Tag: fedora

Posted on by Leave a comment

How to contribute to Folding@home on Fedora

What is Folding@home?

Folding@home is a distributed computing network for performing biomedical research. Its intent is to help further understand and develop cures for a range of diseases. Their current priority is understanding the behavior of COVID-19 and the virus that causes COVID-19. This article will show you how you can get involved by donating your computer’s idle time.

Sounds cool, how do I help?

In order to donate your computational power to Folding@home, download the FAHClient package from this page. Once you’ve downloaded the package, open your Downloads folder and double click it to open. For instance, on standard Fedora Workstation, this opens GNOME Software, which prompts you to install the package.

Click install and enter your password to continue from here.

How to start Folding@home

Folding@home starts folding as soon as it is installed. In order to control how much CPU/GPU is using you must open the web control interface, available here.

The interface contains information about what project you are contributing to. In order to track “points,” the scoring system of Folding@home, you must set up a user account with Folding@home.

Tracking your work

Now that everything’s done, you may be wondering how you can track the work your computer is doing. All you need to is request a passkey from this page. Enter your email and your desired username. Once you have received the passkey in email, you can enter that into the client settings.

Click on the Change Identity button, and this page appears:

You can also put in a team number here like I have. This allows your points to go towards a group that you support.

Enter the username you gave when you requested a passkey, and then enter the passkey you received.

What next?

That’s all there is to it. Folding@home runs in the background automatically on startup. If you need to pause or lower how much CPU/GPU power it uses, you can change that via the web interface linked above.

You may notice that you don’t receive many work units. That’s because there is currently a shortage of work units to distribute due to a spike of computers being put onto the network. However, different efforts are emerging all the time.

You can visually see the spike in computers on the network from last year at the same time to 4/4/2020

Photo by Joshua Sortino on Unsplash.

Posted on by Leave a comment

Using Fedora to quickly implement REST API with JavaScript

Fedora Workstation uses GNOME Shell by default and this one was mainly written in JavaScript. JavaScript is famous as a language of front-end development but this time we’ll show its usage for back-end.

We’ll implement a new API using the following technologies: JavaScript, Express and Fedora Workstation. A web browser is being used to call the service (eg. Firefox from the default Fedora WS distro).

Installing of necessary packages

Check: What’s already installed?

$ npm -v
$ node -v

You may already have both the necessary packages installed and can skip the next step. If not, install nodejs:

$ sudo dnf install nodejs

A new simple service (low-code style)

Let‘s navigate to our working directory (work) and create a new directory for our new sample back-end app.

$ cd work
$ mkdir newApp
$ cd newApp
$ npx express-generator

The above command generates an application skeleton for us.

$ npm i

The above command installs dependencies. Please mind the security warnings – never use this one for production.

Crack open the routes/users.js

Modify line #6 to: 

res.send(data);

Insert this code block below var router:

let data = { '1':'Ann', '2': 'Bruno', '3': 'Celine' }

Save
the modified file.

We modified a route and added a new variable data. This one could be declared as a const as we didn‘t modify it anywhere. The result:

Running the service on your local Fedora workstation machine

$ npm start

Note: The application entry point is bin/www. You may want to change the port number there.

Calling our new service

Let‘s launch our Firefox browser and type-in:

http://localhost:3000/users

Output

It‘s also possible to leverage the Developer tools. Hit F12 and in the Network tab, select the related GET request and look at the side bar response tab to check the data.

Conclusion

Now we have got a service and and an unnecessary index accessible through localhost:3000. To get quickly rid of this:

  1. Remove the views directory
  2. Remove the public directory
  3. Remove the routes/index.js file
  4. Inside the app.js file, modify the line 37 to:
    res.status(err.status || 500).end();
  5. Remove the next line res.render(‘error’)

Then restart the service:

$ npm start

Posted on by Leave a comment

Python 3.9 alpha in Fedora

The Python developers have already released five alpha versions of Python 3.9.0 and you can already try the latest one in Fedora! Test your Python code with 3.9 early to avoid surprises once the final 3.9.0 is out in October.

Install Python 3.9 on Fedora

If you run Fedora, you can install Python 3.9 from the official software repository with dnf:

$ sudo dnf install python3.9

In order to get the very latest pre-release, you might need to enable the updates-testing repository:

$ sudo dnf install --enablerepo=updates-testing python3.9

As more alphas, betas and release candidates of Python 3.9 will be released, the Fedora package will receive updates. No need to compile your own development version of Python, just install it and have it up to date. New features will be added until the first beta planned for mid May.

Test your projects with Python 3.9

Run the python3.9 command to use Python 3.9 or create virtual environments with the builtin venv module, tox or with pipenv and poetry. For example:

$ git clone https://github.com/benjaminp/six.git
Cloning into 'six'...
$ cd six/
$ tox -e py39
py39 run-test: commands[0] | python -m pytest -rfsxX
================== test session starts ===================
platform linux -- Python 3.9.0a5, pytest-5.4.1, py-1.8.1, pluggy-0.13.1
collected 200 items test_six.py ...................................... [ 19%]
.................................................. [ 44%]
.................................................. [ 69%]
.................................................. [ 94%]
............ [100%] ================== 200 passed in 0.43s ===================
________________________ summary _________________________ py39: commands succeeded congratulations :)

What’s new in Python 3.9

So far, the first five alphas were released, more features will come until the first beta. You can however already try out the new dictionary merge & update operators:

$ python3.9
Python 3.9.0a5 (default, Mar 24 2020, 00:00:00) [GCC 10.0.1 20200311 (Red Hat 10.0.1-0.9)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> d = {'spam': 1, 'eggs': 2, 'cheese': 3}
>>> e = {'cheese': 'cheddar', 'aardvark': 'Ethel'}
>>> d | e
{'spam': 1, 'eggs': 2, 'cheese': 'cheddar', 'aardvark': 'Ethel'}
>>> e | d
{'cheese': 3, 'aardvark': 'Ethel', 'spam': 1, 'eggs': 2}
>>> d |= e
>>> d
{'spam': 1, 'eggs': 2, 'cheese': 'cheddar', 'aardvark': 'Ethel'}

And stay tuned for Python 3.9 as python3 in Fedora 33!

Posted on by Leave a comment

Take back your dotfiles with Chezmoi

In Linux, dotfiles are hidden text files that are used to store various configuration settings for many such as Bash and Git to more complex applications like i3 or VSCode.

Most of these files are contained in the ~/.config directory or right in the home directory. Editing these files allows you to customize applications beyond what a settings menu may provide, and they tend to be portable across devices and even other Linux distributions. But one talking point across the Linux enthusiast community is how to manage these dotfiles and how to share them.

We will be showcasing a tool called Chezmoi that does this task a little differently from the others.

The history of dotfile management

If you search GitHub for dotfiles, what you will see are over 100k repositories after one goal: Store people’s dotfiles in a shareable and repeatable manor. However, other than using git, they store their files differently.

While Git has solved code management problems that also translates to config file management, It does not solve how to separate between distributions, roles (such as home vs work computers) secrets management, and per device configuration.

Because of this, many users decide to craft their own solutions, and the community has responded with multiple answers over the years. This article will briefly cover some of the solutions that have been created.

Experiment in an isolated environment

Do you want to try these below solutions quickly in a contained environment? Run:

$ podman run --rm -it fedora

… to create a Fedora container to try the applications in. This container will automatically delete itself when you exit the shell.

The install problem

If you store your dotfiles in Git repository, you will want to make it easy for your changes to automatically be applied inside your home directory, the easiest way to do this at first glance is to use a symlink, such as ln -s ~/.dotfies/bashrc ~/.bashrc. This will allow your changes to take place instantly when your repository is updated.

The problem with symlinks is that managing symlinks can be a chore. Stow and RCM (covered here on Fedora Magazine) can help you manage those, but these are not seamless solutions. Files that are private will need to be modified and chmoded properly after download. If you revamp your dotfiles on one system, and download your repository to another system, you may get conflicts and require troubleshooting.

Another solution to this problem is writing your own install script. This is the most flexible option, but has the tradeoff of requiring more time into building a custom solution.

The secrets problem

Git is designed to track changes. If you store a secret such as a password or an API key in your git repository, you will have a difficult time and will need to rewrite your git history to remove that secret. If your repository is public, your secret would be impossible to recover if someone else has downloaded your repository. This problem alone will prevent many individuals from sharing their dotfiles with the public world.

The multi-device config problem

The problem is not pulling your config to multiple devices, the problem is when you have multiple devices that require different configuration. Most individuals handle this by either having different folders or by using different forks. This makes it difficult to share configs across the different devices and role sets

How Chezmoi works

Chezmoi is a tool to manage your dotfiles with the above problems in mind, it doesn’t blindly copy or symlink files from your repository. Chezmoi acts more like a template engine to generate your dotfiles based on system variables, templates, secret managers, and Chezmoi’s own config file.

Getting Started with Chezmoi

Currently Chezmoi is not in the default repositories. You can download the current version of Chezmoi as of writing with the following command.

$ sudo dnf install https://github.com/twpayne/chezmoi/releases/download/v1.7.17/chezmoi-1.7.17-x86_64.rpm

This will install the pre-packaged RPM to your system.

Lets go ahead and create your repository using:

$ chezmoi init

It will create your new repository in ~/.local/share/chezmoi/. You can easily cd to this directory by using:

$ chezmoi cd

Lets add our first file: 

chezmoi add ~/.bashrc

… to add your bashrc file to your chezmoi repository.

Note: if your bashrc file is actually a symlink, you will need to add the -f flag to follow it and read the contents of the real file.

You can now edit this file using:

$ chezmoi edit ~/.bashrc

Now lets add a private file, This is a file that has the permissions 600 or similar. I have a file at .ssh/config that I would like to add by using

$ chezmoi add ~/.ssh/config

Chezmoi uses special prefixes to keep track of what is a hidden file and a private file to work around Git’s limitations. Run the following command to see it:

$ chezmoi cd

Do note that files that are marked as private are not actually private, they are still saved as plain text in your git repo. More on that later.

You can apply any changes by using:

$ chezmoi apply

and inspect what is different by using

$ chezmoi diff

Using variables and templates

To export all of your data Chezmoi can gather, run:

$ chezmoi data

Most of these are information about your username, arch, hostname, os type and os name. But you can also add our own variables.

Go ahead and run: 

$ chezmoi edit-config

… and input the following:

[data] email = "fedorauser@example.com" name = "Fedora Mcdora"

Save your file and run chezmoi data again. You will see on the bottom that your email and name are now added. You can now use these with templates with Chezmoi. Run:

$ chezmoi add -T --autotemplate ~/.gitconfig

… to add your gitconfig as a template into Chezmoi. If Chezmoi is successful in inferring template correctly, you could get the following:

[user] email = "{{ .email }}" name = "{{ .name }}"

If it does not, you can change the file to this instead.

Inspect your file with:

$ chezmoi edit ~/.gitconfig

After using

$ chezmoi cat ~/.gitconfig

… to see what chezmoi will generate for this file. My generated example is below:

[root@a6e273a8d010 ~]# chezmoi cat ~/.gitconfig [user] email = "fedorauser@example.com" name = "Fedora Mcdora" [root@a6e273a8d010 ~]#

It will generate a file filled with the variables in our chezmoi config.
You can also use the varibles to perform simple logic statements. One example is:

{{- if eq .chezmoi.hostname "fsteel" }}
# this will only be included if the host name is equal to "fsteel"
{{- end }}

Do note that for this to work the file has to be a template. You can check this by seeing if the file has a “.tmpl” appended to its name on the file in chezmoi cd, or by readding the file using the -T option

Keeping secrets… secret

To troubleshoot your setup, use the following command.

$ chezmoi doctor

What is important here is that it also shows you the password managers it supports.

[root@a6e273a8d010 ~]# chezmoi doctor warning: version dev ok: runtime.GOOS linux, runtime.GOARCH amd64 ok: /root/.local/share/chezmoi (source directory, perm 700) ok: /root (destination directory, perm 550) ok: /root/.config/chezmoi/chezmoi.toml (configuration file) ok: /bin/bash (shell) ok: /usr/bin/vi (editor) warning: vimdiff (merge command, not found) ok: /usr/bin/git (source VCS command, version 2.25.1)
 ok: /usr/bin/gpg (GnuPG, version 2.2.18) warning: op (1Password CLI, not found) warning: bw (Bitwarden CLI, not found) warning: gopass (gopass CLI, not found) warning: keepassxc-cli (KeePassXC CLI, not found) warning: lpass (LastPass CLI, not found) warning: pass (pass CLI, not found) warning: vault (Vault CLI, not found) [root@a6e273a8d010 ~]#

You can use either of these clients, or a generic client, or your system’s Keyring.

For GPG, you will need to add the following to your config using:

$ chezmoi edit-config
[gpg] recipient = "<Your GPG keys Recipient"

You can use:

$ chezmoi add --encrypt

… to add any files, these will be encrypted in your source respository and not exposed to the public world as plain text. Chezmoi will automatically decrypt them when applying.

We can also use them in templates. For example, a secret token stored in Pass (covered on Fedora Magazine). Go ahead and generate your secret.

In this example, it’s called “githubtoken”:

rwaltr@fsteel:~] $ pass ls Password Store └── githubtoken [rwaltr@fsteel:~] $

Next, edit your template, such as your .gitconfig we created earlier and add this lines. 

token = {{ pass "githubtoken" }}

Then lets inspect using:

$ chezmoi cat ~/.gitconfig
[rwaltr@fsteel:~] $ chezmoi cat ~/.gitconfig This is Git's per-user configuration file. [user] name = Ryan Walter email = rwalt@pm.me token = mysecrettoken [rwaltr@fsteel:~] $

Now your secrets are properly secured in your password manager, your config can be publicly shared without risk!

Final notes

This is only scratching the surface. Please check out Chezmoi’s website for more information. The author also has his dotfiles public if you are looking for more examples on how to use Chezmoi.

Posted on by Leave a comment

Using data from spreadsheets in Fedora with Python

Python is one of the most popular and powerful programming languages available. Because it’s free and open source, it’s available to everyone — and most Fedora systems come with the language already installed. Python is useful for a wide variety of tasks, but among them is processing comma-separated value (CSV) data. CSV files often start off life as tables or spreadsheets. This article shows how to get started working with CSV data in Python 3.

CSV data is precisely what it sounds like. A CSV file includes one row of data at a time, with data values separated by commas. Each row is defined by the same fields. Short CSV files are often easily read and understood. But longer data files, or those with more fields, may be harder to parse with the naked eye, so computers work better in those cases.

Here’s a simple example where the fields are Name, Email, and Country. In this example, the CSV data includes a field definition as the first row, although that is not always the case.

Name,Email,Country
John Q. Smith,jqsmith@example.com,USA
Petr Novak,pnovak@example.com,CZ
Bernard Jones,bjones@example.com,UK

Reading CSV from spreadsheets

Python helpfully includes a csv module that has functions for reading and writing CSV data. Most spreadsheet applications, both native like Excel or Numbers, and web-based such as Google Sheets, can export CSV data. In fact, many other services that can publish tabular reports will also export as CSV (PayPal for instance).

The Python csv module has a built in reader method called DictReader that can deal with each data row as an ordered dictionary (OrderedDict). It expects a file object to access the CSV data. So if our file above is called example.csv in the current directory, this code snippet is one way to get at this data:

f = open('example.csv', 'r')
from csv import DictReader
d = DictReader(f)
data = []
for row in d: data.append(row)

Now the data object in memory is a list of OrderedDict objects :

[OrderedDict([('Name', 'John Q. Smith'), ('Email', 'jqsmith@example.com'), ('Country', 'USA')]), OrderedDict([('Name', 'Petr Novak'), ('Email', 'pnovak@example.com'), ('Country', 'CZ')]), OrderedDict([('Name', 'Bernard Jones'), ('Email', 'bjones@example.com'), ('Country', 'UK')])]

Referencing each of these objects is easy:

>>> print(data[0]['Country'])
USA
>>> print(data[2]['Email'])
bjones@example.com

By the way, if you have to deal with a CSV file with no header row of field names, the DictReader class lets you define them. In the example above, add the fieldnames argument and pass a sequence of the names:

d = DictReader(f, fieldnames=['Name', 'Email', 'Country'])

A real world example

I recently wanted to pick a random winner from a long list of individuals. The CSV data I pulled from spreadsheets was a simple list of names and email addresses.

Fortunately, Python also has a helpful random module good for generating random values. The randrange function in the Random class from that module was just what I needed. You can give it a regular range of numbers — like integers — and a step value between them. The function then generates a random result, meaning I could get a random integer (or row number!) back within the total number of rows in my data.

So this small program worked well:

from csv import DictReader
from random import Random d = DictReader(open('mydata.csv'))
data = []
for row in d: data.append(row) r = Random()
winner = data[r.randrange(0, len(data), 1)]
print('The winner is:', winner['Name'])
print('Email address:', winner['Email'])

Obviously this example is extremely simple. Spreadsheets themselves include sophisticated ways to analyze data. However, if you want to do something outside the realm of your spreadsheet app, Python may be just the trick!

Photo by Isaac Smith on Unsplash.

Posted on by Leave a comment

Storage management with Cockpit

Cockpit is a very useful utility allowing you to manage a compatible system over the network from the comfort of a web browser (See the list of supported web browsers and Linux distributions). One such feature is the ability to manage storage configuration. Cockpit contains a frontend for udisks2 – it allows you to create new partitions or format, resize, mount, unmount or delete existing partitions without the need to do it manually from a terminal.

Note: please exercise caution when managing your system disk and it’s partitions – incorrectly handling them may leave your system in unbootable state or incur data loss.

Installing Cockpit

If you don’t have Cockpit installed yet you can do so by issuing:

sudo dnf install cockpit

Note: Depending on your install profile, Cockpit might already be installed and you can skip the installation step! Also, some users may need to install cockpit-storaged package along with it’s dependencies if it has not been installed:

sudo dnf install cockpit-storaged

Add the service to the firewall:

sudo firewall-cmd –add-service=cockpit –permanent

Afterwards enable and start the service:

sudo systemctl enable cockpit.socket –now

And after this everything should be ready and cockpit should be accessible by entering the computers IP address or network domain name in the browser followed by the port 9090. For example: https://cockpit-example.localdomain:9090

Note: you will need to authenticate as privileged user to be able to modify your storage configuration, so tick the “Reuse my password for privileged tasks” checkbox on the Cockpit login page.

Basic provisioning of the storage device

Visiting the “Storage” section will display various statistics and information about the state of the system storage. You can find information about the partitions, their respective mountpoints, realtime disk read/write stats and storage related log information. Also, you can format and partition any newly attached internal/external storage device or attach an NFS mount.

To format and partition a blank storage device, select the device under “Devices” section by clicking on it. This will bring you to the screen of the selected storage device. Here you’ll be able to create a new partition table or format and create new partitions. if the device is empty Cockpit will describe the content of the storage device as unknown.

Click on “Create New Partition Table” to prepare the device.
After the partition table has been created, create one or more partitions by clicking “Create Partition” – here you’ll be able to specify the size, name, mountpoint and mount options.

When partitioning the storage device you have the choice between “Don’t owerwrite exiting data” and “Overwrite existing data with zeroes” – this will take slightly longer but is useful if you want to confidently erase the content of the storage device. Please note that this may not be enough for a substitute if your organisation has regulations in place how securely storage data must be erased. If needed, you can also specify custom mount options if defaults don’t suit your needs.

To simply create a single partition taking up all the storage space on the device just specify the name, for example, use “test” then specify it’s mountpoint, such as “/mnt/test” and click “Ok”. If you don’t want it to be immediately mounted uncheck the “Mount Now” checkbox. Specifying the name is optional, but will help you to identify the partition when inspecting the mountpoints. This will create a new XFS (the default recommended filesystem format) formatted partition “test” and mount it to “/mnt/test”.

Here’s an example how that would look like :

$ df -h
Filesystem Size Used Avail Use% Mounted on /dev/mapper/fedora-root 15G 2.3G 13G 16% / /dev/vda2 1014M 185M 830M 19% /boot /dev/vda1 599M 8.3M 591M 2% /boot/efi /dev/vdb1 20G 175M 20G 1% /mnt/test

It will also add the necessary entry to your /etc/fstab so that the partition gets mounted at boot.

Logical Volume Management

Cockpit also offers users to easily create and manage LVM and RAID storage devices. To create new Logical Volume Group, click on the burger menu button in the devices section and select the “Create Volume Group”. Select the available storage device (only devices with unmounted or no partitions will show up) to finish the process and afterwards return to the storage section and select the newly created volume group. From here on you’ll be able to create individual logical volumes by clicking “Create new Logical Volume”. Similarly to individual partitions, you can specify the size of the logical volume during creation if you don’t want to use all the available space of the volume group. After creating the logical volumes you’ll still need to format them and specify mountpoints. This can be done just like creating individual partitions was described earlier only instead of specifying individual disk devices you’re selecting logical volumes.

Here’s how a Logical Volume Group named “vgroup” with two Logical Volumes (lvol0 and lvol1) named “test” mounted on /mnt/test and named “data” mounted on /mnt/data would look like:

$ df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/fedora-root 15G 2.3G 13G 16% / /dev/vda2 1014M 185M 830M 19% /boot /dev/vda1 599M 8.3M 591M 2% /boot/efi /dev/mapper/vgroup0-lvol0 10G 104M 9.9G 2% /mnt/test /dev/mapper/vgroup0-lvol1 10G 104M 9.9G 2% /mnt/data

Just like before – all the necessary information has been added to the configuration and should persist between system reboots.

Other storage related Cockpit features

Apart from the described features above Cockpit also allows you to mount iscsi disks and nfs mounts located on the network. However, these resources are usually hosted on a dedicated server and require additional configuration going beyond this article. At this time Cockpit itself doesn’t offer the ability for users to configure and serve iscsi and nfs mounts but this may subject to change as Cockpit is an open source project under active development.

Posted on by Leave a comment

Control the firewall at the command line

A network firewall is more or less what it sounds like: a protective barrier that prevents unwanted network transmissions. They are most frequently used to prevent outsiders from contacting or using network services on a system. For instance, if you’re running a laptop at school or in a coffee shop, you probably don’t want strangers poking around on it.

Every Fedora system has a firewall built in. It’s part of the network functions in the Linux kernel inside. This article shows you how to change its settings using firewall-cmd.

Network basics

This article can’t teach you everything about computer networks. But a few basics suffice to get you started.

Any computer on a network has an IP address. Think of this just like a mailing address that allows correct routing of data. Each computer also has a set of ports, numbered 0-65535. These are not physical ports; instead, you can think of them as a set of connection points at the address.

In many cases, the port is a standard number or range depending on the application expected to answer. For instance, a web server typically reserves port 80 for non-secure HTTP communications, and/or 443 for secure HTTPS. The port numbers under 1024 are reserved for system and well-known purposes, ports 1024-49151 are registered, and ports 49152 and above are usually ephemeral (used only for a short time).

Each of the two most common protocols for Internet data transfer, TCP and UDP, have this set of ports. TCP is used when it’s important that all data be received and, if it arrives out of order, reassembled in the right order. UDP is used for more time-sensitive services that can withstand losing some data.

An application running on the system, such as a web server, reserves one or more ports (as seen above, 80 and 443 for example). Then during network communication, a host establishes a connection between a source address and port, and the destination address and port.

A network firewall can block or permit transmissions of network data based on rules like address, port, or other criteria. The firewall-cmd utility lets you interact with the rule set to view or change how the firewall works.

Firewall zones

To verify the firewall is running, use this command with sudo. (In fairness, you can run firewall-cmd without the sudo command in environments where PolicyKit is running.)

$ sudo firewall-cmd --state
running

The firewalld service supports any number of zones. Each zone can have its own settings and rules for protection. In addition, each network interface can be placed in any zone individually The default zone for an external facing interface (like the wifi or wired network card) on a Fedora Workstation is the FedoraWorkstation zone.

To see what zones are active, use the –get-active-zones flag. On this system, there are two network interfaces, a wired Ethernet card wlp2s0 and a virtualization (libvirt) bridge interface virbr0:

$ sudo firewall-cmd --get-active-zones
FedoraWorkstation interfaces: wlp2s0
libvirt interfaces: virbr0

To see the default zone, or all the defined zones:

$ sudo firewall-cmd --get-default-zone
FedoraWorkstation
$ sudo firewall-cmd --get-zones
FedoraServer FedoraWorkstation block dmz drop external home internal libvirt public trusted work

To see the services the firewall is allowing other systems to access in the default zone, use the –list-services flag. Here is an example from a customized system; you may see something different.

$ sudo firewall-cmd --list-services
dhcpv6-client mdns samba-client ssh

This system has four services exposed. Each of these has a well-known port number. The firewall recognizes them by name. For instance, the ssh service is associated with port 22.

To see other port settings for the firewall in the current zone, use the –list-ports flag. By the way, you can always declare the zone you want to check:

$ sudo firewall-cmd --list-ports --zone=FedoraWorkstation
1025-65535/udp 1025-65535/tcp

This shows that ports 1025 and above (both UDP and TCP) are open by default.

Changing zones, ports, and services

The above setting is a design decision.* It ensures novice users can use network facing applications they install. If you know what you’re doing and want a more protective default, you can move the interface to the FedoraServer zone, which prohibits any ports not explicitly allowed. (Warning: if you’re using the host via the network, you may break your connection — meaning you’ll have to go to that box physically to make further changes!)

$ sudo firewall-cmd --change-interface=<ifname> --zone=FedoraServer
success

* This article is not the place to discuss that decision, which went through many rounds of review and debate in the Fedora community. You are welcome to change settings as needed.

If you want to open a well-known port that belongs to a service, you can add that service to the default zone (or use –zone to adjust a different zone). You can add more than one at once. This example opens up the well-known ports for your web server for both HTTP and HTTPS traffic, on ports 80 and 443:

$ sudo firewall-cmd --add-service=http --add-service=https
success

Not all services are defined, but many are. To see the whole list, use the –get-services flag.

If you want to add specific ports, you can do that by number and protocol as well. (You can also combine –add-service and –add-port flags, as many as necessary.) This example opens up the UDP service for a network boot service:

$ sudo firewall-cmd --add-port=67/udp
success

Important: If you want your changes to be effective after you reboot your system or restart the firewalld service, you must add the –permanent flag to your commands. The examples here only change the firewall until one of those events next happens.

These are just some of the many functions of the firewall-cmd utility and the firewalld service. There is much more information on firewalld at the project’s home page that’s worth reading and trying out.

Photo by Jakob Braun on Unsplash.

Posted on by Leave a comment

Announcing the release of Fedora 32 Beta

The Fedora Project is pleased to announce the immediate availability of Fedora 32 Beta, the next step towards our planned Fedora 32 release at the end of April.

Download the prerelease from our Get Fedora site:

Or, check out one of our popular variants, including KDE Plasma, Xfce, and other desktop environments, as well as images for ARM devices like the Raspberry Pi 2 and 3:

Beta Release Highlights

Fedora Workstation

New in Fedora 32 Workstation Beta is EarlyOOM enabled by default. EarlyOOM enables users to more quickly recover and regain control over their system in low-memory situations with heavy swap usage. Fedora 32 Workstation Beta also enables the fs.trim timer by default, which improves performance and wear leveling for solid state drives.

Fedora 32 Workstation Beta includes GNOME 3.36, the newest release of the GNOME desktop environment. It is full of performance enhancements and improvements. GNOME 3.36 adds a Do Not Disturb button in the notifications, improved setup for parental controls and virtualization, and tweaks to Settings. For a full list of GNOME 3.36 highlights, see the release notes.

Other updates

Fedora 32 Beta includes updated versions of many popular packages like Ruby, Python, and Perl. It also includes version 10 of the popular GNU Compiler Collection (GCC). We also have the customary updates to underlying infrastructure software, like the GNU C Library. For a full list, see the Change set on the Fedora Wiki.

Testing needed

Since this is a Beta release, we expect that you may encounter bugs or missing features. To report issues encountered during testing, contact the Fedora QA team via the mailing list or in the #fedora-qa channel on IRC Freenode. As testing progresses, common issues are tracked on the Common F32 Bugs page.

For tips on reporting a bug effectively, read how to file a bug.

What is the Beta Release?

A Beta release is code-complete and bears a very strong resemblance to the final release. If you take the time to download and try out the Beta, you can check and make sure the things that are important to you are working. Every bug you find and report doesn’t just help you, it improves the experience of millions of Fedora users worldwide! Together, we can make Fedora rock-solid. We have a culture of coordinating new features and pushing fixes upstream as much as we can. Your feedback improves not only Fedora, but Linux and free software as a whole.

More information

For more detailed information about what’s new on Fedora 32 Beta release, you can consult the Fedora 32 Change set. It contains more technical information about the new packages and improvements shipped with this release.

Photo by Josh Calabrese on Unsplash.

Posted on by Leave a comment

Fedora community and the COVID-19 crisis

[This message comes directly from the desk of Matthew Miller, the Fedora Project Leader.  — Ed.] 

Congratulations to the Fedora community for the upcoming on-time release of Fedora 32 Beta. While we’ve gotten better at hitting our schedule over the years, it’s always nice to celebrate  a little bit each time we do. But that may not be what’s on your mind this week. Like you, I’ve been thinking a lot about the global COVID-19 pandemic. During the Beta period, many of us were unaffected by this outbreak, but as the effects intensify around the world, the month between now and the final release will be different.

“Friends” is the first of our Four Foundations for a reason: Fedora is a community. The most important Fedora concerns right now are your health and safety. Many of you are asked to work from home, to practice social distancing, or even to remain under quarantine. For some of you, this will mean more time to contribute to your favorite open source projects. For others, you have additional stress as partners, kids, and others in your life require additional care. For all of us, the uncertainty weighs on our minds.

I want to make one thing very clear: do not feel bad if you cannot contribute to the level you want to. We always appreciate what you do for the Fedora community, but your health — both physical and mental — is more important than shipping a release. As of right now, we’re planning to continue on schedule, but we understand that the situation is changing rapidly. We’re working on contingency plans and the option of delaying the Fedora 32 release remains on the table.

As you may already know, the Fedora Council has decided to refrain from sponsoring events through the end of the May. We will continue to re-evaluate this as the global situation changes. Please follow the directions of your local public health authorities and keep yourself safe.

Posted on by Leave a comment

Connect your Google Drive to Fedora Workstation

There are plenty of cloud services available where you can store important documents. Google Drive is undoubtedly one of the most popular. It offers a matching set of applications like Docs, Sheets, and Slides to create content. But you can also store arbitrary content in your Google Drive. This article shows you how to connect it to your Fedora Workstation.

Adding an account

Fedora Workstation lets you add an account either after installation during first startup, or at any time afterward. To add your account during first startup, follow the prompts. Among them is a choice of accounts you can add:

Online account listing

Select Google and a login prompt appears for you to login, so use your Google account information.

Online account login dialog

Be aware this information is only transmitted to Google, not to the GNOME project. The next screen asks you to grant access, which is required so your system’s desktop can interact with Google. Scroll down to review the access requests, and choose Allow to proceed.

You can expect to receive notifications on mobile devices and Gmail that a new device — your system — accessed your Google account. This is normal and expected.

Online account access request dialog

If you didn’t do this at first startup, or you need to re-add your account, open the Settings tool, and select Online Accounts to add the account. The Settings tool is available through the dropdown at right side of the Top Bar (the “gear” icon), or by opening the Overview and typing settings. Then proceed as described above.

Using the Files app with Google Drive

Open the Files app (formerly known as nautilus). Locations the Files app can access appear on the left side. Locate your Google account in the list.

When you select this account, the Files app shows the contents of your Google drive. Some files can be opened using your Fedora Workstation local apps, such as sound files or LibreOffice-compatible files (including Microsoft Office docs). Other files, such as Google app files like Docs, Sheets, and Slides, open using your web browser and the corresponding app.

Remember that if the file is large, it will take some time to receive over the network so you can open it.

You can also copy and paste files in your Google Drive storage from or to other storage connected to your Fedora Workstation. You can also use the built in functions to rename files, create folders, and organize them.

Be aware that the Files app does not refresh contents in real time. If you add or remove files from other Google connected devices like your mobile phone or tablet, you may need to hit Ctrl+R to refresh the Files app view.

Photo by Beatriz Pérez Moya on Unsplash.