Scripting addicts, check the new kwallet-query tool!

This weekend I created a new kwallet tool, named kwallet-query. It now lives in playground/utils for you to try it up. Just issue “kwallet-query –help” after building it to see the available options.

qwallet-query sports two modes: list mode and read value mode. You should specify the mode when invoking the tool, along with the wallet name you want the tool to read. I’d also be glad to hear back from you as to what this tool should provide in addition to this. This initial version will work on KF5-based systems. Should I also add support for the legacy KDE4 wallet?

You may find this tool handy when reading the wallet from other places. For instance, I wanted to create this tool in order to get my passwords from my wallet by using dmenu on my I3WM-enabled KDE session.

For those interested about the dmenu integration thing, have a look at this: https://github.com/valir/kwallet-dmenu. It’s a little script that uses the new kwallet-query tool in two phases. First, it’ll send the list of folders you have in the Passwords section of the wallet. It’ll feed the list to dmenu who’ll invite you to select the folder you want to read. A second invocation will read the folder you choose from the wallet and once again will feed dmenu to let you choose one entry, corresponding to one line in the password stored in the kwallet. The selected entry will be pu into the clipboard, so you’ll only have to press Shift+Insert into the application where you where, without further workflow break. No more kwalletmanager visiting to copy/paste your secrets items!

Once again, I’m looking forward for your feeback (bug reports or even comments here). I plan to get this tool through the kdereview process about one month from now.

Connecting mutt to corporate MS Exchange

Last year I finally had the opportunity to install and use Linux at my work. The background of this change is out of the scope of this posting, I can only tell you that I was waiting for it since the very beginning. So I’m a happy Fedora user since a little more than an year, at my work (at home I’m using Linux since 2003 I think – ArchLinux currently).

Working with Linux is quite interesting and productive if you one uses the right tools. That’s why I also configured http://i3wm.org/ and a whole bunch of text mode tools, mainly vim plugins (know YouCompleteMe?), but also the Ranger file manager. However, our company uses MS Exchange *without* the IMAP connector and that’s quite a problem, because it interfaces only with MS Outlook or Evolution. MS Outlook has to run under Windows, so I used a virtual machine for this, eating 1 GB of RAM. Evolution runs natively, but it also eats more than 1GB only to present me the mails or some reminders. That’s a serious problem when one uses other very memory-intensive tools like Eclipse, IntelliJ or Oracle SQL Developer, not to mention Maven or DB Solo. So I really needed a solution to reduce my working session’s footprint, to get the most out of my workstation’s 8 Gb of RAM. Some coworkers are using Citrix sessions for that, but that has the mail/workstation integration problem.

Enter davmail. This awesome little project solved a problem several of us have at work: interface an IMAP client with our corporate server. DavMail need a very minimalist configuration. It almost worked out of the box, not considering the need to enter the company’s OWA URL. Once started, I instantly got IMAP and CalDAV. It also provides iCal and CardDAV but I don’t use these so I don’t know how it works. So, I’m now using mutt to handle corporate mails, interface it with lbdb and our LDAP server. \o/

The calendar is handled with khal but I also use remind. This part needs some more work, as I still need to figure out how to create appointments on my machine, then get them synchronized to the corporate server.

Should I write a tutorial with the steps I done so far? Let me know and I’ll do it if you’re interested.

I was in Brno!

This year Akademy’s timing was just perfectly adjusted with my annual vacation timing. For personal reasons, I only could go vacationing in September. Brno is right on the way from Lyon to Romania, so I decided to take my car and make a stop there. My girl-friend was kind enough to accept spending some time alone in Brno, while I was attending the second day. I’d like to thank her really much for accepting this. Sure enough, I would have liked to attend the first day also, but I used that full day to drive from Lyon to Brno. And BTW, speaking about driving in Europe, I’m now writing this in Cluj-Napoca. So I have behind me highways from France, Germany, Czech Republic, Slovakia, Hungary and Romania. Sygic GPS navigation software allowed me a smooth ride along this long road, as it features offline maps. And where I had data connection, I used WAZE for it’s social features.

This second Akademy day was the moment for me to catch up a little with several KDE great people I know, and with whom I’d really like to spend some more time. The location in Brno is outstanding, and the event was perfectly setup. Second day presentations brought my attention to several things:
– The Jungle project,
– KDE & Android,
– Accessibility.

The Jungle project, brilliantly presented by Alex Fiestas, it’s quite impressive. It aims unifying several multimedia services like youtube and your local media library. The promise is great, as you’ll be able to start watching your favourite videos on your Android device, then continue it on your KDE Desktop, and forth. I’ll really keep an eye on this project and hope it’ll add support for Facebook and Google+ sharing in a future release.

KDE & Android was featured in two presentations. The first one was about the KDE Connect project. I already use this project and I’m already working on an MPRIS widget for the Android device. Hopefully I’ll get enough time to take into account the feedback I got from the review request I already submitted. I also plan to add some kind of KWallet or secrets support. Alex told me that it’ll be nice if we could send passwords from the KDE Desktop to the Android device. However, that’ll not answer to my personal need, as I’d like to have a real sync between my device and my wallet.

The second KDE & Android topic was launched by Aleix Pol Gonzalez. It’s about an attempt to bring some KDE applications to the Android world. That’s an awesome project and I’ll take a closer look to this and keep you posted.

Finally, Frederik Gladhorn brought-up the accessibility topic and showed as the current progress of the accessibility features in Qt and so KDE. This is a very important topic, and I really hope people with disabilities would benefit this technology. I remember that around 10 years ago I’ve met someone who lost his view after an accident. He needed a braille display and at that time I understood the accessibility is really inaccessible (pun intended) to these people, mainly for material reasons. The price tag of accessible computers is really high and hopefully free desktops like KDE will help these people in their day to day activities.

So, KDE will bring us plenty of new and exciting features!

KWallet for Plasma 5 now automatically migrates KDE4 wallets!

Next time you’ll start your updated Plasma 5 session’s KDE Wallet system, it’ll eventually start migrating your wallets. The precondition is that you’re doing that on a system that also has KDE4 and that you previously used that installation’s KDE Wallet system. If your system doesn’t have a KDE4 wallet daemon, then nothing will happen.

Simply follow the instructions of the wizard that’ll popup. If you accept the migration option, then for each of your existing KDE4 wallet you’ll be :
– prompted with a new Plasma 5 wallet creation wizard – that’ll eventually be the moment to switch to GPG wallets ๐Ÿ˜‰
– eventually prompted for the old wallet’s password, it the old daemon didn’t had it already opened by some other KDE4 program.
The migration assistant will preserve wallet names and wallet internal structure.

As usual, do not hesitate to file bug reports if you encounter any problem!

A final note about those who installed KDE4 in a prefix that’s not /usr. Please ‘ln -s [your kwalletd location] /usr/bin/kwalletd’ in order to let the migration agent correctly find and start the KDE4 daemon. Without that, it’ll not trigger the migration. (yes, that’s a quick hack, but it works).

Starting KF5 using the I3 window manager

Lately I started experimenting several tiling window managers, and I settled on I3 (see its Official site and the corresponding ArchLinux wiki page)

I now plan to return hacking KF5 and I’d like to use this tiling manager. In KDE4 I simply used the “Default Applications” control module from “System Settings” to choose i3, after adding the right i3.desktop file. However, with KF5 that will not be enough. For some reason kwin will still be loaded. (And BTW, the new kwin looks really great. I also like the new plasma desktop very much, but it won’t fit my workflow, as I prefer tiling WMs paradigm) Today I started searching a quick way to workaround that and here it is what I did.

Firstly, create the $KF5/share/ksmserver/windowmanagers/i3.desktop file with this contents:

[Desktop Entry]
Encoding=UTF-8
Name=i3
Comment=Highly configurable framework window manager
Type=Application
Exec=i3
TryExec=i3

Then edit the file ~/.config/ksmserverrc and modify the windowManager line from the [General] section:

[General]
# other lines ommited
windowManager=i3

Alternatively, you can use the “Default Applications” control module from KF5 System Settings to change the window manager to i3.

Finally, here is the little bit that made it. Modify the KF5 startup script to define the KDEWM environment variable. It should read like this:
export KDEWM=/usr/bin/i3

Here is how:
On my system, I’m using kdm. For it to start a KF5 session, I created /usr/share/config/kdm/sessions/kf5.desktop with this contents:

[Desktop Entry]
Encoding=UTF-8
Type=XSession
Exec=/home/kde5/start-kf5
TryExec=/home/kde5/start-kf5
DesktopNames=KF5
Name=KF5

As you can see, my KF5 is installed in /home/kde5 (others may have it in /opt/kf5). The start-up script, named ‘start-kde’ simply sets the righ environment variables, calls ssh-agent and gpg-agent, then calls startkde from KF5. I added the export KDEWM=/usr/bin/i3 line into this script.

Quit your current session, choose the KF5 session in KDM and enjoy I3 with KF5!

I’ll now return to tinkering it, as some adjustments still need to be done ๐Ÿ™‚

Oldies but goodies! Welcome back to VRCOM!

Yesterday I just created a new repository on github and pushed a new awesome library ๐Ÿ˜‰ This library is an LGPL alternative to MS ATL Library. Yes, you read that correctly! I just pushed a library implementing a technology that’s more that 14 years old. I’m talking about Microsoft’s COM technology. I used to be an expert of that technology, back in 1999, and this library was my two cents about COM objects implementation in C++. See the readme file for more details of my motivations for writing this library. Please note that this library was successfully used in a production environment.

What pushed me to publish this? Well, it appears that Microsoft is slowly returning to COM. In my opinion WinRT is purely a new version of COM. That alone would not push me to create that repository. The trigger was someone on Google+ “C++ – Libraries & Frameworks” group asking if someone knew about an ATL alternative. And that started me. Why not help and share what I wrote at that time?

I managed to get on old CD with the sources, created the repo and directly pushed them. So, please expect them not to compile using modern MSVC. At that time I was a big fan of the templates (well, I still like them alot), a very new feature of the C++ language at that time. They were not clearly specified and the syntax varied heavily from one compiler to another. At that time I stick with MSVC compiler syntax. But I think that’ll be not so hard to adjust them for the current technology. I cannot do that myself, because I no longer use Windows nor I have MSVC on my computer. I only tried Visual C++ Express Edition in a virtual machine, but please accept I don’t plan to maintain this library. I published it only to help and lower the entry barrier for those who want an ATL alternative. And it would be awesome if someone there would update this library and maintain it. Just drop me a line and we’ll arrange for the commit rights on the github repository.

Here is the repository link for the VRCOM library : https://github.com/valir/vrcom

svnmerge2.py – A tool for SVN merge operations

Well, SVN is not yet dead. Enterprise world still uses it, or at least it’s still used at my workplace ๐Ÿ™‚

When it comes to merging, one has the choice of TortoiseSVN or svnmerge from Orcaware. Each of these has their drawbacks. For example, TortoiseSVN is very mouse-intensive, so it’s click-error prone (yes, yes). The script from Orcaware is somewhat strict, and it even requires one to use it from the very beginning of the project. But what if you didn’t use it at that time? So, how to get a small improvement to this situation? Enter svnmerge2.py. I put the sources on, well, GitHub! ๐Ÿ˜‰

There are instructions in both French and English. However, the script only shows French strings. I plan to add English translation later, when I’ll have some spare time. Meanwhile, if you need it, feel free to translate it and add a pull request on GitHub. I’d be glad to integrate it.

New GnuPG backend for the KDE Wallet!

The classical KDE Wallet uses blowfish algorithm to encrypt sensitive data before writing it to disk. The key used for the encryption is a user-defined password that sometimes is even left empty by the user!

GnuPG offers some very strong encryption algorithms and uses passphrase-protected long keys. But I’m not going to talk about GPG here. I’ll rather tell you that I just added a new backend in kwalletd allowing for GPG-encrypted wallets! The code is fully functional and I actually configured my KDE session to use it! So here are the screenshots.

gpg-kwalletmanager

gpg-kdewallet-system-settings

As you can see, I now have a “testgpg” wallet that is selected as the system-default wallet. So what, you’d say? Well, I’d answer, as you can see there’s no apparent difference when using these wallets, and that’s expected behavior. Things changes however when you try to create a new wallet. There are two ways to do that. The usual way is in system settings, where user would click the “New…” button you see in the second screenshot. That will pop-up a wizard that I adjusted to let the user choose between the more secure GPG-backend or the classical, blowfish-based, backend.

After clicking “New…”, user is prompted for the new wallet’s name, as usual, then here is the redesigned “new wallet wizard”:

disclaimer: I’m not an english-native, so wording may not be the best in the following screenshots. Feel free to adjust the strings in the sources ๐Ÿ˜‰

gpg-kwalletwizard1

gpg-kwalletwizard2

gpg-kwalletwizard3

The screenshots above show the case where an encryption capable GPG key was found on the system. If the user do not have such a key, then the last page changes to this:

gpg-kwalletwizard3

(the different color comes from the different color-scheme my test user has in it’s kde session)

And that’s all it takes!

If using KWalletManager, the wizard is slightly different (I don’t know why kwalletd uses two code paths for wallet creation, but I choose to keep this original behavior):

  • Choose “File > New wallet…”
  • Enter the new wallet’s name
  • Next, the following wizard will show:

gpg-newwallet1

gpg-newwallet2

That’s it for this case too!

kwalletd will use GPG when storing wallets and when opening them. The same KDE session can handle simultaneously both file formats. kwalletd will transparently detect the file format and load the correct backend to handle it. So you can do as I did:

  • Create a new GPG-based wallet (using one of the previous described methods)
  • Fire KWalletManager and
    • Select your old wallet then choose “File > Export as XML…” to create an XML file with your sensitive data
    • Select the GPG-based wallet then choose “File > Import XML…”, then choose the file you just saved
    • NOTE: “File > Import wallet…” should also work, but in that case you should choose the .kwl file corresponding to your old wallet, located in ~/.kde/share/apps/kwallet
  • Go to System Settings > Account Details > KDE Wallet and select the newly created, GPG-based, wallet from the “select wallet to use as default” combo box
  • gpg-encrypt the XML file to keep a back-up

What about file sizes? Well, on my system, the new GPG-based wallet show a dramatic drop in file size for storing the exact same data:

/home/valentin/.kde/share/apps/kwallet
$ ll
total 80
-rw------- 1 valentin valentin 60664 Aug 15 16:54 kdewallet.kwl
-rw------- 1 valentin valentin 19329 Aug 15 18:56 testgpg.kwl

The performance difference is not noticeable. There’s only a slight lag on first GPG library initialization.

IMPORTANT NOTE: the passphrase dialog only shows once. Even if the wallet is closed after initial open, subsequent opening will occur silently during the same KDE session! That’s great news for those annoyed by the kwallet password prompt in the middle of the KDE session.

Eager to test the code? I’d be glad to hear your feedback, as this code should be thoroughly tested and reviewed before letting it go to master. I’ll soon post a review-request on the official mailing list. The code is available under the kde-runtime’s branch named kwalletd-gpg. The new features are compiled-in only if your system has QGpgme, part of kdepimlibs, which in turn requires gnupg and gpgme.

A final word: those of us who own a FSFE Fellowship Smart Card now have a new cool usage for it!

KMail, Akonadi and MariaDB on ArchLinux

ArchLinux recently switched to MariaDB. After the complete system update, followed by the usual full recompile of Qt4 and KDE4, my KMail2 setup became unstable. While reading mails was still possible, I experienced lags when switching from one folder to another (“please wait while retrieving message contents”) and, more problematic, sending mails worked veryย randomly.ย  I used the akonadi server configuration tool and it’s “test” feature to check my setup and then, surprise, I got errors with my database. OK, I thought, it’s time now to restart with a fresh home directory, as mine has several years, and configuration from previous setups was left, along my switch to ArchLinux then to custom compiled KDE4.

But with the new, fresh home directory, the “test” function still showed errors:

130605 0:10:50 InnoDB: The InnoDB memory heap is disabled
130605 0:10:50 InnoDB: Mutexes and rw_locks use GCC atomic builtins
130605 0:10:50 InnoDB: Compressed tables use zlib 1.2.7
130605 0:10:50 InnoDB: Initializing buffer pool, size = 80.0M
130605 0:10:50 InnoDB: Completed initialization of buffer pool
130605 0:10:50 InnoDB: highest supported file format is Barracuda.
130605 0:10:50 InnoDB: Waiting for the background threads to start
130605 0:10:51 Percona XtraDB (http://www.percona.com) 5.5.30-MariaDB-30.1 started; log sequence number 2612486
130605 0:10:51 [Warning] Can't open and lock time zone table: Table 'mysql.time_zone_leap_second' doesn't exist trying to live without them
130605 0:10:51 [ERROR] Can't open and lock privilege tables: Table 'mysql.servers' doesn't exist
130605 0:10:51 [ERROR] Native table 'performance_schema'.'events_waits_current' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'events_waits_history' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'events_waits_history_long' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'setup_consumers' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'setup_instruments' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'setup_timers' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'performance_timers' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'threads' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'events_waits_summary_by_thread_by_event_name' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'events_waits_summary_by_instance' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'events_waits_summary_global_by_event_name' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'file_summary_by_event_name' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'file_summary_by_instance' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'mutex_instances' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'rwlock_instances' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'cond_instances' has the wrong structure
130605 0:10:51 [ERROR] Native table 'performance_schema'.'file_instances' has the wrong structure
130605 0:10:51 [Note] /usr/bin/mysqld: ready for connections.
Version: '5.5.30-MariaDB' socket: '/home/valentin/.local/share/akonadi/socket-zx.rusu.info/mysql.socket' port: 0 Source distribution

The problem was solved by switching to the external MySQL (more precisely, it’s MariaDB) server I happen to run on the same system. I created a new “akonadi” database, granted full rights to a dedicated “akonadi” user. I also cleared the “options” field, that for an obscure reason specifies a socket connection and now I’m back to a stable configuration after starting the akonadi server.

Oh, I also needed to do the following adjustments:

  • Remove then recreate the local folders, as my previous configuration stored mails in a KMail folder
    • In fact, KMail forced me to do that, as it crashed after the switch to the new database with these errors
kontact(17733)/libakonadi Akonadi::SpecialCollectionsRequestJob::slotResult: Failed SpecialCollectionsRequestJob::slotResult "Failed to fetch the resource collection." 
kontact(17733) MailCommon::Kernel::emergencyExit: "The Email program encountered a fatal error and will terminate now.
The error was:
Failed to fetch the resource collection."
  • Remove then recreate the “mail dispatcher agent” in akonadi console
  • Reconfigure the folders
    • Now, all my old messages are shown as unread, but that’s not really a problem
  • Reconfigure mail filters
    • That’s because removing the local folders left the rules without target folders
  • Reconfigure folder expiration rules

A final word about the performance of KMail. It seems to me that it’s now a lot more responsive. The application is now really fast displaying my mails, be it on my IMAP server or into the local folders. Congrats to the PIM team!