magazine – Page 22 – Sick Gaming

Posted on April 24, 2020 by — Leave a comment

Coming soon: Fedora on Lenovo laptops!

Today, I’m excited to share some big news with you—Fedora Workstation will be available on Lenovo ThinkPad laptops! Yes, I know, many of us already run a Fedora operating system on a Lenovo system, but this is different. You’ll soon be able to get Fedora pre-installed by selecting it as you customize your purchase. This is a pilot of Lenovo’s Linux Community Series – Fedora Edition, beginning with ThinkPad P1 Gen2, ThinkPad P53, and ThinkPad X1 Gen8 laptops, possibly expanding to other models in the future.

The Lenovo team has been working with folks at Red Hat who work on Fedora desktop technologies to make sure that the upcoming Fedora 32 Workstation is ready to go on their laptops. The best part about this is that we’re not bending our rules for them. Lenovo is following our existing trademark guidelines and respects our open source principles. That’s right—these laptops ship with software exclusively from the official Fedora repos! When they ship, you’ll see Fedora 32 Workstation. (Models which can benefit from the NVIDIA binary driver can install it in the normal way after the fact, by opting in to proprietary software sources.)

Obviously, this is huge for us. Our installer aims to make the complicated process of installing Fedora to replace another operating system as easy as possible, but it’s still a barrier even for tech-literate people. A major-brand laptop with Fedora pre-installed will help bring Fedora to a wider audience. That and Lenovo’s commitment to fixing issues as part of the community means that everyone benefits from their Linux engineering work in the true spirit of open source collaboration.

As Mark Pearson, Sr. Linux Developer, from Lenovo said, “Lenovo is excited to become a part of the Fedora community. We want to ensure an optimal Linux experience on our products. We are committed to working with and learning from the open source community.” Mark Pearson will be the featured guest in May’s Fedora Council Video Meeting – get your questions ready.

I’ll have more details about this project as we get closer to the launch. In the meantime, I invite you to come to our Open Neighborhood virtual booth at Red Hat Summit on April 28-29. The entire event is free and open to all.

Posted on April 23, 2020 by — Leave a comment

Play Stadia Games from Fedora

Do you enjoy playing games on your Fedora system? You might be interested to know that Stadia is available to play via a Google Chrome browser on your Fedora desktop. Additionally, Stadia is free for two months starting April 8th. Follow these simple steps to install the Google Chrome web browser in Fedora and enjoy the new world of cloud-based gaming on your Fedora Linux PC!

Go to https://www.google.com/chrome using any available web browser and click the big blue button labeled Download Chrome.
Select the 64 bit .rpm (For Fedora/openSUSE) package format and then click Accept and Install.
You should be presented with a prompt asking what you want to do with the file. Choose the Open with Software Install option if you see this prompt.
Click Install in the Software Install application to install Google Chrome. You may be prompted for your password to authorize the installation.

If you don’t see the Open with Software Install option at step 3, choose to save the installer to your Downloads folder instead. Once you have the installer downloaded, enter the following command in a terminal using sudo:

$ sudo dnf install ~/Downloads/google-chrome-*.rpm

Once you have Google Chrome installed, use it to browse to https://stadia.google.com/ and follow the directions there to create your user profile and try out the games.

Chrome installation demonstration

Chrome installation on Fedora 31

Additional resources

Photo by Derek Story on Unsplash.

Posted on April 15, 2020 by — Leave a comment

Fedora Origins – Part 01

Editor’s comment: The format of this article is different from the usual article that Fedora Magazine has published: a Fedora origins story told from the point of view of a Fedora user. The author has chosen to tell a story, since to simply present the bare facts is akin to just reading the wiki page about it.

Hello World!

Hello, I am… no, I’m not going to give my real name. Let’s say I’m female, probably shorter and older than you. I used to go by the nick of Isadora, more on that later.

**Here you have one of the old RH boxes**

Now some context. Back in the late ’90s, internet became popular and PCs started to be a thing. However, most people didn’t have either because it was very expensive and often you could do better with the traditional methods. Yes, computers were very basic back then. I used to play with these pocket games that were fascinating at the time, but totally lame now. Monochrome screens with pixelated flat animations. Not going to dive there, just giving an idea how it was.

In the mid-90s a company named Red Hat emerged and slowly started to make a profit of its own by selling its own business-oriented distribution and software utilities. The name comes from one of its founders, Marc Ewing, who used to wear a red lacrosse in university so other students could spot him easily and ask him questions.
Of course, as it was a business-oriented distribution, and I was busy with multiple other things, I didn’t pay much attention to it. It lacked the software I needed and since I wasn’t a customer, I was nobody to ask for additions. However, it was Linux and as such Open Source. People started to package stuff for RHL and put it in repositories. I was invited to join the community project, Fedora.us. I promptly declined, misunderstanding the name. It was the second time I got invited that I asked ‘what is with the “US” there (in the name)?` Another user explained it was ‘us’ as in ‘we’ not as in the ‘United States.’ They explained a bit about how the community worked and I decided to give it a go.

Then my studies got in the way, and I had to shelve it.

Press Return

By the time I came back to Fedora.us it had changed its name to Fedora Project and was actively being worked on from within Red Hat. Now, I wasn’t there so my direct knowledge of how this happened is a bit foggy. Some say that Fedora existed separately and Red Hat added/invited them, some say that Fedora was completely RH’s idea, some say they existed independently and at some point met or joined. Choose the version you like, I’ll put some links down there so you can know more details and decide for yourself. As far as I’m concerned, they worked together.

Well, as usual someone dropped some CDs with ISOs for me. If I had an euro for every ISO I’ve been offered, or had tossed at my desk, for me to try it, I would be rich. As a matter of fact, I’m not rich but I do have a big rack full of old distros.

Anyways…

Now it’s the early 2000s and things have changed dramatically. Computers’ prices have dropped and internet speed is increasing, plus a set of new technologies make it cheaper and more reliable. Computers now can do so much more than just a decade ago, and they’re smaller too. Screens are bigger, with better colors and resolution. Laptops are starting to become popular though still expensive and less powerful than desktop PCs.

During this time, I tried both Fedora and Red Hat. Now, as has been said before, Red Hat focuses on businesses and companies. Their main concern is having exactly the software their customers need, with the features their customers need, delivered as rock solid stability and a reliable update & support cycle. A lot of customization, variety of options and many cool new features are not their main core. More software means more testing and development work and bigger chances of things failing. Yet the technology industry is constantly changing and innovating. Sticking too much to older versions or proven formulas can be fatal for a company.

So what to do? Well, they solved it with Fedora. Fedora Project would be the innovative, looking ahead test bed, and Red Hat Enterprise Linux was the more conservative, rock solid operating system for businesses. Yes, they changed the name from Red Hat Linux to Red Hat Enterprise Linux. Sounds better, doesn’t it?

Unsurprisingly, Fedora had a fame of being difficult, unstable and for “hackers only”. Whenever I said I was using Fedora, they would give me odd looks or say something like “I want something stable” or “I’m not into that” (meaning they didn’t fancy programming/hacking activities). Countless individuals suggested I might want to use one of the other, beginner-friendly distributions, without themselves even giving Fedora a try! Many would disregard Linux as a whole as an amateur thing, only valid for playing but not good for serious work and companies. To each their own, I suppose.

**Note the F and the bubble already there**

Yes, but why?

Those early versions were called Fedora Core and had a very uncertain release pattern. The six months cycle came much later. Fedora Core got its name because there were two repositories, Core and Extras. Core had the essentials, so to speak, and was maintained by Red Hat. Extras was, well, everything else. Any software that most users would want or need was included there, and it was maintained by a wide range of contributors.

From the beginning, one of the most powerful reasons for me to use it was the community and its core values. The Four Foundations of Fedora, Freedom, Features, First & Friends were lived and breathed and not just a catchy line on a website or a leaflet. Fedora Project strove (and still does) to deliver the newest features first, caring for freedom (of choice and software) and keeping a good open community, making friends as we contribute to the project.

I also liked the fact that Fedora, as its purpose was testing for Red Hat, delivered a lot of new software and technologies; it was like opening the window to see the future today.

The downside was its unreliable upgrade cycle. You could get a new version in a few months or next year… nobody knew, there was no agreed schedule.

**Note how, despite being Fedora, RH’s logo and signature is omnipresent**

What was in the box

Fedora Core kept this name up to the sixth version. From the start, it was meant to be a distribution you could use right after installing it, so it came with Gnome 2, KDE 3, OpenOffice and some browser I forgot, possibly Firefox.

I remember it being the first to introduce SELinux and SystemD by default, and to replace LILO with GRUB. I also remember the hardware requirements were something at the time, although they now sound laughable: Pentium II 400MHz, 256MB RAM (yes, you read it right) and 2GB of space in disk. It even had an option for terminal only! This would require only 64MB RAM and Pentium II 200MHz. Amazing, isn’t it?

It had codenames. Not publicly, but it had, and they were quite peculiar. Fedora Core 1 was code named «Yarrow» which is a medium size plant with yellow or white crown-like flowers. Core 2 was Tettnang which is a small town in Baden-Württemberg, Germany. Not sure about Core 3, I think it was Heidelberg, but maybe I’m mixing with later releases. Core 4 was Stentz, if I recall correctly (no idea what it means), Core 5 was a colour, I think Bordeaux, and Core 6 was Zod that I think it was a comic character but I could be wrong. If there was a method in their madness I have no idea. I thought the names amusing but didn’t give a second thought to it as they didn’t affect anything, not even the design of each release.

So what now?

Well, of course, Fedora Project has evolved from where we have stopped. But that’s for later articles or this one will be too long. For now, I leave you with an extract of an interview with Matthew Miller, current Project Leader and some links in case you want to know more.

Extracts to interview with Matthew Miller, Project Leader.

Matthew Miller tells about the beginnings in Eduard Lucena’s podcast (transcription here): “Fedora started about 15 years ago, really. It actually started as a thing called Fedora.us.” Back in those days, there was Red Hat Linux.” “Meanwhile, there was this thing called Fedora.us which was basically a project to make additional software available to users of Red Hat Linux. Find things that weren’t part of Red Hat Linux, and package them up, and make them available to everybody. That was started as a community project.”

“Red Hat (then) merged with this Fedora.us project to form Fedora Project that produces an upstream operating system that Red Hat Enterprise Linux is derived from but then moves on a slower pace.”

“We were then two parts, Fedora Core, which was basically inherited from the old Red Hat Linux and only Red Hat employees could do anything with and then Fedora Extras, where community could come together to add things on top of that Fedora Core. It took a little while to get off the ground but it was fairly successful”

“Around the time of Fedora Core 6, those were actually merged together into one big Fedora where all of the packages were all part of the same thing. There was no more distinction of Core and Extras, and everything was all together and, more importantly, all the community was all together.

They invited the community to take ownership of the whole thing and for Red Hat to become part of the community rather than separate. That was a huge success.”

Links of interest

Fedora, a visual history
https://www.phoronix.com/scan.php?page=article&item=678&num=1

Red Hat Videos – Fedora’s anniversary
https://youtu.be/DOFXBGh6DZ0

Red Hat Videos – Default to open
https://youtu.be/vhYMRtqvMg8

Fedora’s Mission & Foundations
https://docs.fedoraproject.org/en-US/project/

A short history of Fedora
https://youtu.be/NlNlcLD2zRM

Posted on April 13, 2020 by — Leave a comment

How to contribute to Folding@home on Fedora

What is Folding@home?

Folding@home is a distributed computing network for performing biomedical research. Its intent is to help further understand and develop cures for a range of diseases. Their current priority is understanding the behavior of COVID-19 and the virus that causes COVID-19. This article will show you how you can get involved by donating your computer’s idle time.

Sounds cool, how do I help?

In order to donate your computational power to Folding@home, download the FAHClient package from this page. Once you’ve downloaded the package, open your Downloads folder and double click it to open. For instance, on standard Fedora Workstation, this opens GNOME Software, which prompts you to install the package.

Click install and enter your password to continue from here.

How to start Folding@home

Folding@home starts folding as soon as it is installed. In order to control how much CPU/GPU is using you must open the web control interface, available here.

The interface contains information about what project you are contributing to. In order to track “points,” the scoring system of Folding@home, you must set up a user account with Folding@home.

Tracking your work

Now that everything’s done, you may be wondering how you can track the work your computer is doing. All you need to is request a passkey from this page. Enter your email and your desired username. Once you have received the passkey in email, you can enter that into the client settings.

Click on the Change Identity button, and this page appears:

You can also put in a team number here like I have. This allows your points to go towards a group that you support.

Enter the username you gave when you requested a passkey, and then enter the passkey you received.

What next?

That’s all there is to it. Folding@home runs in the background automatically on startup. If you need to pause or lower how much CPU/GPU power it uses, you can change that via the web interface linked above.

You may notice that you don’t receive many work units. That’s because there is currently a shortage of work units to distribute due to a spike of computers being put onto the network. However, different efforts are emerging all the time.

You can visually see the spike in computers on the network from last year at the same time to 4/4/2020

Photo by Joshua Sortino on Unsplash.

Posted on April 10, 2020 by — Leave a comment

Using Fedora to quickly implement REST API with JavaScript

Fedora Workstation uses GNOME Shell by default and this one was mainly written in JavaScript. JavaScript is famous as a language of front-end development but this time we’ll show its usage for back-end.

We’ll implement a new API using the following technologies: JavaScript, Express and Fedora Workstation. A web browser is being used to call the service (eg. Firefox from the default Fedora WS distro).

Installing of necessary packages

Check: What’s already installed?

$ npm -v
$ node -v

You may already have both the necessary packages installed and can skip the next step. If not, install nodejs:

$ sudo dnf install nodejs

A new simple service (low-code style)

Let‘s navigate to our working directory (work) and create a new directory for our new sample back-end app.

$ cd work
$ mkdir newApp
$ cd newApp
$ npx express-generator

The above command generates an application skeleton for us.

$ npm i

The above command installs dependencies. Please mind the security warnings – never use this one for production.

Crack open the routes/users.js

Modify line #6 to:

res.send(data);

Insert this code block below var router:

let data = { '1':'Ann', '2': 'Bruno', '3': 'Celine' }

Save
the modified file.

We modified a route and added a new variable data. This one could be declared as a const as we didn‘t modify it anywhere. The result:

Running the service on your local Fedora workstation machine

$ npm start

Note: The application entry point is bin/www. You may want to change the port number there.

Calling our new service

Let‘s launch our Firefox browser and type-in:

http://localhost:3000/users

It‘s also possible to leverage the Developer tools. Hit F12 and in the Network tab, select the related GET request and look at the side bar response tab to check the data.

Conclusion

Now we have got a service and and an unnecessary index accessible through localhost:3000. To get quickly rid of this:

Remove the views directory
Remove the public directory
Remove the routes/index.js file
Inside the app.js file, modify the line 37 to:

res.status(err.status || 500).end();
Remove the next line res.render(‘error’)

Then restart the service:

$ npm start

Posted on April 8, 2020 by — Leave a comment

Python 3.9 alpha in Fedora

The Python developers have already released five alpha versions of Python 3.9.0 and you can already try the latest one in Fedora! Test your Python code with 3.9 early to avoid surprises once the final 3.9.0 is out in October.

Install Python 3.9 on Fedora

If you run Fedora, you can install Python 3.9 from the official software repository with dnf:

$ sudo dnf install python3.9

In order to get the very latest pre-release, you might need to enable the updates-testing repository:

$ sudo dnf install --enablerepo=updates-testing python3.9

As more alphas, betas and release candidates of Python 3.9 will be released, the Fedora package will receive updates. No need to compile your own development version of Python, just install it and have it up to date. New features will be added until the first beta planned for mid May.

Test your projects with Python 3.9

Run the python3.9 command to use Python 3.9 or create virtual environments with the builtin venv module, tox or with pipenv and poetry. For example:

$ git clone https://github.com/benjaminp/six.git
Cloning into 'six'...
$ cd six/
$ tox -e py39
py39 run-test: commands[0] | python -m pytest -rfsxX
================== test session starts ===================
platform linux -- Python 3.9.0a5, pytest-5.4.1, py-1.8.1, pluggy-0.13.1
collected 200 items test_six.py ...................................... [ 19%]
.................................................. [ 44%]
.................................................. [ 69%]
.................................................. [ 94%]
............ [100%] ================== 200 passed in 0.43s ===================
________________________ summary _________________________ py39: commands succeeded congratulations :)

What’s new in Python 3.9

So far, the first five alphas were released, more features will come until the first beta. You can however already try out the new dictionary merge & update operators:

$ python3.9
Python 3.9.0a5 (default, Mar 24 2020, 00:00:00) [GCC 10.0.1 20200311 (Red Hat 10.0.1-0.9)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> d = {'spam': 1, 'eggs': 2, 'cheese': 3}
>>> e = {'cheese': 'cheddar', 'aardvark': 'Ethel'}
>>> d | e
{'spam': 1, 'eggs': 2, 'cheese': 'cheddar', 'aardvark': 'Ethel'}
>>> e | d
{'cheese': 3, 'aardvark': 'Ethel', 'spam': 1, 'eggs': 2}
>>> d |= e
>>> d
{'spam': 1, 'eggs': 2, 'cheese': 'cheddar', 'aardvark': 'Ethel'}

And stay tuned for Python 3.9 as python3 in Fedora 33!

Posted on April 3, 2020 by — Leave a comment

Take back your dotfiles with Chezmoi

In Linux, dotfiles are hidden text files that are used to store various configuration settings for many such as Bash and Git to more complex applications like i3 or VSCode.

Most of these files are contained in the ~/.config directory or right in the home directory. Editing these files allows you to customize applications beyond what a settings menu may provide, and they tend to be portable across devices and even other Linux distributions. But one talking point across the Linux enthusiast community is how to manage these dotfiles and how to share them.

We will be showcasing a tool called Chezmoi that does this task a little differently from the others.

The history of dotfile management

If you search GitHub for dotfiles, what you will see are over 100k repositories after one goal: Store people’s dotfiles in a shareable and repeatable manor. However, other than using git, they store their files differently.

While Git has solved code management problems that also translates to config file management, It does not solve how to separate between distributions, roles (such as home vs work computers) secrets management, and per device configuration.

Because of this, many users decide to craft their own solutions, and the community has responded with multiple answers over the years. This article will briefly cover some of the solutions that have been created.

Experiment in an isolated environment

Do you want to try these below solutions quickly in a contained environment? Run:

$ podman run --rm -it fedora

… to create a Fedora container to try the applications in. This container will automatically delete itself when you exit the shell.

The install problem

If you store your dotfiles in Git repository, you will want to make it easy for your changes to automatically be applied inside your home directory, the easiest way to do this at first glance is to use a symlink, such as ln -s ~/.dotfies/bashrc ~/.bashrc. This will allow your changes to take place instantly when your repository is updated.

The problem with symlinks is that managing symlinks can be a chore. Stow and RCM (covered here on Fedora Magazine) can help you manage those, but these are not seamless solutions. Files that are private will need to be modified and chmoded properly after download. If you revamp your dotfiles on one system, and download your repository to another system, you may get conflicts and require troubleshooting.

Another solution to this problem is writing your own install script. This is the most flexible option, but has the tradeoff of requiring more time into building a custom solution.

The secrets problem

Git is designed to track changes. If you store a secret such as a password or an API key in your git repository, you will have a difficult time and will need to rewrite your git history to remove that secret. If your repository is public, your secret would be impossible to recover if someone else has downloaded your repository. This problem alone will prevent many individuals from sharing their dotfiles with the public world.

The multi-device config problem

The problem is not pulling your config to multiple devices, the problem is when you have multiple devices that require different configuration. Most individuals handle this by either having different folders or by using different forks. This makes it difficult to share configs across the different devices and role sets

How Chezmoi works

Chezmoi is a tool to manage your dotfiles with the above problems in mind, it doesn’t blindly copy or symlink files from your repository. Chezmoi acts more like a template engine to generate your dotfiles based on system variables, templates, secret managers, and Chezmoi’s own config file.

Getting Started with Chezmoi

Currently Chezmoi is not in the default repositories. You can download the current version of Chezmoi as of writing with the following command.

$ sudo dnf install https://github.com/twpayne/chezmoi/releases/download/v1.7.17/chezmoi-1.7.17-x86_64.rpm

This will install the pre-packaged RPM to your system.

Lets go ahead and create your repository using:

$ chezmoi init

It will create your new repository in ~/.local/share/chezmoi/. You can easily cd to this directory by using:

$ chezmoi cd

Lets add our first file:

chezmoi add ~/.bashrc

… to add your bashrc file to your chezmoi repository.

Note: if your bashrc file is actually a symlink, you will need to add the -f flag to follow it and read the contents of the real file.

You can now edit this file using:

$ chezmoi edit ~/.bashrc

Now lets add a private file, This is a file that has the permissions 600 or similar. I have a file at .ssh/config that I would like to add by using

$ chezmoi add ~/.ssh/config

Chezmoi uses special prefixes to keep track of what is a hidden file and a private file to work around Git’s limitations. Run the following command to see it:

$ chezmoi cd

Do note that files that are marked as private are not actually private, they are still saved as plain text in your git repo. More on that later.

You can apply any changes by using:

$ chezmoi apply

and inspect what is different by using

$ chezmoi diff

Using variables and templates

To export all of your data Chezmoi can gather, run:

$ chezmoi data

Most of these are information about your username, arch, hostname, os type and os name. But you can also add our own variables.

Go ahead and run:

$ chezmoi edit-config

… and input the following:

[data] email = "fedorauser@example.com" name = "Fedora Mcdora"

Save your file and run chezmoi data again. You will see on the bottom that your email and name are now added. You can now use these with templates with Chezmoi. Run:

$ chezmoi add -T --autotemplate ~/.gitconfig

… to add your gitconfig as a template into Chezmoi. If Chezmoi is successful in inferring template correctly, you could get the following:

[user] email = "{{ .email }}" name = "{{ .name }}"

If it does not, you can change the file to this instead.

Inspect your file with:

$ chezmoi edit ~/.gitconfig

After using

$ chezmoi cat ~/.gitconfig

… to see what chezmoi will generate for this file. My generated example is below:

[root@a6e273a8d010 ~]# chezmoi cat ~/.gitconfig [user] email = "fedorauser@example.com" name = "Fedora Mcdora" [root@a6e273a8d010 ~]#

It will generate a file filled with the variables in our chezmoi config.
You can also use the varibles to perform simple logic statements. One example is:

{{- if eq .chezmoi.hostname "fsteel" }}
# this will only be included if the host name is equal to "fsteel"
{{- end }}

Do note that for this to work the file has to be a template. You can check this by seeing if the file has a “.tmpl” appended to its name on the file in chezmoi cd, or by readding the file using the -T option

Keeping secrets… secret

To troubleshoot your setup, use the following command.

$ chezmoi doctor

What is important here is that it also shows you the password managers it supports.

[root@a6e273a8d010 ~]# chezmoi doctor warning: version dev ok: runtime.GOOS linux, runtime.GOARCH amd64 ok: /root/.local/share/chezmoi (source directory, perm 700) ok: /root (destination directory, perm 550) ok: /root/.config/chezmoi/chezmoi.toml (configuration file) ok: /bin/bash (shell) ok: /usr/bin/vi (editor) warning: vimdiff (merge command, not found) ok: /usr/bin/git (source VCS command, version 2.25.1)
 ok: /usr/bin/gpg (GnuPG, version 2.2.18) warning: op (1Password CLI, not found) warning: bw (Bitwarden CLI, not found) warning: gopass (gopass CLI, not found) warning: keepassxc-cli (KeePassXC CLI, not found) warning: lpass (LastPass CLI, not found) warning: pass (pass CLI, not found) warning: vault (Vault CLI, not found) [root@a6e273a8d010 ~]#

You can use either of these clients, or a generic client, or your system’s Keyring.

For GPG, you will need to add the following to your config using:

$ chezmoi edit-config

[gpg] recipient = "<Your GPG keys Recipient"

You can use:

$ chezmoi add --encrypt

… to add any files, these will be encrypted in your source respository and not exposed to the public world as plain text. Chezmoi will automatically decrypt them when applying.

We can also use them in templates. For example, a secret token stored in Pass (covered on Fedora Magazine). Go ahead and generate your secret.

In this example, it’s called “githubtoken”:

rwaltr@fsteel:~] $ pass ls Password Store └── githubtoken [rwaltr@fsteel:~] $

Next, edit your template, such as your .gitconfig we created earlier and add this lines.

token = {{ pass "githubtoken" }}

Then lets inspect using:

$ chezmoi cat ~/.gitconfig

[rwaltr@fsteel:~] $ chezmoi cat ~/.gitconfig This is Git's per-user configuration file. [user] name = Ryan Walter email = rwalt@pm.me token = mysecrettoken [rwaltr@fsteel:~] $

Now your secrets are properly secured in your password manager, your config can be publicly shared without risk!

Final notes

This is only scratching the surface. Please check out Chezmoi’s website for more information. The author also has his dotfiles public if you are looking for more examples on how to use Chezmoi.

Posted on March 30, 2020 by — Leave a comment

Using data from spreadsheets in Fedora with Python

Python is one of the most popular and powerful programming languages available. Because it’s free and open source, it’s available to everyone — and most Fedora systems come with the language already installed. Python is useful for a wide variety of tasks, but among them is processing comma-separated value (CSV) data. CSV files often start off life as tables or spreadsheets. This article shows how to get started working with CSV data in Python 3.

CSV data is precisely what it sounds like. A CSV file includes one row of data at a time, with data values separated by commas. Each row is defined by the same fields. Short CSV files are often easily read and understood. But longer data files, or those with more fields, may be harder to parse with the naked eye, so computers work better in those cases.

Here’s a simple example where the fields are Name, Email, and Country. In this example, the CSV data includes a field definition as the first row, although that is not always the case.

Name,Email,Country
John Q. Smith,jqsmith@example.com,USA
Petr Novak,pnovak@example.com,CZ
Bernard Jones,bjones@example.com,UK

Reading CSV from spreadsheets

Python helpfully includes a csv module that has functions for reading and writing CSV data. Most spreadsheet applications, both native like Excel or Numbers, and web-based such as Google Sheets, can export CSV data. In fact, many other services that can publish tabular reports will also export as CSV (PayPal for instance).

The Python csv module has a built in reader method called DictReader that can deal with each data row as an ordered dictionary (OrderedDict). It expects a file object to access the CSV data. So if our file above is called example.csv in the current directory, this code snippet is one way to get at this data:

f = open('example.csv', 'r')
from csv import DictReader
d = DictReader(f)
data = []
for row in d: data.append(row)

Now the data object in memory is a list of OrderedDict objects :

[OrderedDict([('Name', 'John Q. Smith'), ('Email', 'jqsmith@example.com'), ('Country', 'USA')]), OrderedDict([('Name', 'Petr Novak'), ('Email', 'pnovak@example.com'), ('Country', 'CZ')]), OrderedDict([('Name', 'Bernard Jones'), ('Email', 'bjones@example.com'), ('Country', 'UK')])]

Referencing each of these objects is easy:

>>> print(data[0]['Country'])
USA
>>> print(data[2]['Email'])
bjones@example.com

By the way, if you have to deal with a CSV file with no header row of field names, the DictReader class lets you define them. In the example above, add the fieldnames argument and pass a sequence of the names:

d = DictReader(f, fieldnames=['Name', 'Email', 'Country'])

A real world example

I recently wanted to pick a random winner from a long list of individuals. The CSV data I pulled from spreadsheets was a simple list of names and email addresses.

Fortunately, Python also has a helpful random module good for generating random values. The randrange function in the Random class from that module was just what I needed. You can give it a regular range of numbers — like integers — and a step value between them. The function then generates a random result, meaning I could get a random integer (or row number!) back within the total number of rows in my data.

So this small program worked well:

from csv import DictReader
from random import Random d = DictReader(open('mydata.csv'))
data = []
for row in d: data.append(row) r = Random()
winner = data[r.randrange(0, len(data), 1)]
print('The winner is:', winner['Name'])
print('Email address:', winner['Email'])

Obviously this example is extremely simple. Spreadsheets themselves include sophisticated ways to analyze data. However, if you want to do something outside the realm of your spreadsheet app, Python may be just the trick!

Photo by Isaac Smith on Unsplash.

Posted on March 23, 2020 by — Leave a comment

Storage management with Cockpit

Cockpit is a very useful utility allowing you to manage a compatible system over the network from the comfort of a web browser (See the list of supported web browsers and Linux distributions). One such feature is the ability to manage storage configuration. Cockpit contains a frontend for udisks2 – it allows you to create new partitions or format, resize, mount, unmount or delete existing partitions without the need to do it manually from a terminal.

Note: please exercise caution when managing your system disk and it’s partitions – incorrectly handling them may leave your system in unbootable state or incur data loss.

Installing Cockpit

If you don’t have Cockpit installed yet you can do so by issuing:

sudo dnf install cockpit

Note: Depending on your install profile, Cockpit might already be installed and you can skip the installation step! Also, some users may need to install cockpit-storaged package along with it’s dependencies if it has not been installed:

sudo dnf install cockpit-storaged

Add the service to the firewall:

sudo firewall-cmd –add-service=cockpit –permanent

Afterwards enable and start the service:

sudo systemctl enable cockpit.socket –now

And after this everything should be ready and cockpit should be accessible by entering the computers IP address or network domain name in the browser followed by the port 9090. For example: https://cockpit-example.localdomain:9090

Note: you will need to authenticate as privileged user to be able to modify your storage configuration, so tick the “Reuse my password for privileged tasks” checkbox on the Cockpit login page.

Basic provisioning of the storage device

Visiting the “Storage” section will display various statistics and information about the state of the system storage. You can find information about the partitions, their respective mountpoints, realtime disk read/write stats and storage related log information. Also, you can format and partition any newly attached internal/external storage device or attach an NFS mount.

To format and partition a blank storage device, select the device under “Devices” section by clicking on it. This will bring you to the screen of the selected storage device. Here you’ll be able to create a new partition table or format and create new partitions. if the device is empty Cockpit will describe the content of the storage device as unknown.

Click on “Create New Partition Table” to prepare the device.
After the partition table has been created, create one or more partitions by clicking “Create Partition” – here you’ll be able to specify the size, name, mountpoint and mount options.

When partitioning the storage device you have the choice between “Don’t owerwrite exiting data” and “Overwrite existing data with zeroes” – this will take slightly longer but is useful if you want to confidently erase the content of the storage device. Please note that this may not be enough for a substitute if your organisation has regulations in place how securely storage data must be erased. If needed, you can also specify custom mount options if defaults don’t suit your needs.

To simply create a single partition taking up all the storage space on the device just specify the name, for example, use “test” then specify it’s mountpoint, such as “/mnt/test” and click “Ok”. If you don’t want it to be immediately mounted uncheck the “Mount Now” checkbox. Specifying the name is optional, but will help you to identify the partition when inspecting the mountpoints. This will create a new XFS (the default recommended filesystem format) formatted partition “test” and mount it to “/mnt/test”.

Here’s an example how that would look like :

$ df -h
Filesystem Size Used Avail Use% Mounted on /dev/mapper/fedora-root 15G 2.3G 13G 16% / /dev/vda2 1014M 185M 830M 19% /boot /dev/vda1 599M 8.3M 591M 2% /boot/efi /dev/vdb1 20G 175M 20G 1% /mnt/test

It will also add the necessary entry to your /etc/fstab so that the partition gets mounted at boot.

Logical Volume Management

Cockpit also offers users to easily create and manage LVM and RAID storage devices. To create new Logical Volume Group, click on the burger menu button in the devices section and select the “Create Volume Group”. Select the available storage device (only devices with unmounted or no partitions will show up) to finish the process and afterwards return to the storage section and select the newly created volume group. From here on you’ll be able to create individual logical volumes by clicking “Create new Logical Volume”. Similarly to individual partitions, you can specify the size of the logical volume during creation if you don’t want to use all the available space of the volume group. After creating the logical volumes you’ll still need to format them and specify mountpoints. This can be done just like creating individual partitions was described earlier only instead of specifying individual disk devices you’re selecting logical volumes.

Here’s how a Logical Volume Group named “vgroup” with two Logical Volumes (lvol0 and lvol1) named “test” mounted on /mnt/test and named “data” mounted on /mnt/data would look like:

$ df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/fedora-root 15G 2.3G 13G 16% / /dev/vda2 1014M 185M 830M 19% /boot /dev/vda1 599M 8.3M 591M 2% /boot/efi /dev/mapper/vgroup0-lvol0 10G 104M 9.9G 2% /mnt/test /dev/mapper/vgroup0-lvol1 10G 104M 9.9G 2% /mnt/data

Just like before – all the necessary information has been added to the configuration and should persist between system reboots.

Other storage related Cockpit features

Apart from the described features above Cockpit also allows you to mount iscsi disks and nfs mounts located on the network. However, these resources are usually hosted on a dedicated server and require additional configuration going beyond this article. At this time Cockpit itself doesn’t offer the ability for users to configure and serve iscsi and nfs mounts but this may subject to change as Cockpit is an open source project under active development.

Posted on March 20, 2020 by — Leave a comment

Control the firewall at the command line

A network firewall is more or less what it sounds like: a protective barrier that prevents unwanted network transmissions. They are most frequently used to prevent outsiders from contacting or using network services on a system. For instance, if you’re running a laptop at school or in a coffee shop, you probably don’t want strangers poking around on it.

Every Fedora system has a firewall built in. It’s part of the network functions in the Linux kernel inside. This article shows you how to change its settings using firewall-cmd.

Network basics

This article can’t teach you everything about computer networks. But a few basics suffice to get you started.

Any computer on a network has an IP address. Think of this just like a mailing address that allows correct routing of data. Each computer also has a set of ports, numbered 0-65535. These are not physical ports; instead, you can think of them as a set of connection points at the address.

In many cases, the port is a standard number or range depending on the application expected to answer. For instance, a web server typically reserves port 80 for non-secure HTTP communications, and/or 443 for secure HTTPS. The port numbers under 1024 are reserved for system and well-known purposes, ports 1024-49151 are registered, and ports 49152 and above are usually ephemeral (used only for a short time).

Each of the two most common protocols for Internet data transfer, TCP and UDP, have this set of ports. TCP is used when it’s important that all data be received and, if it arrives out of order, reassembled in the right order. UDP is used for more time-sensitive services that can withstand losing some data.

An application running on the system, such as a web server, reserves one or more ports (as seen above, 80 and 443 for example). Then during network communication, a host establishes a connection between a source address and port, and the destination address and port.

A network firewall can block or permit transmissions of network data based on rules like address, port, or other criteria. The firewall-cmd utility lets you interact with the rule set to view or change how the firewall works.

Firewall zones

To verify the firewall is running, use this command with sudo. (In fairness, you can run firewall-cmd without the sudo command in environments where PolicyKit is running.)

$ sudo firewall-cmd --state
running

The firewalld service supports any number of zones. Each zone can have its own settings and rules for protection. In addition, each network interface can be placed in any zone individually The default zone for an external facing interface (like the wifi or wired network card) on a Fedora Workstation is the FedoraWorkstation zone.

To see what zones are active, use the –get-active-zones flag. On this system, there are two network interfaces, a wired Ethernet card wlp2s0 and a virtualization (libvirt) bridge interface virbr0:

$ sudo firewall-cmd --get-active-zones
FedoraWorkstation interfaces: wlp2s0
libvirt interfaces: virbr0

To see the default zone, or all the defined zones:

$ sudo firewall-cmd --get-default-zone
FedoraWorkstation
$ sudo firewall-cmd --get-zones
FedoraServer FedoraWorkstation block dmz drop external home internal libvirt public trusted work

To see the services the firewall is allowing other systems to access in the default zone, use the –list-services flag. Here is an example from a customized system; you may see something different.

$ sudo firewall-cmd --list-services
dhcpv6-client mdns samba-client ssh

This system has four services exposed. Each of these has a well-known port number. The firewall recognizes them by name. For instance, the ssh service is associated with port 22.

To see other port settings for the firewall in the current zone, use the –list-ports flag. By the way, you can always declare the zone you want to check:

$ sudo firewall-cmd --list-ports --zone=FedoraWorkstation
1025-65535/udp 1025-65535/tcp

This shows that ports 1025 and above (both UDP and TCP) are open by default.

Changing zones, ports, and services

The above setting is a design decision.* It ensures novice users can use network facing applications they install. If you know what you’re doing and want a more protective default, you can move the interface to the FedoraServer zone, which prohibits any ports not explicitly allowed. (Warning: if you’re using the host via the network, you may break your connection — meaning you’ll have to go to that box physically to make further changes!)

$ sudo firewall-cmd --change-interface=<ifname> --zone=FedoraServer
success

* This article is not the place to discuss that decision, which went through many rounds of review and debate in the Fedora community. You are welcome to change settings as needed.

If you want to open a well-known port that belongs to a service, you can add that service to the default zone (or use –zone to adjust a different zone). You can add more than one at once. This example opens up the well-known ports for your web server for both HTTP and HTTPS traffic, on ports 80 and 443:

$ sudo firewall-cmd --add-service=http --add-service=https
success

Not all services are defined, but many are. To see the whole list, use the –get-services flag.

If you want to add specific ports, you can do that by number and protocol as well. (You can also combine –add-service and –add-port flags, as many as necessary.) This example opens up the UDP service for a network boot service:

$ sudo firewall-cmd --add-port=67/udp
success

Important: If you want your changes to be effective after you reboot your system or restart the firewalld service, you must add the –permanent flag to your commands. The examples here only change the firewall until one of those events next happens.

These are just some of the many functions of the firewall-cmd utility and the firewalld service. There is much more information on firewalld at the project’s home page that’s worth reading and trying out.

Photo by Jakob Braun on Unsplash.