Desktop sharing not working in Lubuntu 14.04

On my recently-upgraded to 14.04 Lubuntu machine, desktop sharing didn’t work.

Here’s how I made it work:

Once (to allow some Windows clients to connect without encryption):

gsettings set org.gnome.Vino require-encryption false

Then every time I want to share my desktop:

/usr/lib/vino/vino-server

and leave that running while I’m sharing.

Best GCC warning flags for compiling C++

A recent discussion on ACCU-general gave people an opportunity to share the warning flags they like to use with g++.

I thought I’d write down the consensus as I understood it, mainly for my own reference:

-Wredundant-decls
-Wcast-align
-Wmissing-declarations
-Wmissing-include-dirs
-Wswitch-enum
-Wswitch-default
-Wextra
-Wall
-Werror
-Winvalid-pch
-Wredundant-decls
-Wmissing-prototypes
-Wformat=2
-Wmissing-format-attribute
-Wformat-nonliteral

We were advised by Jonathan Wakely that -Weffc++ is not very useful since it is mostly based on the first edition of the book Effective C++, many of whose recommendations were improved in the second edition, and also apparently GCC doesn’t do a great job of warning about them.

Update: thanks to an article[1] by Roger Orr in CVu these flags are highly recommended in GCC 5.2+:

-flto
-Wodr

[1] Orr, Roger “One Definition Rule“, in CVu Volume 27, Issue 5 p16 (editor: Steve Love)

What git server should I use?

At work we are considering whether we can use Git for our source control. I am a big fan of Git, so I’d like to see this happen.

We only need to work against a central repository most of the time, so I’m looking at what servers might work for us.

Update: This StackExchange question may help: Self-hosted replacement for Github.

Update: Added software from the StackExchange answers to the list.

Features we will need:

  • User management
  • Repository management
  • Browsing code and diffs via the web
  • Hosted in-house

Features we might want:

  • External user authentication e.g. via LDAP
  • Code review
  • Integrating with an issue tracker

Most of my use of Git so far has been against large servers like GitHub (which I really like) and SourceForge, but recently I set up a test Git server using gitolite and gitweb, which gives me my 4 “needs” above but not my 3 “wants”. It also requires command-line use of git to administer SSH keys for users, so might not suit our system administrators or all our developers.

So, lazyweb, what server should I recommend?

Here is my research so far:

Free git server software

GitLab – looks a lot like GitHub, and appears to satisfy all 4 of my needs and all 3 of my wants. Might be a bit decentralised (ironically) for our usage e.g. the docs talk about using merge requests for code review whereas I’d expect we’d want a commit-gating style which is what I believe Gerrit provides.

SCM-Manager – looks very corporate. Likely it could satisfy my needs and my wants.

Gerrit + Gitblit – lots of code review features, used by major projects including the Android open source project. Weird that Gerrit doesn’t include a code browser and you have to add something like Gitblit. I think this will give me all 4 of my needs and all 3 of my wants.

Gitolite + gitweb – this is what I am using at the moment, and it works well, satisfying the needs above, but not the wants. Gitolite configuration is done by editing config files and pushing them into a special git repository on the server. Adding users means adding a user’s SSH key to the config repository, so requires tech-savvy users and admins. gitweb is fast and clear. My only complaint is that you don’t seem to be able to control the amount of context you see in a diff (often I want to see the full files).

Gitorious – the software behind a mature public site that some people really like. Doesn’t appear to do LDAP authentication, and may not integrate with issue tracking.

tuleap – project planning, chat, issue tracking, builds, document management, discussion board, news all in one product. Includes Gerrit for code reviews, Jenkins for build management. Supports LDAP and OpenID authentication.

Phabricator – code hosting and review, issue tracking, wiki, alerts, message boards, blogs, Q&A, polls all in one product. Supports LDAP and OAuth authentication.

GitPrep – explicitly a clone of GitHub. Seems to look nice, but a young project and not talked about much on the Internet yet.

GitBucket – explicitly a clone of GitHub. Couldn’t find much information beyond that.

GitList – only a repository viewer, but could possibly be used with gitolite instead of plain gitweb – may have more features such as full-file diffs, but I’m not sure. Looks pretty, and doesn’t have much documentation.

CGit – only a repository viewer, but definitely allows specifying the amount of context in diffs (and if you edit the URL directly you can ask for as much as you want). Very plain interface, and minimal documentation. Claims to be fast.

Cydra – may turn out to be good but no web site at the moment, so probably not mature enough to consider.

Gitosis appears to be a dead project.

Paid (in-house) git server software

Very unlikely that we will pay for anything, but here are the options I have found so far:

Atlassian Stash – one-time payment e.g. $6,000 for 100 users.

GitHub Enterprise – apparently they do in-house installations but I couldn’t find any information. GitHub has an excellent interface and features.

Microsoft Team Foundation Server – a larger system that offers Git integration as a feature.

RhodeCode – 50 users for $199/month, supports LDAP and Active Directory authentication, and code review. Claims to be highly secure.

Renewing self-signed certificate for ejabberd

I run an ejabberd server on an Ubuntu 12.10 box and this week I started getting notified by my IM client that the server’s certificate had expired.

Here’s how I managed to generate a new certificate.

WARNING: this process backs up, deletes and then restores your ejabberd database, so it is probably fairly risky.

# Move any previous backups out of the way
sudo mv /var/backups/ejabberd-* ~/Desktop/

# Move the expired certificate out of the way
sudo mv /etc/ejabberd/ejabberd.pem /etc/ejabberd/ejabberd.pem.old

# Reconfigure the ejabberd package (WARNING: backs up and deletes your database!)
sudo dpkg-reconfigure ejabberd

# Make the database backup file readable
sudo chmod a+rx /var/backups/ejabberd-*/
sudo chmod a+r /var/backups/ejabberd-*/*

# Restore the backup
sudo ejabberdctl restore /var/backups/ejabberd-*/ejabberd-database

If you’re lucky, your server will now be back up with a new self-signed certificate.

In general, the policy of using dpkg-reconfigure to handle creating new self-signed certificate seems to work nicely.

Letter to my MP on DRIP

Sent via WriteToThem.com.

More Info

Dear Mr Hammond,

I am writing to express my concern about the Data Retention and Investigatory Powers Bill (DRIP).

I feel that forcing companies to store data on their customers is an unacceptable breach of the right to privacy, and not justified by the need to combat terrorism or other crime. I think a better balance could be struck by requiring agencies to get a court order to engage in such invasive surveillance.

I am also concerned about the elements of DRIP that amend the Regulation of Investigatory Powers Act (RIPA), including the expansion of the definition of a communications service provider.

What emergency are we facing that requires parliament to move so quickly on this issue? The only emergency I can see is that UK government agencies are currently acting illegally.

These agencies should stop acting illegally, and laws should be drafted in the normal way to authorise proportionate surveillance.

I am particularly concerned that DRIP contains many similarities to legislation that has already been rejected by parliament.

I look forward to your response.

Yours sincerely,

Andy Balaam

[Inspired by Leo McArdle, thanks.]

[Feel free to re-use in whole or in part.]