running without any trouble, then it simply means anyone who can trick the application to write code to disk and execute it also can host anything he or she wants. A lot of phishing and spam sites do this trick to host their code in some directory of a broken plugin. And the PHP-interpreter always happy to execute any PHP-code it finds, this is a mayor flaw.

For Debian Squeeze there is a backport of WordPress 3.3.2 which matched my version already running. So installing the packages and switching the webservers documentroot to the one supplied by the packages resolved the first issue. Now only the user root can modify the WordPress installation which also include all plugins and themes for WordPress. The base of WordPress now has been secured as remote users can’t modify or install any code. Right? Both yes and no as people still are able to upload content for WordPress and this is something for further review. Most ideally the content will be hosted in an image gallery for example, but it is a risk to accept for now.

Switching to packages also showed something else as most WordPress users just install plugins and themes by using the webinterface. As only root can install new plugins and themes this reduces the choice people have to what the system administrator puts in a package and installs it. Sadly enough now script currently exist for building packages from plugin/theme files and a quick look it appears that this isn’t an issue for themes. But it appears to be an issue for plugins as some developers include an extract from PHP Pear to make sure the plugin always works.

So the coming week I have to spend some time in creating packages and do some coding to make packages work with system provided and updated PHP Pear code. But I still wonder why people write plugins and just copy code to make it “work”. I also wonder how many plugins have outdated code with some funny features or is it something I don’t want to know?

PAM bug hit Debian and others

It has been years since PAM was hit by a serious bug in PAM, but people who upgrade to libpam-systemd version 44-1 can find that sudo stops working. Reading the bugreport on Debian and FreeDesktop.org it doesn’t look promising as it also effects other distributions. For now it may be wise put systemd on hold in case the package transfers from unstable to testing.

No smooth transition in Debian

Bugreport 638019 appears to be very straight forward, until the code finally hit Debian Testing last weekend. A simple relocation of a FIFO-buffer from /dev to /run caused direct trouble for machines with systemd and a normal shutdown wasn’t possible anymore. Both bugs 657979 and 657990 are a results of the modification. Seeing the overview of effected files and made me go back to the previous working release of source package sysvinit with the following commands

$ cd `xdg-user-dir DOWNLOAD`
$ wget http://snapshot.debian.org/archive/debian/20111223T034013Z/pool/main/s/sysvinit/bootlogd_2.88dsf-18_amd64.deb
$ wget http://snapshot.debian.org/archive/debian/20111223T034013Z/pool/main/s/sysvinit/initscripts_2.88dsf-18_amd64.deb
$ wget http://snapshot.debian.org/archive/debian/20111223T034013Z/pool/main/s/sysvinit/sysv-rc_2.88dsf-18_all.deb
$ wget http://snapshot.debian.org/archive/debian/20111223T034013Z/pool/main/s/sysvinit/sysvinit-utils_2.88dsf-18_amd64.deb
$ wget http://snapshot.debian.org/archive/debian/20111223T034013Z/pool/main/s/sysvinit/sysvinit_2.88dsf-18_amd64.deb
$ dpkg -i bootlogd_2.88dsf-18_amd64.deb initscripts_2.88dsf-18_amd64.deb sysvinit_2.88dsf-18_amd64.deb sysvinit-utils_2.88dsf-18_amd64.deb sysv-rc_2.88dsf-18_all.deb

And as there is no solution for now except a dependency change for systemd the package are being placed on hold like the last time they broke systemd.

$ echo "bootlogd hold" | sudo dpkg --set-selections
$ echo "initscripts hold" | sudo dpkg --set-selections
$ echo "sysvinit hold" | sudo dpkg --set-selections
$ echo "sysvinit-utils hold" | sudo dpkg --set-selections
$ echo "sysv-rc hold" | sudo dpkg --set-selections

It sounds strange for Linux-people, but I really wished I had an alternative boot environment like Solaris has. Maybe this is the reason for me to invest more time in read-write within BtrFS.

Debian Wheezy and GNOME 3.2

The migration of GNOME toward version 3.0 in Debian earlier this year wasn’t very successful¬†in the beginning, but a lot of bugs where solved during the summer. GNOME 3.0 made it into Wheezy during the release of 3.2 and maybe for the better. Now only a few months after the release of GNOME 3.2 almost all packages have been uploaded to experimental or unstable, and most of them even already migrated to testing.

But what brings GNOME 3.2? A lot of people are unhappy and some of these points are valid and need to be fixed. Others can be discussed if they are true. One thing that changed in 3.2 is how GNOME interacts with your address book and your instant messaging accounts. Connections to instant messaging networks are automatically being started when you log in. This also reflects in the search screen when you type in a friends name and you direct see his connection status.

GNOME Online Accounts is another example of making things simpler for the user. Currently it only works for Google, but I really hope current proposals with querying the right SRV-records in DNS are also going to be part of GNOME in a future release. For now GNOME Online Accounts setups up multiple Google services up like Mail, Calendar, Chat, Documents and Contacts with a single authentication token. Different services don’t have to maintain and store the credentials in GNOME Keyring or in still in there own way. Hopefully there will come a solution for Liferea which still stores te users password plain-text in the configuration file.

Other third-party applications like Simple Scan, Shotwell and Deja-Dup are slowly making there way into becoming part of GNOME. I can’t wait to see what is going to happen with the GNOME 3.4 release as both Epiphany and Evolution are going to have some major work done to them. A switch to Webkit 2 and ending the usage of GtkHTML in Evolution. Hopefully after this Epiphany can replace Firefox completely on my desktop.

It is good to see the progress GNOME is making into becoming an interface for cloud services by simplifying the configuration for users, but also separating data from applications more and more. I can’t wait to see how GNOME Document is going to evolve, but two other things still open is a good solution for RSS-feeds and chat-logs as Empathy is still storing them on disk and isn’t able to use logs stored by Google for example.

In the end I’m happy with GNOME 3.2 in Debian Testing right now and Debian on my workstation is back to it’s weekly testing upgrade schedule as most parts are working. I even think that I will continue to do this during the 3.4 release as most of the GNOME dust has settled. Maybe I make an exception for both AbiWord and Gnumeric when they switch to GTK3 and hopefully also better OpenDocument support.