Language Selection

English French German Italian Portuguese Spanish

Red Hat

Fedora: fwupd, FSF, ABRT and Plans to Use GCC Security Hardening Flags by Default

Filed under
Red Hat
  • A fwupd client side certificate

    In the soon-to-be-released fwupd 1.2.6 there’s a new feature that I wanted to talk about here, if nothing else to be the documentation when people find these files and wonder what they are. The fwupd daemon now creates a PKCS-7 client self-signed certificate at startup (if GnuTLS is enabled and new enough) – which creates the root-readable /var/lib/fwupd/pki/secret.key and world-readable /var/lib/fwupd/pki/client.pem files.

    These certificates are used to sign text data sent to a remote server. At the moment, this is only useful for vendors who also have accounts on the LVFS, so that when someone in their QA team tests the firmware update on real hardware, they can upload the firmware report with the extra --sign argument to sign the JSON blob with the certificate. This allows the LVFS to be sure the report upload comes from the vendor themselves, and will in future allow the trusted so-called attestation DeviceChecksums a.k.a. the PCR0 to be set automatically from this report. Of course, the LVFS user needs to upload the certificate to the LVFS to make this work, although I’ve written this functionality and am just waiting for someone to review it.

  • New FAF 2.0.0 released

    The latest release of FAF comes with two major changes.

    The first one is that we’ve decided to drop the support of Python2 code.
    The second one is an abandonment of YUM in favour of DNF.

    Since release 1.3.4 we’ve also migrated from fedmsg to fedora-messaging infrastructure.

  • Ernestas Kulik: Reporting problems in Flatpak applications

    If you’ve ever experienced a crash in a Flatpak application, you might have noticed that there is no notification coming from ABRT for it, and maybe you even noticed some strange messages in the system journal:

    abrt-server[…]: Unsupported container technology
    The above appears when ABRT attempts to collect information about the container (currently only Docker and LXC), if the binary has been detected to have been run in one. For Flatpak applications, we probably get enough information already, so we can just special-case and do nothing instead.

    Unfortunately, getting things like stack traces gets a bit more complicated than that.

  • Fedora 31 Plans To Use GCC Security Hardening Flags By Default

    Fedora 31 will likely be enabling various GCC security hardening flags by default in trying to further enhance the security of the software in its repositories and those building software on their own Fedora systems.

    While Fedora generally leads the way with low-level innovations to the Linux stack thanks to Red Hat, in this case they are a bit behind the ball for enabling these GCC security hardening flags. In fact, the flags they are planning to use by default are already the defaults on Ubuntu.

    With Fedora 31 they would enable "-Wformat -Wformat-security -fstack-protector-strong" flags by default for checking printf/scanf calls to ensure a proper format string is specified and conversions are correct, warning about possible security problems for the formatted printing, and additional stack protector protections.

Red Hat and Fedora: Red Hat Summit 2019, Wayland and More

Filed under
Red Hat
  • Red Hat Summit 2019 Session Highlights: Developers

    2019 brings new opportunities for developers to decide how they want to shape the future of application development. The impact of new technologies, architectures and processes can be felt as microservices, containers and serverless are shifting the way we think about building, deploying, running and maintaining applications today.

    At Red Hat Summit 2019, we’re offering sessions, workshops, and hands-on trainings and labs to help our customers and partners and community members get the most from these innovative technologies and practices.

  • Distributed microservices architecture: Enterprise integration, Istio, and managed API gateways

    The rise of microservices architectures drastically changed the software development landscape. In the past few years, we have seen a shift from centralized monoliths to distributed computing that benefits from cloud infrastructure. With distributed deployments, the adoption of microservices, and system scaling to cloud levels, new problems emerged, as well as new components that tried to solve the problems.

    By now, you most likely have heard that the service mesh or Istio is here to save the day. However, you might be wondering how it fits with your current enterprise integration investments and API management initiatives. That is what I discuss in this article.

  • Wayland-Spun Firefox Is Being Given More Time To Get Ready For Fedora 30

    Fedora 30 is aiming to ship with the Wayland native version of Firefox by default rather than relying upon XWayland. This Wayland-native Firefox has long been offered in the Fedora repository but not used as the default browser. While it's not all squared away yet, more time has been granted to get it ready for this spring update to Fedora.

    The "Firefox Wayland by default" change is currently among the list of incomplete changes for Fedora 30. While past the deadline, the Fedora Engineering and Steering Committee (FESCo) is letting this feature still land if it won't end up delaying the Fedora 30 beta milestone.

  • Stories from the amazing world of release-monitoring.org

    Our story begins in August 2018. I was summoned by the Archmage (my ex-manager Jim Perrin) to be part of the mage conclave (Fedora Infrastructure team) and take care of a world that laid abandoned for some time. The name of this realm is release-monitoring.org and Jim recommended I start on the continent of Anitya (web server).

    I began to study this world and communed with the mage conclave, especially with previous caretaker of this world, honorable mage Jeremy Cline. I learned a lot about this realm (especially Anitya) and fixed a small issue here and there in order to make the world a better place for its inhabitants.

    After few weeks I became more confident when walking through the continent of Anitya, and started working on bigger things that hopefully helped the inhabitants of this world to have better life.

    Sometimes I made a mistake, which displeased the inhabitants greatly, but we identified these issues together (thanks for every bug report) and fixed most of them (thanks to all contributors).

    After a few months Jim Perrin came to me again with another task from the amazing realm of release-monitoring.org. He said to me: “Here in these lands lies a place that is key to this world and it lay abandoned for far too long. You have proven yourself when taking care of the continent of Anitya, so here by the power entrusted in me I’m naming you the caretaker of the island of the-new-hotness.”

Fedora and IBM: Fedora Discussion, ABRT, Copr and Fifty Years Of Operating IBM Systems

Filed under
Red Hat
  • Discuss everything Fedora

    Are you new to using Fedora, or have a question about using Fedora? Got a story or helpful hint for Fedora that you want to share? You want to check out Fedora Discussion. It is a relatively new place where users and members of the Fedora Community meet to discuss, ask questions, and interact.

  • Reporting problems in Flatpak applications

    If you’ve ever experienced a crash in a Flatpak application, you might have noticed that there is no notification coming from ABRT for it, and maybe you even noticed some strange messages in the system journal:

    abrt-server[…]: Unsupported container technology

    The above appears when ABRT attempts to collect information about the container (currently only Docker and LXC), if the binary has been detected to have been run in one. For Flatpak applications, we probably get enough information already, so we can just special-case and do nothing instead.

    Unfortunately, getting things like stack traces gets a bit more complicated than that.

  • Copr - Removing outdated chroots

    Even though Copr currently supports building packages for Fedora, EPEL, Mageia, let’s talk about just Fedora to keep this article simple. The same principles apply also for other distributions, they only differ in small nuances such as length of the release cycle.

    Let’s briefly talk about the Fedora release cycle. There are always two stable versions (at this point F28 and F29) and rawhide. These are enabled in Fedora build systems and you can build packages for them. Once a next version is released, the oldest one gets marked as End Of Life (EOL) and it is not possible to build official packages for it and push updates. In Copr, we try to give users more time to migrate and allow them to build packages even for EOL version for another several weeks/months.

    Now we are getting to the actual topic of this article. Can you guess, what happens with the repositories once the chroots for a particular EOL distribution gets disabled? Interestingly enough, nothing happens to them. If you have created a project in the Copr humble beginnings and built some packages for e.g. F21, you can still boot your old laptop and install them. As awesome as it sounds, we are changing this a little.

  • Fifty Years Of Operating IBM Systems

    The world is celebrating some important 50th anniversaries this year. My interests in aerospace and music led me to recall four events from 1969. The most famous event was the first manned moon landing in July, which occurred the same week that I turned 21. Two months before that was the first flight of the Concorde supersonic transport. I mark the beginning of the “summer of love” with the Woodstock concert, and its end with the tragic concert at Altamont Speedway. (Who knew that Hell’s Angels would not make great security guards?)

    For me, all of this pales in comparison to two events that shaped my life forever. In late August, my wife Sandy and I will be celebrating our 50th wedding anniversary with our four kids, their spouses, and five grandchildren. Roughly three months before the wedding, I started my first job in IT. Of course, the field would not be called Information Technology for many years. To be precise, I began my career as a summer intern in the data processing department of a large Chicago bank. While I cannot avoid talking about my personal history, my goal here is to describe the relationships I have observed between today’s most modern operating system (IBM Sleepy and those that I encountered during my early career.

    I thought that working as a computer operator would be a temporary thing to get me through college. The summer job turned into a part-time job as I finished my senior year and started grad school. It evolved into a full-time job when our first child came along. Unfortunately, this coincided with the hard part of graduate school, coming up with a math idea that no one has thought of before and documenting it in a thesis. Somehow, A Computer Calculation of the Homology of the Lambda Algebra got produced and I was on my way. Today, the only part of it that I remember well is the primal fear of dropping my 2,000-card Fortran program.

My First 24 Hours With Fedora Workstation

Filed under
Red Hat
Reviews

To begin with, let's touch on everyone's first contact: the Fedora installer. The overall intuitiveness and speed of installing an operating system matters, so I'm happy to report that installing Fedora 29 is straightforward. Except for one element.

Automatic partitioning -- that's when you choose the target disk and the installer creates and sizes partitions for you -- is a breeze. But I had some trouble finding where to manually partition my drives. It's actually tucked away under the option "Reclaim Space." After using the openSUSE, Deepin and Pop!_OS installers which have their own clearly defined version of "Manual Partitioning," I found myself looking for a similarly-worded option.

In fairness to the Fedora Project, I didn't RTFM (there's a prominent Help button throughout the installation process) or I would have discovered the answer. Lesson learned!

The more I use various Linux distros, the more I realize how silly and antiquated my fear of hardware incompatibility was. Fedora detected all my components, even function keys for dimming the keyboard backlight, volume, etc. Drive encryption was a breeze, and I'm having zero issues with WiFi or Bluetooth connectivity. So far so good! That's of course on the XPS 13 laptops. It's still worth mentioning the problems I had with Fedora on the ThinkPad X1 Extreme.

I'll have a new entry soon in my "A Linux Noob Reviews" series tackling the Fedora installer more comprehensively, so be on the lookout!

Read more

Also: Fedora Community Blog: FPgM report: 2019-10

Red Hat: CEO's Words, Red Hat Summit, Development, and Fedora

Filed under
Red Hat
  • Open Outlook: Red Hat

    Digital transformation doesn’t happen overnight. Organizations can’t just flip a switch and become cloud-native. They're going to have to straddle their existing infrastructure with their plans for the future. That's why we believe the future is a hybrid one.

    We typically talk about "hybrid" as something relevant only to IT (think "hybrid IT," "hybrid cloud," and so on), but in truth, it applies to the entire organization. Open, hybrid technologies work best when supported by open teams with open cultures. And the more I talk with customers, the more I see them recognize something that has guided Red Hat from its earliest days: open unlocks the world's potential. They understand not only that open technologies are now a default choice in organizations all around the world, but also that open cultures and methods are becoming standard operating procedure in many of the most innovative organizations today.

  • Red Hat Summit 2019 session highlights: digital transformation

    Red Hat Summit 2019, being held in Boston from May 7 - 9, offers attendees the chance to deep dive into every aspect of Red Hat and open source software. However, with all of the options for sessions to attend, it can be tricky to pick which ones to attend.

    Digital transformation has been a hot topic for several years and we expect it to continue to be as we move into the future. According to the Red Hat Global Customer Tech Outlook Survey, companies are continuing to take digital transformation efforts seriously, with 35 percent of respondents looking to introduce new business models or new digital products and services to aid it within the next twelve months. There is hardly a question of IF digital transformation is needed, but more a matter of when it will happen and how it will be done. At Red Hat Summit, attendees will hear about the importance of digital transformation and insights into how Red Hat technology can be the backbone of transformation efforts.

  • Remi Collet: PHP version 7.1.27, 7.2.16 and 7.3.3
  • Usability improvements in GCC 9
  • Fedora at SCaLE 17x - Day 1 - Setting up

    Fedora is at the 17th annual Southern California Linux Expo in Pasadena, CA! ParadoxGuitarist and myself (vwbusguy) came early and got the booth setup. The exhibition hall doesn't open until tomorrow, but we attended talks, connected with conference regulars, and talked about what's new in Fedora during our hallway conversations.

  • Modularity Hackfest, March 2019

    Some time ago, the Modularity team in Fedora attempted to organize a proper hackfest on Modularity. The hackfest was intended to gather together members of the Fedora community (both internal and external to Red Hat) in Ireland and work through some of the bigger UX and packaging concerns around Fedora Modularity. Unfortunately, the planning and funding for the hackfest fell through. However, it turned out that we were able to pull together a less-ambitious hackfest in the Red Hat Boston office over Monday and Tuesday (at effectively no notice). The attendance was a bit limited, but we were able to get several people together along with several more through video-conferencing technology.

    Among the attendees from Red Hat were Petr Šabata, Langdon White, Adam Šamalík, Mohan Boddu and Matthew Miller. From outside of Red Hat, we were joined by Neal Gompa and Igor Gnatenko.

    Much of this two-day hackfest was spent identifying and scoping the most urgent problems that we need to solve. We opened the session by inviting Neal Gompa to report on his experiences with attempting to consume and build modules for the projects he works on in his day-job. In particular, his internal toolchain uses the Open Build Service (OBS) to build his tools on multiple operating systems. At present, OBS does not handle repositories with modular content appropriately. OBS relies directly on libsolvext for working with repodata which does not currently handle the module metadata. As a result, the Fedora Modular and Red Hat Enterprise Linux 8 Beta AppStream repositories look like a collection of conflicting data.

  • Fedora Challenge And NextCloudPi | Choose Linux 4
  • Start a Fedora 29 installation from the GRUB menu
  • Fedora Community Blog: Kernel 5.0 Test Day 2019-03-12

Fedora Silverblue and Advice to New Fedora Linux Users

Filed under
Red Hat
  • Nvidia drivers in Fedora Silverblue

    I really like how Fedora Silverblue combines the best of atomic, image-based updates and local tweaking with its package layering idea.

    However, one major issue many people has had with it is support for the NVIDIA drivers. Given they ares not free software they can’t be shipped with the image, so one imagines using package layering to would be a good way to install it. In theory this works, but unfortunately it often runs into issues, because frequent kernel updates cause there to be no pre-built nvidia module for your particular kernel/driver version.

    In a normal Fedora installation this is handled by something called akmods. This is a system where the kernel modules ship as sources which get automatically rebuilt on the target system itself when a new kernel is installed.

  • New Fedora Linux User? Run This Amazing Post-Install Script First

Get cooking with GNOME Recipes on Fedora

Filed under
Red Hat
GNOME
HowTos

Do you love to cook? Looking for a better way to manage your recipes using Fedora? GNOME Recipes is an awesome application available to install in Fedora to store and organize your recipe collection.

GNOME Recipes is an recipe management tool from the GNOME project. It has the visual style of a modern GNOME style application, and feels similar to GNOME Software, but for food.

Read more

Red Hat and SUSE Leftovers

Filed under
Red Hat
SUSE
  • OpenShift Commons Briefing: Introduction to MLFlow on OpenShift – Mani Parkhe (Databricks) and Zak Hassan (Red Hat)

    In this OpenShift Commons Briefing, DataBricks‘ Mani Parkhe gave an excellant introduction to MLFlow, an open source platform to manage the Machine Learning lifecycle, including experimentation, reproducibility and deployment.

  • Bali, Indonesia, Selected for openSUSE.Asia Summit 2019

    For the second time, Indonesia was chosen to host the openSUSE.Asia Summit 2019 event. A similar event was held in Yogyakarta, Indonesia, in 2016 and was attended by hundreds of local openSUSE lover as well as from other Asian countries. This year we are challenged to repeat the successful story of the openSUSE.Asia Summit on one of the most exotic islands in Indonesia, Bali.

    openSUSE.Asia Summit is an event awaited by fans of openSUSE in Indonesia in particular, and activists of Free/Libre Open Source Software (FLOSS) in general. In this activity, experts, contributors, end users, and technology enthusiasts gather to share experiences about the development of openSUSE and other things related to FLOSS and have a lot of fun.

    The island of Bali was chosen as the venue for the openSUSE.Asia Summit after being proposed by the Indonesian community during openSUSE.Asia Summit 2018 in Taipei, Tawian. After going through a long discussion, the Asian committee chose Bali as the host of openSUSE.Asia Summit 2019. openSUSE.Asia Summit 2019 will be from October 5 to October 6, 2019, at Udayana University, Bali.

  • Get Ready to Get Your SUSECON On!

Red Hat and SUSE Miscellany

Filed under
Red Hat
  • Red Hat Satellite 5 customers: Important updates on RHN and ISOs

    As Red Hat phases out its Red Hat Network (RHN), customers on Red Hat Satellite 5.6 and 5.7 will need to upgrade now to continue receiving content and updates. Read on for details and steps to move to the Red Hat Content Delivery Network (CDN).

    Red Hat has been notifying customers since early 2017 that Red Hat Satellite 5.7 and Satellite 5.6 would be at end of life on January 31, 2019. We encourage customers on those releases to move to Satellite 5.8 as soon as possible, then start planning your migration to Satellite 6. As a reminder, Satellite 5.8 is planned to be at end of life May 31, 2020.

    The end of life of earlier Satellite versions was just one of the reasons to move to Satellite 5.8. Another reason is that Satellite 5.8 is the only Satellite 5 version that uses Red Hat CDN instead of RHN.

  • Open Outlook: Management + Automation

    As organizations accelerate their digital transformation efforts they are embracing new hybrid IT models that include a mix of traditional, private and public cloud technologies. Workload strategies in these new models must consider cost, availability, security and reliability, as well as compliance and regulatory requirements. Many enterprises have evolved from use of on-premises virtualization and private clouds to hybrid and, frequently, multicloud environments.

    While management and automation technologies have always been instrumental to enterprise IT governance, their importance grows as organizations grapple with the resulting increased speed, scale and complexity. Traditional solutions have been unable to adapt to the needs of these rapidly changing hybrid cloud environments and many organizations plan to acquire new tools to address these challenges.

  • How and Why We’re Changing Deployment Topology in OpenShift 4.0

    Red Hat OpenShift Container Platform is changing the way that clusters are installed, and the way those resulting clusters are structured. When the Kubernetes project began, there were no extension mechanisms. Over the last four-plus years, we have devoted significant effort to producing extension mechanisms, and they are now mature enough for us build systems upon. This post is about what that new deployment topology looks like, how it is different from what came before, and why we’re making such a significant change.

  • RHEL 8 install Python 3 or Python 2 using yum
  • Fedora: Install Third-Party Software And Codecs With Fedy
  • SUSECON 2019: Family and innovative partnerships to support customer needs

    SUSECON provides a forum for building a passionate community of technically knowledgeable participants who use open source technology from SUSE in their enterprise IT environments and share their passion for this open source technology with their peers. At our annual conference, we announce and demonstrate SUSE’s vision and latest technical advances to customers, partners, press and analysts.  We also share insights and share best practices on the practical usage of these technologies.

Join The Fedora 29 Linux Community Challenge

Filed under
GNU
Linux
Red Hat

The basic premise of the Fedora challenge is simple: ditch Windows, macOS or your current Linux OS of choice and use Fedora for about a month. It's just enough time to start learning its nuances, its unique package manager, and get into a groove where it starts to feel familiar instead of foreign.

The purpose is exposing yourself to something new, and perhaps gaining an appreciation for an OS you may not have chosen otherwise. Along the way people may find their “forever distro” or be inspired to make the switch to Linux full time.

With elementary OS we challenged each other to refrain from customizing or tweaking; to not install any external repositories. Even to avoid the command line if possible. With openSUSE Tumbleweed we threw out the rule book, chose any of the available desktop environments and went way off the leash.

We're going back to basics with Fedora but leaving plenty of wiggle room. As a group we'll be using Fedora Workstation which includes the Gnome Desktop Environment (and apparently a very pure iteration of it). Beyond that, feel free to install extensions, customize your workspace and your desktop, dig into the CLI, find out what FlatPak is all about and make yourself at home.

Read more

Syndicate content

More in Tux Machines

12 open source tools for natural language processing

Natural language processing (NLP), the technology that powers all the chatbots, voice assistants, predictive text, and other speech/text applications that permeate our lives, has evolved significantly in the last few years. There are a wide variety of open source NLP tools out there, so I decided to survey the landscape to help you plan your next voice- or text-based application. For this review, I focused on tools that use languages I'm familiar with, even though I'm not familiar with all the tools. (I didn't find a great selection of tools in the languages I'm not familiar with anyway.) That said, I excluded tools in three languages I am familiar with, for various reasons. The most obvious language I didn't include might be R, but most of the libraries I found hadn't been updated in over a year. That doesn't always mean they aren't being maintained well, but I think they should be getting updates more often to compete with other tools in the same space. I also chose languages and tools that are most likely to be used in production scenarios (rather than academia and research), and I have mostly used R as a research and discovery tool. Read more

Devices: Indigo Igloo, Raspberry Pi Projects and Ibase

  • AR-controlled robot could help people with motor disabilities with daily tasks
    Researchers employed the PR2 robot running Ubuntu 14.04 and an open-source Robot Operating System called Indigo Igloo for the study. The team made adjustments to the robot including padding metal grippers and adding “fabric-based tactile sensing” in certain areas.
  • 5 IoT Projects You Can Do Yourself on a Raspberry Pi
    Are you new to the Internet of Things and wonder what IoT devices can do for you? Or do you just have a spare Raspberry Pi hanging around and are wondering what you can do with it? Either way, there are plenty of ways to put that cheap little board to work. Some of these projects are easy while others are much more involved. Some you can tackle in a day while others will take a while. No matter what, you’re bound to at least get some ideas looking at this list.
  • Retail-oriented 21.5-inch panel PCs run on Kaby Lake and Bay Trail
    Ibase’s 21.5-inch “UPC-7210” and “UPC-6210” panel PCs run Linux or Windows on 7th Gen Kaby Lake-U and Bay Trail CPUs, respectively. Highlights include 64GB SSDs, mini-PCIe, mSATA, and IP65 protection.

NexDock 2 Turns Your Android Phone or Raspberry Pi into a Laptop

Ever wished your Android smartphone or Raspberry Pi was a laptop? Well, with the NexDock 2 project, now live on Kickstarter, it can be! Both the name and the conceit should be familiar to long-time gadget fans. The original NexDock was a 14.1-inch laptop shell with no computer inside. It successfully crowdfunded back in 2016. The OG device made its way in to the hands of thousands of backers. While competent enough, some of-the-time reviews were tepid about the dock’s build quality. After a brief stint fawning over Intel’s innovative (now scrapped) Compute Cards, the team behind the portable device is back with an updated, refined and hugely improved model. Read more

Graphics: Libinput 1.13 RC2, NVIDIA and AMD

  • libinput 1.12.902
    The second RC for libinput 1.13 is now available.
    
    This is the last RC, expect the final within the next few days unless
    someone finds a particulaly egregious bug.
    
    One user-visible change: multitap (doubletap or more) now resets the timer
    on release as well. This should improve tripletap detection as well as any
    tripletap-and-drag and similar gestures.
    
    valgrind is no longer a required dependency to build with tests. It was only
    used in a specific test run anyway (meson test --setup=valgrind) and not
    part of the regular build.
    
    As usual, the git shortlog is below.
    
    Benjamin Poirier (1):
          evdev: Rename button up and down states to mirror each other
    
    Feldwor (1):
          Set TouchPad Pressure Range for Toshiba L855
    
    Paolo Giangrandi (1):
          touchpad: multitap state transitions use the same timing used for taps
    
    Peter Hutterer (3):
          tools: flake8 fixes, typo fixes and missing exception handling
          meson.build: make valgrind optional
          libinput 1.12.902
  • Libinput 1.13 RC2 Better Detects Triple Taps
    Peter Hutterer of Red Hat announced the release of libinput 1.13 Release Candidate 2 on Thursday as the newest test release for this input handling library used by both X.Org and Wayland Linux systems. Libinput 1.13 will be released in the days ahead as the latest six month update to this input library. But with the time that has passed, it's not all that exciting of a release as the Logitech high resolution scrolling support as well as Dell Totem input device support for the company's Canvas display was delayed to the next release cycle. But libinput 1.13 is bringing touch arbitration improvements for tablets, various new quirks, and other fixes and usability enhancements.
  • Open-Source NVIDIA PhysX 4.1 Released
    Software releases are aplenty for GDC week and NVIDIA's latest release is their newest post-4.0 PhysX SDK. NVIDIA released the open-source PhysX 4.0 SDK just before Christmas as part of the company re-approaching open-source for this widely used physics library. Now the latest available is PhysX 4.1 and the open-source code drop is out in tandem.
  • AMD have launched an update to their open source Radeon GPU Analyzer, better Vulkan support
    AMD are showing off a little here, with an update to the Radeon GPU Analyzer open source project and it sounds great.