Squad Sprint 95

[imobachgs]

Squad Sprint 95

• This is just a draft for collecting the text for the team blog.
• Whenever you finish something worth mentioning on the blog just add a new entry
• The text will be reviewed and polished before publishing, this is just to collect the input from the developers.

Thank you for your contribution!

To find your cards, look in the "Done [95]" or "To Review [95]" lists here https://trello.com/b/jq6non16/

[jreidinger]

Usability Improvements in Iscsi-lio-server Module

It was reported via bugzilla https://bugzilla.suse.com/show_bug.cgi?id=1127505 that there are several usability issues in yast2-iscsi-lio-server. At first it is truncated text that is caused by fixed amount if spacing around both sides. There are also not ideally picked UI elements as idea is basically that there are authentication enabled or disabled and if enabled then it need username and password for both initiator and target. So UI was changed to more reflect it. Also it was reported that values at global tab is not remembered after tab is changed. This was caused by storing initial values and not current ones. And last but not least during testing changes it was revealed that module crash if Edit button is pressed when there is empty table, so it was also fixed.

But enough words and lets see screenshots in qt and ncurses.

At first old state:

And now how it looks after change:

[ancorgs]

Expanding the Possibilities of Pervasive Encryption

Some months ago, in this dedicated blog post, we introduced the joys and benefits of the so-called pervasive encryption available for s390 mainframes equipped with a Crypto Express cryptographic coprocessor. As you may remember (and you can always revisit the post if you don't), those dedicated pieces of hardware ensure the information at-rest in any storage device can only be read in the very same system where that information was encrypted.

But, what is better than a cryptographic coprocessor? Several cryptographic coprocessors! An s390 logical partition (LPAR) can can have access to multiple crypto express adapters, and every adapter can be shared by several systems. To configure all that, the concept of cryptographic domains is used. Each domain is protected by a master key, thus preventing access across domains and effectively separating the contained keys.

Now YaST detects when it's being used to encrypt a device in a system with several cryptographic domains. If that's the case, the dialog for pervasive encryption allows to specify which adapters and domains must be used to generate the new secure key.

In order to succeed, all the used adapters/domains must be set with the same master key. If that's not the case, YaST will detect the circumstance and display the corresponding information.

[ancorgs]

Install Missing Packages during Storage System Analysis

As our reader surely know, YaST always ensures the presence of all the needed utilities when performing any operation in the storage devices, like formatting and/or encrypting them. If some necessary tool is missing in the system, YaST has always shown the following dialog to alert the user and to allow to install the missing packages with a single click.

But the presence of those tools was only checked at the end of the process, when YaST needed them to modify the devices. For example, in the screenshot above, YaST asked for btrfsprogs & friends because it wanted to format a new partition with that file system.

If the needed utility was already missing during the initial phase in which the storage devices are analyzed, the user had no chance to install the corresponding package. For example, if an USB stick formatted with Btrfs would have been inserted, the user would get an error like this when executing the YaST Partitioner or when opening the corresponding YaST module to configure the bootloader.

Now that intimidating error is replaced by this new pop-up that allows to install the missing packages and restart the hardware probing. As usual with YaST, expert users can ignore the warning and continue the process if they understand the consequences outlined in the new pop-up window.

We took the opportunity to fix other small details in the area, like a better reporting when the YaST Partitioner fails to install some package, a more up-to-date list of possibly relevant packages per technology and improvements in the source code organization and the automated tests.