Open Source Development
Identity information for Web applications on Windows platform
In the Web application authentication setup described at http://www.freeipa.org/page/Web_App_Authentication, the authentication and retrieval of additional user attributes including group membership is done via Apache modules that provide the information about the authenticated user to the application via environment variables or similar mechanism. Specifically, mod_lookup_identity which currently uses D-Bus interface to sssd is able to populated fields like REMOTE_USER_EMAIL or REMOTE_USER_GROUPS. We are looking for similar solution on the Windows platform.
We are working on creating new “free/open-source” dictionary of Czech language. We plan to use this resource in various applications including Firefox, LibreOffice, ElasticSearch and NLP tools.
ResultCloud is a web tool for management of long-term testing results, and showing it in human readable form. ResultCloud written in PHP and AngularJS, for design purposes it use Materialize CSS framework. System based on plugins, there are already three plugins for different types of testing results: SystemTap, GLibc and CPAlien.
Wireshark Netlink Dissector
Requirements: C Wireshark is a great tool for decoding and displaying sniffed network traffic. Netlink is a protocol used to configure Linux networking. While Wireshark has a rudimentary support for decoding of the Netlink messages, it understands only a small part of the configuration data. We’re looking for an individual or a team who would enhance it. The nice thing about this project is that every bit counts! We’re not looking for a complete coverage.
Stock portfolio manager
Add support for external authentication to web project
On http://www.freeipa.org/page/Web_App_Authentication there’s a description of authentication of web application using Apache httpd modules which can be used to authenticate against FreeIPA. Find open-source web-based project which does not support this form of external authentication and prepare patch and documentation of Apache and application configuration to support it. Máte zájem o tento projekt? Pište na firstname.lastname@example.org.
Automatic Bug Reporting Tool [ABRT]
ABRT integrates into an operating system, and run-times to detected bugs collects information useful for finding bug causes, allows users to file reports about the problems in several systems. ABRT was originally developed as a support tool but its focus has changed since then, and we need to improve the user experience for developers and testers.
Fedora Analysis Framework [FAF]
FAF (Fedora Analysis Framework) is a server collecting tens of thousands of ABRT crash reports per day and provides fast detection of duplicate problems, statistics, and clustering functionality. Currently, FAF is good in automatic processing of received reports but lacks added value for developers, maintainers, and testers. We are seeking for someone who can code in Python, has at least basic experience with Fedora and git. Topics with which we need help include: Reducing size of used space Retracing in FAF Clustering algorithms Automatic external bugs assigning Allow maintainer to provide solutions FAF Fedora instance: http://retrace.fedoraproject.org/faf Github repository: https://github.com/abrt/faf
TLS/SSL Interoperability Across Systems
Assuring compatibility and quality of security protocol’s implemetations is a very hard task. Considering the ubiquity of Transport Layer Security (TLS), it gets even harder. We started an open source project  with initial contribution of Red Hat interoperability tests to improve upstream testing efforts, mainly focused on OpenSSL, NSS and GnuTLS projects.
Broken DNS Proxy – Let’s break DNS
There are many old or misconfigured DNS servers deployed and used on the Internet. Such servers are causing problems that are often weird and hard to debug. This is especially problematic when DNSSEC is used. There is an IETF draft for RFC, discussing variety of possible problems a DNS client or server can face in real world. However there is currently no tool capable of simulating various possible problems. This makes it hard or even impossible to test the DNS implementation ability to cope with such problems. Are you prepared to break some DNS? If yes, come to work on […]
Hey, computer, what color is this?
We miss an application for (not only) color-blind and blind users that should identify colors (in human language, not hexa code) from given bitmap source (scanner, web cam, file, part of screen).
WSN in IoT
The goal of the project is aimed to create fully functional WSN implementation for single board computers (SBC) like RasperryPi. WSN (wireless sensor network) is a network using Wireless standards like WiFi where all active elements act as control points of the network. This means the nodes in network just needs to see other nodes and this allows to create communication layer between devices without creating any special infrastructure.
USBGuard — research, development and integration
The goal of the USBGuard project is to create a set of tools for enforcing USB device usage policies, i.e. fine grained control over which USB devices are allowed to interact with the system and how. There are 3 main areas where you can contribute: Research – Analyze known or potential attack vectors and propose new defenses. Development – Work on proposed features, documentation, art work, etc. Integration – Integrate with other projects like Cockpit, FreeIPA, Desktop environments, etc. Project site: https://dkopecek.github.io/usbguard/ Github repository: https://github.com/dkopecek/usbguard Issue/Feature tracker: https://github.com/dkopecek/usbguard/issues Main contact: Daniel Kopeček <email@example.com>
The Linux Kernel Matters
Any Linux kernel related development project is welcome! The particular example of the project is optimization of tasklist_lock for better scalability. Currently this is single global lock which could be replaced by either less grained locks, RCU mechanism or (ideally) some lock free solution.
Together with Adaptive Learning Group at FI MUNI, we are working on creating a new e-learning site for teaching programming. It is based on adaptive learning techniques, so users are solving adequate tasks.
PerfCake – A Lightweight Performance Testing Framework
You would be expected to commit whatever code you like to PerfCake. You can see actual issues at GitHub to get an idea what is going on. You can also follow us on Twitter or visit the project homepage at www.perfcake.org. Your main contact person is Martin Večeřa (firstname.lastname@example.org). PerfCake is a lightweight performance testing tool and a load generator with the aim to be minimalistic, easy to use, provide stable results, have minimum influence on the measured system, be platform independent, use component design, allow high throughput. Just give it a try and soon you’ll be lovin’ it!
New Platforms for Bulldog Library
Bulldog  is java library for controlling of Low-level peripherals. This allows developers to control low levels like GPIO in pure Java. The motto of library is “write once, deploy anywere”. Therefore the aim of bulldog is to create platform agnostic library which hides platform dependencies from user and works out of the box.
Multi-factor authentication in web applications using PAM
Study Pluggable Authentication Modules, focus on multi-factor authentication setups, configure multi-factor authentication for some common service (sshd). Study HTTP, focus on its state-less nature. Investigate the possibility of using full PAM stack in web applications, including multi-step conversations. Develop a solution which would allow the use of the PAM conversation over the web. Create prototype web application/setup to demonstrate the use of the solution using FreeOTP. Máte zájem o tento projekt? Pište na email@example.com.
Jenkins Plugins Improving Test Automation
BaseOS Quality Engineering Security team seeks a junior Java developer to improve open source continuous integration tools. You’ll create Jenkins plugins specially suited for advanced testing scenarios. Do you know basics of Java, HTML and CSS? Do you want to help develop open source tools? Or maybe you even have some experience with Jenkins? Then you are perfect for this project!
Infinispan is a caching and data grid solution — it means that there can be thousands of servers connected into one cluster. Infinispan uses JGroups protocol for internal communication between servers. It is very hard to spot bugs and other network related problems in huge text logs (Terabytes of plain text). Therefore, our intention is to provide new tool that can be used by users and developers! for spotting issues and regressions immediately while operating and testing with Infinispan cluster. The objectives of this project are to: Provide graphical representation of network communication between Infinispan nodes (but not only Infinispan […]
Fedora Gooey Karma
Good news – Fedora Gooey Karma is having new release soon! I would like to thank to Branislav Blaškovič for one more time, he helped me a lot and his recommendations were really useful. This is my last report for this project.
Easy Conference Video Production
Meetups and low-budget conferences are popping up everywhere. These events are usually organized by volunteers, and held in informal places like cafés, clubs and pubs. Such events frequently host interesting talks. But, recording these talks and preparing good-quality videos from them is not easy. Your mission is to take a screen recording (from a common screen-recording program), a video of the speaker (from a camera), and a SVG image describing the overall look, and mix everything into a synchronized, nice-looking video. The result should be a script that allows creating many similar videos with as little set-up as possible. The […]
Design and Implementation of Yum and DNF Test Suite
BaseOS Quality Engineering Security team is looking for a student interested in software management area.
Dependent identity lifecycle management
When external authentication and identity providers are used, applications store the provisioned user identity upon the first successful authentication of the user. Applications can update the user identity attributes upon every logon of the user. However, when users do not log in often, attributes of said user identity or indeed its whole validity and existence can grow stale over the time. The goal of the work is to devise approach of keeping the cached identities in sync with the master and implement it for typical scenarios. Máte zájem o tento projekt? Pište na firstname.lastname@example.org.
Automating Enterprise Deployment Scenarios with LDAP, Kerberos and Related Technologies
BaseOS Quality Engineering Security team is looking for a student with an interest in Authentication, Authorization, and Accounting (AAA) Identity management. You are going to get familiar with technologies like LDAP, Kerberos, RADIUS, sudo, pam, etc., and use cases integrating these technologies with enterprise deployments. You will work closely with a senior engineer on automating functional scenarios and improving the quality of the existing ones.