I promised Zeeshan that I'd have a look at his Rygel UPnP Media Server a few months back, and finally got around to doing so. For anyone else who wants to give it a shot, I've put together some Ubuntu packages for Jaunty and Karmic in a PPA here:

• https://launchpad.net/~jamesh/+archive/upnp

Most of the packages there are just rebuilds or version updates of existing packages, but the Rygel ones were done from scratch. It is the first Debian package I've put together from scratch and it wasn't as difficult as I thought it might be. The tips from the "Teach me packaging" workshop at the Canonical All Hands meeting last month were quite helpful.

Last week, we released the source code to django-openid-auth. This is a small library that can add OpenID based authentication to Django applications. It has been used for a number of internal Canonical projects, including the sprint scheduler Scott wrote for the last Ubuntu Developer Summit, so it is possible you've already used the code.

Rather than trying to cover all possible use cases of OpenID, it focuses on providing OpenID Relying Party support to applications using Django's django.contrib.auth authentication system. As such, it is usually enough to edit just two files in an existing application to enable OpenID login.

On my way back from Canada a few weeks ago, I picked up a SanDisk Sansa Fuze media player. Overall, I like it. It supports Vorbis and FLAC audio out of the box, has a decent amount of on board storage (8GB) and can be expanded with a MicroSDHC card. It does use a proprietary dock connector for data transfer and charging, but that's about all I don't like about it. The choice of accessories for this connector is underwhelming, so a standard mini-USB connector would have been preferable since I wouldn't need as many cables.

It seems to be a fashionable to blog about experiences with PulseAudio, I thought I'd join in.

I've actually had some good experiences with PulseAudio, seeing some tangible benefits over the ALSA setup I was using before. I've got a cheapish surround sound speaker set connected to my desktop. While it gives pretty good sound when all the speakers are used together, it sounds like crap if only the front left/right speakers are used.

I'm in Montreal through to the end of next week. The sub-zero temperatures are quite a change from Perth, where it got up to 39°C on the day I left.

The last time I was here was for Ubuntu Below Zero, so it is interesting seeing the same city covered in snow.

---

Comments:

Tester - 25 Feb, 2009

I hope you enjoy our nice, cool, snow covered city!

---

Today was the first day of the mini-conferences that lead up to linux.conf.au later on this week. I arrived yesterday after an eventful flight from Perth.

I was originally meant to fly out to Melbourne on the red eye leaving on Friday at 11:35pm, but just before I checked in they announced that the flight had been delayed until 4:00am the following day. As I hadn't had a chance to check in, I was able to get a pair of taxi vouchers to get home and back. I only got about 2 hours of sleep though, as they said they would turn off the baggage processing system at 3am. When I got back to the airport, I could see all the people who had stayed at the terminal spread out with airplane blankets. A little before the 4:00am deadline, another announcement was made saying the plane would now be leaving at 5:00am. Apparently they had needed to fly a replacement component in from over east to fix a problem found during maintenance. Still, it seems it wasn't the most delayed Qantas flight for that weekend and it did arrive in one piece.

One of the nice features of Bazaar is the ability to send a bundle of changes to someone via email. If you use a supported mail client, it will even open the composer with the changes attached. If your client isn't supported, then it'll let you compose a message in your editor and then send it to an SMTP server.

GMail is not a supported mail client, but there are a few work arounds listed on the wiki. Those really come down to using an alternative mail client (either the editor or Mutt) and sending the mails through the GMail SMTP server. Neither solution really appealed to me. There doesn't seem to be a programatic way of opening up GMail's compose window and adding an attachment (not too surprising for a web app).

The gio library provides both synchronous and asynchronous interfaces for performing IO. Unfortunately, the two APIs require quite different programming styles, making it difficult to convert code written to the simpler synchronous API to the asynchronous one.

For C programs this is unavoidable, but for Python we should be able to do better. And if you're doing asynchronous event driven code in Python, it makes sense to look at Twisted. In particular, Twisted's Deferred objects can be quite helpful.

Yesterday, I went to see the finals of the Red Bull Air Race here in Perth. This was my first time watching the event, since I was over seas at the times it was held the previous two years.

The weather was good, and gave me a good opportunity to play with my camera a bit. Sometimes you can miss out on the action by trying to take photos, but in this case the camera made it a lot easier to see the planes from the shore.

David: taking a quick look at Google's documentation, it sure looks like OpenID to me. The main items of note are:

1. It documents the use of OpenID 2.0's directed identity mode. Yes this is "a departure from the process outlined in OpenID 1.0", but that could be considered true of all new features found in 2.0. Google certainly isn't the first to implement this feature:

   • Yahoo's OpenID page recommends users enter "yahoo.com" in the identity box on web sites, which will initiate a directed identity authentication request.
   • We've been using directed identity with Launchpad to implement single sign on for various Canonical/Ubuntu sites.

   Given that Google account holders identify themselves by email address, users aren't likely to know a URL to enter, so this kind of makes sense.

One of the nice features of the PlayStation 3 is the UPNP/DLNA media renderer. Unfortunately, the set of codecs is pretty limited, which is a problem since most of my music is encoded as Vorbis. MediaTomb was suggested to me as a server that could transcode the files to a format the PS3 could understand.

Unfortunately, I didn’t have much luck with the version included with Ubuntu 8.10 (Intrepid), and after a bit of investigation it seems that there isn’t a released version of MediaTomb that can send PCM audio to the PS3. So I put together a package of a subversion snapshot in my PPA which should work on Intrepid.

I've been playing with OAuth a bit lately. The OAuth specification fulfills a role that some people saw as a failing of OpenID: programmatic access to websites and authenticated web services. The expectation that OpenID would handle these cases seems a bit misguided since the two uses cases are quite different:

• OpenID is designed on the principle of letting arbitrary OpenID providers talk to arbitrary relying parties and vice versa.
• OpenID is intentionally vague about how the provider authenticates the user. The only restriction is that the authentication must be able to fit into a web browsing session between the user and provider.

While these are quite useful features for a decentralised user authentication scheme, the requirements for web service authentication are quite different:

Since my last article on integrating Storm with Django, I've merged my changes to Storm's trunk. This missed the 0.13 release, so you'll need to use Bazaar to get the latest trunk or wait for 0.14.

The focus since the last post was to get Storm to cooperate with Django's built in ORM. One of the reasons people use Django is the existing components that can be used to build a site. This ranges from the included user management and administration code to full web shop implementations. So even if you plan to use Storm for your Django application, your application will most likely use Django's ORM for some things.

In my previous post about Django, I mentioned that I found the transaction handling strategy in Django to be a bit surprising.

Like most object relational mappers, it caches information retrieved from the database, since you don't want to be constantly issuing SELECT queries for every attribute access. However, it defaults to commiting after saving changes to each object. So a single web request might end up issuing many transactions:

Change object 1	Transaction 1
Change object 2	Transaction 2
Change object 3	Transaction 3
Change object 4	Transaction 4
Change object 5	Transaction 5

Unless no one else is accessing the database, there is a chance that other users could modify objects that the ORM has cached over the transaction boundaries. This also makes it difficult to test your application in any meaningful way, since it is hard to predict what changes will occur at those points. Django does provide a few ways to provide better transactional behaviour.

Yesterday, Thomas rolled the 0.13 release of Storm, which can be downloaded from Launchpad. Storm is the object relational mapper for Python used by Launchpad and Landscape, so it is capable of supporting quite large scale applications. It is seven months since the last release, so there is a lot of improvements. Here are a few simple statistics:

	0.12	0.13	Change
Tarball size (KB)	117	155	38
Mainline revisions	213	262	49
Revisions in ancestry	552	875	323

So it is a fairly significant update by any of these metrics. Among the new features are:

For anyone that cares, the new series of Double the Fist is starting tonight at 9:30pm on ABC2 (and repeated tomorrow on ABC1 for those who don't get ABC2). It has been a long time coming (4 years since the previous series), so will hopefully be worth it. I guess it will be available on the internet shortly after for those outside of Australia.

It is also good to see Roy and HG covering the Olympics again, even if it is only on the radio this time rather than television. The shows are being posted on the website after airing.

I've just finished the first day of the Ubuntu online services sprint in Orlando, Florida. I didn't repeat last year's trick of falling asleep at the airport, so the trip was only about 29 hours all up.

We've got a great team that I am looking forward to working with, so it'll be interesting to see what we do over the next little while.

---

Comments:

neo - 6 Aug, 2008

Is any of the Ubuntu "online services" open source or are they all proprietary stuff you are advertising in Planet GNOME?

I've been playing around with Django a bit for work recently, which has been interesting to see what choices they've made differently to Zope 3. There were a few things that surprised me:

• The ORM and database layer defaults to autocommit mode rather than using transactions. This seems like an odd choice given that all the major free databases support transactions these days. While autocommit might work fine when a web application is under light use, it is a recipe for problems at higher loads. By using transactions that last for the duration of the request, the testing you do is more likely to help with the high load situations.
• While there is a middleware class to enable request-duration transactions, it only covers the database connection. There is no global transaction manager to coordinate multiple DB connections or other resources.
• The ORM appears to only support a single connection for a request. While this is the most common case and should be easy to code with, allowing an application to expand past this limit seems prudent.
• The tutorial promotes schema generation from Python models, which I feel is the wrong choice for any application that is likely to evolve over time (i.e. pretty much every application). I've written about this previously and believe that migration based schema management is a more workable solution.
• It poorly reinvents thread local storage in a few places. This isn't too surprising for things that existed prior to Python 2.4, and probably isn't a problem for its default mode of operation.

Other than these things I've noticed so far, it looks like a nice framework.

One thing that has been mentioned in the GNOME DVCS debate was that it is as easy to do "git diff" as it is to do "svn diff" so the learning curve issue is moot. I'd have to disagree here.

Traditional Centralised Version Control

With traditional version control systems (e.g. CVS and Subversion) as used by Free Software projects like GNOME, there are effectively two classes of users that I will refer to as "committers" and "patch contributors":

Yesterday, a BoF was scheduled for discussion of distributed version control systems with GNOME. The BoF session did not end up really discussing the issues of what GNOME needs out of a revision control system, and some of the examples Federico used were a bit snarky.

We had a more productive meeting in the session afterwards where we went over some of the concrete goals for the system. The list from the blackboard was:

It has been a while coming, but MySQL has announced their move to Bazaar for version control. This has been a long time coming, and it is great to finally see it announced publicly.

The published Bazaar branches include 8 years of history going back to MySQL 3.23.22, imported from the BitKeeper repositories. So you can see a lot more than just the history since the switch: you can use all the normal Bazaar tools to see where the code came from and how it evolved. Giuseppe Maxia has posted some instructions on how to check out the code for those who are interested.

The Python standard library contains a function called thread.get_ident(). It will return an integer that uniquely identifies the current thread at that point in time. On most UNIX systems, this will be the pthread_t value returned by pthread_self(). At first look, this might seem like a good value to key a thread local storage dictionary with. Please don't do that.

The value uniquely identifies the thread only as long as it is running. The value can be reused after the thread exits. On my system, this happens quite reliably with the following sample program printing the same ID ten times:

I arrived in Prague yesterday for the Ubuntu Developer Summit. Including time spent in transit in Singapore and London, the flights took about 30 hours.

As I was flying on BA, I got to experience Heathrow Terminal 5. It wasn't quite as bad as some of the horror stories I'd heard. There were definitely aspects that weren't forgiving of mistakes. For example, when taking the train to the "B" section there was a sign saying that if you accidentally got on the train when you shouldn't have it would take 40 minutes to get back to the "A" section.

One of the features I recently discovered in Bazaar is the --author option for "bzr commit". This lets you make commits to a Bazaar branch on behalf of another person. When used, the new revision credits two people: you as the committer and the other person as the author.

While Bazaar does make it easy for non-core contributors to send changes in a form that correctly attributes them (e.g. by publishing a branch or sending a bundle), I doubt we'll ever see the end of pure patches. Some cases include:

Since upgrading to Ubuntu Hardy, I've been enjoying using Firefox 3. The reduced memory usage has made a lot of other things nicer to use (I don't feel like I need to buy more memory now). One thing that is nice to see fixed is caching of SSL content.

In previous versions of Firefox, SSL content was never cached to disk with the default settings. While you certainly don't want all SSL content to be written to disk, a lot of it can be cached without problem. For example, it is important that the CSS and JavaScript for a page be served via SSL to avoid man in the middle attacks (injecting arbitrary active content into a secure page is bad), but there isn't much harm in caching them to disk: if the attacker can modify the disk cache then SSL probably doesn't matter much.