Fedora Magazine

Subscribe to feed Fedora Magazine
Guides, information, and news about the Fedora operating system for users, developers, system administrators, and community members.
Aggiornato: 3 ore 46 min fa

Use Peek to take quick GIF screencasts

Ven, 20/04/2018 - 10:00

Are you looking for an easy tool for taking quick screencasts as animated GIFs? Take a look at Peek — a simple application that makes taking GIF screencasts a breeze. While there are other ways in Fedora to take screencasts, like the functionality built into the desktop, and the EasyScreenCast extension, Peek adds the ability to produce GIFs.

an animated GIF created with the peek screenshot tool

Peek provides a simple interface for creating quick screencasts. In addition to outputting animated GIFs, it can also produce other video formats such as WebM. Configuration options  also allow configuration  to automatically downscale recorded videos. Unlike some of the older screencasting tools, Peek works under Wayland.


The easiest way to install Peek on Fedora is from the Flathub repositories of Flatpaks. First, follow the directions in this article to set up Flathub as a third party software source. Note, however, that Flathub is not officially affiliated with the Fedora Project, and may contain software that does not adhere to some of the Fedora Packaging Guidelines.

Once Flathub is enabled as a third-party source, simply search and install Peek from the Software app in Fedora Workstation.

Using Peek

Peek can only record a defined part of your screen, there are no options to record a whole monitor, or the whole desktop. When opening the application, the user is presented with a window with a fully transparent body. Simply resize the window to define the area to screencast, and press the Record button at the top of the window.

a screenshot of a peek window

A countdown will inform you when the recording starts, and when finished, simply press the Stop button in the top right of the window.



How to start developing on Java in Fedora

Ven, 20/04/2018 - 10:00

Java is one of the most popular programming languages in the world. It is widely-used to develop IOT appliances, Android apps, web, and enterprise applications. This article will provide a quick guide to install and configure your workstation using OpenJDK.

Installing the compiler and tools

Installing the compiler, or Java Development Kit (JDK), is easy to do in Fedora. At the time of this article, versions 8 and 9 are available. Simply open a terminal and enter:

sudo dnf install java-1.8.0-openjdk-devel

This will install the JDK for version 8. For version 9, enter:

sudo dnf install java-9-openjdk-devel

For the developer who requires additional tools and libraries such as Ant and Maven, the Java Development group is available. To install the suite, enter:

sudo dnf group install "Java Development"

To verify the compiler is installed, run:

javac -version

The output shows the compiler version and looks like this:

javac 1.8.0_162 Compiling applications

You can use any basic text editor such as nano, vim, or gedit to write applications. This example provides a simple “Hello Fedora” program.

Open your favorite text editor and enter the following:

public class HelloFedora {       public static void main (String[] args) {               System.out.println("Hello Fedora!");       } }

Save the file as HelloFedora.java. In the terminal change to the directory containing the file and do:

javac HelloFedora.java

The compiler will complain if it runs into any syntax errors. Otherwise it will simply display the shell prompt beneath.

You should now have a file called HelloFedora, which is the compiled program. Run it with the following command:

java HelloFedora

And the output will display:

Hello Fedora! Installing an Integrated Development Environment (IDE)

Some programs may be more complex and an IDE can make things flow smoothly. There are quite a few IDEs available for Java programmers including:

However, one of the most popular open-source IDE’s, mainly written in Java, is Eclipse. Eclipse is available in the official repositories. To install it, run this command:

sudo dnf install eclipse-jdt

When the installation is complete, a shortcut for Eclipse appears in the desktop menu.

For more information on how to use Eclipse, consult the User Guide available on their website.

Browser plugin

If you’re developing web applets and need a plugin for your browser, IcedTea-Web is available. Like OpenJDK, it is open source and easy to install in Fedora. Run this command:

sudo dnf install icedtea-web

As of Firefox 52, the web plugin no longer works. For details visit the Mozilla support site at https://support.mozilla.org/en-US/kb/npapi-plugins?as=u&utm_source=inproduct.

Congratulations, your Java development environment is ready to use.

4 cool new projects to try in COPR for April

Lun, 16/04/2018 - 10:00

COPR is a collection of personal repositories for software that isn’t carried in Fedora. Some software doesn’t conform to standards that allow easy packaging. Or it may not meet other Fedora standards, despite being free and open source. COPR can offer these projects outside the Fedora set of packages. Software in COPR isn’t supported by Fedora infrastructure or signed by the project. However, it can be a neat way to try new or experimental software.

Here’s a set of new and interesting projects in COPR.


Anki is a program that helps you learn and remember things using spaced repetition. You can create cards and organize them into decks, or download existing decks. A card has a question on one side and an answer on the other. It may also include images, video or audio. How well you answer each card determines how often you see that particular card in the future.

While Anki is already in Fedora, this repo provides a newer version.

Installation instructions

The repo currently provides Anki for Fedora 27, 28, and Rawhide. To install Anki, use these commands:

sudo dnf copr enable thomasfedb/anki sudo dnf install anki Fd

Fd is a command-line utility that’s a simple and slightly faster alternative to find. It can execute commands on found items in parallel. Fd also uses colorized terminal output and ignores hidden files and patterns specified in .gitignore by default.

Installation instructions

The repo currently provides fd for Fedora 26, 27, 28, and Rawhide. To install fd, use these commands:

sudo dnf copr enable keefle/fd sudo dnf install fd KeePass

KeePass is a password manager. It holds all passwords in one end-to-end encrypted database locked with a master key or key file. The passwords can be organized into groups and generated by the program’s built-in generator. Among its other features is Auto-Type, which can provide a username and password to selected forms.

While KeePass is already in Fedora, this repo provides the newest version.

Installation instructions

The repo currently provides KeePass for Fedora 26 and 27. To install KeePass, use these commands:

sudo dnf copr enable mavit/keepass sudo dnf install keepass jo

Jo is a command-line utility that transforms input to JSON strings or arrays. It features a simple syntax and recognizes booleans, strings and numbers. In addition, jo supports nesting and can nest its own output as well.

Installation instructions

The repo currently provides jo for Fedora 26, 27, and Rawhide, and for EPEL 6 and 7. To install jo, use these commands:

sudo dnf copr enable ganto/jo sudo dnf install jo

Flock 2018 will be in Dresden, Germany this August 8-11

Ven, 13/04/2018 - 16:36

Each year the Fedora Project holds a conference for contributors known as Flock. The Flock 2018 conference will be in Dresden, Germany from 8-11 August. The conference is open to all contributors. Here’s a message from the Flock organizing committee about this year’s conference.

We are very grateful to the bidders for this year’s flock. While in the end we could not accept the bids because of administrative, monetary, or calendar issues, we were definitely inspired by and are appreciative of the very hard work that went into the bids. The bids this year were for a diverse range of cities, and each was interesting and inspired the final choice. You’re encouraged to let these folks know how much they are appreciated:

Conference Program

We are continuing to tweak the program concept to help the conference keep pace with the evolution of the Fedora. Project Leader Matthew Miller started a discussion about this year’s content and schedule on the flock-planning mailing list. We encourage you to subscribe to that list and join the conversation.

The call for submissions for talks and workshops will open once the programming conversation has completed and we have picked some tooling. If you’re interested in helping with tooling, please let us know on the flock-planning mailing list.


We are working on changing the registration system to one more easily supported by our accounting system. Therefore we will be opening registration as soon as those details are confirmed.

The registration this year will again include a small voluntary fee to offset swag and setup costs per attendee. The fee for USA attendees is $25. This fee has been scaled via the Big Mac Index to other countries and geographic areas. This means the fee in each country should roughly be the same level of spending, rather than the exact equivalent in local currency. That makes it easier for people in each area to register.

Barring technical issues, the registration system will again also allow you to contribute some extra money toward funding travel for those who need it. This means anyone can contribute to make it easier for someone else to attend.


The event will be located at the Radisson Blu Park Hotel & Conference Centre, Dresden Radebeul. We will be posting details on how to reserve a room on the Flock website (see below). Rooms will be 100 EUR per night for double occupancy and 75 EUR per night for single occupancy.

Ongoing Communication

There is a Freenode IRC channel for real-time communication about Flock. We will bridge this to a Telegram channel for those who choose to use this client for easier mobile communications.

We are working on setting up a Flock-attendees-2018 mailing list. Details will be posted when they are available.

Last, but not least, we will begin working on the updated Flock to Fedora website and will post an announcement when it is ready. The website will list several hints for transportation to the event venue. For now, those of you trying to plan air travel should consider flying into either the Dresden Airport or to a neighboring city with easy train access such as Prague, Czech Republic or Berlin, Germany. The train trip from Prague to Dresden is particularly beautiful and highly recommended.

Fedora Podcast 005 — Fedora Magazine

Ven, 13/04/2018 - 14:44

Paul Frields

Episode 005 of the Fedora Podcast is now available. Episode 005 features Editor of the Fedora Magazine Paul W. Frields. Paul is a former Fedora Project Leader and former manager of the Fedora Engineering team.

In this episode, Paul talks about the Fedora Magazine, the way it works, the process to write an article, and the scope of the magazine in the Fedora Project.

In addition to listening above, Episode 005 is also available on Soundcloud, iTunes, Stitcher, Google Play, Simplecast, Spotify and x3mboy’s site. Full transcripts of Episode 005 are available here. Transcripts are also available for previous episodes.

Subscribe to the podcast

You can subscribe to the podcast in Simplecast, follow the Fedora Podcast on Soundcloud, on iTunes, Stitcher, Google Play, Spotify or periodically check the author’s site on fedorapeople.org.


This podcast is made with the following free software: Jitsi, Audacity, and espeak.

The following audio files are also used: Soft echo sweep by bay_area_bob and The Spirit of Nøkken by johnnyguitar01.

Awesome GNOME extensions for developers

Mer, 11/04/2018 - 15:30

Extensions add immense flexibility to the GNOME 3 desktop environment. They give users the advantage of customizing their desktop while adding ease and efficiency to their workflow. The Fedora Magazine has already covered some great desktop extensions such as EasyScreenCast, gTile, and OpenWeather. This article continues that coverage by focusing on extensions tailored for developers.

If you need assistance installing GNOME extensions, refer to the article How to install a GNOME Shell extension.

 Docker Integration

The Docker Integration extension is a must for developers using Docker for their apps. The status menu provides a list of Docker containers with the option to start, stop, pause and even remove them. The list updates automatically as new containers are added to the system.

After installing this extension, Fedora users may get the message: “Error occurred when fetching containers.” This is because Docker commands require sudo or root permissions by default. To configure your user account to run Docker, refer to the Docker Installation page on the Fedora Developer Portal.

You can find more information on the extension’s website.

 Jenkins CI Server Indicator

The Jenkins CI Server Indicator extension makes it easy for developers to build their apps on a Jenkins CI Server. It displays a menu with a list of jobs and the state of those jobs. It also includes features such as easy access to the Jenkins web front-end, notifications for completed jobs, and the ability to trigger and filter jobs.

For more information, visit the developer’s site.


android-tool can be a valuable extension for Android developers. Features include capturing bug reports, device screenshots and screen-recording. It can also connect to the Android device via USB or TCP.

This extension does require the adb package. To install adb from the official Fedora repository run this command:

sudo dnf install android-tools

You can find more information at the extension Github site.


GnomeHub is a great extension for GNOME users using Github for their projects. It displays Github repositories and notifies the user of opened pull requests. In addition, users can add their favorite repositories in the extension’s settings.

For more information, refer to the project’s Github page.


Quite simply, gistnotes provides easy access for gist users to create, store and manage notes or code snippets. For more information refer to the project’s website.

 Arduino Control


The Arduino Control extension allows users to connect to, and control, their Arduino boards. It also lets users add sliders and switches in the status menu. In addition, the developer includes scripts in the extension’s directory to connect to the board via Ethernet or USB.

Most importantly, this extension can be customized to fit your project. An example provided in the README file is the ability to “Control your Room Lights from any Computer on the Network.”

You can read more about the features and setup of this extension on the project’s Github page.

 Hotel Manager

Developers using the Hotel process manager for their web apps should explore the Hotel Manager extension. It displays a list of web apps added to Hotel, and gives users the ability to start, stop and restart those apps. Furthermore, the computers icon to the right gives quick access to open, or view, that web app. The extension can also start, stop, or restart the Hotel daemon.

As of the publication of this article, Hotel Manager version 4 for GNOME 3.26 does not list the web apps in the extension’s drop-down menu. Version 4 also gives errors when installing on Fedora 28 (GNOME 3.28). However, version 3 works with Fedora 27 and Fedora 28.

For more details, see the project’s Github page.

VSCode Search Provider

VSCode Search Provider is a simple extension that displays Visual Studio Code projects in the GNOME overview search results. For heavy VSCode users, this extension saves time by giving developers quick access to their projects. You can find more information on the project’s Github page.

Do you have a favourite extension you use for development? Let us know in the comments.

Contribute at the Add-On Modularity and Kernel Test Days

Lun, 09/04/2018 - 15:35

Fedora test days are events where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed to Fedora before, this is a perfect way to get started.

There are two upcoming test days this week. The first, on Tuesday April 10, is to test the Add-On Modularity. On Friday April 13, the test day is focusing on the Kernel in Fedora. Come and test with us to make the upcoming Fedora 28 even better.

Modularity test day

Add-On Modularity is a new feature coming to the Fedora 28 Server Edition bringing multiple versions of software to Fedora by introducing a new concept called modules. From the user perspective, modules are like release-independent package groups on independent lifecycles, available in multiple streams.

To test the new feature, Fedora Modularity and QA teams have organized a test day for Tuesday, April 10. Please see the Modularity test day wiki page for detailed information.

Kernel test day

The kernel team is working on final integration for kernel 4.16. This
version was just recently released, and will arrive soon in Fedora.
This version will also be the shipping kernel for Fedora 28. As a
result, the Fedora kernel and QA teams have organized a test day for
Friday, April 13. Refer to the wiki page for links to the test images you’ll need to participate.

How do test days work?

A test day is an event where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed before, this is a perfect way to get started.

To contribute, you only need to be able to download test materials (which include some large files) then read and follow directions step by step.

Detailed information about both test days are on the wiki pages above. If you’re available on or around the days of the events, please do some testing and report your results.

Use restic on Fedora for encrypted backups

Ven, 06/04/2018 - 10:00

Restic is a fast, efficient, free and open source backup application that secures your data with AES-256 encryption. Restic also utilizes deduplication to help conserve backup space. Additionally, Restic is compatible with most major cloud providers. This tutorial walks through installing Restic on Fedora and setting up backups to a cloud storage provider (in this example, BackBlaze B2 Cloud storage).

Installing Restic

Although you can compile restic from source or download it from the release page, there’s a helpful COPR for this utility.  The Fedora Magazine covered this COPR in one of our previous articles. Do note that COPR provided software isn’t supported by Fedora infrastructure or signed by the project.

To enable the COPR for restic, run these commands:

sudo dnf copr enable copart/restic sudo dnf install restic

Test your installation by typing the following command. If you see the help screen as output, you are ready to go.

restic Preparing a new repository

Restic refers to your backup as a repository and can make backups to any B2 bucket on your Backblaze account. First, setup the following environment variables using your B2 credentials. These can also be set in any backup script you may create.


Create the repository by initializing it. If the bucket doesn’t already exist,  restic automatically creates it. A prompt appears for you to type a password for the repository. Do not lose this password because your data is irrecoverable without it.

restic -r b2:bucketname:/ init

For example:

$ restic -r b2:g534fbucket:/ init enter password for new backend: enter password again: created restic backend 93702e3c5f at b2:g534fbucket:/ Please note that knowledge of your password is required to access the repository. Losing your password means that your data is irrecoverably lost. Creating backups

Now it’s time to backup some data. Backups are called snapshots. Run the following command and enter the repository password when prompted.

restic -r b2:bucketname:/ backup files_to_backup

For example:

$ restic -r b2:g534fbucket:/ backup Documents/ enter password for repository: scan [/home/curt/Documents] scanned 1 directories, 3 files in 0:00 [0:04] 0B/s 0B / 0B 4 / 4 items 0 errors ETA 0:00 duration: 0:04, 0.00MiB/s snapshot d864c465 saved Restoring from backups

Now that you’ve backed up some files, it’s time to make sure you know how to restore them. To get a list of all of your backup snapshots, use this command:

restic -r b2:bucketname:/ snapshots

For example:

$ restic -r b2:g534fbucket:/ snapshots enter password for repository: ID Date Host Tags Directory ---------------------------------------------------------------------- d864c465 2018-03-27 15:20:42 client /home/curt/Documents

To restore an entire snapshot, run a command like this:

restic -r b2:bucketname:/ restore snapshotID --target restoreDirectory

For example:

$ restic -r b2:g534fbucket:/ restore d864c465 --target ~ enter password for repository: restoring <Snapshot d864c465 of [/home/curt/Documents] at 2018-03-27 15:20:42.833131988 -0400 EDT by curt@client> to /home/curt

If the directory still exists on your system, be sure to specify a different location for the restoreDirectory. For example:

restic -r b2:g534fbucket:/ restore d864c465 --target /tmp

To restore an individual file, run a command like this:

$ restic -r b2:g534fbucket:/restore snapshotID --target restoreDirectory --include filename

For example:

$ restic -r b2:g534fbucket:/ restore d864c465 --target /tmp --include file1.txt enter password for repository: restoring <Snapshot d864c465 of [/home/curt/Documents] at 2018-03-27 15:20:42.833131988 -0400 EDT by curt@client> to /tmp

Photo by Samuel Zeller on Unsplash.

How Fedora Secures Package Delivery

Mer, 04/04/2018 - 14:05

Eariler this year, PackageCloud published a blog post on “attacks against GPG signed APT repositories”. Currently, Fedora uses several ways to ensure that packages from the Fedora repositories are delivered to you securely. This article provides a high-level insight in to how the Fedora Project secures our update delivery. Note, however, that the following analysis only applies to the default Fedora Project repositories as shipped with Fedora.

Signed packages

All RPM packages shipped by the Fedora Project are GPG-signed. Installing packages with DNF (or YUM) from a repository where gpgcheck=1 is set — which is true for all repositories in a default Fedora installation — will fully verify the signatures on the packages. If you install a package outside of a repository (manually downloading it for example), the signature will not be verified automatically. However, it can be manually verified against the current set of imported RPM GPG signing keys with rpm -K <filename.rpm>.

As such, just signing a package prevents against that package being modified or an entirely different package being provided, but not against “freeze” attacks or malicious repository data.

Signed repositories

The Fedora Project does not sign our package repositories (yet), even though this has been requested a lot of times. One of the main reasons for this is that DNF/YUM repodata has no “ValidUntil” or sortalike attribute. Additionally, librepo — which DNF uses to download and verify repodata– regards expired GPG signatures as fully valid. This means that there is no way at all to mark repository data as valid for a limited amount of time.

As such, while it can protect against modification of the repository data, it does not protect against attackers (or outdated mirrors) shipping ancient repositories with known-vulnerable software.


So, how are Fedora users protected? The Fedora Project uses a data format called “Metalink” to provide YUM/DNF not only with a list of mirrors that they can download all our software from, but also a list of reasonably fresh repomd.xml checksums to expect. repomd.xml contains the checksums of all other referred files. Consequently, if a mirror is serving outdated or modified repodata, DNF/YUM will detect this, and just skip over this mirror. All our repository configurations are set to request the metalink over TLS from the Fedora Project servers.

Now, an important part here is the “reasonably fresh” part. Repositories are regenerated every day, and the checksums are sent for at most the last 3 days. This ensures that mirrors that are slightly outdated are not immediately regarded as invalid.

However, when a significant security issue is announced and we have repositories that include fixes for this issue, there is an “Emergency” button. This tell the servers to immediately regard every older repomd.xml checksum as outdated.

When this button is pressed, every mirror that does not have the very latest repository data will be regarded as outdated.  This ensures that Fedora users get the security patches as soon as possible. However, for a period of time only the master mirrors are trusted until other mirrors sync their data. This solution was chosen over delaying getting important fixes out to our users and making them vulnerable to attackers in the meantime.

So, as long as a Fedora install’s repository configurations remain unchanged, you will be guaranteed (save for any issues in the code surrounding DNF/YUM) to get fresh repositories, and get critical security patches as soon as they are available.


Fedora Podcast 004 — Fedora Documentation

Mer, 04/04/2018 - 04:13

Jared Smith

Episode 004 of the Fedora Podcast is now available. Episode 004 features a core member of the documentation team Jared Smith. Jared, former Fedora Project Leader, is also a member of FESCo (Fedora Engineering Steering Committee) and core member of the documentation team in the Fedora Project.

In this episode, Jared talks about the documentation subproject, the new tools, the translation system, and the hopes and future of the documentation in the Fedora Project.

In addition to listening above, episode 004 is also available on Soundcloud, iTunes, Stitcher, Google Play, Simplecast, Spotify and x3mboy’s site. Full transcripts of Episode 004 are available here. Transcripts are also available for previous episodes!

For this episode we have a new look! Thanks to the design team for this awesome work! Also, we are now available in Spotify.

Subscribe to the podcast

You can subscribe to the podcast in Simplecast, follow the Fedora Podcast on Soundcloud, on iTunes, Stitcher, Google Play, Spotify or periodically check the author’s site on fedorapeople.org.


This podcast is made with the following free software: Audacity, and espeak.

The following audio files are also used: Soft echo sweep by bay_area_bob and The Spirit of Nøkken by johnnyguitar01.

Announcing the release of Fedora 28 Beta

Mar, 03/04/2018 - 16:00

The Fedora Project is pleased to announce the immediate availability of Fedora 28 Beta, the next big step on our journey to the exciting Fedora 28 release in May.
Download the prerelease from our Get Fedora site:

Or, check out one of our popular variants, including KDE Plasma, Xfce, and other desktop environments, as well as images for ARM devices like the Raspberry Pi 2 and 3:

Beta Release Highlights Modular Repository for Fedora Server

As discussed in Modularity is Dead, Long Live Modularity, we have taken a simpler approach to modules for F28. Instead of a separate modularized operating system, we’ve added a new Modular Repository alongside the traditional Everything Repository. With the Fedora Server Edition, the Modular repository will be immediately available. You will have access to a few modules today with more to come during the run-up to the F28 release.

You can enable Modularity in other Editions and variants of Fedora, but unfortunately, Modules are not yet available through GNOME Software or Plasma Discover. We are working on providing the necessary support to libdnf which these tools (and others) rely on. To use the Modular repo on a Fedora desktop platform, we recommend enabling it inside a container.

64-bit Arm now a primary architecture for Fedora Server

Fedora Server is now officially available for AAarch64, the 64-bit ARM platform.

GNOME 3.28

Fedora 28 Workstation Beta further refines the desktop experience with the inclusion of GNOME 3.28, which adds the capability to favorite files, folders, and contacts for easier organization and access. Additional enhancements include Thunderbolt 3 connection support, active-by-default power saving features to improve laptop battery life, and more.

VirtualBox Guest Additions

We now include the Guest Additions for VirtualBox, which will make for a smoother experience and better performance for anyone using that virtualization environment.

Kubernetes 1.9

New for Fedora 28 Atomic Host Beta is the inclusion of Kubernetes 1.9, which brings along a host of new innovative features for orchestrating container-native workloads.

Other updates

A common set of base packages forms the core foundation of each Fedora edition, and as with new versions of the Fedora operating system, Fedora 28 Beta includes a host of minor bug fixes and tweaks to these packages. The changes to Fedora 28 Beta’s base packages are highlighted by the addition of glibc 2.27, the latest version of the GNU Compiler Collection (GCC) 8, and updates to many open source languages, including Golang 1.10 and Ruby 2.5.


What is the Beta Release?

A Beta release is code-complete and bears a very strong resemblance to the final release, expected in May. If you take the time to download and try out the Beta, you can check and make sure the things that are important to you are working. Every bug you find and report doesn’t just help you, it improves the experience of millions of Fedora users worldwide! Together, we can make Fedora rock-solid. We have a culture of coordinating new features and pushing fixes upstream as much as we can, and your feedback improves not only Fedora, but Linux and Free software as a whole.

Issues and Details

Since this is a Beta release, we expect that you may encounter bugs or missing features. To report issues encountered during testing, contact the Fedora QA team via the mailing list or in #fedora-qa on Freenode. As testing progresses, common issues are tracked on the Common F28 Bugs page.

For tips on reporting a bug effectively, read how to file a bug report.

More information

For more detailed information about what’s new on Fedora 28 Beta Release, you can consult our Talking Points and the F28 Change Set. They contain more technical information about the new packages and improvements shipped with this release.

Use Musicbrainz to get CD information

Lun, 02/04/2018 - 10:00

Many people now buy music only online. But there are millions — maybe billions — of music compact discs (CDs) in circulation. You can still find a lot of music in this form. Musicbrainz, a project of the Metabrainz Foundation, offers a huge online database of music releases, including on CD. You can use Musicbrainz to retrieve CD data for tagging the CDs you rip. This article is the first of a miniseries showing how to rip CDs to files you can store in an online library.

Install supporting libraries

The script shown later in this article requires a few libraries to work properly. To install them, open a terminal and run this command using sudo:

sudo dnf install python3-musicbrainzngs python3-requests python3-libdiscid

The musicbrainzngs library provides the latest support for the Musicbrainz online database. The requests library provides an easy way to make HTTP requests from within a script. Finally, the libdiscid library provides functions for reading embedded IDs on any music CD, which can be looked up in the online Musicbrainz database.

Make an account

If you don’t have one already, make an account at Musicbrainz. You’ll use this account to access the database via the script. Visit https://musicbrainz.org and select Create Account near the top of the page. Fill out the online web form and follow instructions to make your account.


Make note of the password you use for the account. You’ll need it to run the script.

The script

This script reads a CD in your system’s default disc device. It then prints out information about the release from Musicbrainz. Finally, if possible the script stores a cover image. Store this script on your system as ~/bin/get-contents:

import musicbrainzngs as mb import requests import json from getpass import getpass this_disc = libdiscid.read(libdiscid.default_device()) mb.set_useragent(app='get-contents', version='0.1') mb.auth(u=input('Musicbrainz username: '), p=getpass()) release = mb.get_releases_by_discid(this_disc.id, includes=['artists', 'recordings']) if release.get('disc'): this_release=release['disc']['release-list'][0] title = this_release['title'] artist = this_release['artist-credit'][0]['artist']['name'] if this_release['cover-art-archive']['artwork'] == 'true': url = 'http://coverartarchive.org/release/' + this_release['id'] art = json.loads(requests.get(url, allow_redirects=True).content) for image in art['images']: if image['front'] == True: cover = requests.get(image['image'], allow_redirects=True) fname = '{0} - {1}.jpg'.format(artist, title) print('COVER="{}"'.format(fname)) f = open(fname, 'wb') f.write(cover.content) f.close() break print('TITLE="{}"'.format(title)) print('ARTIST="{}"'.format(artist)) print('YEAR="{}"'.format(this_release['date'].split('-')[0])) for medium in this_release['medium-list']: for disc in medium['disc-list']: if disc['id'] == this_disc.id: tracks=medium['track-list'] for track in tracks: print('TRACK[{}]="{}"'.format(track['number'], track['recording']['title'])) break Examining the script

The first stanza of the script reads the CD device. Then it asks you to log in to the Musicbrainz  service. Notice the specific user agent so the Musicbrainz service can tell this script from other applications.

this_disc = libdiscid.read(libdiscid.default_device()) mb.set_useragent(app='get-contents', version='0.1') mb.auth(u=input('Musicbrainz username: '), p=getpass())

The next section asks the Musicbrainz service to use the disc ID provided by libdiscid to get the specific release data. Note the request limits the data it requests as a courtesy. It also discovers the title and artist data using the first available results:

release = mb.get_releases_by_discid(this_disc.id, includes=['artists', 'recordings']) if release.get('disc'): this_release=release['disc']['release-list'][0] title = this_release['title'] artist = this_release['artist-credit'][0]['artist']['name']

The next section of the script (up to the first break statement) tries to download the front cover art for the CD. It writes this information to a file named $ARTIST – $TITLE.jpg. You can use this cover art to tag the CD appropriately.

The final stanza prints out information of the disc in a format readable by the bash shell as an array. Here’s an example of what this might look like for a random disc:

TITLE="Intriguer" ARTIST="Crowded House" YEAR="2010" TRACK[1]="Saturday Sun" TRACK[2]="Archer's Arrows" TRACK[3]="Amsterdam" TRACK[4]="Either Side of the World" TRACK[5]="Falling Dove" TRACK[6]="Isolation" TRACK[7]="Twice If You're Lucky" TRACK[8]="Inside Out" TRACK[9]="Even If" TRACK[10]="Elephants"

Why print the data out in this format? Stay tuned to Fedora Magazine and find out in a future article.

Photo by Jonathan Kriz on Flickr.

Mozilla releases Facebook Container Extension for Firefox

Gio, 29/03/2018 - 01:40

Mozilla, the developer of Firefox — the default browser in Fedora — recently announced the new Facebook Container Extension. This extension is designed to give Firefox users better control of their data on Facebook. Specifically, the new extension limits Facebook’s ability to track your activity using third-party cookies. If you want to use Facebook, but limit the data shared with other websites, this extension might be worth a look.

Installing and Using the Facebook Container Extension

Install the Facebook Container Extension by simply going to the extension on the Firefox Addons site, and clicking install. Installing the extension will remove all Facebook’s cookies, and log you out of Facebook. The next time you visit Facebook, there will be a blue Facebook Container icon & label in the right of the address bar to show the container is active.

Be sure to check out the blog post from Mozilla that covers in more detail how this extension works.


Do continuous deployment with Github and Python

Mer, 28/03/2018 - 10:00

Developers can create many useful services using Github’s webhooks. From triggering a CI job on a Jenkins instance to provisioning machines in the cloud, the possibilities are almost limitless. This tutorial shows how to use Python and the Flask framework to build a simple continuous deployment service.

The continuous deployment service in this example is a simple Flask application with a REST endpoint that will receive Github’s webhook requests. After validating each request to check that it comes from the correct Github repository, the service pulls changes to the local copy of the repository. That way every time a new commit is pushed to the remote Github repository, the local repository is automatically updated.

Flask web service

It is easy to build a small web service with Flask. Here’s a look at the project structure.

├── app │   ├── __init__.py │   └── webhooks.py ├── requirements.txt └── wsgi.py

First, create the application. The application code goes under the app directory.

Two files ( __init__.py and webhooks.py) compose the Flask application. The former has the code needed to create the Flask application and add configuration to it. The latter has the endpoints logic. This is where the app receives the data from the Github request.

Here is the app/__init__.py content:

import os from flask import Flask from .webhooks import webhook def create_app(): """ Create, configure and return the Flask application """ app = Flask(__name__) app.config['GITHUB_SECRET'] = os.environ.get('GITHUB_SECRET') app.config['REPO_PATH'] = os.environ.get('REPO_PATH') app.register_blueprint(webhook) return(app)

The function creates two configuration variables:

  • GITHUB_SECRET holds a secret passphrase, used to authenticate the Github requests.
  • REPO_PATH holds the path of the repository to automatically update.

This code uses Flask Blueprints to organize the application endpoints. Using blueprints allows logical grouping of APIs, making applications easier to maintain. It is generally considered a good practice.

Here is the content of app/webhooks.py:

import hmac from flask import request, Blueprint, jsonify, current_app from git import Repo webhook = Blueprint('webhook', __name__, url_prefix='') @webhook.route('/github', methods=['POST']) def handle_github_hook(): """ Entry point for github webhook """ signature = request.headers.get('X-Hub-Signature') sha, signature = signature.split('=') secret = str.encode(current_app.config.get('GITHUB_SECRET')) hashhex = hmac.new(secret, request.data, digestmod='sha1').hexdigest() if hmac.compare_digest(hashhex, signature): repo = Repo(current_app.config.get('REPO_PATH')) origin = repo.remotes.origin origin.pull('--rebase') commit = request.json['after'][0:6] print('Repository updated with commit {}'.format(commit)) return jsonify({}), 200

First the code creates a new Blueprint webhook. Then it adds a new endpoint to the Blueprint using a Flask route. This route will be called by any POST request on the /github URL endpoint.

Verifying the request

When the service receives a request on this endpoint, it must first verify that the request comes from Github and from the correct repository. Github gives a signature in the request header X-Hub-Signature. This signature is generated using a secret (GITHUB_SECRET), the HMAC hex digest of the request body, and then hashed using the sha1 hash function.

To verify the request the service needs to calculate locally the signature and compare it to the signature received in the request header. This is done by the hmac.compare_digest function.

Custom hook logic

After validating the request, it can now be processd. This tutorial uses the GitPython module to interface with a git repository. From the GitPython module the Repo object is used to access the remote repository called origin. The service pulls the latest changes locally from the origin repository, also using the –rebase option to avoid issues with merges.

A debug print statement displays the short commit hash received from the request body. This example shows how to use the request body. For more details about the data available in the body, check github’s documentation.

Finally the service returns a empty JSON string and a 200 status code. This tells Github’s webhook server the request was received.

Deploying the service

To run the service, this example uses the gunicorn web server. First install the service dependencies. On a supported Fedora server, use this command with sudo:

sudo dnf install python3-gunicorn python3-flask python3-GitPython

Now edit the wsgi.py file used by gunicorn to run the service:

from app import create_app application = create_app()

To deploy this service, clone this git repository or use your own git repository with this command:

git clone https://github.com/cverna/github_hook_deployment.git /opt/

The next step is to configure the environment variables needed by the service. Run these commands:

export GITHUB_SECRET=asecretpassphraseusebygithubwebhook export REPO_PATH=/opt/github_hook_deployment/

This tutorial uses the webhook service Github repository, but you could use a different repository if you wish. Finally, start the webserver with these commands:

cd /opt/github_hook_deployment/ gunicorn --bind wsgi:application --reload

These options bind the web server to the ip address, meaning it will accept requests coming from any host. The –reload option ensures the web server restarts when the code changes. This is where the continuous deployment magic happens. Every Github request received pulls the latest change in the repository, and gunicorn detects these changes and automatically restarts the application.

Note: In order to receive the requests from github, the web service must be deployed on a server with a public IP address. An easy way to do this is to use your favorite cloud provider such as DigitalOcean, AWS, Linode, etc.

Configure Github

The last part of this tutorial configures Github to send the webhook request to the web service. This is key to continuous deployment.

From your Github repository settings, select the Webhook menu and click on Add Webhook. Enter the following information:

  • Payload URL: The URL of the service, for example http://public_ip_address:8000/github
  • Content type: Select application/json
  • Secret: The GITHUB_SECRET environment variable defined earlier

Then click the Add Webhook button.



Github will now send a request to the service every time a push event happens on this repository.


This tutorial has shown you how to write a Flask based web service that receives requests from a Github webhook and does continuous deployment. You should now be able to build your own useful services using this tutorial as a starting base.

New Spanish dictionaries available in Fedora

Lun, 26/03/2018 - 10:00

One of the biggest success stories in open source is its support for users from all around the world. The hunspell spell checker project is a great example.Hunspell accesses dictionaries in dozens of languages to allow users to check the spelling of their work. These dictionaries receive updates from contributors so the native languages are up to date with their coverage.

This spell checker is used in major applications such as LibreOffice and Mozilla Firefox and Thunderbird. It’s even used by some proprietary apps like Google Chrome and MacOS.

Recently, the Spanish hunspell dictionaries in the upcoming Fedora 28 release were updated to cover a large number of Spanish dialects. Fedora users who speak and use these dialects now have dictionaries that accurately cover their usage.

In the Fedora 28 Beta, which is soon to be released, use this command with sudo to show all the available dialects:

sudo dnf list hunspell-es\*

To install the Salvadoran dialect, for instance, run this command:

sudo dnf install hunspell-es-SV

Featured image includes Journey to the Center of the Earth (sample book pages in Spanish).jpg licenced CC BY SA 4.0 from the Wikimedia Commons

Introducing DevConf.US — call for participation closes soon

Ven, 23/03/2018 - 09:00

DevConf.cz is a popular annual conference held annually in Brno. This year, DevConf is expanding with the inaugural DevConf.us being held in Boston, USA this coming August.  DevConf.us is an annual, free, Red Hat sponsored community conference. It is targeted at developers, system administrators, DevOps engineers, testers, documentation writers and other contributors to open source technologies.

The Call for Participation for DevConf.us is still open but closing soon! The Call closes at 23:59 UTC on April 3, 2018.

DevConf.us is designed to draw an audience of people who classify themselves as:

  • A developer
  • A technology architect
  • A designer
  • A quality assurance engineer
  • An IT consultant
  • An IT student or a teacher from an IT university/faculty
  • Or simply an IT enthusiast interested in the latest trends in open source and emerging digital technologies
DevConf.us event information

DevConf.us is being held from Friday August 17 to Sunday August 19, 2018. The venue is the George Sherman Union Building, Boston University, 775 Commonwealth Avenue, Boston, MA, 02215

Submit a proposal

The Call for Participation for DevConf.us is still open but closing soon! The Call closes at 23:59 UTC on April 3, 2018.

The DevConf.us team is asking for proposals for presentations, discussions, panels, or workshops!  During the conference, there will be four parallel tracks with an audience of about 300 people.

To help guide you in submitting proposals, the organizers are particularly interested in the following subjects this year:

Containers and Orchestration
  • Various container technologies
  • Mechanisms/tools for orchestration
  • Problem areas
  • Security
  • versus virtualization and integrating with virtualization
Ensuring Software Quality
  • Assuring the quality of open source software
  • Engaging communities in testing software
  • Community-driven CI and automated testing
Machine Learning & Artificial Intelligence
  • Enablement on physical, virtual and cloud deployments
  • Best practices with tools and methods
  • Crowdsourcing vs expert systems
  • Case studies of ML in practice
Middleware Technologies
  • Synchronous vs asynchronous methods
  • “Backplanes”: message buses, databases, transaction servers
  • Performance optimizations and tradeoffs
Operating Systems
  • Design and tradeoffs
  • Orchestration & Configuration Management
  • Lowering maintenance effort of software
Serverless Computing
  • Open source options
  • Best Practices
  • Avoiding vendor lock in
User Experience in Open Source
  • Design and front end development processes, tools and techniques across open source projects
  • Research approaches and methods for open source initiatives
  • Driving and collecting user experience feedback across communities
  • Designing in the open


Python 3.7 now available in Fedora

Mer, 21/03/2018 - 09:00

On February 28th 2018, the second beta of Python 3.7 was released. This new version contains lots of fixes and, notably, several new features available for everyone to test. The pre-release of Python 3.7 is available not only in Fedora Rawhide but also all other Fedora versions. Read more about it below.

Installation and basics

It’s easy to install Python 3.7 on supported Fedora. Run this command:

sudo dnf install python37

Then, run the command python3.7 to test things out. You can also create a virtual environment using the new version, or add py37 to your project’s tox.ini and start testing on the freshest Python available:

$ python3.7 -m venv venv $ . venv/bin/activate (venv) $ python --version Python 3.7.0b2

There are no extra libraries or software for Python 3.7 packaged in Fedora yet.  However, the whole ecosystem is available through virtualenv and pip:

(venv) $ python -m pip install requests # or any other package Collecting requests Using cached requests-2.18.4-py2.py3-none-any.whl Collecting idna<2.7,>=2.5 (from requests) Using cached idna-2.6-py2.py3-none-any.whl Collecting certifi>=2017.4.17 (from requests) Using cached certifi-2018.1.18-py2.py3-none-any.whl Collecting urllib3<1.23,>=1.21.1 (from requests) Using cached urllib3-1.22-py2.py3-none-any.whl Collecting chardet<3.1.0,>=3.0.2 (from requests) Using cached chardet-3.0.4-py2.py3-none-any.whl Installing collected packages: idna, certifi, urllib3, chardet, requests Successfully installed certifi-2018.1.18 chardet-3.0.4 idna-2.6 requests-2.18.4 urllib3-1.22 New Python 3.7 feature: Data classes

Here’s an example of a killer new feature in Python 3.7.

How many times have you written out self.attribute = attribute in your __init__ method? For most Python devs, the answer is “a lot.” Combined with __repr__ and support for comparisons, there’s a lot of boilerplate involved in creating a class that only holds a bunch of data. The excellent attrs project solves many of these issues. Now a carefully selected subset of the ideas in attrs is making its way to the standard library.

Here’s an example of the feature in action:

from dataclasses import dataclass @dataclass class Point: x: float y: float z: float = 0.0 >>> p = Point(1.5, 2.5) >>> print(p) Point(x=1.5, y=2.5, z=0.0)

Note the types are just documentation. They aren’t actually checked at runtime, though they will work with static checkers like mypy. Data classes are documented in PEP 557 for now. If the API feels too limited, remember the small scope is intentional. You can always switch to using the full attrs library if you need more features.

This and other new features come with the release. Python 3.7 will become the default Python version in Fedora 29. If you spot any bugs, please report them in Fedora Bugzilla or directly upstream. If you have any questions, ask the Python SIG at python-devel@lists.fedoraproject.org or visit IRC Freenode channel #fedora-python.

Photo by Alfonso Castro on Unsplash.

GNOME 3.28 released & coming to Fedora 28

Mar, 20/03/2018 - 03:21

Last week, The GNOME project announced the release of GNOME 3.28. This major release of the GNOME desktop is the default desktop environment in the upcoming release of Fedora 28 Workstation. 3.28 includes a wide range of enhancements, including updates to Files (nautilus), Contacts, Calendar, Clocks and the on-screen keyboard. Additionally, the new application Usage is added to “make it easy to diagnose and resolve performance and capacity issues

The new Usage application in GNOME 3.28

Application Updates in GNOME 3.28

GNOME 3.28 provides updated versions of many of the GNOME default applications. The ability to “star” items is added to both the Files and the Contacts applications. This allows the user to star an item — be it a file, folder, or a contact — for quick access later. Calendar now provides a neater month view, and weather updates displayed alongside your appointments.

Updated Calendar application in GNOME 3.28 with weather forecasts built in


Updates to Cantarell

Cantarell is the default interface font in both GNOME and Fedora Workstation. In this updated version of GNOME, Cantarell is refreshed, with updated glyph shapes and spacing. Additionally, there are two new weights: light and extra bold.

Specimen of the new Cantarell in GNOME 3.26

Read more about this release

There are many more changes and enhancements in this major version of GNOME. Check out the release announcement and the release notes from the GNOME Project for more information. Also, check out this awesome rundown of the best new GNOME 3.28 features from OMGUbuntu.

Screenshots in this post are from the GNOME 3.28 Release Notes

Update on the Meltdown & Spectre vulnerabilities

Lun, 19/03/2018 - 09:00

January saw the annoucement of a series of critical vulnerabilities called Spectre and Meltdown. The nature of these issues meant the solutions were complex and required fixing delicate code. The initial fix for Meltdown on x86 was KPTI, which was available almost immediately. Developing mitigations for Spectre was more complex. Other architectures had to look at their vulnerability status as well, and get mitigation in where it was needed. As a bit of time has passed, what is the exposure on Fedora now?

Meltdown and Spectre mitigation coverage

The mitigation coverage for Spectre and Meltdown is in a pretty good state. For the x86 architecture, KPTI mitigates the Meltdown vulnerability (CVE-2017-5754), and the retpoline fixes mitigate Spectre variant 2 (CVE-2017-5715). Spectre variant 1 (CVE-2017-5753) required patching specific vulnerable code bits, and known problem areas have been mitigated upstream as well. Additionally ARM coverage landed in the 4.15.4 kernel updates for Fedora. Power architectures have initial coverage in Fedora kernel version 4.14.15.

All of this coverage is still being fine tuned. Initial rounds of mitigation development aimed to plug the holes as quickly as possible so that users were not exposed. Once that happened, developers could pay more attention to fine tuning the mitigation for performance.

With mitigation where it currently stands, the Fedora Kernel Team has closed the tracking bugs for these CVEs. It is still important that you keep your kernels updated as initial mitigation is fine tuned. Optimizations to the initial mitigation are still rolling in, and probably will for the foreseeable future. As many of these mitigations are dependent on CPU microcode updates, it is a very good idea to keep firmware updated where possible.

Critical Firefox vulnerability fixed in 59.0.1

Lun, 19/03/2018 - 03:34

On Friday, Mozilla issued a security advisory for Firefox, the default web browser in Fedora. This advisory centered around two CVEs — both of which allowed an out of bounds memory write while processing Vorbis audio data, leading to arbitrary code execution. CVE-2018-5146 is against the bundled library libvorbis that Firefox ships to process Vorbis audio on most architectures. CVE-2018-5147 is against libtremor, which firefox bundles for the same task on ARM architectures.

At the same time as the security advisory was issued, Mozilla released Firefox 59.0.1 that fixes these issues.

Updating Firefox in Fedora

At the time of writing, Firefox 59.0.1 (with the security fixes) is heading through the update process in Fedora, and will be in the stable repositories soon. When it reaches the stable repositories, the fixes will be applied during your next system update.

However, you want to update Firefox now, install the firefox-59.0.1-1 package from the updates-testing repository with the following command:

sudo dnf --enablerepo updates-testing update firefox