/srv/irclogs.ubuntu.com/2011/10/30/#ubuntu-devel.txt

=== dendrobates is now known as dendro-afk
slangaseklool: your udev upload to precise seems to include a lot of changes not explained in the changelog, including the disappearance of the entire test/ tree from bzr - was this intentional?03:20
micahgslangasek: infinity: thanks for taking care of tzdata03:29
slangasekmicahg: no problem03:48
pipaloCan someone upgrade this http://bigbrovar.aoizora.org/index.php/2011/05/24/better-clickpad-support-for-ubuntu-11-04/ patch for 11.10 please ?04:04
pipalohttp://tinyurl.com/1104patch04:06
f0xhiii everyone, i want to know how i can become ubuntu developer04:55
micahgf0x: https://wiki.ubuntu.com/UbuntuDevelopers04:57
f0xactually michag i am much more noob, i want to know how much programming should i knw to contribute to ubuntu..??04:58
micahgf0x: not necessarily much, but it helps (BTW, there are many non-programming ways to contribute to Ubuntu)04:59
f0xi want to contribute in programming, i will learn stuffs that is needed for it..05:00
f0xi knw cmd line prograaming in c/c++, a little bit of python and php too05:01
micahgf0x: that should be plenty :)05:02
f0xsure..?? i can start contributing to developing with this mch..??05:02
micahgf0x: there are 2 types of components to programming in Ubuntu: packaging and fixing bugs, which would you be interested in (both is fine :))05:03
f0xi don't knw if this programming does ever do any important stuffs,05:03
f0xsorry, was disconnected05:06
f0xi will like to do both, i am currently reading stuffs on exploitation, buffer overflow and stuffs , i think may be i would learn more in that way too, so both bug finding and programming05:07
f0xmicahg, there..??05:09
micahgf0x: sorry, in the middle of dinner, can we chat in a bit?05:09
f0xsure.. sure, thanks for reply anyway, and please carry on with your dinner, sorry to disturb you in between your dinner :)05:10
micahgf0x: so, you mentioned C++ and PHP, are there apps in either of those languages that have open bugs in Ubuntu that you use (and would like fixed)?06:03
f0x_after finishing the setup of tools like bzr and pbuilder, what next..??06:05
f0x_https://wiki.ubuntu.com/BeginnersTeam/FocusGroups/Development/Devbeginnings06:05
* micahg wonders where that new developer guide is06:07
micahgf0x_: http://developer.ubuntu.com/packaging/html/fixing-a-bug.html06:08
f0x_how is this..?? http://developer.ubuntu.com/resources/06:10
micahgthat's good information, most of the site is geared towards people who want to make apps for Ubuntu, but there's plenty of good information for Ubuntu Developers as well06:12
f0x_can't find any documentation focused on ubuntu developer's :(06:13
micahgf0x_: http://developer.ubuntu.com/packaging/html/06:15
f0x_looks informative06:15
f0x_i think , i will have to start with bug fixing first.06:18
micahgf0x_: sounds good, feel free to ask any questions here or in #ubuntu-motu06:19
f0x_thanxx a lot micahg ,06:20
micahgf0x_: you're welcome06:20
=== bryceh is now known as bryce_away
=== htorque__ is now known as htorque
=== dendro-afk is now known as dendrobates
=== dendrobates is now known as dendro-afk
bluefoxicyAnyone know what the current de-facto method is in Linux to hook into the kernel and intercept file system access?21:01
bluefoxicyThat's fuse, right?21:01
RAOFbluefoxicy: Depends on what you mean - fuse is for implementing userspace filesystems, so you can certainly hook into a filesystem you *write*21:15
bluefoxicyRAOF: upon executing /usr/bin/chromium-browser, it is recognized that an updated version is available and has been downloaded, that it is a security update, and the update is applied before launching.21:26
bluefoxicyRAOF:  upon mmap(PROT_EXEC...), same is done for libraries21:27
* micahg turns his head towards the chromium update discussion21:27
RAOFbluefoxicy: And you want to work out...?21:28
bluefoxicyRAOF: how to implement that21:28
bluefoxicybecause I'm not sure what kernel facility lets me pause exec() or mmap() while i do other crap21:29
RAOFWhy would you pause exec()?  Wouldn't you just check for updates, download it, and then exec() the new thing?21:30
azeem_maybe you need a LD_PRELOAD library which overwrites the libc calls, like libfakeroot=21:30
bluefoxicyRAOF you'd still need to intercept exec() with another command and possibly tell the kernel not to exec() or to exec() something else so the parent process doesn't return a "not found" error and then 5 minutes later your stuff magically launches21:31
micahgbluefoxicy: are you trying to implement a new feature here or is this something that exists?21:31
RAOFbluefoxicy: What, why?21:31
bluefoxicymicahg:  new feature21:32
bluefoxicymagic management21:32
bluefoxicyRAOF:  Because I wrote some silly description of a non-existent Linux distro a decade ago that included all kinds of crazy shit as features and I want to try implementing some of it21:32
RAOFbluefoxicy: You could resolve a longstanding FIXME in the dynamic loader by figuring out how to reload libraries :)21:32
RAOFbluefoxicy: No, I mean why would you need to intercept exec()?21:33
bluefoxicythings like being nigh-invulnerable to certain classes of exploits (Ubuntu has that now, full ASLR and stack smash detection and the like), or having fancy administrative tools21:33
bluefoxicyRAOF how would you do it?21:33
azeem_how would Drepper do it21:33
cjwatsonjust have the application check by itself, and then re-exec21:33
cjwatsonintercepting exec is massively overthinking the problem21:34
bluefoxicyHow would you make a system that detects the execution of a program, makes sure it's up to date before it's executed, update it if not, and do all this seamlessly21:34
cjwatsonI wouldn't21:34
RAOFOh, man.  That would be a nightmare!21:34
bluefoxicyaccounting for any shell, any UI, and any programmatic method ever coded or possible to code into any program attempting to exec() that binary21:34
RAOFI think that's actually a bad idea; you're adding an indeterminate latency to all execute calls.21:35
RAOFBecause "makes sure it's up to date" involves hitting the internet.21:35
bluefoxicyprobably21:35
bluefoxicyyou're underthinking the problem though21:35
RAOFAnd if it *doesn't* involve hitting the internet, then we've already solve this.21:35
bluefoxicy1)  This would be configurable, and has many ways of being implemented (including grabbing from a local repository in a large network)21:36
* cjwatson suggests not starting out with a solution statement21:36
cjwatson("intercept execve")21:36
sladenmmmm, oh yes!21:36
bluefoxicyand 2) "checking" for things being up to date doesn't mean "run apt-get update every time someone calls exec()"21:36
RAOFbluefoxicy: But it fundamentally means "hit the network everytime someone calls exec()" - otherwise you'd just configure apt to check every 15 minutes and automatically install updates.21:37
bluefoxicy(also, the consideration of checking, downloading, installing, etc, has all kinds of error conditions that need consideration, such as what to do if the package isn't downloaded already and the network is not working--obviously, you recognize that, and continue on yourway)21:37
* cjwatson can think of at least one application where execve is performance-critical - it's spectacularly the wrong layer for this21:37
bluefoxicyshrug21:38
bluefoxicyAll I'm hearing is "this can't be done"21:38
bluefoxicycjwatson:  what application is this anyway?  Curious.21:38
cjwatsonman-db21:38
RAOFI think we're saying that this *shouldn't* be done.21:38
cjwatsonnot to mention zillions of little sysadmin scripts21:38
bluefoxicyI don't see how man-db is critical on execve21:38
cjwatsonI dod21:39
cjwatsonI do21:39
bluefoxicybesides what's the worst that can happen21:39
RAOFOr, rather, that you should back up and describe the problem you're trying to solve at a higher level.21:39
cjwatsonit's already the slowest thing in Ubuntu upgrades21:39
bluefoxicyit checks if ls is up to date one time?21:39
slangasekthe worst that can happen is that your code to do the checking, downloading, installing becomes a fun target for security exploits21:39
cjwatsonsorry, but you know, I've actually analysed this.21:39
cjwatsonexecve is an inappropriate place for this, but that doesn't mean that if you back up and start out from a problem statement rather than a solution statement, that you can't still achieve your goal21:40
cjwatsonI would suggest considering things in terms of applications rather than executables21:41
bluefoxicyhow I wish I had web space21:41
bluefoxicyhttp://img403.imageshack.us/img403/369/screenshotat20111030174.png THIS is from 2003-200421:42
bluefoxicyJIT updating and installation is a feature of Windows too isn't it21:43
RAOFI don't believe so, no?21:44
bluefoxicypublished applications?21:44
RAOFPublished where?21:44
bluefoxicyWhen you run them they update or install automatically from network media21:44
bluefoxicyit's an active directory function21:44
bluefoxicyyou get an icon for Microsoft Word on your desktop, but if you run it Word isn't installed.  or it's the new version of word but you have the old version.21:45
RAOFThat might be why I don't know it.21:45
bluefoxicybut when you run it, the new version runs, installed or not.21:45
cjwatsonthere's a big difference between having a system that causes selected applications to auto-update/install and doing it for every executable21:45
cjwatsonyou could do the former today with a wrapper script, quite seasily21:45
cjwatson*easily21:45
bluefoxicywhoa21:45
bluefoxicyKorean21:46
cjwatsonwhat?21:46
bluefoxicy<cjwatson> you could do the former today with a wrapper script, quite s[korean]easily21:47
cjwatsoner, no21:47
cjwatsonit was probably some lag-induced representation of a backspace21:47
bluefoxicy日本語 が じょ ありません。21:47
bluefoxicyanyway21:48
bluefoxicyhttp://0install.net/ this is still interesting.21:49
bluefoxicycjwatson:  I seem to recall a guy that told people he was going to make buffer overflow vulnerabilities completely elective in about 2 months time21:51
bluefoxicythat was in August 2001 ... he got laughed at if I remember right.21:51
bluefoxicyin October 2001, he released PaX, which implemented a NX bit on i386 and a security policy that limited buffer overflows to causing program crashes.21:52
cjwatsonright, but it doesn't follow from that that everything that is criticised is correct :-)21:52
bluefoxicyThere are things that can be done, and there are things that haven't been done.21:52
bluefoxicycjwatson of course not21:52
bluefoxicybut it does seem to be a design pattern that every significant invention is said to be impossible or at least a very bad idea before it's done21:53
cjwatsonconfirmation bias21:53
RAOFI don't think that's true at all.21:53
cjwatson(if that implication holds, it doesn't hold the other way round)21:54
bluefoxicythe light bulb.  Batteries.  Radio.21:54
RAOFRight.  You don't see the vast majority of bad ideas which go on to become... bad ideas.21:54
bluefoxicyA computer fast enough to make use of more than 32 megabytes of RAM in any meaningful way.21:54
* cjwatson would not be inclined to compare himself to Marconi, even by implication21:54
bluefoxicyMan in space.  Government.21:55
RAOFI'm not familiar with all of those, but were any of the actually considered to be impossible or a bad idea?21:55
bluefoxicyRadio was not only considered to be impossible (communications at a distance), but also repeatedly considered impossible WHILE IN USE21:56
cjwatsonyou're seriously advancing this as a defence of your idea?21:56
azeem_it's the cold-fusion defense21:56
bluefoxicythe lower frequency bands were the only bands for a while.  FM radio operates over a garbage band that's impossible to make use of.  VHF is completely useless because it breaks down out of direct unobstructed line of site and doesn't reflect off the ionosphere.  Same with UHF.21:57
cjwatsona working implementation would be a better defence21:57
bluefoxicyagain and again with radio lol...21:57
* cjwatson tends to take the IETF line on this - rough consensus and running code21:57
bluefoxicycjwatson:  no, I just think it's worthwhile arguing that many good ideas are killed or just an uphill development battle because the vast majority of the world doesn't believe in them :P21:57
cjwatsonit's an utter fallacy though21:58
bluefoxicypeople are less interested in how to achieve a goal than they are in why that goal is unachievable21:58
cjwatsonand it's a waste of time21:58
cjwatsonif you seriously think it's a good idea, and don't think it's worthwhile listening to others, then just do it21:59
bluefoxicyto the point that some ideas have faced such scrutinty in the past by which very rich folk have spent lots and lots of money campaigning against them because they're ridiculous, only to have some hack make it work and also have the market find out the end product is the most useful thing in the world at the time.21:59
cjwatsonee what happens21:59
cjwatson*see (gah, lag)21:59
RAOFPeople don't spend money campainging against things which they consider impossible.21:59
cjwatsonbut you can't expect to persuade other people by comparing yourself to the inventor of radio - if people dived head-first into every crazy idea that came along, they'd never have time for anything else :)22:00
bluefoxicyGlobal warming, solar power versus the clean coal industry, there's a lot of people out there saying solar/nuclear/whatever doesn't work or is too far off or has hidden problems.22:00
RAOFAnd if you *made* this work - or semi-work - then people would be more likely to take it seriously.22:00
bluefoxicy(though that's mostly business and politics)22:00
cjwatsonideas that are demonstrated to actually work, by means of a real implementation, have a better chance of people paying attention to them; that's an excellent filter22:01
bluefoxicyheh22:01
bluefoxicyanyway this tangent has gone too far22:01
bluefoxicyI guess the only working hook is LSM22:01
RAOFWe don't, in general, have a shortage of good ideas; we've got a shortage of implementor-time.22:01
bluefoxicyRAOF:  I've always got a shortage of implementor-time :P22:02
bluefoxicybut that's what happens when people have day jobs22:02
bluefoxicyI was a lot more useful when I didn't have a  job :(22:02
bluefoxicyah well.  Maybe I'll do something easier, like write a stock market analysis program that implements pivots and strength/weakness arcs.22:05
slangasekcjwatson: could you slap zinoviev for not git tagging his console-setup uploads? :)22:10
cjwatsonif he ever came on IRC I would :)22:10
slangasekdrat :)22:11
cjwatsonmicahg: FWIW, my reading of the xine-lib changelogs you quote is that the situation in natty was exactly the same as now; which doesn't mean we shouldn't fix it, but I don't think siretart's recent merge changed anything22:16
micahgcjwatson: I am tired, maybe I misread, looking again22:16
micahgcjwatson: ah, indeed, I took the don't build against system libs to mean don't build :(, but 1 new library was added22:17
* micahg will double check and then send a followup mail clarifying22:17
micahgcjwatson: thanks :)22:18
cjwatsonare you sure?  he said "remove build-dependency on libvcdinfo-dev", which to me means probably building against the internal version22:18
micahgah, yes, probably...22:18
cjwatsonI guess a diff would be worthwhile to make sure, but it looks like four either way22:19
* micahg is doing that now22:20
micahgcjwatson: verified that the same libs are being used (at least as far as the rules file goes), apology E-mail sent22:29
sbtehey, can anybody here tell me why sensible-browser doesn't detect the default system browser in oneiric? And what to use instead to open urls in the default browser?22:38
micahgsbte: xdg-open?22:40
sbtemicahg, that works with http:// prefixed indeed22:41
sbtebut most applications do use sensible-browser or x-www-browser, and I think it was handled correctly in natty22:42
micahgwe really should standardize on something, but I think that needs to happen in Debian first22:43
micahgx-www-browser is alternative based so that usually will not DTRT22:43
sbtesensible-browser should I guess. The webbrowser module in python seems to use it through the default url-handler for http which is set to sensible-browser %s22:45
micahgsbte: sensible-browser defaults to alternatives, seems to be used to pick one out of a list of browsers passed to it and use what it finds or fall back to an alternative22:47
sbtemicahg, so maybe /desktop/gnome/url-handlers/command should be set to the xdg-open %s?22:48
sbtemicahg, do you know if xdg-open is installed on all gnome based systems? gnome-open seems to be the default, but it's not installed on oneiric at least22:50
micahgnot sure, it seems to be installed on most Ubuntu systems though22:51
* micahg will be back later22:54

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!