therning.org/ magnus

I received an email saying that epilicious didn’t work very well in epiphany 1.9.x. Since Debian isn’t packaging pre-releases of GNOME 2.14 I decided to try to get Ubuntu Dapper installed in a qemu image. I tried using the age-tested method of installing a stable version first (Breezy), and then upgrading to the unstable, not-yet-released version (Dapper).

It literally took hours to get Breezy installed. A small change of /etc/apt/sources.list later I was ready to move on to Dapper. More than 500 packages were needed to be downloaded for the upgrade. During the upgrade there was a conflict due to a file that had been moved from one package to another. There seemed to be no easy way out of the situation as the proposed solution (apt-get -f install) would remove the kernel itself. I gave up and I’ll be looking elsewhere to find a way to check out the GNOME pre-releases.

I’ve never had any problems at all taking a Debian system from stable to unstable. It has required a few steps sometimes, but I’ve always been able to rely on the packaging tools to take me from point A to point B. This really goes to show that Ubuntu, despite it’s origins, isn’t Debian.

I’m gaining more and more confidence that my decision to move back to Debian was the correct decision.

A few days ago I realised I totally missed GTalk going federated. After a bit of searching it turns out Google runs a server on port 80, so all people behind firewalls are in luck. I first tried port 443, hoping for secure communications. That didn’t work, but it turns out the Jabber protocol is better than I thought, it switches over to TLS after a brief “capability negotiation” when first connecting to a server. Great!

Next I started switching over all my contacts to my GTalk account. The Jabber roster utility was very helpful in getting all the contact details. Federation is such a brilliant idea!

The United Nations has recommended its members use open source software, particularly in areas related to health, education and international commerce, UN inspector Dominique Ouredrago said during a speech at the II international open source conference in Spain.

http://www.tmcnet.com/usubmit/2006/02/20/1389065.htm

Now this is good, right?

Well, I’m not sure it’s good enough. I’m not convinced the difference between open source and free software is understood within the UN. What they should recommend is use of free software.

Second, until there is unambiguous patenting laws prohibiting patents on software in the major markets in the world there is a threat looming over open source and free software. Will the UN address this issue as well?

The broadband connection came with a ADSL modem/router. Two problems with it, it could only handle one connected device, and it wasn’t a wireless router. A trip to PCWorld later we now have a ADSL modem/wireless router with four physical ports. Dita picked up a wireless card and is enjoying it as I’m writing this. I looked at a wireless PCI card as well, but since no-one at PCWorld could tell me exactly what chipset the cards had I didn’t bother buying anything. I can wait a few days until it arrives from LinuxEmporium.

Life is back to normal after having taking an almost year-long break. I really ddn’t think that moving to England would mean stepping back in time, but it did. Finally BT has managed to bring us back to the correct decade. We now have broadband!

A big thanks to Merula who managed to get us connected in only 5 days. A big two-fingered salute to Demon who didn’t want to engage with BT to get us connected, if it weren’t for them we would probably have had a fast connection already a few weeks ago!

Read a post on epiphany-user yesterday on how a hidden location bar appears when Ctrl-L is pressed. Then it goes away again. Very nice. It also seems that the version in Debian keeps information about “Generic Postscript” printing–I don’t need to enter a2ps in the text box anymore, it’s remembered.

I just love how the irritation points in the GNOME UI just keep on disappearing

You just can’t make this stuff up!

The last time I tried getting gpg-agent to work I gave up. That was on Ubuntu, and I only spent about 5 minutes on it. This time around I spent 10 minutes on it, and it’s working like a charm.

After installing gnupg-agent and pinentry-gtk2 I fired up the following line to ~/.gnupg/gpg.conf

use-agent

I then ran gpg-agent --daemon --sh from the command line. It printed a shell command line for setting $GPG_AGENT_INFO. I copy pasted it in the shell and executed it. Then I signed two files, the first time I got a pretty dialogue (GTK2) and the second time nothing.

The gnupg-agent package comes with a script in /etc/X11/Xsession.d/ that will execute the agent on X login. Logging out and then back in, firing up an xterm and echo $GPGP_AGENT_INFO verified that it worked properly.

Next step was to get Mutt-NG to play nice. Adding set pgp_use_gpg_agent = yes didn’t quite do it. A few searches on Google revealed that I needed to remove --passphrase-fd 0 from my pgp_*_commands.

The current version in BZR, that’d be version 0.8pre1, has internationalisation support. Currently there’s only one language, Swedish, but I’m looking forward to receiving onther languages to add to the list. (I’m more than happy to receive any pointers regarding the language in epilicious, be it English, Swedish, or any other language.)

The actual implementation was very straight forward, basically I copied what’s in Python’s gettext documentation. I read some other documents as well, just to know what I was getting myself into The GNOME developers have two documents worth reading. The first one, internationalising GNOME applications, contains what you need to know about internationalising the different types of source files in a GNOME application. The second contains localisation guidelines for developers, it’s not as technical as the first but it’s a good complement to the first.

The document on secure APT contains an excellent explanation of what secure APT actually is. One section is empty though–the one about setting up your own secure APT repo.

I have some circumstantial evidence that my local APT repo is secure. apt-get update complained about packages being “unsecure” when I installed from it. Then I signed my Release file, and instead I was told that the key was missing. Then I used apt-key to add my GPG key and the complaint went away.

I use dput and mini-dinstall to manage my local repo. At some point I’m planning on synchronising it to another computer so that it’s available to others as well, but due to bandwidth problem I haven’t started doing this yet.

My ~/.dput.conf looks like this:

[DEFAULT]
allow_unsigned_uploads = 0

[local]
fqdn = localhost
method = local
incoming = /usr/local/apt/mini-dinstall/incoming
post_upload_command = mini-dinstall --batch

As you can see my local repo lives in /usr/local/apt. Then the ~/.mini-dinstall.conf looks like this:

[DEFAULT]
architectures = all, i386
archivedir = /usr/local/apt
use_dnotify = 0
verify_sigs = 1
extra_keyrings = ~/ms_home/secret/gnupg/pubring.gpg
mail_on_success = 0
archive_style = flat
poll_time = 40
mail_log_level = NONE
generate_release = 1
release_description = Magnus' Funky Packages
release_signscript = ~/bin/release_sign

Most of this should be obvious to anyone who’s read the manpage. The only interesting bit is the release_signscript at the end. Based on information in the manpage I wrote this little shell script:

#! /bin/sh

gpg --detach-sign --armor --output Release.gpg $1

Pretty straight forward really!