All posts by Valentin

Bluetooth headset i3block

Recently I purchased a bluetooth headset as I really missed the ability to listen to my music in good conditions. They work quite well and I pretty happy with this wire-free system.

As an i3 window manager user I wanted an easy way to get it connected or disconnected, as I’m also pairing it with my phone. You might already know i3blocks and it’s ability to extend with custom blocks. These days I put together a bluetooth-headset i3block and I already submitted it to the main repository. Meanwhile, you can still get it from my personal clone. And BTW, if you happen to know a means of connecting/disconnecting bluetooth devices on ArchLinux without root access, please share!

Enjoy!

Only two weeks from Randa, so many changes for me!

Three weeks ago I attended my second Randa Meetings. I found the same gentle Mario, richer now, as he has a little boy. The little boy’s actually a tester for the KDE Edu GCompris suite 😉 I’d like to thank Mario and his family for their support in organizing this event. It’s not that simple to keep happy so many people.

The kind people (I better say hackers) I already knew where joined by new faces, and it’s a pleasure to see our community is a very vivid and active one. They join this sprint from a bunch of different countries and I find it very interesting to discuss with them about their countries and experiences. And finally to see we are all the same.

Attending Randa was on my way from Lyon to Timisoara, Romania, where I started a new job on September 15. And that’s not my home town, neither my family’s. Actually, it’s my first time I live in this town, and I quite enjoy it. However, new job, new apartment, new people – all this let little to time for KSecret Service hacking. But as you can see, I can blog about it, so new commits will follow on the source code :-)

Hopefully, until next Randa Meetings 2016 we’ll have a stable version everyone will be happy with. Until then, you only have two things to do, please:

  • Stay tuned and be a pre-alpha tester – I’ll blog here when first usable versions will become available
  • Donate to the ongoing fundraiser, to keep these KDE Sprints possible

Oh, last but no least, I may well organize a KDE Sprint here in Timi?oara. Anybody interested?

 

KSecret Service just created its first secrets file

Greetings from Randa!

Take a look at this:
2015-09-08-183923_ksecrets_first_file

Well, this is the first secrets file ever created with KSecret Service, and it happened here, in Randa. For the impatient – just hold your keyboards, the code is not yet ready. The tests are still failing, but items started to appear on disk, encrypted with libgcrypt.

Stay tuned and meanwhile remember, the fund raising campaign for KDE Sprints is still ongoing. Please consider to donate by clicking the banner below to make coding sprint like this one possible.
KDE sprints 2015 fundraiser campaign

Next week I’ll be in Randa

Since Akademy 2015 KSecrets Service development continued. I did lots of code cleanup. The async API now uses QFuture and the secrets file backend, based on libgcrypt, was added. Tests are there to confirm it’s not yet working. :-)

One week from now I’ll be in Randa. The hacking ambiance will surely help to hopefully get a first pre-alpha version of the service. I also look forward to peer reviews and feedback on this new codebase.

This kind of events is made possible by our generous donors. If you’d like to join them and donate, helping the KDE community and me, then just click the image below:
KDE Sprints Fundraiser

Goodbye Akademy 2015, See You Randa 2015

OK, Akademy 2015 ended last week. This is my second Akademy, though the first full one.

A Coruña is located on the Atlantic front and on my way there, I encountered rainy spots and the rain was a familiar one for me, after having lived several years in northern France (Paris and Pays de la Loire). But this time I actually found it quite enjoyable, knowing that I left behind a 39°-heated Lyon. So, yes, A Coruña is warmer than what we could encounter in other parts of Spain. I shared my car with Sandro Knauß, who came to Lyon from Germany by train, so the one full-day trip was quite nice, KDE hacking-oriented. But be assured, we were also able to talk lots of other topics.

The venue and the hosting in Rialta were just perfect. The local team did an awesome job when organizing the event. They had it all: welcome party – we arrived at the right moment for the Queimada – sponsored food during the week-end (thanks Blue Systems), essential goodies (they carried the VIM T-shirt), “social event” – that was really a party where I had an excellent time -, the day trip and all the schedules which weren’t difficult to follow. Rialta has free swimming pool and I actually managed to use it.

Akademy is about KDE technology but also about meeting like-minded people. Getting along together is really easy, language barrier took apart, and I actually really enjoyed just sitting there and hacking with others, then having a beer or discussing technical issues or ideas. I already miss these spontaneous late evening hacking moments.

Speaking about KDE technology, we are at a turning moment, with Plasma Mobile becoming available. KDE is now ready to take on the mobiles platforms and that’s pretty cool. I look forward to the moment when I’ll have a Linux smartphone running both KDE software and Android applications (with Shashlik, bien-sur). I’ll do my best to help and I already plan to support KSecrets Service on mobile.

KSecrets Service had it’s own BoF. The updated slides are here. I’m working right now in implementing it and that would bring us to Randa, where I intend to continue even further and hopefully I’ll even have a working version by that time.

Randa is a great location for hacking. In fact, no, not Randa, but the venue in Randa is quite perfect for that :-) They have that big room under the roof, upstairs, where I look forward to hack, between some BoF’s or swiss meals. Some people who couldn’t make it to Akademy will go to Randa, so I look forward to meeting them there. Oh, and if you can, please help them getting there by the means of a small donation.

Finally, but not less importantly, I’d like to thank KDE e.V. and the sponsors for organizing these events and for providing travel reimbursement.

Stop using GIT for synchronizing files!

Well, this quick blog post is a sort of a quick rant.

That’s the second time I see someone trying to use GIT for binary files synchronization. That’s true, it’s quite easy to create a local GIT repository, then adding a remote is a piece of cake and “TADA” local commits could be pushed to the remote than from there cloned / pulled into another machine. But! Because there’s a really big “BUT”!

Remember for what GIT was designed. That’s right, source file handling, with history and merging. What are source files? They are text files, yes. That’s not binary. GIT can actually compare successive version and only handle diffs (patches). Have you tried using the patch tool with binary files? That makes you laugh, isn’t it! So why using GIT for file sync won’t you also make you laugh? Should I continue now? 😉 Well, I should continue, because GIT also has history. So you’ll force it to store every binary version you ever had, into it’s little .git directory. Is that what you really want?

If file synchronization is needed, then consider rsync, unison or equivalent tools, pretty please.

I3/mutt/offlineimap with decent mail notifications

Today I’ll show you my last trick to get decent email notifications on my I3 environment, without using anything else than offlineimap and mutt. Ok, there’s something else, a couple of scripts but nothing scary.

Before going further, I’d like to ensure you’re using i3blocks. If not, then please configure it then come back and read on.

Until today I was using the classical offlineimap configuration which polled my IMAP server every several minutes directed from a crontab. However, that method has several drawbacks:
– lack of instant mail delivery
– offlineimap would occasionally get stuck upon wifi issues.

Investigating these problems, I found this: https://blog.mister-muffin.de/archive/2013/06/1/

That script was a very good starting point for what follows. So here is the setup:

  • the script ~/bin/mail-check.sh is launched upon I3 session start
    • it calls mail-idle.py which would either return a timeout or a string containing the name of the offlineimap account name that has mail, and the folder name
    • it handles the timeouts itself so if mail-idle.py or offlineimap gets stuck for some reason, they get killed
    • when new mail is found, it uses notify-send,  then calls offlineimap to retrieve the mail from the specified folder and it updates i3blocks
    • finally, it calls notmuch to get the new mail indexed

Put this script in ~/bin/mail-check.sh.
chmod +x ~/bin/mail-check.sh

Then save this script as ~/bin/mail-idle.py. Modify lines 25..27 to suit your configuration. Beware that you should use the same values as in your ~/.offlineimaprc file, if not the scripts will not correctly invoke offlineimap.
chmod +x ~/bin/mail-idle.py

Get the i3blocks blocklet command from here and save it to ~/.config/i3blocks/mail_status.sh. Then adjust it on line 2 to get it inspect your local mailboxes. Also, adjust line 6 if the directory containing your mails is not ~/Mail.
chmod +x ~/.config/i3blocks/mail_status.sh

Activate the blocklet into ~/.config/i3blocks/config:

[mails]
command= ~/.config/i3blocks/mail_status.sh
interval=once
signal=12

As you may have noticed, the blocklet will be updated by the other parts of the system using this command:
pkill -SIGRTMIN+12 i3blocks

Hang-on, we’re almost done! 😉

Get the tool activated upon I3 session start by adding this to ~/.config/i3/config:
exec --no-startup-id ~/bin/mail-check.sh &

Stop your current mail retrieval scripts and then restart your I3 session. You should now start having notifications upon new mail arrival. That is, when some of the IMAP folders supervised by mail-idle.py get mail, then you should see a dunst (or whatever you use) notification, and the i3blocket should become red, displaying the offlineimap account name containing new mails, with their count.

Last step is getting mutt update the i3blocket upon mail reading. Just add this macro somewhere in your ~/.muttrc:
macro index <F5> "<sync-mailbox>:set wait_key=no\n!pkill -SIGRTMIN+12 i3blocks^M"

Restart mutt and use F5 to sync your maildir and eventually clear the i3blocklet when no unread mail is left.

KWallet needs a serious face-lift ; enter KSecret Service

Users are often confused by the current KWallet system behavior. When their computers start, they enter the KDE session password but just after logging-in, they are prompted yet another password, for something named KWallet. Sometimes, they even see several password prompts from KWallet, depending on their precise desktop configuration.

Some users find that annoying and they file bug reports or, even worse, simply uncheck the “Enable the KDE wallet subsystem” in an attempt to deactivate it as a whole and switch to using some other external tools. Well, these tools are OK, but the KDE experience is affected, as the applications are no longer able to correctly store and retrieve their secrets. And that raises the barrier to entry for some of our potential users, adding negative points against KDE.

The remaining users have now several devices and would like to have their passwords synchronized all over these devices. They won’t find this kind of function and they’ll start using some other external tools, providing cross-device synchronization. That’s another bad point for the KDE experience.

Finally, more advanced users would like to know where their wallet data is stored and they would like to be able to put their wallets in some places of their choice, perhaps in an owncloud synchronized directory.

Enter KSecret Service!

The KDE Wallet system has some design flaws (I’ll write more on that in the future, but right now my post risk to get too long) affecting the security and should be replaced ASAP. Back in 2008 and until or 2011 an initiative was taken by the former KDE Wallet maintainer Michael Leupold and Stef Walter from GNOME to create a Freedesktop.org interface aiming to replace it. It’s called “Secret Service” and the draft may be found here: http://standards.freedesktop.org/secret-service/

This interface is already implemented by GNOME keyring and AFAICT KDE should also implement this interface if it wanted to enhance users experience.

All these points will be addressed by a new system, aiming to replace KWallet. It’s name is already known – KSecret Service.

I’m in the process of (re)defining it’s architecture and I’ll post it, for feedback, on the KDE developer mailing list as soon as I’ll get something stable enough. I cannot tell more right now – the post is already long enough – but it’s an ambitious plan! And I’m sure you’ll like it!

KDE4/KF5 Coinstalability and the KWallet

Plasma 5 is about to become part of the mainstream Linux distributions, and we are getting more and more feedback about this new platform. This blog post is a reaction to this increasing feedback from our users.

Plasma5 introduces the KDE Frameworks 5 platform (or KF5) which uses Qt5 as it’s foundation. This new platform aims to replace the legacy KDE4 platform, which was mainly the old monolithic kdelibs. More and more applications got ported to this new platform. Just stay tuned with the next release announcement, which is imminent. However, some applications, and among them some important ones, are not yet ported to the KF5 platform. And this brings on, or more appropriately reminds, the coinstalability matter.

Back in time, KWallet was split from kdelibs and the KF5/KWallet Framework has been created. This is the API part. For non-programmers, this part is the one used by the applications to store the passwords or other secrets into the KDE Wallet System. The applications that were ported to KF5 are now using the new KF5/KWallet framework.

The KDE Wallet System has two other components. The KWalletManager users know very well and the background service, kwalletd, that actually do the work and securely store the secrets on disk. In KDE4, these two components lived in two other places: kdeutils/kwalletmanager and kde-runtime/kwalletd. This separation has always been somewhat confusing and the decision was made to bring the runtime component inside KF5/KWallet framework. This runtime component has also been ported to Qt5. And the coinstalability constraint led us to rename it to kwalletd5. So the applications that were ported to KF5 are now using kwalletd5 behind the scenes, as the KF5/KWallet framework connects to this new runtime.

The KWalletManager was not accepted for inclusion in the KF5/KWallet framework and it still lives under kdeutils. It has been ported to KF5/Qt5 under the branch named “frameworks”. Same coinstalability constraints were applied, so building KWalletManager from this branch yields kwalletmanager5. This KWalletManager5 would connect, via the KF5/KWallet framework, to the new kwalletd5.

But what happens to the passwords from my KDE4 installation?

There are two possible cases where users are going from KDE4 to Plasma5 and the KF5-based platform. The more usual is the upgrade path. Others may opt for clean install. I’ll address the two cases here, and I’d recommend the upgrade path, as it requires the least user interaction.

When upgrading, your system will get kwalletd5 along with the existing kwalletd. kwalletd5 is designed to detect an existing kwalletd via D-Bus upon starting-up and, if it finds it, it’ll trigger the migration wizard. I already blogged about it: KWallet for Plasma 5 now automatically migrates KDE4 wallets!

If you rather decide to do a clean install, you’ll get kwalletd5. Odds are you’ll also get kwalletd as the Linux distributions would decide to keep it, to let run the still-to-be-ported to KF5 applications. If the home directory was preserved during the installation, then the system should go to the upgrade state upon kwalletd5 start-up, as the kwalletd5 would detect the kwalletd, which in turn would find your old wallets. So you should get the migration wizard triggered, and your passwords should land into kwalletd5.

If you opt for a clean home directory along the new install, then you’ll want to export your wallets prior to reinstalling the system. Then re-import your wallets both in KWalletManager and KWalletManager5! As such, applications still using the KDE4 infrastructure will find your passwords.

As long as you’ll continue using KDE4 applications, you’ll have to maintain the two copies of your wallets. But I expect that this would not last as the applications are being quickly ported to KF5. I agree that’s not very convenient, but I’ll add that I already managed to uninstall the old kwalletd, so you should also get there anytime soon.

What about the Chrome or Firefox integration?

Firefox is now compatible with KF5/KWallet, read the announcement on the blog of Andreas Scarpino here

Chromium is not yet compatible AFAIK. Feel free to file a bug report on their bug-tracking system here if you want it brought to you.

In conclusion

I hope that this rather long blog post would bring some light on the new KF5-base KWallet infrastructure. I’d like to thank users that file bugs and by doing this let us improve our software.