8月 072014
 

最近,我发现 Fedora 系统上没有 plugdev 群组,而是使用动态 ACL 的方式允许普通用户访问可插拔设备等。

事情的缘由是我在折腾软件无线电 (SDR),更特别的说就是 bladeRF,它在编译安装时会自动安装相应的 udev 规则,以使得普通用户可以访问这块板卡。它提供的 udev 规则文件为 /etc/udev/rules.d/88-nuand.rules,内容如下:

# nuand bladeRF
ATTR{idVendor}=="1d50", ATTR{idProduct}=="6066", MODE="660", GROUP="plugdev"

# Reserved for future bladeRF-specific bootloader
ATTR{idVendor}=="1d50", ATTR{idProduct}=="6081", MODE="660", GROUP="plugdev"

# Cypress Bootloader
ATTR{idVendor}=="04b4", ATTR{idProduct}=="00f3", MODE="660", GROUP="plugdev"

其含义是将 bladeRF (以及相关设备)的权限设为仅属主和群组可读写,群组设为 plugdev。类似的使用 plugdev 群组的 udev 规则设置,在许多涉及可插拔外设的上游项目里都会看到。

然而事实上 Fedora 系统上是没有 plugdev 群组的。bladeRF 维基建议手动建立该群组,并将当前用户添加进去。 但这种做法其实是不被 Fedora 推荐的,原因是这种静态的设备管理群组

  • 不安全。考虑这样的一个场景:一个 SSH 远程登录的用户可以访问物理主机的摄像头、麦克风,只要他是该群组的成员。
  • 不灵活。需要手动地维护该群组的成员列表,新增用户还需要注销当前会话重启会话才能使用该设备。
  • 不具体。plugdev 群组的用户可以使用任何可插拔设备,不论这个设备是手机、摄像头还是麦克风。

Fedora 支持动态的权限控制 (ACL),可以根据用户会话状态、物理座位(seat)配置来决定是否授权设备。在这种机制下,udev 规则文件可以是简单的一行

SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", \
  ATTRS{idVendor}=="1ed8", ATTRS{idProduct}=="000[456]" \
  ENV{ID_<some_name>}="1"

这里的 ID_<some_name> 是设备的一个“合适”的类别,例如 ID_CDROM, ID_MEDIA_PLAYER 等。它会出现在 Systemd 的 uaccess 规则文件 70-uaccess.rules 中,这个文件会授权此类设备给活跃用户。

遗憾的是,目前 uaccess 规则文件里并没有一个软件无线电有关的设备类别。所以暂时只能像如下的 udev 规则文件中那样,直接给设备加上 uaccess 的标签:

SUBSYSTEM!="usb", GOTO="nuand_rules_end"
ACTION!="add", GOTO="nuand_rules_end"

ATTR{idVendor}=="1d50", ATTR{idProduct}=="6066", TAG+="uaccess"

# Reserved for future bladeRF-specific bootloader
ATTR{idVendor}=="1d50", ATTR{idProduct}=="6081", TAG+="uaccess"

# Cypress Bootloader
ATTR{idVendor}=="04b4", ATTR{idProduct}=="00f3", TAG+="uaccess"

LABEL="nuand_rules_end"

注意 udev 规则文件命名时开头的数字编号需要小于 70,此时 uaccess 才会生效。如果设备已经连接到电脑上,要使新添加的或新修改的规则生效,还需要 udevadm trigger 一下。

事实上,邮件列表并不推荐上述做法,udev 与 Systemd 开发者 Kay Sievers 表示设备规则文件不应该直接设置 uaccess 这一标签。我已经在 systemd-devel 邮件列表上请求添加一个软件无线电相关的设备类别,得到了肯定的回应,并最终在这次提交中添加了 ID_SOFTWARE_RADIO。在不远的将来,带有这一改动的 Systemd 进入主流发行版后,我们将可以通过在 udev 规则文件中使用类似 ENV{ID_SOFTWARE_RADIO}="bladerf" 的语句,让普通用户以一种更安全灵活的方式使用软件无线电外设。

7月 122014
 

This is my own (unofficial) report of FUDCon APAC 2014 Day 2 (Sunday).

Main Hall

The hosts in the main hall on Sunday were Tobi from GNOME and Tommy He from Fedora. The sessions began with the keynote speech on Systemd by Lennart Poettering. He talked about what is the modern Linux system and what role Systemd plays in it. Pity I didn’t finish listening to the talk, since I was asked out to help with hacking room. It turns out quite a few guys would like a separate hacking room. So we decided to open up Room 2 for hacking. Shortly after setting it up, the most important guest, Richard Stallman (RMS), came to the venue along with Zeuux guys and others. They were not happy with the booth setup (it was the last booth) until an exchange was made. They brought many swags, and some of them are to be sold rather than given away. Richard also went into the hack room since it was still some time from his keynote.

IMG_8876

After Lennart’s talk there were four lightning talks. It’s such a pity that I missed them all, in particular biergaizi’s lightning talk on “Tips about Linux Servers”. Then RMS’s keynote on “Computing, Freedom and Privacy” began. Many more people were coming and filling up the main hall. RMS’s talk itself is not quite new to me since I had listened to him in Tsinghua. The part about why GNOME was created at all was new, but the history was already familiar to Linux hobbyists. However, being able to listen to his talk on site was quite impressive and educating. I have the feeling that his opinion might be ahead of the time but is always right. In the middle of the talk, he held an auction for a toy gnu and “an adorable book” (Free Software, Free Society). After the talk was the Q&A, which lasted till about 12:45. We went to Heyi Building for lunch after that.

IMG_9006

At lunch I got the message from zsun that Ankur would like to have the GPG key signing party in a small room rather than main hall. That was doable and we had difficulties to find a substitute to fill in the empty slot in main hall. At last the signing party was held in Room 2 and there was no replacement in main hall.

Room 3

After lunch it was near 14:00, and the first talk in Room 3 was supposed to be mine. So I hurried there to prepare. The volunteers (Feng Tian, Justin Wong, Rosie Ye, Tang Zhixin, etc.) were ready. I began my talk on LaTeX Tips a little bit later than the schedule. I talked about common compilation errors and output errors and how to fix them. The time was limited so I skipped the part about math formulas and BibTeX errors. I got a question about the main advantages of LaTeX compared with GUI Office applications. I explained that the advantages lie in high quality output and automatic generation of table-of-contents and list-of-various-stuff. Users normally only focus on the main contents rather than formatting issues.

The second talk was “CD using Docker” by Gerard Braad. He explained the actual definition of CD, Consistent Development and Deployment, and use Docker to demonstrate the concept. He introduced PaaS, LXC, cgroups, Dokku and so on along the talk. The talk was presented in an interactive and interesting way: questions, answers, and gifts!

After that there were only 10 minutes for tea break. However it was a nice time to take photos in front of the large banner. The following talk was meant to be Carbo Kuo’s Batsh topic, but he could not come and had sent regrets on Saturday. So Cheer Xiao’s talk was moved upwards to fill in the slot. Cheer Xiao talked about his experiments with Elvish, a new Unix shell created by himself. There were many considerations and tradeoffs when designing a shell, and he introduced the philosophy behind his choices. He also compared it with existing shells such as fish and zsh.

There was no more talks in Room 3 afterwards, so we headed for Room 8 to join the discussion about Fedora Women.

Room 8

The last talk in Room 8 was “Fedora Women” by Nitesh. He would like to make it more an interactive discussion than an oral presentation, and asked zsun and me to help translate. The session turned out to be quite productive. There were many nice suggestions out of the discussion. The main points are summarized as follows (with relevant names in parentheses):

  • For online communications such as IRC in a diverse community like Fedora, people generally do not know whether one is a man or woman, so there is normally no discrimination against gender. The community is equal to men and women. Potential women contributors should not fear questions such as why do you code you are a girl. If there is any such question, it is more important what is one’s interest than what is others’ opinion. (Nitesh, Ankur, Feng Tian)

  • Fedora has many roles and tasks for contributors. Even if you do not like coding, you can try to join the design team or the translation (L10N) team or others to contribute. Fedora also has a lot of special interest groups (SIGs) which welcomes people with that special interest, such as electronics, cloud computing and so on. And there is the opportunity to start a new SIG. There is a SIG called Fedora Join SIG, which is an ideal place for people who are new to the project and do not know what exactly they should do. You can just do informal introduction in the Join SIG mailing list and people will help you find what you can do. (Jaroslav, Aditya, Nitesh, Ankur)

  • There are many tasks waiting for people to join and contribute. And there will be many new tasks since Fedora.next is coming. Some of them are easyfix ones, which is very suitable for new contributors to get started. (Ankur, Jaroslav)

  • The local communities should draw the attention of outside non-users, organize activities to help them especially women to install Fedora on their computer and to show them how things work in the communities. Among the activities some can be girls oriented. Besides, blogging about how to install the OS and how to do various things on Fedora! (Martin, Aditya, Nitesh)

  • Lovely dolls attract girls! We should design more stuff than stickers for offline events. (Feng Tian, zsun)

  • Fedora might have a narrower user base than other projects like GNOME. But people can actually contribute to Fedora even without using it everyday. The way can be bug reporting, translating, or volunteering in offline events, etc. (Justin Wong, zsun)

  • A question to current contributors: why do you fail to bring your girlfriend to the community? (Robin Lee)

  • We should continue the discussion after the conference, rather than raising the same question again on the next conference. We should setup activities talking about how to achieve something, especially in Beijing. We should have clear targets. (Martin)

Closing

We went back to the main hall for the closing part of the event, and found the last talk in the main hall had not been finished, and it also became a discussion. So it seems we should consider panel discussion as a session type in the future.

The closing speech was given by Kat (IIRC) and Jaroslav respectively, and then followed by the speech by the local team. Emily and I went on the stage. She spoke in English and I did the translation. We gave our thanks to everyone, especially hardworking volunteers. The two hand fans, full of writings in different languages, were given to Tong Hui and Zamir Sun respectively as gifts for best volunteer of each community. The top horizontal scroll for the couplet was decided to be “Happy Hacking” according to the result of two days’ voting. At last we had a group photo.

SAM_4563.JPG

SAM_4575.JPG

Evening

In the evening we had a very nice buffet dinner at Oasis Café, Vision Hotel, which is just behind the conference venue. We toasted to everyone and thanked them for coming. I sat with robyduck and zsun. We talked about a lot of things including robyduck’s travel plan. Robyduck also pointed out a possible issue with FZUG’s logo. Richard Stallman also went to the celebration party. Besides, zsun and I stood in front of the camera of Nitesh near the cafe since we promised to participate the short interview by him and Ankur. It was such a relax at the dinner after two days’ event and after several months’ preparation. And I was really happy that many people found the event good and successful.

1月 032014
 

NOTE: For Chinese readers, there is a Chinese version of the report here.

Happy new year everyone!

The Fedora 20 Release Party in Beijing was successfully held at Turing Office last Wednesday (Dec 25). It was organized by Fedora Zhongwen User Group with the help of Beijing GNOME User Group. There were 22 registrants on site, which is comparatively fewer than previous due to the time arrangement.

The release party began at 6 pm. (I was late for about 10 minutes.) We conducted the registration on a computer: We opened a LibreOffice Calc spreadsheet filled with pre-registrants’ information so that they can just type 1 to register. As for others we required them to type their names and email addresses. As usual, every attendee can pick a Live DVD and a sticker. We prepared 50 Fedora 20 DVDs. Each of them has a label with Fedora 10th anniversary icon, and is 64bit with either GNOME or KDE. The stickers are from Fedora, GitCafe, and CSDN CODE.

The party entered pizza time at around 6:30 pm. We had ordered seven pizzas, 5 large and 2 small. Along with drinks and snacks sponsored by CSDN, they more or less met the requirement of everyone’s supper. While supper we managed to collect four topics for the talk.

The talk session started from 7:30 pm. In the opening address, I welcomed everyone, and introduced the features (changes) of Fedora 20 and the 10 year history of Fedora project briefly. Then it came to the first talk, which was "systemd Introduction" by Robin Lee, an active Fedora packager, FZUG member, and skilled programmer. He talked about the origin, main concepts, and core implementation of systemd as well as its impact on application development. There were in depth discussions about the implementation details and comparison with other competitors in and after the talk.

systemd Introduction by Robin Lee

systemd Introduction by Robin Lee

Then there were three short talks. The first one was "Open Source Strategies of CSDN" by Orson Zhai. He pointed out that CSDN has set open source as one focus, and CSDN CODE is striving to provide a better collaboration platform for open source projects in China. Then David Liang from SUSE talked about the state and progress of "Automatic Testing for GUI". Currently there is no mature tool for automatic GUI testing to increase the efficiency of desktop testing. Projects such as openQA aim at building such tools and are being developed. The last talk was an introduction to Fedora.next by Robin Lee. Fedora.next is a plan being carried to improve the current release practice of Fedora. Based on the reflections of the existing practice, Fedora.next tries to replace the single repository with four rings of packages. Each ring can has its packaging polices. Besides, multiple working groups with possibly different release strategies are formed to build multiple products. In summary Fedora.next aims at better integration of Fedora and the overall open source ecosystem, and more involvement and contribution from more people.

We prepared several GitCafe cups, and Turing generously provided some Linux books. They were distributed as gifts for questioners. CSDN brought gifts for speakers too. Then after all the talks, at around 9:30 pm, we took a group photo.

Group Photo

Group Photo

It is worth pointing out several issues for the event. The pizzas was sent earlier than the registration, without receipts. The number of attendees is small since it was arranged at weekday night. The discussions were more abroad than expected and led to overtime. So to avoid the issues:

  • When ordering takeout, specify both the earliest and latest time.
  • To attract more people, make the event happen on weekend day (afternoon) at easily findable venue.
  • Prepare for overtime, and put the start time as early as possible.

The slides links is available on the wiki page. The photos can be found on G+. Don’t forget to take the post-event survey before Jan 11! You feedback is appreciated!

1月 022014
 

先给各位朋友道声新年快乐!

上周三(12 月 25 日)晚上在立水桥南附近的图灵办公室,由 Fedora 中文用户组主办,北京 GNOME 用户组协办,并由 CSDN 赞助的 Fedora 20 发行派对北京站活动顺利举行。由于时间是在工作日,恰逢圣诞,又是晚间活动,到场人数与以往相比偏少,最终注册了 22 人。

活动开始时间是下午六点,我迟到了十多分钟。这次注册为电子注册:在 Fedora 电脑上开一个 LibreOffice 电子表格,预报名过的人可以直接填 1 进行签到,现场报名的只需填上自己的名字和邮箱。照惯例,注册后每人可以领取一张 Live 光盘和一枚贴纸。我们准备了 50 张 Fedora 20 光盘,盘贴上有 Fedora 10 周年纪念字样,光盘有 GNOME 64 位以及 KDE 64 位两种以供选择。这次的贴纸不仅有 Fedora 的金属图标,还有 GitCafe 贴纸和 CSDN CODE 带来的 Git 主题贴纸。

大约六点半时,活动进入比萨时间。我们预订了五大两小共七个外卖比萨,加上 CSDN 赞助的零食饮品等,比较好地满足了大家的晚餐需求。在晚餐闲聊环节,我们征集到了一大三小共四个主题演讲。

演讲从七点半开始。在各个主题演讲之前,我对大家的到来表示欢迎,并简单介绍了 Fedora 20 新特性以及 Fedora 项目 10 周年的历史。之后便开始了第一个主题演讲。演讲是活跃的社区成员、Fedora 打包者李瑞彬带来的“systemd 简介”。他介绍了 systemd 的历史缘起、主要思想、实现核心,以及对程序开发的影响。大家在演讲中和演讲后对 systemd 的实现细节、与竞争者的对比等方面进行了深入的讨论。

李瑞彬介绍 systemd

李瑞彬介绍 systemd

之后是三个较短的演讲。首先是 CSDN CODE 的翟京介绍了 CSDN 的开源策略。开源已成为 CSDN 的一个重心,其推出的 CODE 平台将力图为国内开源项目提供更好的协作平台。然后是 SUSE 的 David Liang 介绍了图形界面自动化测试的现状和发展。图形界面程序的自动化测试可以极大提高图形界面测试工作的效率,但目前尚无成熟工具,OpenQA 等项目在力图打造优秀的图形界面自动化测试工具。最后一个演讲是李瑞彬对 Fedora.next 的简要介绍。Fedora.next 是 Fedora 现有发行模式的改进计划。它基于对现有模式的反思,将单一的软件仓库分为四个环 (Ring),不同环可以采取不同的打包策略,另外组建多个工作组 (Working Group),打造多个产品,不同组可以有不同的发布策略。总体上力图让 Fedora 和开源生态更好地融合,让更多人可以参与到 Fedora 项目当中。

我们事先准备了若干杯子,图灵提供了若干 Linux 图书,在问答互动环节作为奖励进行了分发。最后九点三十许,大家合影留念。

集体合影

集体合影

这次活动也呈现出一些问题与不足:比萨送餐人员比预定时间提前半个小时把比萨送到了,先于不少参加活动人员的到场时间,而且没有现场给发票。因为是工作日晚上,加上场地位置在五环外对于其他区的人来说相对偏远,最终现场参与的人数偏少。虽然人不多,但大家讨论交流的比较深入广泛,时间控制得不太好,最终活动结束比预定晚了半个小时。总结出来的经验教训是:

  • 外卖订餐不仅需要指定不晚于的时间,还要指定不早于的时间。记得要发票。
  • 要想让活动参与人多,最好在周末白天(下午),场地交通要方便且易找到。
  • 要有超时的准备,开始时间应尽量往前赶。

本次活动演讲的幻灯片链接可以在维基页面看到。活动照片可以在 G+ 上看到。最后,参加了活动的朋友请记得在 1 月 11 日之前填下反馈调查问卷!欢迎您对活动留下宝贵意见!

修订记录:

  1. [2014-01-02] 修正星期几错误……