My sinopia daemon refused to start. After dig out the journal, I found that
ExecStop run straight after
ExecStart, what the…
After some research, I found that for daemons, or any other program that put themselves at the background, systemd thought they are stopped, thus stop the service for you. To prevent this, you need following in your systemd service file:
so your daemons can live happily ever after.
The nodejs and npm in EL7 is too old, so I borrowed the to latest nodejs spec from rawhide. Long story short, the result is at:
Please read the disclaimer and do follow the installation instruction if you choose to proceed. I don’t usually put the disclaimer like that but you need to know that:
- The build dependency of nodejs include openssl-1.0.2, but EL7 only shipped with 1.0.1, yet nodejs can run with openssl-1.0.1.
- openssl-libs is an important package, without it, yum, curl and rpm URL install won’t work, so restore it is a bit tricky. The instruction is, however, written in the copr page.
To build this copr, following dependencies need to go in as well:
libuv is piece of cake. But crypto-policies and openssl bring the worst packager nightmare: circular dependency. After F23, crypto-policies require openssl-devel to build, yet openssl require crypto-policies to run.
I eventually dug out crypto-policies from F21 and built it, thus broke the circular dependency and finished the build.
ibus-chewing 1.5.1 這次的更新修正了很多操作上的問題，
諸如按Ctrl-2~4 選字的功能，數字版（NumPad）的選字，以及insert 等特殊鍵的處理。
特別感謝 hiunnhue 的貢獻。他不僅提出了更好的處理數字鍵的方法，這個 release 的所有 issue 都是他修復的。再一次感謝各位參與者的意見與 pull request ，使得 ibus-chewing 更為完善。
mock won’t work with staff_selinux mode in RHEL 7. The instruction from Fedora is mostly correct, but insufficient for staff_selinux. This is because:
/usr/bin/mock is now a sym-link to
/usr/bin/consolehelper, thus consolehelper permission should be also allowed.
- The Fedora mock policy module does not have the types like
There are a lot more reasons, but long story short, I have edited a policy file (PackageMaintainers_MockTricks_mock.te) that should covered the most mock usage. My SELinux skill quickly build up by editing that file.🙂
Time for script that setup the mock, assuming you are running as root:
# getting dependencies
yum -y install selinux-policy-devel policycoreutils-python mock
# Download policy files
# Build and install
make -f /usr/share/selinux/devel/Makefile
semodule -i PackageMaintainers_MockTricks_mock.pp
But just in case you are still getting SELinux AVC denials, you can get around yourself by using following scripts:
grep -E -e "(mock|consolehelper)" /var/log/audit/audit.log | audit2allow -M my_mock
semodule -i my_mock.pp
Now day I start playing with fluxbox, which is light weight, yet surprisingly has excellent feature set. For one, it can remember window location and size.
The other window mangers that are capable of window remembering have their own downside:
- KDE: It is indeed full featured but heavy weight. The other weird thing is it asks password for Calendar in Google Chrome whenever my session start, even I do not intent to use it.
- Enlightenment: starting from 0.20, they dropped systray (Xembed) support. Basically that means the Network Manager and Input Method indicators are gone.
The fluxbox built-in panel (a.k.a. toolbar) has the basic feature sets which I can live with, but it would be better to have the volume control, battery status and popup calendar when I click on the clock.
First candidate is fbpanel, but it’s popup calendar is block by the panel itself.
Then I found lxqt-panel. It has good feature sets like memory graph. But it fail to find the launcher icons, and “logout” won’t logout you.
At last, I came out with use lxqt as session, but fluxbox as window manager. But the autostart did not seem to work. Luckily, you can use
startfluxbox as window manager, and you can put whatever you want to autostart in
If you enforcing your SELinux and set your user to non
unconfined_u, like either
staff_u. You may found that your synergy or other tcp/udp service stop working. That is because your role cannot listen the ports that your services required.
To allow users to run TCP servers (bind to ports and accept connection from the same domain and outside users), run:
sudo setsebool selinuxuser_tcp_server 1
and for UDP:
sudo setsebool selinuxuser_udp_server 1
- user SELinux Policy documentation (8)
When doing maven release, maven-gpg-plugin keep showing
請輸入密語: [INFO] gpg: gpg-agent 在此階段無法使用
Enter passphrase: [INFO] gpg: gpg-agent is not available in this session
I literately has to input passphrase dozens (if not hundreds) times. Indeed annoying.
This is because Bug: gpg-1 cannot locate gpg-agent >= 2.1 . But I don’t really want to wait for the package fix. Luckily,
gpg2 works, and there is a way to change what maven-gpg-plugin invokes. In other words. add following sections to your
<!-- No need to enter passphrase here, gpg-agent should be working now
Note that RHEL 7 does not suffer this problem, as in RHEL 7, gpg is actually gpg2. You can use
to verify it.
cmake-fedora consists CMake modules and scripts that simplify and automate the release process for software package, especially for Fedora and EPEL.
Even if you are not using CMake on your packages, you can still using following scripts to simplify your package chores. For examples, if you want your packages to be build in koji and submit to bodhi in all active branches like rawhide, f23, f22, f21, simply run
It builds the SRPM on all the active branches, skip the already built ones, then submit them to bodhi.