Conary 2.1.1 is a maintenance release.

• Added repair command as an experimental feature. (CNY-1800)
• Files marked as "missingok" in encapsulated RPMs now have that status represented by a "MissingOkay" flag on the corresponding Conary file object. (CNY-3306)
• Files from encapsulated RPMs now have the mtime from the RPM recorded in troveInfo. The mtime of last change is still used to calculate fileIds, preserving knowledge of when meaningful file information has changed. (CNY-3307)
• Added support in verify and update paths for prelinked binaries. (CNY-3298)

• Changeset reassembly for capsules ignores directories. (CNY-3305)
• Encapsulated symbolic links are represented as having the mode that will exist on the filesystem, even if that varies from the mode recorded in the capsule. (CNY-3304)
• Previously, getTroveLeavesByPath() didn't return leaves; it returned the most recent trove which includes that path. It now returns only leaves (most recent versions) that include that path, and if the path is only included in older versions, no troves are returned. (CNP-184)

• Database connection objects now have a close_fork() method that closes the connection without notifying the server.

Conary 2.1.0 is a new feature release.

• Conary now allows packages to be installed using foreign package managers via wrapped content called capsules. RPM capsule support is included in this release. (CNY-3217, CNY-3213)
• Added ignoreDependencies configuration option, which allows users to specify certain dependency classes which should be ignored during installs. The default is "abi rpmlib".
• The xz compression file format is now supported for decompressing sources. (CNY-3207)
• The changemail.py repository commit action module now takes an optional --maxsize argument and truncates changemail messages to fit. (CNY-3205)
• The Run build action now does path-based build requirement discovery like most build actions. (CNY-3222)
• Conary now allows identical files to be shared during installs and updates. Both troves own the shared files, and they must be updated at the same time when the shared files change.
• Conary now honors the no_proxy environment variable to allow direct connections to specific hosts and domains. (CNY-3246)
• Added excludeCapsuleContents config option for servers.
• Added ChangeSet.removeCommitted() to filter already-committed troves from a changeset.
• The bootstrap python module dependency discovery proxy now provides additional useful informational messages to aid debugging.
• Conary proxies are responsible for reassembling the content for changesets containing capsules. (CNY-3228, CNY-3259)
• The --capsules command line option modifies showchangeset, repquery, and query commands to display file information for capsules instead of for installed files.
• A new Conary proxy setting, injectCapsuleContentServers, controls changeset content injection for proxies talking only to hosts in this list. (CNY-3261)
• Conary no longer uses regular expressions to represent manifest files and other internally-generated lists of files matched by policy, and so will not raise OverflowError for manifests with many files, or from policy generated from source objects, on platforms with a restricted regular expression code size. (CNY-3282)
• The python dependency finder client has been modified to resolve incompatibilities on the client side with python 2.3. (CNY-3285)
• Conary can now read cpio archives directly. (CNY-3280)
• The Conary repository now provides a method for obtaining commit progress updates. "conary commit" now provides progress output. (CNY-3290)

• When cooking groups where checkOnlyByDefaultDeps is set to False, added dependencies will now inherit the byDefault setting of the depending component. (CNY-3195)
• The imageGroup flag in group recipes now implies checkOnlyByDefaultDeps=False. (CNY-3195)
• Group search paths may now contain lists or tuples of troves to be considered as a single "bucket". (CNY-3286)

• In-core changesets previously could be merged only once into a ReadOnlyChangeSet. After multiple merges, reset() previously failed to reset the underlying in-core changeset. This has been fixed.
• Conary no longer exits with an unhandled KeyError exception if an unknown dependency type is encountered in the local database. (CNY-3232)
• Decompression with xz is preferred over unlzma, as CNY-3194 intended. (CNY-3231)
• rpm2cpio now correctly handles rpm packages compressed with xz. (CNY-3234)
• Unpacking an RPM with addArchive or addCapsule now functions correctly even if the CPIO archive in the RPM contains a non-traversable directory. (CNY-3244)
• When running an external entitlement generator, use /dev/null for stdin instead of closing the file descriptor.
• Added logging to several source actions to ensure that some output is provided to make debugging build failures easier.
• Call lstat() instead of stat() to deal with circular links. (CNY-3251)
• Bootstrapping python dependencies now uses python source intead of a version-specific compiled python file.
• The addCapsule source action properly verifies GPG keys when a keyid argument is supplied. (CNY-3258)
• Commiting signed troves to repositories without signatures no longer causes repository tracebacks.
• Repositories no longer store duplicate file path information when a path is committed for the first time by a job which references it multiple times.
• Replacing a symlink with a regular file no longer creates the regular file as the target of the symlink.
• Local rollbacks properly restore file contents when the file was replaced by a non-regular file (such as a symlink)
• Cooks will no longer block indefinitely if a subprocess forks and does not exit. (CNY-3284)
• When startGroup is called, flags will now be properly copied from the parent group. (CNY-3287)
• Replacing a symlink which was part of a loop no longer causes a traceback.

• A repository's internal getfile function now avoids any database access when no files have been requested.
• Loading troveinfo data uses bulk operations, speeding up repository commits.
• Committing changesets now iterates over troves the changeset is relative to, rather than getting them one at a time, significantly reducing the number of sql calls.
• Conary now uses a single call when validating that file objects exist in the repository during a commit.
• Repository commits now handle file paths and file streams separately, in order to reduce the size of the temporary tables and the commit path.
• The number of SQL calls used to create the flavors needed by a repository commit has been dramatically reduced.
• No-operation SQL calls during repository commits when no redirects are being commited were eliminated.
• Repository commits now merge all dependencies from the temporary tables into the final tables at once rather than once per trove.
• Repository commits now update permission tables for all new troves at once.
• Updates to latest tables are now done for all troves at once, and are based on the current latest entries and the new trove. Formerly they were done one at a time based on everything in the repository (through a view).
• The rpmhelper.Header object can now produce dependency sets that represent what an RPM requires and provides.
• A new RPM dependency class has been added. This class is used to represent dependencies expressed in RPM packages that cannot be mapped directly to a native Conary dependency.
• Colons in dependency flags are now escaped as \: to allow deterministic thawing.
• CIL dependency parsing uses xml.etree.ElementTree, if available, instead of elementree.ElementTree.
• The LDFLAGS setting is now honored when linking binaries.
• Trove and TroveChangeSet objects now represent paths as directory/basename pairs.
• Changeset dict of absolute file object changes are now indexed more efficiently.
• StreamCollection classes can now choose to ignore the skipSet when freezing for a performance boost
• Dirnames/basenames are added as a single operation at the beginning of a repository commit to make the ids available for the files build removing the need for large, complex joins later.

conary-policy 1.0.26 is a maintenance release.

• When "file:" requirements are not not explicitly met by "file:" provides but the path exists in a trove, the new ResolveFileDependencies policy replaces the unsatisfied "file:" requirements with "trove:" requirements. (CNP-184)
• The XinetdConfigRequires policy now creates file: dependencies instead of trove: dependencies by default, depending on the ResolveFileDependencies policy to change to trove: dependencies on platforms for which the /usr/sbin/xinetd path is not explicitly provided. (CNP-183)

conary-policy 1.0.25 is a new feature release.

• Policies have been made capsule-aware and assume that the capsule will handle essentially all operations involving files in capsules. (PFM-506)
• The RemoveBootstrapTroveDependencies policy removes trove dependencies that are not satisfied within the packages being built as a bootstrap because they may be computed against an incompatibly-named set of host packages. (PFM-506)
• The PHPRequires policy now reports adding dependencies. (CNP-181)

rMake 2.0.1 is a maintenance release.

• rMake has been modified to be aware of Conary versions 2.1.x for compatibility with the latest releases of Conary.

rMake 2.0.0 is a new feature release.

• The "multi-node rmake" build cluster capability has been moved from an externally-provided plugin into rMake proper.
• Multi-line macros in build job configurations will no longer cause invalid conaryrc files to be created inside chroots. (RMK-996)
• The rMake server process now retains the capability to chroot after dropping privileges. (RMK-999)
• When properly configured, rMake will grant capabilities to programs in the chroot as directed by a file within the chroot. (RMK-1004)
• The /dev/full device is now available in build chroots.
• rMake will now utilize the python interpreter specified in the first line of the /usr/bin/conary that is installed in the chroot, rather than always using /usr/bin/python.
• rMake will now make all files installed in the chroot accessible to the build user (RMK-1006)
• Multinode rMake servers can now use an externally-managed message bus. (RMK-1011)

• Don't cast disk usage info to int, since it may exceed XML-RPC limit. (RMK-997)
• The chroot caching feature no longer records raw binary digests in the server logfile. (RMK-1005)
• Cache all uid/gid lookups from external user database. (RMK-1010)

rBuild 1.2 is a maintenance release.

• The "rbuild rebase" command now prevents users from rebasing a product-definition to a schema version that is not supported by the project's rBuilder. (RBLD-249)
• The "rbuild checkout" command now takes a --template option which is ignored unless the --new option is also provided or implied because the package does not yet exist. (RBLD-118)

• A new experimental API, rbuild.api1, enables external consumption of rBuild by easily initializing an rBuild handle. This API is subject to change, including removal or entire replacement. (RBLD-238)
• Added support for rBuilder REST interface to rBuilder facade. (RBLD-249)

• Conary 2.0.40 introduced a fix for another bug that caused rBuild to no longer honor the "--debug-all" argument and not write tracebacks to the .rbuild/tracebacks/ directory; rBuild has been modified so that these features will be restored with Conary version 2.0.44 and later. (RBLD-230, RBLD-234)

We have been importing sets of RPMs into Conary capsule packages, and yesterday we announced why.

Capsules are simple. We wrap existing packages provided in some other format (RPM, in the first instance, but we expect others) in rich Conary metadata (file-based dependencies based on deep file inspection, groups, and so forth), and store the combination of the unmodified package and metadata in the Conary repository. To install the package on a Conary-managed system, Conary calls the native package management code.

This works amazingly well. You can even mix native Conary packages with capsules.

This capsule feature can even help find bugs in RPM packages!

As part of this work, we imported RPMs from the original Red Hat Enterprise Linux 5 ISO images into a repository and tried to build a Conary group containing those packages. Unfortunately, this group was not dependency-complete. It appears that during RHEL 5 development, several packages were built against Firefox 1.5.0.7. Then (I would suspect near the end of RHEL 5 development, though I haven't checked build dates) Firefox was updated to 1.5.0.9. Someone remembered that the yelp package would need to be rebuilt against Firefox 1.5.0.9 to function. No one, apparently, remembered that gnome-python2-extras also needed to be rebuilt against Firefox 1.5.0.9. I don't blame anyone for this; I wouldn't either. But with Conary, all we had to do was try to add all the packages to a group and Conary complained and told us exactly what was wrong. By contrast, RHEL 5 was released with gnome-python2-extras that included an RPATH entry referencing a directory that does not exist: a broken dependency. As far as RPM's more limited view of dependencies is concerned, RHEL 5 was dependency-complete, but the combination of Conary's deep file inspection and group dependency checking caught this bug immediately.

rAPA 2.2.13 is a maintenance release

• the backup location scan no longer leaks file descriptors (RAA-1752)
• the update callback correctly overrides warning and error (RAA-1755)
• Fixed SSL certificate parsing to allow slashes in more fields (RAA-1756)

Conary 3.2.2 is a maintenance release.

• the backup location scan no longer leaks file descriptors (RAA-1752)
• the update callback correctly overrides warning and error (RAA-1755)
• Fixed raa-web startup on IPv4-only hosts (RAA-1754)
• Fixed SSL certificate parsing to allow slashes in more fields (RAA-1756)
• Added some error handling in the raa-service polling thread (RAA-1759)
• Removed an unnecessary dependency on mount.smbfs (RAA-1760)

rBuilder Online maintenance is complete, and the following features and bug fixes are now available.

• rBuilder now presents two viewing options for appliance search results: a "Brief" view which is the browser view from previous versions, and a "Detailed" view as a new sortable grid, with rows that can be expanded or collapsed to show descriptions.
• When you are searching for items in the rPath Management Console, you must now enter at least three characters before the list items are filtered. This speeds up search responsiveness dramatically with large data sets, such as those found on Amazon EC2, which is the rPath Management Console target supported on rBuilder Online.
• You can now report a bug from the rBuilder Web interface, automatically creating an issue in the rPath Issue Tracking System (rITS). To access the new feature, right-click anywhere in the interface, click "About rBuilder," and click "Report bug" button. Use the guide text and help in the bug dialog to complete the form and file the bug report.
• The new bug filing dialog includes a checkbox to specify whether you are an rPath customer with a support agreement. When a customer files a bug using this form, rBuilder automatically files it as a support issue so that rPath can follow up appropriately in accordance with customer's support agreement.
• Many right-click context menus provide a "Show Log" option; this has been expanded to allow you to record HTTP traffic by pressing the round red "record" button above the log data.

Your continued feedback is greatly appreciated! Thank you for your interest in rBuilder Online.

rBuilder Online will undergo scheduled maintenance starting Wednesday October 14 at 21:00 EDT (-0400) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available.

• rBuilder now presents two viewing options for appliance search results: a "Brief" view which is the browser view from previous versions, and a "Detailed" view as a new sortable grid, with rows that can be expanded or collapsed to show descriptions.
• When you are searching for items in the rPath Management Console, you must now enter at least three characters before the list items are filtered. This speeds up search responsiveness dramatically with large data sets, such as those found on Amazon EC2, which is the rPath Management Console target supported on rBuilder Online.
• You can now report a bug from the rBuilder Web interface, automatically creating an issue in the rPath Issue Tracking System (rITS). To access the new feature, right-click anywhere in the interface, click "About rBuilder," and click "Report bug" button. Use the guide text and help in the bug dialog to complete the form and file the bug report.
• The new bug filing dialog includes a checkbox to specify whether you are an rPath customer with a support agreement. When a customer files a bug using this form, rBuilder automatically files it as a support issue so that rPath can follow up appropriately in accordance with customer's support agreement.

Your continued feedback is greatly appreciated! Thank you for your interest in rBuilder Online.

Conary 2.0.50 is a maintenance release.

• cvc rdiff now functions correctly on trove versions where no previous version exists. (CNY-3218)
• Updates of multiple flavored groups containing pre-update scripts no longer fail after the critical update is applied. The fixed Conary issue is related to CNY-3216, but only manifests itself when multiple groups are present. (CNY-3219)
• Path-based action build requirement discovery now functions correctly when spaces are present in environment variables or adjacent spaces are present before the name of the executable in a command string. (CNY-3224)
• When building local changes, conary would sometimes look through the database by fileId to get the path for a file it needed, instead of just looking in the filesystem directly. That caused a failure when two paths had the same fileId but one of them had been removed from the system. (CNY-3226)
• Building from the repository will no longer attempt to re-download autosourced files. (CNY-3221)

• Conary will now link against an embedded copy of sqlite if a specific version of sqlite has previously been configured and built under the conary/pysqlite3/ directory. At this time, the supported version is 3.6.18.

rAPA 3.2.1 is a maintenance release.

Bug Fixes:

• Fixed a race condition in the pidof function (RAA-1753)

Conary 2.0.49 is a bug-fix release.

Bug Fixes

• Updates of flavored groups containing pre-update scripts no longer fail to continue after the critical update is applied. (CNY-3216)
• Simple fix for old rpm packages with no PAYLOADCOMPRESSOR (CNY-3210)

rBuilder Online has been updated to feature-and-bug-fix parity with rBuilder 5.2.3. The rBuilder 5.2.3 release notes have many specific details about issues that were fixed, most of which are relevant to rBuilder Online, primarily most of those summarized as "Inline Help", "User Interface and Usability Improvements", and "Introductory Deep-linking/API Feature Developments".

rMake 1.0.31 is a bug-fix release.

• Single-node rMake servers will now contact their internal repository as "localhost". This corrects a bug introduced in the previous release wherein rMake attempted to use a remote conary proxy to contact the local repository. (RMK-993)

Conary 2.0.48 is a bug-fix release.

Bug Fixes

• A bug introduced in the previous release that caused installations of device nodes as a non-root user to crash has been fixed. (CNY-2038)
• Directory permissions are no longer unnecessarily updated if they have not changed. (CNY-3202)
• A race condition in restoring files that share content has been fixed. The race involved changing the contents of the restored file before references to that file are restored. (CNY-3203)

rBuilder Online will undergo scheduled maintenance starting Thursday September 10 at 20:00 EDT (-0400) and ending at 23:00. During this time, rBuilder Online and all rpath.org repositories will not be available. Additionally, as previously posted, we may be briefly disabling many rpath.com services including the conary.rpath.com, products.rpath.com, and rap.rpath.com repositories. A message will be posted when the scheduled maintenance period has been completed.

This maintenance window will bring rBuilder Online into parity with the upcoming release of rBuilder Appliance 5.2.3. This includes many updates to rBuilder's new UI, adding new features and fixing bugs. In particular, UI enhancements include easier navigation, additional context-senstive help, and "deep linking" support in which the URL the browser displays changes in different parts of the UI; these URLs are stable and can be bookmarked, exchanged with other users, and used to communicate with more precision when requesting support.

Your continued feedback is greatly appreciated! Thank you for your interest in rBuilder Online.

rAPA 3.2.0 is a maintenance release.

• python 2.6 compatibility changes: updated the internal copy of CherryPy to 3.1.2, along with bug fixes to use its updated interface. (RAA-1737)
• return the correct value for host_usesdhcp in Network plugin's index function (RAA-1742)
• if a client requests content type 'application/json', JSON data is now returned if enabled for the function called. (RAA-1745)
• IE6 no longer displays security warnings on pages rendered with the master.kid template. (RAA-1746)
• Fixed a race condition the System Updates plugin, which caused errors if an update check started while a previous check was in progress. (RAA-1744)
• Fixed a bug in the Collect Diagnostic Information plugin which caused failures when the storage directory was configured to be on a different filesystem from /tmp (RAA-1743)
• xmlrpc calls will no longer return an Interal Server Error (ISE) when a traceback occurs. Instead, a dictionary with an 'errors' key will be returned. The corresponding value will be a list of one or more error strings.
• A somewhat branded 404 page is now used. It can be overridden by setting error_page.404 (RAA-1626)

• IP address and route information are now included in Diagnostic Information (RAA-1735)
• The message on the main rapa-console screen can now be modified with a text file called /etc/raa/console.msg (RAA-1748)

Since our most recent upgrade of rBuilder Online, the rBuilder Online web site has occasionally stopped responding to your requests. In two non-service-interrupting minor updates this week, we believe that we have resolved the two main causes. Sorry for the inconvenience!

We are aware of one more issue that in a few rare circumstances has caused an rBuilder Online service interruption. In order to address this issue, we may be briefly disabling many rpath.com services including the conary.rpath.com, products.rpath.com, and rap.rpath.com repositories. This upcoming service interruption is currently planned to occur sometime during the week of September 7, 2009. (We will post again later with more precise timing.)

Conary 2.0.46 is a maintenance release.

• If python-keyutils is available, cvc will try to interact with the user's session keyring. (CNY-3190)
• Conary now uses xz in preference to unlzma to decompress lzma data. (CNY-3194)
• A new function, parseChangeSpec, that parses a single trove update specification such as name=ver1[flv1]--ver2[flv2], was added to cmdline.py. (CNY-3197)

• The code path leading to getChangeSet was reworked to use significantly fewer repository calls, resulting in a massive speedup for uncached, large requests.

• PGP passphrases, required for signing troves, are now fetched using a callback. (CNY-3189)
• Repositories running on postgresql can properly handle queries for labels sharing the hostname portion. (CNY-3192)
• The sha1 for files in a repository could be improperly left as NULL for some cases involving shadows. This has been fixed, and migrating existing repositories to version 17.3 will fix existing missing sha1 checksums.
• Group pre-execution scripts now run exactly before any package that is part of the group. Previously, pre-execution scripts were run at the very beginning of the update, where the probability of their interpreter not being installed was high, especially for pre-install scripts. (CNY-2705)
• Group pre-execution scripts no longer unnecessarily fetch information they already have from the repository. (CNY-3196)
• Password information for XMLRPC server URLs is now hidden in tracebacks. (CNY-3198)

rMake 1.0.30 is a maintenance release.

• The rMake server is now more tolerant of systems with no hostname or a hostname that does not resolve externally. (RMK-988)
• Build jobs that contain both normal troves and redirect or fileset troves silently drop the redirect/fileset troves from the job, because such jobs are created through group recursion and universally are not intended to actually build the redirect/fileset troves. (RMK-991)

rPath Platform Agent 3.1.4 is a maintenance release.

• pressing Enter now submits the login form on IE (RAA-1725)
• processes whose status returns 'dead but pid file exists' now show the 'Locked' state in the service plugin, instead of 'Unknown' (RAA-1727)
• the backup properties in the raa database now store the correct top-level group information for each backup. (RAA-1728)
• In rapa-console, re-authenticating after a password change is no longer necessary. (RAA-1733)
• saveGeneral in the netowrk configuration plugin has been made backward-compatible with 2.2 and 3.0. (RAA-1736)
• XML-RPC method calls are now logged in the access log (RAA-1657)
• the rollback plugin no longer errors when no rollbacks exist. (RAA-1738)

• XML-RPC functions can be added to the rpcLogBlacklist setting to prevent their parameters from being logged (RAA-1600)
• Encrypted backups now have encryption info stored in their backup properties in the raa database (RAA-1705)
• An XML-RPC function called saveAll2 has been added to allow all network settings to be saved in a single call (RAA-1706)

Today, we updated rBuilder Online to bring it in line with the rBuilder 5.2.2 feature set. This update includes the following major improvements:

• Initial support for a new platform: Scientific Linux
• Numerous bug fixes and improvements to the user interface

Although not every issue in the rBuilder 5.2.2 release notes is relevant to rBuilder Online, it is a good place to get an idea of the scope of the changes we've made. You can view the rBuilder 5.2.2 release notes here.

Note that Scientific Linux should be considered beta quality; please give it a try and file issues in our issue tracking system in the Platforms component for any bugs you may find.

Thank you for your interest in rBuilder!

rBuilder Online will undergo scheduled maintenance starting Wednesday August 5 at 21:00 EDT (-0400) and ending at 23:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

This maintenance window will bring rBuilder Online into parity with rBuilder Appliance 5.2.2. This includes many updates to rBuilder's new UI, adding new features and fixing bugs. Your continued feedback is greatly appreciated!

Thank you for your interest in rBuilder Online.

Conary 2.0.45 is a maintenance release.

• The standalone Conary repository server now prints a message if it fails to import the Conary REST api.
• Added the restore command, which restores file ownership to troves from which they were removed (because of a remove operation or --replace-files).
• The addGitSnapshot action now accepts a branch= argument. (CNY-2368)

• Fetching path hashes from a changeset now uses absolute trove info when available (which it is for any recent enough server), instead of merging differential trove info with database trove info, which significantly speeds up update planning.
• Database operations now use the TRUNCATE command where available, which may speed up some repository queries.
• An internal API used for emulating repository access by certain roles previously did not function when given a specific set of roles; this has been corrected.

• A consistent exception is now raised when bad XML-RPC data is fed into conary's parser on systems without the sgmlop package installed. (CNY-3180)
• An error in handling queries for labels sharing the host name component has been fixed. (CNY-3187)

conary-policy 1.0.24 is a maintenance release.

• Libraries (ELF files containing DT_SONAME entries, not symbolic links) with file names ending in .so (instead of .so.something) are now tagged as shared libraries. (CNP-175)
• TagLocale no longer looks at files in %(debuglibdir)s or %(debugsrcdir)s, since it would only complain about them and ignore them anyway. (CNP-177)

Conary 2.0.44 is a maintenance release.

• Conary can now be configured with a set of certificate authorities (trustedCerts) against which all secure repository access will be validated. (CNY-2735)
• Conary now logs the starting, output, and error exit codes of trove scripts to the /var/log/conary file. (CNY-3150)
• The "conary updateall" command now honors the --just-db option. (CNY-3167)
• The EULA_Conary.txt file has been renamed to EULA_Conary_Dual_License.txt in order to highlight the contents of the beginning of the file, which describe a choice of license terms. The contents of the file are not changed, and the licenses under which Conary may be used are not changed. (CNY-3168)
• The SetModes build action now takes an optional allowNoMatch keyword argument, that causes a warning to be printed instead of failing the build when the target file does not exist. (CNY-3171)

• Added removeInvalidRollbacks() to client API. (CNY-2933)
• The conary.lib.mainhandler.MainHandler.main() method now sets sys.excepthook only if the setSysExcepthook method variable is True (as it is by default), allowing subclasses to take responsibility for setting sys.excepthook differently. (CNY-3170)

• An internal function used to install files no longer leaks a file descriptor on error. (CNY-3152)
• Unknown errors while retrieving PGP keys for archive verification are now gracefully handled. (CNY-3120)
• The cvc refresh command now ignores negative cache entries. (CNY-3157)
• The cvc sign command properly handles keys specified by key ID, in addition to fingerprints. (CNY-3139)
• The conary updateall --items command now honors --labels, --full-versions and --flavors flags. (CNY-3138)
• The --lsprof option now writes out profiling information even if an exception occurs, for both the conary and cvc commands.
• Dependency numbers in temporary dependency checking tables no longer overlap dependency numbers in the persistent database.
• Dependencies with multiple flags previously were not marked as satisfied during dependency resolution passes, forcing extra work on subsequent passes.
• Local rollbacks previously failed to restore contents when a file's metadata changed but the contents stayed the same.
• Generating local rollbacks previously failed for non-root users when the file was unreadable due to permissions.
• The ccs2tar script uses tarfile.open() in a way that is compatible with both python 2.4 and 2.6 (CNY-3160)
• Brace expansion produces results similar to bash. (CNY-3158)
• Trove searches with invalid (non-ASCII) input no longer cause a crash on PostgreSQL-backed repositories. (CNY-3165)
• Flavor processing in depSetFreeze previously did not properly handle return codes from depFreezeRaw, which could lead to a segmentation fault. (CNY-3166)
• Path normalization no longer produces erroneous double-slash entries in /etc/ld.so.conf. (CNY-3142)
• Accessing a server through a Conary proxy that injects entitlements now correctly forces the use of SSL. (CNY-3176)

• Update handling now looks for preerase trove scripts in the local database instead of instantiating full troves from the database and looking in those troves.
• Dependency tables for removed troves are no longer dropped and rebuilt during each iteration of dependency solving; they are now incrementally built during subsequent iterations.
• Dependency ordering code now looks in the local database for trove references instead of instantiating troves to get that information.
• Code which decides what referenced troves need to be erased when collections are erased now:
  • looks in the local database for trove references instead of instantiating troves to get that information
  • batches reference checks, pin checks, and presence checks across troves instead of checking those for each trove individually
• Fast-pathed code which matches old troves with new troves for the case where only a single old trove and a single new trove with a given name exist.
• Graph calculations for dependency ordering now only occur when the results are needed instead of for every pass through the dependency resolver.
• Reworked rdiff to not download a full changeset from the repository. It now downloads only the config (text) files and diffs them on the client. This allows it to show diffs for changes across repositories and yields a nice speedup. (CNY-3039)
• Reworked "conary remove" functionality to generate a changeset for the file remove and commit that through the normal update path.
• During dependency checks for new troves, no longer include every trove which requires a given dependency in the SQL tables. Instead, include that dependency only once and expand the matched requirements when we order troves (which is the only time it matters).
• Added simple caching of path hashes from the database to improve performance of large system updates.

rMake 1.0.29 is a maintenance release.

• Jobs are now properly marked as failed after an abrupt server restart. (RMK-976)
• New files are now much less likely to be marked as config files when they are really binary files. (RMK-973)
• The Conary client resolveDependencies() method return value is now treated in a way that is compatible with older and newer versions of Conary; without this change, rMake will not work with Conary 2.0.44 and later.
• A race condition that could occur when two authenticated XML-RPC requests came in at the same time has been corrected. (RMK-935)
• A race condition that could occur when two flavors with the exact same build requirements (including flavors) are built at the same time (normally part of the same build job) has been resolved. (RMK-980)

rPA 3.1.3 is a maintenance release.

• Fixed a bug in readSchedule, which could cause the UpdateTroves plugin to become unusable if the schedule for automatic update checks was changed or disabled. (RAA-900)
• If allow_json is unspecified on a function without a template, the log message noting this now only appears in the DEBUG loglevel. (RAA-1555)
• The logged in user's name in the upper right corner of the page now links to the Change Password plugin rather than User Management, as User Management could be disabled or inaccessible to the user (RAA-1602)
• Pressing F12 in the Reboot and Shutdown confirmation screens in rapa-console no longer confirms the action. (RAA-1624)
• When the backup archive creation process fails, more specific errors are now sent back to the user. (RAA-1708)
• Calls to XML-RPC functions will now advance the Wizard when appropriate. (RAA-1710)
• getBackupMetadata now unmounts the backup location before returning. (RAA-1711)
• Network locations are no longer bind mounted when a mount already exists. Among other benefits, this prevents the backup plugin from improperly validating incorrect user credentials for a backup location (RAA-1712)
• raadb is no longer created as world-readable. (RAA-1714)
• rapa-console no longer raises errors when network interfaces are not yet configured. (RAA-1715)
• When a DatabaseLocked error occurs, the "lock journal" is now logged, showing a stack trace to the point where the lock is being held. (RAA-1717)
• Fixed a bug which could cause backups to fail if a temporary file was removed after being added to the backup file list. (RAA-1718)
• Several possible exceptions in plugins which use "callBackend" are now handled more gracefully. (RAA-1719)
• Fixed a bug which could cause the raa-service to die due to an unhandled exception in the listener thread. (RAA-1721)
• The backup encryption feature relies on PyCrypto which may provide a faulty SHA-256 implementation; this feature now uses a module provided by Conary which consistently matches the previous behavior even on platforms with a correct SHA-256 implementation. (RAA-1723)

• A new authorization predicate called LocalhostOK has been added, which allows a process on localhost to make a call without authenticating, while still requiring authenticate for remote calls (RAA-1701)

Today, we updated rBuilder Online with a non-service-interrupting update that improves a number of features.

RESTful API Improvements

As part of the process toward improved API access, we have added HTTP Basic Authentication support to the REST API. (It was already available for the XML-RPC API.) This allows authenticated access to privileged API functions without requiring client cookie suport.

We have not at this time published API documentation for rBuilder Online and have not committed to maintaining a stable API, but calling the API is acceptable use. We are currently developing some initial documentation for getting started using the REST API.

Appliance Content Editing

Unfortunately, our last update broke the appliance editing interface for newly-created appliances. This affected only appliances created after the update. We have now fixed this for all new appliances.

Finding things

The Find feature has been improved somewhat with better search response times once your search has narrowed to less than 100 items. However, there are still further improvements we need to make here to better support find-by-title and find-by-description.

Scrolling

Scrolling behavior in the various list views has been improved.

Thank you!

As always, we welcome your feedback. Please click the "Provide Feedback" link at the top of your rBuilder pages for the quickest route to ensuring that we hear you! Alternatively, you are still welcome, as always, to tell us about bugs by filing issues in our issue tracking system.

Today, we updated rBuilder Online with a non-service-interrupting update that fixes an important bug. Previously, using the new flex-based UI, if you had defined your own group manually by editing a group recipe and then tried to use the web interface to manage the contents of your appliance, rBuilder would overwrite your group recipe file with an essentially blank template, and then you could use the UI to re-populate the group. Now, instead of overwriting the group recipe, rBuilder will disable the UI components for adding packages to the group.

If the flex UI does not allow you to add packages, and you have an older group built with the group-appliance superclass and implementing the addPackages() method, you can enable adding packages in the flex UI with the following steps. (Note that these steps are specific to the rPath Linux 2 platform; if you need to apply these steps on another platform and are unsure how, please feel free to file an issue in the Bugs component.)

1. If the file appliance-manifest.xml does not exist, create and add it with the contents (modified for your appliance):
   

   <?xml version='1.0' encoding='UTF-8'?>
   <manifest xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.rpath.org/permanent/appmanifest-1.0.xsd appmanifest-1.0.xsd">
     <troveName>group-YOURAPPLIANCENAMEHERE-appliance</troveName>
     <troveVersion>1</troveVersion>
     <searchPaths>
       <searchPath>group-os=conary.rpath.com@rpl:2</searchPath>
       <searchPath>group-rapa=raa.rpath.org@rpath:rapa-3</searchPath>
     </searchPaths>
     <explicitTroves/>
     <implicitTroves/>
   </manifest>
   

2. Change your recipe to derive from FactoryRecipeClass if it does not do so already.
3. Change any definition of the addPackages() method to addRecipePackages()
4. Run the command cvc factory factory-group-base=conary.rpath.com@rpl:2 if the recipe did not already derive from FactoryRecipeClass.
5. Check in your changes with cvc commit

If you have a group that rBuilder Online replaced with an empty group in the past few weeks before we fixed this issue, it is possible to merge the contents of your pre-existing group by checking out the previous version of your group and copying the group recipe to a current checkout, and then following the simple conversion steps above. This will work only if you were already using the group-appliance superclass and defining the addPackages() method. If you instead define the setup()> method, conversion requires more work; please see the migration guide for more detailed information on the process. (Be aware that the migration guide was written for rBuilder Appliance rather than rBuilder Online, so some of the description involves a local installation of rBuilder Appliance. This is not important to the migration process.)

rBuild 1.1 is a maintenance release.

• The "rbuild config --ask" command now writes Conary and rMake configuration files, making it easier to use Conary and rMake when necessary for complex operations or workarounds for rBuild bugs. The "--conaryrc" and "--rmakerc" arguments write the respective configuration files. The "rbuild init" command now creates "conaryrc" files in each stage directory to further facilitate using Conary commands. (RBLD-54, RBLD-223)
• Unless the "--quiet" option is used, rBuild now prints several URLs, including download URLs for built files, as well as IDs that are used for scripting integration. The output format of this data is subject to change in order to improve integration; such changes will be noted in this NEWS file. (RBLD-220)
• The "rbuild build release" command has been added. (RBLD-220, RBLD-227)
• The "rbuild publish" command now takes an optional list of release IDs to publish. (RBLD-228)

• The "rbuild checkout --shadow" command now handles explicitly naming the source component on the command line. (RBLD-191)
• The "rbuild checkout --derive" command now removes factories so that the derived package can be built. (RBLD-217)

• The Config plugin now exports the writeConaryConfiguration() and writeRmakeConfiguration() methods. (RBLD-54)
• The facade.conary.getConaryConfig method now takes an optional keyword argument useCache. (RBLD-54)
• The facade.conary._getBaseConaryConfig() method now takes an optional keyword argument readConfigFiles. (RBLD-54)
• The facade.rmake._getBaseRmakeConfig() method now takes an optional keyword argument readConfigFiles. (RBLD-54)
• The facade.rmake._getRmakeConfig() method now takes an optional keyword argument includeContext. (RBLD-54)
• The facade.rbuilder.getBuildFiles() method now returns structured information instead of printing it. (RBLD-220)
• The facade.rbuilder.watchImages() method now uses the ui object to print update status.
• The BuildRelease plugin has been added, and the buildRelease() method has been moved from the BuildImages plugin to the BuildRelease plugin. The printImageUrlsForJob() and printImageUrlsForBuild() methods have been added to the BuildImages plugin. (RBLD-220)

rbuilder-client 1.1 is a maintenance release.

• Adjusted the build-url command to match an API change in rBuild to accommodate printing URLs usefully for build automation with rBuild (RBLD-220)

At the post office, I found myself writing a bit of a pastiche of an old classic:

Passport Hours: 10:30-4:30

Nice work hours if you can get 'em

NOTICE: TO SERVE YOU BETTER, PASSPORT SERVICE IS NOW BY APPOINTMENT ONLY

And you can work less, if you try!

1:40 PM:

Applicant has been waiting since around 1:30 PM, occasionally ringing doorbell.

Postal Service Employee (annoyed, poking head around door she is holding mostly closed): When's your appointment?

Applicant: My appointment was at 1:30, Ma'am

Postal Service Employee (even more annoyed): Can't be at this post office. You must be at the wrong post office. I have lunch from 1 to 2.

...

Suddenly, I find myself thinking that privatizing postal service might be a good idea after all. Also, putting the phrase "to serve you better" on a sign or form should be a federal offense, publishable by standing in line at a post office for 10 years.

The rBuilder Online scheduled maintenance is complete. rBuilder Online is now synchronized with rBuilder Appliance 5.2.

The new flash-based UI, which requires Adobe Flash 10, is now the default; the old HTML UI will still be available for a limited time, as a fall back. The old HTML UI is no longer actively maintained and will eventually be decommissioned. If you find areas in which the new UI does not work for you, please file an issue or talk to us on irc.freenode.net in the #conary channel.

The new UI is designed to streamline rPath's best practices for using our tools. We have written a migration guide to help existing rBuilder Appliance customers migrate to using the new UI to take advantage of the improvements it offers; this document also applies to using rBuilder Online.

Thank you for your interest in rBuilder Online. As usual, if you find additional bugs, please tell us about them by filing issues in our issue tracking system.

rBuilder Online will undergo scheduled maintenance starting Thursday June 11 at 21:00 EDT (-0400) and ending at 23:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

This maintenance window will bring rBuilder Online into parity with rBuilder Appliance 5.2. This includes many updates to the new, flash-based UI, adding new features and fixing bugs. Thank you for your feedback, which has helped us improve the new UI, bringing it out of beta test and into general availability!

With this update, the new UI will be the default; the old HTML UI will still be available for a limited time, as a fall back. The old HTML UI is no longer actively maintained and will eventually be decommissioned. If you find areas in which the new UI does not work for you, please file an issue or talk to us on irc.freenode.net in the #conary channel.

Thank you for your interest in rBuilder Online.

rAPA 2.2.12 is a maintenance release.

• Log files will now re-open automatically if the current file is moved, allowing for compatibility with a wider range of log rotators. (RAA-1193)

Conary 2.0.43 is a maintenance release.

• Additional information is now included when Conary receives corrupt changesets, to assist in diagnosing the cause of the changeset corruption. (CNY-2629)

• File paths from changesets are now properly normalized, and the rest of the code correctly handles the single-slash prefix in the case of installing to the main root directory. This fix completes the change introduced in Conary 2.0.41 and reverted in Conary 2.0.42, that caused tag handlers to malfunction when run by Conary 2.0.41. (CNY-3142)
• Conary now puts libtool .la files in :devellib components by default, rather than in :lib components, for better multilib development environment support. (CNY-3143)
• An internal function, mkdirChain, used to create directories, could be subject to a race condition on Python 2.4. This has been corrected. (CNY-3145)
• The documentation for the mode= argument to several build actions has been improved to make it clearer to specify an octal number. (CNY-3146)
• The cvc refresh command properly handles URL strings that contain username and password specifications. (CNY-3108)

The rBuilder Online scheduled maintenance is complete. rBuilder Online has been updated for a few important enhancments and bug fixes.

• VMware ESX image builds now contain the build in two formats: the older ESX format and the newer OVF 0.9 format. Users can choose which of the two builds to download. (RBL-4651)
• Deleting EC2 AMIs works, and removes the AMI from S3 as well.

Various smaller issues have also been fixed.

If you find additional bugs, please tell us about them by filing issues in our issue tracking system.

Thank you for your interest in rBuilder Online.

rBuilder Online will undergo scheduled maintenance starting Wednesday May 20th at 21:00 EDT (-0400) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

Thank you for your interest in rBuilder Online.

I will be presenting and giving a tutorial (two separate sessions) about Application-Centric Systems Management at LinuxCon 2009 September 21-23 in Portland, Oregon.

Application-Centric Systems Management: Presentation

Historically, applications have been managed separately from the operating system, which have been managed separately from frameworks. The OS and frameworks have been managed with a one-size-fits-all homogeneous approach, leading to large OS+framework installations that support all relevant applications. Application developers have been expected to develop applications to a platform with minimal version changes, without taking advantage of new features and bug fixes. This wastes time and money. rPath's tools deeply introspect all software components and provide strong version control management of all system image file contents. This allows application-centric system image definition that reduces collateral damage from OS/framework updates while allowing agile application development and deployment.

Application-Centric Systems Management: Tutorial

A practical follow-on to to the Application-Centric Systems Management presentation, this tutorial will guide the participants through the use of several of rPath's tools (particularly Conary, rMake, and rBuild) for application-centric management of heterogeneous systems. This will include packaging source code and binaries, composing them into groups, and managing a sample software lifecycle including application development, QA, and releases. This will be a hands-on tutorial that requires participants to bring working systems with virtualization software already installed. The techniques taught will not be specific to virtualization, but virtualization will be used to facilitate development and testing during the tutorial session.

rPath is now hiring a senior engineer to work on almost everything that rPath does. Conary, rMake, rBuild, rBuilder, and more.

We take testing seriously. We are not wedded to formal "Test Driven Development", but developers here write tests as part of the development process.

We have a vision and a mission: We're bringing distributed source code control ideas to system management.

Conary 2.0.42 is a bug fix release.

• A previous change that normalized paths before being passed into tag handlers has been reverted, because it caused tag handlers to malfunction. (CNY-3141)

Conary 2.0.41 is a maintenance release.

• When a derived packages was created incorrectly, Conary could sometimes trace back; in these cases, Conary will now print a more useful error message. (CNY-3125)
• Displaying the output from verify spent a significant amount of time querying repositories for information which was available in the local database. All data accesses for verify are now satisfied locally for a significant (10x) speedup in performance).
• The output for conary verify is more succinct; instead of two summary lines per component validated, it now prints one line per component that has differences to display. (CNY-2419)
• Using --verbose on verify now gives some progress indication.
• Removed improper options for localcs from the man page.
• Verify significantly sped up.
• Turned off threading in recreatedb, because threading broke for some manifests. (CNY-3128)
• Rewrote SQL query which removes old dependencies for better performance.
• The cvc file cache now understand file mode changes as well as content changes. (CNY-3082)
• Key signatures for archives in source components are no longer checked when the source is in the repository, but rather checked at commit time. (CNY-3130)
• Fixed bug which caused files to be dropped from builds when two paths shared the same pathId somewhere in the history of that trove. (CNY-3133)
• Updates and local changeset generation handle troves with renames, though cases with multiple versions of such troves being installed simultaneously have known shortcomings. (CNY-3134)
• Updating source directories to versions which added or removed a factory now updates the CONARY file properly. (CNY-3073)

• Verify now relies on file size and mtime to determine whether files have been modified. The --hash option has been added to verify to force sha1s to be used instead.
• The system database can now return file objects along with troves to avoid double walking of the file tables.

• TroveSource.walkTroveSet now walks troves in a sorted, depth first order.

The rBuilder Online scheduled maintenance is complete. rBuilder Online has been updated for a few important bug fixes.

• During the past week, VMware images for Workstation and Fusion did not work correctly, due to a bug introduced in the process of working on OVF 0.9 support for VMware. This bug did not affect VMware ESX images.
• Support for building arbitrary recipes was previously not included in the new Flash-based UI as it has been in the HTML UI; this support has now been added.

Various smaller issues have been fixed as well.

If you find additional bugs, please tell us about them by filing issues in our issue tracking system.

Thank you for your interest in rBuilder Online.

rAPA 2.2.11 is a maintenance release.

• Fixed a bug in readSchedule, which could cause the UpdateTroves plugin to become unusable if the schedule for automatic update checks was changed or disabled. (RAA-900)
• Encrypted backups now have encryption info stored in their backup properties in the raa database (RAA-1705)
• When the backup archive creation process fails, more specific errors are now sent back to the user. (RAA-1708)
• Calls to XML-RPC functions will now advance the Wizard when appropriate. (RAA-1710)
• getBackupMetadata now unmounts the backup location before returning. (RAA-1711)
• Network locations are no longer bind mounted when a mount already exists. Among other benefits, this prevents the backup plugin from improperly validating incorrect user credentials for a backup location (RAA-1712)
• the SetTimeZone plugin now accepts either commas or spaces as separators in the ntp server list. (RAA-1713)
• raadb is no longer created as world-readable. (RAA-1714)
• Fixed a bug which could cause backups to fail if a temporary file was removed after being added to the backup file list. (RAA-1718)
• Several possible exceptions in plugins which use "callBackend" are now handled more gracefully. (RAA-1719)
• Fixed a bug which could cause the raa-service to die due to an unhandled exception in the listener thread. (RAA-1721)
• The backup encryption feature relies on PyCrypto which may provide a faulty SHA-256 implementation; this feature now uses a module provided by Conary which consistently matches the previous behavior even on platforms with a correct SHA-256 implementation. (RAA-1723)
• the backup properties in the raa database now store the correct top-level group information for each backup. (RAA-1728)

rBuilder Online will undergo scheduled maintenance starting Thursday April 7th at 21:00 EDT (-0400) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

Thank you for your interest in rBuilder Online.

We have mentioned a few times that the old Group Builder interface is going away.

Today, it's gone.

We listened when you asked for a way to add more packages from the GUI without having to build packages from source. You can now add additional packages to the search path in the GUI — that can be a reference to a group (like the elements already included in the search path as part of the platform your product is based on), a label such as contrib.rpath.org@rpl:2, or even an individual package. (rBuilder will trust that you are adding only elements that are compatible — if you add Ubuntu Hardy delivered by rPath groups or labels to an rPath Linux 2-based product, it's unlikely to work well.)

If you have bookmarked Group Builder, you will now be given a link to the new interface. As previously mentioned, this requires Adobe Flash 10 or later. To add arbitrary packages:

1. Follow the link to the new UI (later, this will become the default or only UI).
2. Click the browse appliance button at the upper right hand corner of the screen.
3. Click on the tile for the appliance you want to work with.
4. Click on the appliance contents icon to add/remove packages and
   search paths.
5. Click the expander icon next to "Search Paths" to add/remove search paths.

rBuilder Online will undergo scheduled maintenance starting Wednesday April 29th at 21:00 EDT (-0400) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

Thank you for your interest in rBuilder Online.

Several weeks ago, I posted that AT&T billed me fraudulently for services not requested nor provided, "on behalf of a third party". I had been "crammed". (Phone carriers get a reported approximately 30% kickback on third-party charges, so they don't have much incentive to act on behalf of their customers to resolve these complaints.)

As part of the discussions, AT&T said that they had disabled third party billing for my account, that all third-party charges had been credited, and annotated it that no third party billing was authorized.

This month's bill again has identical fraudulent charges applied. I again called AT&T's service line (888 757 6500) to dispute the charges. This time, the service representative was rude, interrupted me often, told me that these charges were my responsibility, told me to call the same scam operators again, and told me that if I refused to pay these fraudulent charges, AT&T would "hold [me] responsible for them" (whatever she meant by that).

When she "transferred me to a supervisor" after arguing with me about it and telling me that a supervisor "would just tell [me] the same thing", either she or the supervisor hung up on me.

When I called back, I was told after a while that a supervisor wouldn't be available for more than twenty minutes and it was company policy that I couldn't use a support line for more than twenty minutes; that they could only take my number and have a supervisor call me back whenever they got around to it. After I complained that this was not an acceptable policy, and pointed out that I was at this point entirely dissatisfied and researching alternatives for my telephone service, I was finally offered an "account specialist".

The account specialist must have been trained to listen, because he let me tell the whole story, including the fact that I am looking at alternatives for phone service, without interrupting me to explain that I was an idiot. Directly in contradiction to the first customer "support" agent I talked to this morning, he said that credits for the second month of cramming had been applied to my account. He even took the time (unlike both the level one agents) to confirm that third party billing was blocked on my account. Also in direct contradiction to what several of the level one agents told me (both on the first of the month and today) he told me that the third party billing block will block all third party charges, period. In direct contradiction to the previous agent, he said there was no twenty-minute support call rule. He also knocked about $14/month off my phone bill. He didn't even try very hard to sell me DSL service... (He did beg for me to rate my experience with him as "extremely satisfied.")

So I guess I won't go through the trouble of changing phone service quite yet. We'll see how it goes.

rAPA 2.2.10 is a maintenance release.

Bug Fixes:

• Fixed a bug in the Backup plugin which caused an exception when the test mount of a newly configured backup location failed. (RAA-1703)

See that "BETA" in the rBuilder Online logo? Well, we're asking for your help testing some new features. Not esoteric, arcane features. In fact, that's the reason we're making these changes! We are building a new interface that is more streamlined and consistent, in response to your feedback. Is it easier to use?

Right now, this new user interface is available via a link at the top right side of the page; you have to click on that link to test the interface. After sufficient testing, it will replace the main page, so we would like to encourage everyone to test it.

How is this interface different?

1. Streamlined workflow: It takes fewer pages (generally reduced by half or more) and fewer clicks to get things done.
2. Direct manipulation: Instead of (say), selecting an item, then clicking a link that takes you to a series of pages that guide you through performing an action, you can perform the actions more directly, using mechanisms like drag-and-drop and context-sensitive menus. (This contributes to the streamlined workflow.)
3. Consistency: The current rBuilder Online interface grew some features somewhat organically, leading to inconsistencies between features. These inconsistencies make rBuilder Online harder to use than we would like.
4. Technology: The new rBuilder Online interface, like the rPath Management Console, is implemented using Flex Builder as an Adobe Flash application. (Parts of the new interface will continue to be implemented using HTML for some undetermined time.) Behind the curtains, more of the capability behind the interface is being implemented using a REST API, which means that rBuilder interactions will become easier to script and automate.

We expect to do frequent updates to the new user interface as we develop new features and respond to your feedback. Some of these changes will require that we take rBuilder Online down for maintenance, but most of them will not. This means that your continued feedback will be valuable. We will announce significant changes to the new user interface from time to time as we make them.

The new interface requires Adobe Flash 10 or later.

A relevant reminder: Part of the new user interface changes are to make the new interface an even better replacement for Group Builder, which will be going away soon.

In all the hullabaloo about ext4 having inconvenient semantics with respect to a crash in close temporal proximity to an application attempting to do an atomic rename to replace file contents, I had wondered whether to propose a single system call that could provide an array of file descriptors to fsync(); I'm not sure if that's "scatter fsync()" or "gather fsync()"... I'm not sure what it would be called; fsyncv() is a bit misleading relative to readv() and writev() but it was the closest I could come up with. And it was beginning to look like we were going to need a way to say "wait for all of these files to be synced" without having to serialize the synchronization of each file individually or starting lots and lots of threads.

Thankfully, Valerie Aurora has explained that common sense is going to win. My thanks to many creative and thoughtful Linux kernel hackers who have spent countless hours pondering the tradeoffs and inventing better solutions.

There may be reasonable use cases for fsyncv(), but fortunately, it looks like someone else gets to think them up, and it shouldn't be required for normal applications. Yay!

Conary 2.0.40 is a maintenance release.

• keepRequired now recognizes that local troves may have had files removed, preventing file conflicts with incoming troves
• Fixed formatting error in cvc explain that caused policy actions to be listed twice. (CNY-3107)
• Conary ignores configuration file errors for certain local operations including conary query, rblist, and showcs. (CNY-3111)
• Python flags on a Requires dep now use exactly the flags on the corresponding Provides, rather than being trimmed to match flags on python:runtime's Requires deps. (CNY-3030)
• Disallow characters '"\\()[] in labels

• Added getLabelsForHost call, and bumped server protocol to 66. (CNY-2771)
• Added getFilesFromTrove call, and bumped server protocol to 67. (CNY-3100)
• Repositories now check the database to see which files already exist instead of looking in the filesystem for a noticeable speedup in commit time for systems with NFS based data stores.
• In a GroupRecipe, r.remove now takes a use flag to determine if a trove should be removed. This matches the behavior of r.add*. (CNY-3115)
• Added types to allow creation of sockets and named pipes via conaryclient/newtrove.py code paths
• The "migrate" command now accepts the "--from-file" option (CNY-3114)
• Standalone and apache servers now pull in REST api from the crest project if the code is available. Note that restlib and xobj are required for the crest implementation, and that the "baseUri" must be specified in the server config file (it's normally /conary).
• Repository commits now take advantage of knowing which parts of the commit have not changed since the old version for better performance
• The internal OpenPGP implementation can now change passphrases on secret keys. (CNY-3123)

rBuild 1.0.1 is a maintenance release.

• Several small changes were made for compatibility with Python 2.6. (RBLD-176, RBLD-165)
• The rMakeUrl set automatically during initial configuration setup when using rBuilder Appliance now defaults to https. (RBLD-182)
• During initial configuration, rBuild now looks at relevant configuration items previously defined in .conaryrc, .rmakerc, and .rbuilderrc and adds them to .rbuildrc. (RBLD-190)
• The "rbuild checkout" command now normalizes the checkout directory, so that packages will not be checked out inside other package checkout directories. (RBLD-88)

• The "rbuild status" command will no longer run in an infinite loop when asked for the status of a directory that does not exist. There may be other ways that this condition would be triggered that have also been fixed. (RBLD-188)
• The "rbuild build" commands now exit with a non-zero exit code if the underlying rMake job fails. (RBLD-181)
• The "rbuild checkout" command no longer tracebacks when called from outside a product checkout; instead, it suggests "rbuild init" as the most likely alternative. (RBLD-122)

• The plugins.Config.getRmakeUrl() method now takes an optional rmakeUrl argument which provides a fallback value. (RBLD-190)
• The CheckoutProductStore class now has a getCheckoutDirectory() method to provide a canonical path for a source checkout. (RBLD-88)
• The createNewPackage() method in the conary facade now takes an optional targetDir keyword argument. (RBLD-88)
• rbuild_plugins.Checkout.checkoutPackage() now returns the name of the directory created or updated, instead of True. (RBLD-88)
• The facade.rmake.watchAndCommitJob() and facade.rmake.watchJob() methods now return a boolean indication of success. (RBLD-181)

rMake 1.0.27 is a maintenance release.

New Features:

• A trove build is no longer considered to have "failed" if the build contains only pre-built troves or otherwise has no new troves to promote at commit time. (RMK-977)

Bug Fixes:

• The "autoLoadRecipes" config item has been added to the list of options allowed to be configured when "strictMode" is set. (RMK-942)

Protocol Changes:

• The rMake protocol is no automatically changes when the rMake version number changes. Instead, we will change it when there are known incompatible changes. This will allow rMake to function better in client/server models where the clients are updated more rapidly than the server. (RMK-960)

Here is a trivial Python fragment (not a script) for remotely rebooting a Dell 11G (e.g. R610, R710) server with a DRAC6:

import urllib2
import cookielib

cookieJar = cookielib.LWPCookieJar()
loginUrl = 'https://%s/data/login' % YOURHOST
formData = 'user=YOURADMINUSER&password=YOUFIGUREITOUT'
opener = urllib2.build_opener(urllib2.HTTPCookieProcessor(cookieJar))
req = urllib2.Request(loginUrl, formData)
handle = opener.open(req)
rebootUrl = 'https://%s/data?set=pwState:3' % YOURHOST
req2 = urllib2.Request(rebootUrl)
handle2 = opener.open(req2)

Obviously, this is just the minimal information on how to reboot — this has to be wrapped in code that provides at least the hostname, DRAC administrative username, and password.

This avoids the need to spend thirty seconds clicking through a javascript-rich web interface every time you want to remotely reboot. (I couldn't make the ssh interface work at all, it just threw parse errors at me and hung.)

In a previous post, I mentioned some antialiasing differences between ghostscript and poppler. I thought maybe I should demonstrate them here. Note that these differences are more or less pronounced depending on your output device, and for ghostscript on the antialiasing arguments you use. No matter what antialiasing argument combinations (lots of them!) I have tried for ghostscript, poppler's pdftoppm creates much more readable output for reasonable resolutions for screen display (in the nominal 125-150 dpi range for the tests I ran), and the differences are even more pronounced at lower resolutions.

I suspect that poppler is doing a better job at moderately low resolutions at snapping to pixel boundaries to avoid fuzzy font antialiasing. But that does not necessarily explain the differences in output I got here at ridiculously low resolution rendering. The differences are subtle at first glance, and yet make a big difference when you are trying to actually read the fine print quickly. See for yourself (ghostscript recommended antialiasing, ghostscript tweaked antialiasing, poppler pdftoppm default antialiasing, poppler pdftoppm default antialiasing with postprocessing for reduced color depth):

GS default

GS reduced antialias

poppler default

poppler reduced depth

Where it really matters are the small bold letters; particularly the frequencies. With english words, it is easy enough to mentally fill in the gaps; you would not be likely to misread "Required" as "Requlred" even if the font looks that way. For most of the numbers for radio frequencies there's no particular reason that you would notice if you, say, misread "125.3" as "126.3" or "128.3", or misread "120.625" as "120.825".

None of this is to put down ghostscript in any way -- it's great and useful software, and I depend on it all the time. This is just to praise the developers of poppler (and its parent, xpdf) for getting some particular small details right.

I'll be presenting in the Developing for Linux Appliances panel discussion on Thursday, April 9th at the Linux Foundation Collaboration Summit in San Francisco.

It will be a quick presentation — I have 12 minutes — which is beneficially forcing me to be concise in describing the opportunity. The elephant in the room is: The key is managing the whole development/deployment life cycle, not just installing a system or system image, which affects your vision of just exactly what an appliance is!

Also, it's going to be fun to meet up with lots of old friends, and maybe make a few new friends.

Subject: Collaboration Summit Reminder & Details
Date: Thu, 2 Apr 2009 17:17:50 -0700
From: Linux Foundation Events <events@linuxfoundation.org>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta
name="ProgId" content="Word.Document"><meta name="Generator" content="Microsoft
Word 12"><meta name="Originator" content="Microsoft Word 12"><link
href="file:///C:%5CDOCUME%7E1%5CAngela%5CLOCALS%7E1%5CTemp%5Cmsohtmlclip1%5C01%5
Cclip_filelist.xml" rel="File-List"><link
href="file:///C:%5CDOCUME%7E1%5CAngela%5CLOCALS%7E1%5CTemp%5Cmsohtmlclip1%5C01%5
Cclip_themedata.thmx" rel="themeData"><link
href="file:///C:%5CDOCUME%7E1%5CAngela%5CLOCALS%7E1%5CTemp%5Cmsohtmlclip1%5C01%5
Cclip_colorschememapping.xml" rel="colorSchemeMapping"><!--[if gte mso 9]><xml>
 <w:WordDocument>
...

My phone bill was larger than usual. By about $33. Two services that I did not recognize and had never requested were on my phone bill, billed by two different companies other than AT&T. I had been "crammed".

AT&T initially told me that they couldn't do anything about it, that I had to contact the scam operators that had crammed me in the first place, that they were not responsible for the billing and could do nothing about it. (I did not know at the time I called that this was a lie, that they are legally required to participate in correcting the billing). Deeply unhappy at being told to talk to scam laundering operators like "Enhanced Services Billing, Inc" (ESBI) and "ILD Teleservices, Inc" (ILD), I called them. ESBI told me that I had to contact the company that they were representing ("NETWORK ASSURANCE, INC"). I asked for a supervisor, and after half an hour of holding (welcome to the "rubber room") the supervisor claimed to submit a credit and put a block on further charges. ILD dropped my call while "getting the credit" but when I called back also claim to have credited my account (they did not try to get me to call "FAMILYCONTACT911.COM, LLC"). ILD also suggested that I provide their credit confirmation number to AT&T.

I called AT&T again. This time they said that the first representative had actually reversed the charges (contrary to what she told me, but yay, anyway). They did not offer to block third party billing. I asked why third party bill blocking had been removed from my account, and they claimed to add it back. However, they also claimed that the only thing they could legally block was third party billing solely by phone number; that anyone who could provide my home billing address (as if that were private information!) will still be able to do third party billing and that they can't stop it. (This made me glad that I had refused to divulge my billing address to ILD when requested, though; they initially repeatedly claimed that they needed it to issue the credit when they didn't need it in the first place to put the charge on the account.)

I told them to annotate my account that no third party billing is authorized.

AT&T should be able to recognize known crammers like "NETWORK ASSURANCE, INC" and "FAMILYCONTACT911.COM, LLC". This should be automatic, just like services like Google Mail blocking spam email by default.

I'm also seriously considering joining the ranks of those who have given up a landline, just to avoid being crammed again.

The rBuilder Online scheduled maintenance is complete. rBuilder Online has been updated to include bug fixes and prepare to launch new features, but the visible changes are currently limited.

If you find any bugs, please tell us about them by filing issues in our issue tracking system.

Thank you for your interest in rBuilder Online.

What's the inverse of "Dear Lazyweb"? Hey, lazyweb, I've got some information I want to make it easier for someone else to google for some day...

I have a Sony PRS-505. After I put the third revision of ReaderPlates on it, it couldn't find any files until I re-formatted my 8GB SDHC card. The folks at ReaderPlates support (good job!) pointed me to the notes on that subject that for some reason google doesn't yet seem to have indexed, but maybe this post will help. It seems that the Sony PRS-505 does not correctly read filesystems larger than 4GB unless you use 64K clusters. Under Linux, that's the -s 128 option, because -s is 512-byte sectors per cluster. Fortunately, I do not put thousands of tiny files on my PRS-505, so the wasted space doesn't hurt much.

The PRS-505 runs Linux. Although Sony has published at least some source code and acknowledged the existence of GPL software on the unit, it's not clear to me that there's enough information available to modify the software running on the PRS-505 and fix this bug; the only obvious information I found was a work-in-progress port of OpenInkpot. Any pointers? (It shouldn't be that hard to fix, since every other Linux has no trouble reading the 8GB SDHC card with 8K clusters!)

rBuilder Online will undergo scheduled maintenance starting Wednesday March 25th at 21:00 EDT (-0400) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

Thank you for your interest in rBuilder Online.

Erik writes:

Right after the Kindle 2 started shipping, I bought one (that Monday). I figured if I could get FAA approach plates on the thing (like ReaderPlates does for the Sony) I'd save enough money to make the thing free within about 18 months. Oh, and it was a toy.

...

That aside, I've also enjoyed hacking up a couple of web apps which generate ebooks on the fly for the thing. I have one which I can list a couple of airports on and get an ebook with all of the FAA plates I need to fly in instrument conditions. The plates are date stamped, so I know when I'm current.

One of the thing that ReaderPlates does for the Sony PRS505 is use as much of the screen real estate as possible by rendering to non-square pixels. The PRS505, like the Kindle, has only an 800x600 eink display, so unlike in a book, whitespace is wasted -- any extra space around the edge of the image is a waste of pixels that could otherwise be used to render additional detail within the image. Every little bit of additional detail matters on a display this limited.

I tried two PDF renderers; ghostscript and poppler's pdftoppm. Ghostscript is extremely flexible, and has had non-square pixels for a few decades -- the documentation still explains how to use them by referencing Epson 9-pin printers; remember those? It is also incredibly flexible; it allows you to control graphics and text antialiasing separately. But no matter how many options I try, it just doesn't do as pretty a job at antialiasing as pdftoppm -- and in this case, "pretty" means "more readable" which matters a lot.

Unfortunately for my needs, poppler's pdftoppm doesn't come with an option for rendering to non-square pixels. So I looked at the code, and in a few minutes had whipped up a patch. After writing the patch, I remembered not seeing a lot of comments in pdftoppm.cc. In fact, I couldn't remember seeing any other than the copyright block at the top. (It turns out there are a few tiny and practically useless comments along the lines of:

  // parse args
  ok = parseArgs(argDesc, &argc, argv);

But I never noticed them.)

Guess what? The pdftoppm code was readable, easy to modify, and clear, at least in the context I was working in. I don't know if there is documentation for the interfaces because I never had to look for it. I didn't notice the few tiny comments because I didn't find a need to look for them.

Sometimes I think that all the griping about uncommented source code is misplaced. If you have food with flavor that's a little bit "off", you can "rescue" it with pepper so that people will eat it, and many will even like it -- sorry, foodies! Then they get used to, and start to think that food without pepper is bad. This doesn't mean that pepper is bad, or that it is only used to mask undesirable flavors. But you can have delicious, healthy food without pepper. If the food has passed its prime, the primary problem is not a lack of pepper, it's that the food has passed its prime!

There's a lot of bad uncommented code out there, no doubt. But the primary problem is that it is bad code. Well-commented bad code is still bad code and is still going to be a pain to read, understand, modify, and repair. Judiciously-used comments can be a great accompaniment to good code! But don't think that it's the comments that make the code good in the first place.

Conary 2.0.39 is a maintenance release.

• Fixed potential segfault in sqlite bindings when running under python 2.6. (CNY-3103)
• Promoting a binary foo from a to b, and then promoting a group containing foo from b to a will no longer cause foo to be unnecessarily repromoted. (CNY-3088)
• Fixed an interaction with loadRecipe overrides used by rmake and autoloadRecipes that would cause rmake to not find any matches for autoloadRecipes that were included in biarch flavored superclasses. (CNY-3090)
• Redirect components should not have build requires set (CNY-3069)
• Updates are no longer halted by the signal SIGWINCH, or SIGURG, which are normally ignored. (CNY-3098)
• getTrovesBySource now returns a list of the accessible binaries associated with a source even if the source is not accessible. (CNY-3099)
• Changeset-based migrations no longer fail when a flavor is dropped from the group that is being migrated. (CNY-3101)

• Attempting to promote a binary will no longer reclone the binary if a binary is already the latest at the target branch, even if there is a later source committed on the target branch. (CNY-3089)

Conary 3.1.2 is a maintenance release.

• Changed the default 'pieURL' setting to use HTTP rather than HTTPS, which should improve performance and work around some problems with m2crypto. (RAA-1697)

• Fixed a bug the Appliance Logs plugin which allowed invalid control characters to be sent in XML responses. (RAA-1628)
• Fixed a bug in the raa-lighttpd init script's reload() function, where it would kill other lighttpd instances on the system that are not associated with rAA. (RAA-1691)
• An error is now reported if creating the backup tarfile fails. (RAA-1692)
• Fixed a bug in the authentication code which prevented non-ascii characters from being used in passwords. (RAA-1694)
• Fixed a bug in the backup plugin which caused a traceback when getBackupMetadata was called on a file which had been removed from the backup location. (RAA-1698)
• Fixed a bug in the rollbacks plugin where it was calling the wrong function to log an update script log message. (RAA-1699)

rAPA 2.2.9 is a maintenance release.

• Changed the default 'pieURL' setting to use HTTP rather than HTTPS, which should improve performance and work around some problems with m2crypto. (RAA-1697)

• Fixed some exception handling in callBackend (RAA-1448)
• Fixed a bug the Appliance Logs plugin which allowed invalid control characters to be sent in XML responses. (RAA-1628)
• Fixed a bug in the raa-lighttpd init script's reload() function, where it would kill other lighttpd instances on the system that are not associated with rAA. (RAA-1691)
• An error is now reported if creating the backup tarfile fails. (RAA-1692)
• Fixed a bug in the authentication code which prevented non-ascii characters from being used in passwords. (RAA-1694)
• Fixed a bug in the backup plugin which caused a traceback when getBackupMetadata was called on a file which had been removed from the backup location. (RAA-1698)

3.1.1 is a maintenance release.

Bug Fixes

• Fixed some exception handling in callBackend (RAA-1448)
• Fixed the agent restart text to comply with new naming scheme, and fixed place where the agent was called the "agent service service". (RAA-1550)
• Changed "Appliance User Guide" to "User Guide" in help. (RAA-1669)
• rapa-console now runs properly on SLES platform (RAA-1675)
• Fixed getBackupMetadata ISE on invalid backupId (RAA-1677)
• rapa-console now handles standard mingetty variables in /etc/issue. (RAA-1678)
• Fixed overlapping page elements in User Management plugin (RAA-1683)
• The LANG environment variable is now set within the text-mode rapa-console program if it has not been set on the system first. The default value is en_US.utf8 unless another value has been set in the /etc/sysconfig/i18n configuration file. (RAA-1684)
• Updated updatetroves plugin docs to match 3.x UI (RAA-1689)
• New javascript is now downloaded upon an update from The Agent 3.0.3 to a later version. (RAA-1690)
• An error is now reported if creating the backup tarfile fails. (RAA-1692)

New Features

• An email notification is now sent when a rollback is applied. (RAA-1434)
• The backup plugin can now take an AES-encrypted backup, using a key given via XML-RPC (RAA-1509)
• You can now set owner, group, and mode for backups by calling backup.Backup.setConfigItems({'owner': ..., 'group': ..., 'mode': ...}) via XML-RPC. (RAA-1585)
• The new plugins.rpcLogBlacklist setting can be used the hide the parameters of specific XML-RPC functions (RAA-1600)
• You can now add an appliance homepage icon/link to the control panel in the header. (RAA-1676)
• Added 'reboot' setting in the backup plugin configuration, which can be used to prevent the system from rebooting after a restore (RAA-1679)

Conary Policy 1.0.23 is a maintenance release.

• A bug in SymlinkTargetRequires that caused a traceback when a symlink path contained a special regex character, such as +, has been fixed. (CNP-169)
• The NormalizePythonInterpreterVersion policy has been modified to apply to all python scripts, regardless of whether they are executable, so that it applies to python modules as well as scripts. (CNP-170)
• Improved policy compatibility with python 2.6 (CNP-173)
• A bug in PHPRequires policy that caused builds to fail or take an extremely long time to complete when both php and php5 were available has been fixed. (CNP-174)

rPath is fixing a lot of bugs by replacing the old "Group Builder" web interface in rBuilder Online with a new feature: Products. The new Product feature solves similar problem in a different way. It is a better way, but since it's different, anyone who has used Group Builder and become accustomed to it will have a few changes to make. We have written a document called "Group Builder Reinvented: Products" that describes the reasons for the change and documents how to adjust.

If you use Group Builder on rBuilder Online, it is still there to allow you some time to transition to the new Product model. We would like to encourage you to take advantage of the benefits of this new way of doing things even before we remove the old Group Builder feature, because it simply works better.

Conary 2.0.38 is a bug fix release.

• Conary versions 1.1.20 (April 2007) through 2.0.37, inclusive, use a SHA256 implementation provided by the pycrypto package, which contained an implementation that generates faulty digests for certain message lengths. To compensate, a backward compatibility module that implements bug-for-bug compatibility with the incorrect SHA256 algorithm has been added, in order to inter-operate (generate and validate signatures) with Conary versions which use the incorrect SHA256 implementation in pycrypto. (CNY-3086)

Conary 2.0.37 is a bug fix release.

• Resolved a bug introduced in the 2.0.36 sha1Uncompress function that could cause update operations to fail. (CNY-3084)

Conary 2.0.36 is a maintenance release.

• Policy can now be added per distribution in the directory /usr/lib/conary/distro/policy. (CNY-3071)

• More fixes for flavored superclass groups - you can now commit recipes when autoloading flavored superclass groups. (CNY-3061)
• Schema migrations are now transactional, meaning that any failure during migration will roll back cleanly where possible. (CNY-2789)
• If a user removes a file, and then recreates the file as a directory, the warning message previously did not include the affected path. This has been fixed. (CNY-3076)
• Path conflicts generated during group cooks correctly print. (CNY-3079)
• You can now display buildreqs using --show-buildreqs for other types of recipes other than packages (CNY-3075)
• You can now add archives with files with % in them when perserving ownership. (CNY-3080)
• All troveInfo is now used to calculate a changeset fingerprint, regardless of the client version specified. This allows a proxy to expire its cached version when extended trove info is updated. (CNY-3083)
• Bugs that could cause erroneous error messages in conary.lib.misc.sha1Copy() and conary.lib.misc.sha1Uncompress() have been fixed.

The rBuilder Online scheduled maintenance is complete. rBuilder Online has been updated to reflect the changes included in the recent rBuilder Appliance 5 release. The changes since the previous update to rBuilder Online are mainly bug fixes. As part of deploying this update to rBuilder Online, several infrastructure changes were made, but the visible changes are limited.

If you find any bugs, please tell us about them by filing issues in our issue tracking system.

Thank you for your interest in rBuilder Online.

rBuilder Online will undergo scheduled maintenance starting Thursday February 5th at 21:00 EST (-0500) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

Thank you for your interest in rBuilder Online.

The rBuilder Online scheduled maintenance is complete. Maintenance was performed on site infrastructure and has no visible impact.

Thank you for your interest in rBuilder Online.

The rBuild tool is now generally available, and has been included in the rPath Linux 1 and 2 development environments. There have been no changes to rBuild since 0.17 beta.

rBuilder Online will undergo scheduled maintenance starting Wednesday January 28th at 21:00 EST (-0500) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

Thank you for your interest in rBuilder Online.

rBuild 0.17 is a beta release.

• rBuild is now in beta release status.

• rBuild now tests to make sure that the product definition has at least one image defined before certain critical operations that require that at least one image is defined. Previously, it would give various cryptic error messages as the result of failed operations due to lack of defined images. (RBLD-171)

• Early in rBuild development, a workaround for insufficient definition of flavors for images was added. This workaround is no longer necessary and may be harmful in some cases, so it has been removed. (RBLD-172)

This is the first Beta release of rBuild. If it breaks, tell us about it as soon as possible so that we can fix it before we release 1.0—just around the corner

Conary 2.0.35 is a maintenance release.

• setTroveInfo no longer sends extended metadata information to update services that cannot understand it. (CNY-3050)

At least more alpha release; rBuild 0.16 is an alpha release.

• "rbuild promote" will now "flatten" all troves that are not in the product's search path (e.g. those from contrib.rpath.org) onto the target label. Additionally, troves that are on the product's label will be re-rooted so they no longer reference upstream packages. (RBLD-168)

This update requires rpath-product-definition 0.6 for the "rbuild promote" command to work, due to changes required to implement RBLD-168.

Remember, this is alpha code. It worked for me in a few tests. Your milage may vary — and if it does, please do tell us about it. That said, this is probably the final alpha release of rBuild. If our validation of this release is successful, the next release will be the first beta. I know I said that last time, but with only one new feature and no new bugs to fix in almost a week we are definitely approaching release, so I still expect only one or two beta releases with only minor changes (if any) before release.

The rBuilder Online scheduled maintenance is complete. Maintenance was performed on site infrastructure and has no visible impact.

Thank you for your interest in rBuilder Online.

rBuilder Online will undergo scheduled maintenance starting Thursday January 15th at 21:00 EST (-0500) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

Thank you for your interest in rBuilder Online.

Conary 2.0.34 is a maintenance release.

• You can now have flavored groups for superclass groups - these can be created when superclass groups are created as a part of another group recipe. This release includes additional fixes over those added in 2.0.33. (CNY-3061)
• Post-mortem debugging sessions with recipes using --debug-all now start at the point of the innermost exception, making debugging easier.

rBuild 0.15 is an alpha release.

• The expectations for API backward compatibility have been modified, as documented in the README file. (RBLD-166)

• The interview process now asks the user if they want to set up rMakeUrl automatically to connect to a running rMake server on an rBA if possible. (RBLD-163)
• The checkout command with --new argument will now detach a package from its parent if run against a package that has been shadowed on to the product's label. (RBLD-30)

• The rebase plugin is now much more conservative, and will bail out if any merge conflicts or modified files exist, preventing product checkouts from invisibly diverging from what is in the repository. (RBLD-164)
• The rebase plugin no longer says that it has updated to version "None" when no newer version is available. (RBLD-164)

Remember, this is alpha code. It worked for me in a few tests. Your milage may vary — and if it does, please do tell us about it.

That said, this is probably the final alpha release of rBuild. If our validation of this release is successful, the next release will be the first beta.

rMake 1.0.26 is a maintenance release.

• The monitor plugin will no longer traceback when displaying build log updates with blank lines. (RMK-955)
• When setting up multi-node server, a trailing / in the rBuilder URL will no longer cause your authorization to fail. (RMK-952)
• rMake now displays the Conary it is using only when it is not a standard site-packages path. (RMK-953)
• When rMake sends "stop" commands to daemons, the attempt to kill the processes will last only 10 seconds, so that the job does not hang. (RMK-956)
• Trove load commands can now be stopped correctly; previously, they could cause nodes to hang. (RMK-958)

Conary 2.0.33 is a maintenance release.

• When adding an XML file (filename ending in ".xml") to a source component, it will be added as a text (config) file by default, and so changes will be managed with diff/patch merging. Specify the --binary option to avoid merging. (CNY-3045)
• When adding groups via addAll, conary now reports the exact name, version, and flavor of the group being added. (CNY-2977)

• Fixed reporting of errors when using glob objects in actions such as r.Remove. (CNY-3055)
• Promotion of source components where files have been renamed across repositories has been fixed. (CNY-3059)
• Preserving ownership in tar archives containing files with missing intermediate directories now functions. (CNY-3060)
• Added support for python module discovery in python 2.6, which uses a new PREFIXES variable to determine where to search for modules. (CNY-3063)
• You can now have flavored groups for superclass groups - these can be created when superclass groups are created as a part of another group recipe. (CNY-3061)
• Metadata promotion is more robust in the context of other inaccessible or missing older troves. (CNY-2611)
• Promotion of inidividual components is no longer allowed. (CNY-2941)
• Fixed a case conaryclient.makeSourceTrove could fail to create a trove because it tried to assign it a previously existing version. (CNY-3028)
• A bug that caused an IOError when a repository attempted to commit a changeset larger than 2 GiB has been fixed (CNY-3065)

rBuild 0.14 is an alpha release.

• The interview process during initial configuration now checks that the provided url is an rbuilder, and it tries to authorize the provided credentials. If either fail, prompts are displayed for re-entry. (RBLD-113)
• The init command has improved error handling and messages when an invalid product name or label is given. (RBLD-111)
• You can now create shadows of packages on arbitrary labels in your product, using a command line something like: "rbuild checkout --shadow package=foo.rpath.org@rpl:2" Previously, you were limited to shadows of packages included in your platform. (RBLD-145)

• The promote plugin now provides an initial progress indication.

• When reconfiguring rbuild (rbuild config --ask), the password previously entered will no longer be displayed. (RBLD-102)
• The usage statement for rbuild init has been clarified. (RBLD-161)
• The publish and show images plugins were previously not installed during a "make install". (RBLD-159)
• Certain combinations of image types could result in fewer flavors of a package or group being built than necessary. This has been corrected. (RBLD-160)

Remember, this is alpha code. It worked for me in a few tests. Your milage may vary — and if it does, please do tell us about it.

That said, rBuild is almost ready for beta release. I would like to encourage you to try using it -- join IRC on irc.freenode.net #conary and ask for help getting started if you have not yet tried rBuild, and we'll get you started. As rBuild approaches beta and then general availability, we are especially looking for more new users to test it out and help us find bugs that we can fix.

I have two separate servers for email; one is a login server that runs dovecot for IMAPS and has externally-inaccessible sendmail; the other runs the publicly-accessible sendmail but has no user accounts. I wanted to set up SMTPS with password authentication from the login server. It turns out that authenticating against the IMAPS server is the easiest way to do this.

Since most of the guides I found had lots of irrelevant detail for me, I thought I'd document what I did here, since it was actually fairly simple.

I created /etc/ssl/certs/sendmail.pem ("make sendmail.pem" in /etc/ssl/pem, moved sendmail.pem to /etc/ssl/certs/ -- your distribution may have other ways of handling this). I made it mode 600 owned by root.

I modified /etc/mail/sendmail.mc:

--- sendmail.mc.orig	2009-01-05 22:56:52.000000000 -0500
+++ sendmail.mc	2009-01-05 23:14:32.000000000 -0500
@@ -38,22 +38,22 @@
 dnl # The following allows relaying if the user authenticates, and disallows
 dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
 dnl #
-dnl define(`confAUTH_OPTIONS', `A p')dnl
+define(`confAUTH_OPTIONS', `A p')dnl
 dnl # 
 dnl # PLAIN is the preferred plaintext authentication method and used by
 dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
 dnl # use LOGIN. Other mechanisms should be used if the connection is not
 dnl # guaranteed secure.
 dnl #
-dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
-dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
+TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
+define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
 dnl # 
 dnl # Uncomment lines below to enable SSL configuration. 
 dnl #
-dnl define(`confCACERT_PATH',`/etc/ssl/certs')
-dnl define(`confCACERT',`/etc/ssl/certs/ca-bundle.crt')
-dnl define(`confSERVER_CERT',`/etc/ssl/certs/sendmail.pem')
-dnl define(`confSERVER_KEY',`/etc/ssl/private/sendmail.pem')
+define(`confCACERT_PATH',`/etc/ssl/certs')
+define(`confCACERT',`/etc/ssl/certs/ca-bundle.crt')
+define(`confSERVER_CERT',`/etc/ssl/certs/sendmail.pem')
+define(`confSERVER_KEY',`/etc/ssl/certs/sendmail.pem')
 dnl #
 dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
 dnl # slapd, which requires the file to be readble by group ldap
@@ -105,7 +105,7 @@
 dnl #
 dnl # For this to work your OpenSSL certificates must be configured.
 dnl #
-dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
+DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
 dnl #
 dnl # The following causes sendmail to additionally listen on the IPv6 loopback
 dnl # device. Remove the loopback address restriction listen to the network.

I then ran "make" in /etc/mail

I installed cyrus-sasl, made sure it was configured to start automatically with "chkconfig saslauthd on", and configured it to authenticate against IMAP by using the remote IMAP (rimap) method and telling it which server to authenticate to.

# cat /etc/sysconfig/saslauthd 
# Directory in which to place saslauthd's listening socket, pid file, and so
# on.  This directory must already exist.
SOCKETDIR=/var/run/saslauthd

# Mechanism to use when checking passwords.  Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled to use.
MECH=rimap

# Additional flags to pass to saslauthd on the command line.  See saslauthd(8)
# for the list of accepted flags.
FLAGS="-O MY_IMAP_SERVER_HERE"

I restarted services with "service saslauthd start; service sendmail restart" and tested sending mail using password authentication to send mail to/from hosts which were not otherwise authorized to relay.

(Of course, I made a few minor mistakes along the way, like inadvertently disabling mail service for my domain for a few minutes. :)

rBuilder Online will undergo scheduled maintenance starting Wednesday January 7th at 21:00 EST (-0500) and ending at 22:00. During this time, rBuilder Online and all rpath.org repositories will not be available. A message will be posted when the scheduled maintenance period has been completed.

Thank you for your interest in rBuilder Online.

rBuild 0.13 is an alpha release.

• Use new distinction between searchPath elements intended to be part of a development environment for building the product but not included in the product itself, and those searchPath elements which are available to include within the product by default. This allows the development environment to be kept separate from the platform, but still kept synchronized with the "rbuild rebase" command. Requires rpath-product-definition 0.5 or later to build groups. (RBLD-150)
• The commit message when building and committing packages or groups can now be specified with the --message or -m command-line argument. (RBLD-120)

• The "rbuilder" program has been moved to a separate package, rbuilder-client, because it has a different operating model than the rbuild tool. In particular, it expressly does not honor product-definition, instead taking all data from command-line arguments. (RBLD-152)
• The "rbuild rebase" command now provides both a "from" and a "to" version in its output, to make it clearer what operations happened during the rebase operation.
• Some long-running operations print a time-stamped status message during normal operation (disabled during quiet operation) as a "pacifier". (RBLD-156)

• After successfully building a set of images, rBuild previously failed to correctly compose a release in rBuilder due to an undefined symbol. This has been fixed. (RBLD-154)
• The "rbuild rebase" command updates the product definition before rebasing, to avoid regression in product definition data. (RBLD-155)
• Epydoc generation has been fixed. (RBLD-144)

• The ui.progress() method has been added for providing non-essential progress information to users. The default implementation prints a timestamp preceding the message. (RBLD-156)

Remember, these are a combination of alpha code and un-validated snapshots. They worked for me in a few tests. Your milage may vary — and if it does, please do tell us about it.