Soliloquies

Odoo in a root-less container

The main workstation running Fedora 31 now, devoid of any trace of python2, I had to either spin up a virtual machine (which I happily did in the past using qemu and kvm [no libvirt or GNOME Boxes]) or get the hands dirty on containers this time to develop on Odoo [1] version 10 which depends on python2. Faced with the challenge^Wopprotunity, I started to learn to use containers.

Never tried to use docker, even though I am familiar with its technology and at times I wanted to try and have hands on experience on the technology. Fast forward, podman and buildah came along with the possibility to run root-less containers and they’re available in Fedora.

Steps

Install and setup podman, optionally buildah. Consult documentation at Red Hat developer blog [2] posts [3].

#Install
$ su -c "dnf install -y podman buildah
#Make sure your user is present in subuid and subgid
$ su -c "usermod --add-subuids 10000-75535 $(whoami); \
  usermod --add-subgids 10000-75535 $(whoami)"
#Logout and login back for the normal user to take effect.

Setup and run postgresql using podman. The documentation [4] on docker hub and at Red Hat [5] will help, also Dan Walsh’s post [6]. You’d want persistent storage for database and the application.

#Create a persistent storage location for DB
$ su -c "mkdir -p /var/container/pgsql10/data"
#Make sure to give ownership of the directory to 'postgres' user
#in _container_. In host system, id of 'postgres' user is '26',
#which maps to id '10025' in container. 
$ su -c "chown -R 10025:10025 !$"  # directory created in previous step
#As normal user
$ podman run -d --name pg10 -e POSTGRESQL_USER=odoo \
  -e POSTGRESQL_PASSWORD=odoopassword -e POSTGRESQL_ADMIN_PASSWORD=postgrespassword \
  -e POSTGRESQL_DATABASE=postgres -p 9432:5432 \
  -v /var/container/pgsql10/data:/var/lib/pgsql/data \
  -m=1g rhscl/postgresql-10-rhel7
#Check logs
$ podman logs -f pg10
#Connect the database and grant privileges to 'odoo' user
$ psql -U postgres -h 192.168.1.100 -p 9342 -d postgres
password:
postgres=#ALTER USER odoo WITH CREATEDB;

These steps demand some comments. To setup persistent storage for database, create a directory and give ownership of that directory to the user in container (refer [6] for details) . The user id for chown should be the mapped id of user within the container. For example, if the id of postgres user is 25 in host system and the id of same user in container will usually be 10025.

Next you can pull the postgresql docker image and run it. The environment variables using -e option are passed into the container. The -p option creates a port mapping between host and container. The -v option provides volume (persistent storage) mapping between host directory and container directory. The -m option provides memory restrictions required for postgres to auto-tune. If everything goes well, container named pg10 is created and run as daemon process. Check the status using podman ps -a or logs using podman logs -f pg10.

We are running postgresql as user odoo and this user should be able to create databases. Login to the database using super user postgres and the password specified in POSTGRESQL_ADMIN_PASSWORD, connecting to the IP address of host machine (localhost doesn’t work) on host port 9432. Then grant CREATEDB privilege to the odoo user.

Once postgresql is running successfully, let us create another container to run odoo. We also want odoo container to use the database server running in pg10 container, connected using same POSTGRESQL_USER user. There are couple of ways to connect to another container — one is using host port mapping and the other is using pod, see [7] for details. I chose the first option. Before running the container, create volume mapping for configuration and addons directories.

#Configuration
$ mkdir -p $HOME/odoo10_conf
$ cat > $HOME/odoo10_conf/odoo.conf << EOF 
[options]
; podman postgresql communication using port mapping
db_host = 192.168.1.100
db_port = 9432
db_user = odoo
db_password = odoopassword
addons_path = /mnt/extra-addons
data_dir = /var/lib/odoo
EOF
#Create and run odoo container
$ podman run -d -v $HOME/odoo10_conf:/etc/odoo \
  -v /opt/odoo/addons/odoo10:/mnt/extra-addons -p 9010:8069 \
  --name odoo10  odoo:10

We need to be able to control and pass the Odoo configuration from host system. Create a directory and place the configuration file in there and map it to /etc/odoo/odoo.conf in container. Similarly, you would do addons development in your host machine, so map the addons directory which is expected at /mnt/extra-addons by the container. The host port 9010 is mapped to container port 8069 used by Odoo.

That’s it.

Connect to Odoo by going to localhost:9010 and build your next application.

Oh — you can stop the container using podman stop pg10 and start using podman start odoo10 etc.

Update (15-Feb-2020)

What if you like to run both these containers in a pod to provide easier network access between them? This might be desired for various reasons, such as the IP address of the host machine changes and yet want to access the database from Odoo container without adjusting the IP of db_host.

The solution is to put both database and application (Odoo) containers in a single “pod”. A new pod can be created using podman pod create --infra -p hostport:containerport <podname> and while creating containers using podman run, pass the <podname> as podman run --pod <podname> .... It is important to specify all the ports you need to access from the host while creating this pod — it is not possible to add port mappings afterwards. Since I’d only need to access Odoo from the host, it would suffice to specify the port mapping -p 7069:8069. In short:

$ podman pod create --infra -p 7069:8069 --name odb
$ podman run -d --pod odb --name pg10 -e ...
$ # Make following changes to odoo.conf file
# db_host = localhost
# db_port = 5432
$ podman run -d --pod odb --name odoo10 ...

References

Odoo, https://odoo.com/
Red Hat developer blog, Introduction to podman, https://developers.redhat.com/blog/2018/08/29/intro-to-podman/
Red Hat developer blog, Podman and buildah for docker users, https://developers.redhat.com/blog/2019/02/21/podman-and-buildah-for-docker-users/
Docker hub, PosgreSQL 10 on CentOS 7, https://hub.docker.com/r/centos/postgresql-10-centos7
Red Hat documentation, Software collections docker images — PostgreSQL, https://access.redhat.com/documentation/en-us/red_hat_software_collections/3/html/using_red_hat_software_collections_container_images/database-images#postgresql
Dan Walsh, Does root-less podman make sense? https://www.redhat.com/sysadmin/rootless-podman-makes-sense
Red Hat, Configuring container networking with podman, https://www.redhat.com/sysadmin/container-networking-podman

Public statement by Rachana Institute of Typography on the copyright/credit issue of SMC and RIT fonts

About us

We — KH Hussain, CV Radhakrishnan, PK Ashok Kumar and KV Rajeesh — are the copyright holders of TN Joy font. Many of us have worked on free/libre/open source software for years in our spare time and contributed code, design, fonts, documentation, localization and financial support to various free software projects. Our contributions can be found easily on the Web and elsewhere.

A copyright/‘credit’ issue

Immediately after the font ‘TN Joy’ was released to public by Rachana Institute of Typography (RIT), on 2-Oct-2019, Santhosh Thottingal raised a question in a forum with enough number of participants to qualify as a public discussion:

@rajeeshknambiar there are lot (sic) of contributions from me, Kavya in the build scripts, tests, and feature files in https://gitlab.com/rit-fonts/tnjoy/ Consider giving credit.

On 14-Oct-2019, Santhosh followed up again.

@rajeeshknambiar did not reply to my request for giving credits in their font.

and

Ask hussain sir to give credits for font testing and building framework. Crediting anivar alone is not enough.”

To which Rajeesh responded on 19-Oct-2019, to discuss with all the copyright holders of TN Joy about the issue:

“Noted. I will try to take it up for discussion and let you know.

On 29-Oct-2019, Santhosh again followed up:

അങ്ങനെ എഴുതുകയും ചെയ്യുകയും ചെയ്ത ഫോണ്ടിന്റെ കാര്യങ്ങൾക്ക് ക്രെഡിറ്റ് കിട്ടിയില്ലെന്നാണ് പറയുന്നത് അനിവർ:) sundar, and janayugam fonts. ഇതിൽ രാജാജിയുടെ ഹെൽപ്പൊന്നും വേണ്ട. even @rajeeshknambiar can just fix it

Analysis

During the first week of Nov-2019 for the summit organized by Kerala Media Academy, all the copyright holders of TN Joy font met and discussed the issue raised by Santhosh.

As free software developers and users, it was not our intention to violate copyright or appropriate credit of another free software developer’s work at all. Not only in intention, but we strived to achieve that in all our projects by acts. So, this accusation came as a surprise to us and we decided to take a deeper look at how this issue originated and what the root cause is, to address it properly.

We did a detailed analysis and documented the following details.

Technical background

A Malayalam Unicode font has two essential parts — the Glyphs (അക്ഷരരൂപങ്ങൾ) and the OpenType shaping lookup rules. Unlike Latin fonts, both of these are necessary for proper shaping. The final TTF/OTF/WOFF2 contains both Glyphs and OpenType shaping rules to make a Malayalam Unicode font usable software. Without either, such a software is not usable.

Figure 1: Malayalam text without shaping (left) and with correct shaping (right).

The Malayalam opentype features (GSUB and GPOS ‘lookup rules’) used in font ‘TN Joy’ developed by Rachana Institute of Typography (RIT) are adapted from that of font ‘Sundar’ which in turn are adapted from feature file of ‘Rachana’.
To develop the feature file of Rachana over the years, many have contributed including the original author Hussain KH , Suresh P, Santhosh Thottingal, Rajeesh KV, Kavya Manohar et al. [1].
Hussain KH invented and implemented the glyph naming conventions (‘k1’ for ‘ ക’, ‘xx’ for ‘ ്’ etc. instead of names like ‘uni0D15’ etc.), which made font featuring highly comprehensible for programming and much easier to maintain. This naming scheme is followed by all fonts maintained by Swathanthra Malayalam Computing (SMC) and RIT. This was also the naming scheme in fonts developed by ATPS and when it was pointed out that those fonts were derived from SMC’s, the immediate change made was renaming the glyphs and lookup rules [2, 3, 4].
Rajeesh is the original author of lookup rules of SMC’s fonts for revised ‘mlm2’ OpenType specification for Malayalam, and made it possible to support both ‘mlym’ and ‘mlm2’ specification in a single font. This resulted in making a single font work well with Windows XP, Pango/Qt4 era applications and Uniscribe, HarfBuzz era applications [5].
In 2015, Santhosh split the comprehensive lookup rules from the Fontforge SFD file of Rachana into a separate feature file, but the copyright statements were not preserved [6]. It is our opinion that removing copyright statements is violation of copyright act (hence a crime) and immoral in the free software world. This is also the root cause for missing copyright in the OpenType lookup rules and build script, of the fonts in question.
The same lookup rules in 2, 4 and 5 are used and adapted by subsequent fonts developed by SMC and RIT, such as Chilanka, Manjari, Sundar, Gayathri, TN Joy etc. Rajeesh did not claim for credit or copyright when Manjari or Gayathri was released.

RIT’s statement

With this background,

Fonts developed, maintained and distributed by both SMC and RIT, specifically its OpenType lookup rules + fontforge based build tool + test cases are at the heart of this issue. This is caused by the change introduced by Santhosh in [6].
The copyright holders of TN Joy font were made aware of such ‘credit’ issue — the definition of which Santhosh has not clarified and in RIT’s understanding is sufficient and limited to ‘copyright’. Thanks for bringing light into such a potential legal and moral risk that affects the users and organizations using these fonts.
RIT would like to acknowledge the copyright of Santhosh Thottingal and Kavya Manohar for the development of ‘Sundar’ and ‘TN Joy’ in the areas of lookup rules, the ‘build script’ and comprehensive ‘test file’. RIT is willing to add the missing copyright notice to these files;

and RIT asked Santhosh to consider:

Preserve the copyright of the original authors of the ‘lookup rules’ and Naming convention (notation for Glyphs) in all these fonts. The copyright and license statement should read:

“Copyright: Digitized data copyright (c) 2004–2005 Rachana Akshara Vedi (Chitrajakumar R, Hussain KH, Gangadharan N, Vijayakumaran Nair, Subash Kuraiakose), (c) 2006–2016 Hussain KH, Suresh P, Santhosh Thottingal, Rajeesh K Nambiar, Swathanthra Malayalam Computing (http://smc.org.in). This file is licensed under OFL 1.1.”

The Fontforge based ‘build script’ added by Santhosh used to generate TTF/OTF/WOFF/WOFF2 files is adapted from that of Amiri font by Khaled Hosny [7] without preserving copyright or attribution. RIT requests to credit the original author[s] of this tool. It is of our opinion that removing copyright statements from a free software program code is illegal and immoral. It is also hypocritical when a person who asserts one’s own credit does this crime to other well-known and respected free software developer[s].
Test cases in the ‘test file’ are contributed by various contributors, RIT request to add the attribution of such contributors to the extent possible (Kavya Manohar, Santhosh Thottingal, Rajeesh KV). Santhosh has responded to this request as “test cases were mainly prepared by Kavya and no need to have attribution”, but RIT firmly believes the copyright statements of the contributors must be added.
The original author of ‘mlym.sty’ file [8] to typeset Unicode Malayalam using XeTeX is Suresh P, which was enhanced by Rajeesh KV with inputs from Hussain KH. Due to frequent requests on how to typeset Malayalam using Unicode, in 2013 Rajeesh wrote a wiki page [9] with basic details, which was later extended by other developers with instructions to install and setup XeTeX packages. This wiki article was later extended by Santhosh by adding matter from Wikipedia. This article was then copied and published in Santhosh’s blog [10] without attributing the authors, and [10] is frequently provided by Santhosh as the first response to general public asking for documentation on how to typeset Malayalam using XeTeX. It is shockingly hypocritical that plagiarism is practised by a well known free software developer who asserts one’s own credit without any respect to others copyright or credit. RIT would like Santhosh to either: (a) redact [10] and redirect to [9] instead, or (b) credit the original authors in [10].

RIT stopped the analysis and investigation of Santhosh’s claim at this point, as we have identified the root cause of missing copyrights and these are the important topics directly affecting RIT developers.

Conclusion

RIT tried to resolve the issue in private discussion with Santhosh Thottingal but unfortunately it did not succeed. Santhosh has not agreed to reinstate the copyright statement of original authors. Santhosh did not respond to many of the pointed questions we raised and deflected on answering others. Santhosh also refused to clarify what he means by ‘credit’ despite repeated pointed questions. Santhosh withdrew his claim for credit in one of the emails; and it is possible that he could change the mind any time and the issue could resurface. This surrounds the fonts by SMC and RIT in Fear, Uncertainty and Doubt (which the corporate proprietary companies successfully used against free software for years) and put all the individual users and organizations and developers using these fonts under legal risk and moral ambiguity.

Thus,

RIT has added proper copyright statements to all the software used in building its fonts, viz. ‘Sundar’ and ‘ TN Joy’ [11,12].
RIT believes that our primary responsibility is towards the individual and institutional users of our fonts and developers depending on our tools; and they should be able to use our fonts and tools without any legal risk or moral ambiguity. RIT, to the best of its knowledge, has fulfilled that responsibility and strive to do so.
RIT also understands that as with any issue in the free software world, the community would be divided, and it is a painful thing. RIT request the community to carefully consider all the facts before making a choice.

This will be the final public statement of RIT on the copyright issue raised by Santhosh Thottingal.

Signed

KH Hussain
CV Radhakrishnan
PK Ashok Kumar
KV Rajeesh

References

Rachana font commit history, URL https://gitlab.com/smc/…
Kathir font licensing issue (1), 2014, URL http://lists.smc.org.in/…
Kathir font licensing issue (2), 2014, URL http://lists.smc.org.in/…
ATPS fonts licensing issue, 2015, URL https://groups.google.com/…
Introducing and integrating ‘mlm2’ OpenType shaping rules, 2013, URL https://gitlab.com/smc/…
Split Glyphs and OpenType shaping rules, 2015, URL https://gitlab.com/smc/…
Amiri font build tool, URL https://github.com/alif-type/…
XeTEX Malayalam style file for ‘Logbook of an Observer’, 2012, URL https://github.com/smc/…
Typesetting Malayalam using XeTEX, SMC Wiki page history, 2013, URL https://wiki.smc.org.in/…
2014, https://thottingal.in/blog/…
Sundar font, reinstate copyright and license statements, 2019, URL https://gitlab.com/rit-fonts/…
TN Joy font, reinstate copyright and license statements, 2019, URL https://gitlab.com/rit-fonts/…

Profile of the signatories

KH Hussain
Library and information scientist by training and profession, font designer and developer of several fonts including, Rachana, Meera, Meera Inimai, TN Joy, RSugathan, Janayugom, Keraleeyam, Uroob, etc., free software activist, released all fonts under Open Font License. Played an important role in the migration of Janayugom daily to free software based production technologies.
CV Radhakrishnan
Free software activist and TeX programmer, one of the founders of the Free Software Foundation of India and Indian TeX Users Group. Organized two annual meetings of the TeX Users Group in Trivandrum in 2002 and 2011. Wrote several packages (libraries) in LaTeX and released under free license (LPPL) at Comprehensive TeX Archive Network (CTAN).
PK Ashok Kumar
Typesetter by profession and training, has four decades of extensive experience in typesetting right from the age of metal typefaces through digitized typesetting including TeX and LaTeX. Free content activist and principal tester for fonts developed by RIT, played a major role in the migration of production of Janayugom daily using free software.
KV Rajeesh
Free software developer and user. Fedora project developer since 2008 and KDE developer since 2011. Font maintainer and language computing contributor to Swathanthra Malayalam Computing since 2008. Member of Indic testing team for HarfBuzz. Google Summer of Code mentor. Contributes to various free software projects including Qt, GNOME, VLC, Odoo, Fontforge, SILE, ConTeXt, Okular, etc.

On data encoding and complex text shaping

As part of the historical move of Janayugom news paper migrating into a completely libre software based workflow, Kerala Media Academy organized a summit on self-reliant publishing on 31-Oct-2019. I was invited to speak about Malayalam Unicode fonts.

The summit was inaugurated by Fahad Al-Saidi of the Scribus fame, who was instrumental in implementing complex text layout (CTL). Prior to the talks, I got to meet the team who made it possible to switch Janayogom’s entire publishing process on to free software platform — Kubuntu based ThengOS, Scribus for page layout, Inkspace for vector graphics, GIMP for raster graphics, CMYK color profiling for print, new Malayalam Unicode fonts with traditional orthography etc. It was impressive to see that entire production fleet was transformed, team was trained and the news paper is printed every day without delay.

I also met Fahad later and pleasantly surprised to realize that he already knows me from open source contributions. We had a productive discussion about Scribus.

My talk was on data encoding and text shaping in Unicode Malayalam. The publishing industry in Malayalam is at large still trapped in ASCII which causes numerous issues now, and many are still not aware of Unicode and its advantages. I tried to address that in my presentation with examples — so the preface of my talk filled half of the session; while the second half focused on font shaping. Many in the industry seems to be aware of Unicode and traditional Malayalam orthography can be used in computers now; but many in the academia still has not realized it — evident from the talk of the moderator of the discussion, who is director of the school of Indian languages. There was a lively discussion with the audience in the Q&A session. After the talk, a number of people gave me feedback and requested the slides be made available.

Slides on data encoding and complex text shaping are available under CC-BY-NC license here.