Other LWN stuff:
 Daily Updates
 Calendar
 Linux Stocks Page
 Book reviews
 Penguin Gallery

 Archives/search
 Use LWN headlines
 Advertise here
 Donate to LWN
 LWN Supporters
 Contact us

Recent features:
- RMS Interview
- 2001 Timeline
- O'Reilly Open Source Conference
- OLS 2001
- Gaėl Duval
- Kernel Summit
- Singapore Linux Conference
- djbdns

Here is the permanent site for this page.

See also: last week's LWN.

Leading items and editorials

This specification seeks to create a set of standard interfaces for embedded Linux systems. It will be heavily based on existing standards, including POSIX, the Single Unix Specification, and the Linux Standard Base. The plan is to have the specification ready for public release in "a few months," with a test suite and certification program available within a year. The announcement talks of outsourcing the test suite development to either the Free Standards Group or The Open Group. Future additions will even include a graphical user interface specification.

The purpose, of course, is to better position embedded Linux to compete against the other contenders in the field: Windows CE, VxWorks, and even PalmOS. The embedded Linux industry senses victory: using Linux in embedded systems just makes too much sense to ignore. Source availability, good small-system performance, and no royalties make a compelling combination; even in the current economic climate, the embedded Linux firms are seeing a lot of interest. The Unified Embedded Linux Specification is intended to help ensure that Linux will dominate the embedded marketplace.

And there may be a real need for this specification. There are many contenders in this market (CoolLogic, Lineo, LynuxWorks, Montavista, Red Hat, REDSonic, TimeSys, Transmeta, Transvirtual, and many others), each of which is trying to distinguish its products from the others. In many cases, their strategies include the incorporation of proprietary software products. Embedded Linux products could easily diverge from each other to the point that they truly are different systems, and that is unlikely to be good for the market as a whole. If the specification is successful, this fragmentation may be avoided, and domination of the (embedded) world will be that much easier.

The end of free beer? Libranet Linux surprised a number of people a couple of weeks ago with its new download policy. Those wanting an ISO image of Libranet 1.8.2 can download it for free as always. If, however, you want version 1.9.0, you'll have to pay $15 first. Free downloads for this (Debian-based) distribution are now a thing of the past.

Meanwhile, there has been some grumbling about the fact that there is no installable SuSE 7.1 ISO image available. SuSE has chosen not to release the CD image, and the licensing of its YAST tool makes it difficult for others to do so. Note that the distribution is available on the net, and FTP installs are possible - but you can't make a CD.

What is going on here is reasonably obvious. Bandwidth can be expensive; as more people get broadband connections that make it possible to think about downloading CD images, the bandwidth required to provide those images skyrockets. Distributors also can't help but feel that CD image downloads will, to some extent, result in reduced sales. And distributors, in the end, need to make money, somehow.

Thus, we are starting to see some attempts at controlling ISO image downloads. An immediate question that comes to mind, of course, is whether users will accept having to pay for ISO image downloads. So we asked Libranet's Jon Danzig how things were going:

During the time we were on Slashdot we had the paying download going non stop. It's slowed down a bit now, but this is in my opinion caused by the lack of ongoing publicity rather than any negative reactions. People really like the idea that they can get the latest ISO [image] within a few hours rather than having to wait for the CD. The $15 price doesn't seem to cause anyone a problem.

In the short term, at least, it appears that payment for downloads might just fly.

Another question we have seen raised is whether this sort of charge is allowed by the GPL. That one is easy: the GPL does not require that anybody distribute software for free. There will be no licensing problem with a charge for downloading. If, however, a company attempts to restrict further redistribution of the downloaded software, that would be a different story.

If free downloads do get harder to come by, we will essentially be going back to the past. Five years ago, there was little interest in downloading an entire distribution - few people had that kind of patience. People who wanted Linux bought a CD, either from the distributor or from a retailer selling cheaper copies. It may turn out that the free download was a late 1990's anomaly, and not the way it works in the long run.

SourceXchange shuts down. In the battle for corporate funding of open source software, many models have been created. One of the first, and most obvious, was the matching of qualified developers with companies who had specific needs. At least two projects were started in 1999 to address this market: CoSource and SourceXchange. While the fate of CoSource is currently unknown, SourceXchange, which was originally started as a joint project between technical book publisher O'Reilly and Hewlett-Packard, has finally decided to call it a day.

In a story first seen on C|Net's News.com, Collab.net's CTO and Co-Founder Brian Behlendorf talked about the demise of SourceXchange. "While a unique idea, and one that we feel really adhered more closely to the open-source ideal than any other work-for-hire site ever did, it simply did not achieve the volume of business necessary to maintain the site and evolve the offering to meet the needs of sponsors and developers".

Behlendorf, whose Collab.net company was the parent of SourceXchange, noted in an email message that the site had been quiet for some time. "After an initial spurt of interest, and a couple of successfully completed projects, we found that the overhead of being the broker and having to manually assist developers and sponsors had a higher cost than what we were getting in return."

Behlendorf also said that he felt most companies were becoming comfortable using in-house developers for open source projects and that the market for outsourcing development just never materialized. "I thought by and large the sponsors and developers had an honest interest in seeing this model work, as did we," said the project's CTO, "and I was happy with the code that was produced through the service. We just didn't get critical mass, even to support a small business such as ours."

While SourceXchange is set to wrap things up, it's main competitor seems to be in a bit of limbo. CoSource, formed by a company called Veriteam, which later became VistaSource when bought by Applix who in turn recently sold it to Parallax, has posted no news on their Web site since October 2000 even though project requests and status updates are still being posted through the first week of April 2001. Unfortunately, the fate of this venture has not been mentioned in corporate responses to the demise of Applix's desktop products after the sale of VistaSource to Parallax.

The folks at CollabNet are not closing their doors completely, however, and will now be working full-time on their collaborative development platform known as SourceCast. Behlendorf also stated that the code for managing development projects under SourceXchange will be made available to interested parties, though as this time Collab.net doesn't currently have it packaged in a distributable format. Interested parties should contact Brian Behlendorf at brian@collab.net.

Inside this week's Linux Weekly News:

• Security: Adore's kernel module and a way to protect against loadable kernel modules, ntp and Netscape vulnerabilities.
• Kernel: Nailing down the 2.4 bugs; no more jiffies?; CML2 1.0.
• Distributions: Fried Chicken Linux, DSPLinux and CDLinux join the list. News from Red Hat, Debian, Slackware, Linux-Mandrake and more.
• On the Desktop: Bonobo comes out, GUADEC ends, and KDE goes in (embedded, that is).
• Development: Apache 2.0, Kdevelop, Scientific Python, Two New Perls, O-O History.
• Commerce: Embedded Systems have a Hot Time in San Francisco.
• History: Three years ago Eric S. Raymond released Homesteading the Noosphere; two years ago, the Mindcraft study.
• Letters: Auto upgrades; kernel summit; Wind River and the GPL.

This Week's LWN was brought to you by:

• Jonathan Corbet, Executive Editor
• Elizabeth O. Coolbaugh, Managing Editor
• Michael J. Hammel, Senior Editor

See also: last week's Security page.

Security

News and Editorials

Adore those kernel modules. It seems highly likely the name of the Adore worm was chosen partially because it provides opportunity for so many humorous headlines and off-hand comments. However, there are a couple of points about the Adore worm that did not come to light before we published last week. The most important point is that the Adore worm, unlike the Ramen and Lion worms of which it was considered to be a variant, is the first worm to use a loadable Linux kernel module to hide its tracks.

We've been discussing the security impact of loadable kernel modules for some time. For example, in June of 2000, when a loadable kernel module (capcheck) was released in order to close a security vulnerability in the kernel (the 2.2 capability bug). This fix demonstrated the scope of loadable kernel modules, making it pretty much inevitable that rootkits such as Knark and now the Adore worm would make use of them on behalf of attackers.

Further back than that, though, we also discussed how the ability to load kernel modules could be disabled on a running system, by removing CAP_SYS_MODULE from the capability bounding set (see the December 2nd, 1999 Kernel Page) for instructions and caveats). Although root has the ability to remove capabilities, only init has the ability to add them. This means that loadable kernel modules can be used initially, when your system is booted, but then they can be disabled, preventing root kits like Knark and worms like Adore from using loadable kernel modules to cover their tracks.

This was considered something that only the most security-conscious sites would be interested in back in 1999. Nowadays, it is a configuration option that may want to be seriously considered by Linux distributors, particularly those that are marketing themselves as secure by default.

Cybercrime Treaty. A commentary on the International Treaty on Cybercrime from a lawyer's perspective marvels at the lack of attention paid to this bill, which could have enormous implications in terms of requiring law enforcement agencies, phone companies, ISPs and more to comply with evidence orders from nations all around the world. "One moment, an Internet provider might be turning over all Bulgarian folk songs on its system to an investigator. The next moment, it might be searching for e-mail traffic between customers in Latvia and the Ukraine".

Federal Computer Incident Response Center contracts out. The Federal Computer Incident Response Center is currently supported by a contract with CERT. According to this report, that will soon change. Day-to-day operations will, instead, be performed by Science Applications International Corp. (SAIC) and its partner Global Integrity Information Security. "The two companies proved their effectiveness during the 'ILOVEYOU' e-mail virus from the Philippines in May 2000. They were able to inform their customer, the Financial Services Information Sharing and Analysis Center, about the virus and how to counteract it hours before even the Defense Department could spread the word to the United States".

PGP Security's NAI Labs Partner With NSA. NAI Labs, a division of PGP Security, announced they are joining with the National Security Agency (NSA) and its other partners to further develop the NSA's Security-Enhanced Linux (SELinux) prototype. The $1.2 million deal will be paid over the life of the two-year contract, and the work will focus on research and development to improve the security of open-source operating system platforms

Security Reports

ntp remotely exploitable static buffer overflow. An exploit for a static buffer overflow in the Network Time Protocol (ntp) was published on April 4th. This exploit can allow a remote attacker to crash the ntp daemon and possibly execute arbitrary commands on the host. Patches and new packages to fix this problem came out quickly. It is recommended that you upgrade your ntp package immediately. If you cannot, disabling the service until you can is a good idea. For more details and links to related posts, check BugTraq ID 2540.

This week's updates:

• Caldera
• Conectiva
• Debian
• Debian, original patch to ntp introduced a potential denial-of-service problem, fixed in new updates to ntp.
• Engarde
• Immunix
• Linux-Mandrake
• NetBSD
• Progeny
• Red Hat
• Slackware
• SuSE
• Trustix

Netscape 4.76 GIF comment vulnerability. Florian Wesch discovered that Netscape 4.76 would display the comment attached to a GIF file, but does not filter the displayed comment in any manner, allowing embedded javascript in a comment to be directly executed. This is apparently fixed as of Netscape 4.77, which is available for download from ftp.netscape.com.

• Red Hat

IP Filter fragment caching vulnerability. IP Filter is a TCP/IP packet filter used in FreeBSD, NetBSD and OpenBSD. Darren Reed reported a serious vulnerability in IPFilter in which fragment caching can be used to pass through any packet, essentially destroying the function of the firewall. When matching fragments, only the source IP address, destination IP address and IP identification number are checked before the fragment cache is used. This is done before any rules are checked.

IP Filter 3.4.17 has been released with a fix for the problem. Check BugTraq ID 2545 for additional details.

Multiple FTP daemon globbing vulnerability. The FTP daemons used on BSD (and other Unix) systems have been reported vulnerable to multiple buffer overflows in glob() function. Check the related CERT advisory for more details.

• NetBSD

web scripts. The following web scripts were reported to contain vulnerabilities:

• talkback.cgi, a cgi script from Way to the Web, is reported to contain a file disclosure vulnerability that can be used to view any file on the host. An updated version of the script has been released.

• The perl script nph-maillist.pl, part of a web-based email list generator, does not filter input sufficiently and can be used to execute arbitrary commands. An exploit has been published; no vendor response so far. BugTraq ID 2563.

• Ultimate Bulletin Board (UBB) Version 5.47e, an older and currently supported version of UBB, has been reported to be vulnerable to a password bypass vulnerability in its forum. This can allow an attacker to gain access to any message on the forum, regardless of membership privilege or password requirements. An upgrade to Ultimate Bulletin Board 6.01 should to fix the problem.

Commercial products. The following commercial products were reported to contain vulnerabilities:

• Multiple vulnerabilities have been reported in Alcatel ADSL-Ethernet bridge devices, the most serious of which include both a cryptographic challenge back-door and the ability to remotely load new firmware, potentially including firmware containing sniffers or other attack software. No workaround or fix has been reported so far, nor any vendor response. Check the related CERT advisory for more details. Here is another related posting. BugTraq ID 2568 and 2566.

• The Caucho Technology Resin webserver is reported to contain a JavaBean disclosure vulnerability. Resin is a commercial product released under a Developer Source license, meaning that, although development use is free, a license is required to deploy a product that includes or is developed with Resin. This vulnerability allows read access to any known JavaBean file residing on a host running Resin. No fix for this has yet been reported.

• Cisco has reported that their Content Services (CSS) switch, also known as Arrowpoint, in older releases contains a security vulnerability that can allow a non-privileged user to escalate their privilege level. Free software upgrades are offered to resolve the problem.

• The Watchguard Firebox II has been reported vulnerable to a denial-of-service attack when subject to bursts of specific malformed packets. The vendor has released an update.

• The BinTec X4000 Router is reported to be vulnerable to a denial-of-service vulnerability because a SYN portscan will cause a lockup. Workarounds for the problem have been posted and include feedback from Bintec.

• A denial-of-service vulnerability has been reported in the PIX Firewall 5.1. Cisco is working on the problem, but having difficulties recreating it.

Updates

ptrace/execve/procfs race condition in the Linux kernel 2.2.18. Exploits were released the week of March 29th for a ptrace/execve/procfs race condition in the Linux kernel 2.2.18. As a result, an upgrade to Linux 2.2.19 is recommended.

Last week, Alan Cox put up the Linux 2.2.19 release notes, finally giving the specifics on all the security-related fixes in 2.2.19 (all thirteen of them!) and giving credit to the Openwall project and Chris Evans, for the majority of the third-party testing and auditing work that turned up these bugs. Fixes for the same bugs have also been ported forward into the 2.4.X kernel series.

This week's updates:

• Trustix
• Progeny
• Progeny, advisory updated due to error in update instructions.

• Immunix (March 29th)
• Linux 2.2.19 release notes
• Caldera, 2.2.19 security fixes (April 5th) backported to 2.2.10 and 2.2.14, the kernels used in various Caldera products

VIM statusline Text-Embedded Command Execution Vulnerability. A security problem was reported in VIM last week where VIM codes could be maliciously embedded in files and then executed in vim-enhanced or vim-X11. Check BugTraq ID 2510 for more details.

This week's updates:

• SuSE
• Caldera

• Red Hat (March 29th)
• Linux-Mandrake (March 29th)
• Immunix (April 5th)

mailx buffer overflow. Check the March 15th LWN Security Summary for the original report. The buffer overflow is only exploitable if the program is shipped setgid mail.

This week's updates:

• Progeny, setgid bit removed

• Debian, setgid bit removed

mc binary execution vulnerability. Check the March 8th LWN Security Summary or BugTraq ID 2016 for more details.

This week's updates:

• SuSE

• Debian (March 8th)
• Slackware (changelog, 2001/3/10)

joe file handling vulnerability. Check the March 1st LWN Security Summary for the initial report.

This week's updates:

• Slackware (from the Changelog, updated April 10th)

• Red Hat (March 8th)
• Immunix (March 8th)
• Linux-Mandrake (March 8th)
• Debian (March 15th)
• SuSE (March 29th)

Multiple vulnerabilities in splitvt. Multiple vulnerabilities were reported in splitvt in the January 18th LWN Security Summary, including several buffer overflows and a format string vulnerability. An upgrade to splitvt 1.6.5 should resolve the problems.

This week's updates:

• Slackware (from the Changelog, updated April 10th)

• Debian (January 25th)
• Debian, updated advisory due to package mixup (January 25th)

pico symbolic link vulnerability. Check the December 14th, 2000 LWN Security Summary for the initial report of this problem. Note that this has also been reported as a pine vulnerability, but the vulnerable component is still pico, not pine. Check BugTraq ID 2097 for more details.

This is the first distribution update we've seen for this four-month-old vulnerability.

This week's update:

• Red Hat

Resources

Trustix Secure Linux 1.4.80. Trustix has announced the release of Trustix Secure Linux 1.4.80, a beta release toward the 1.5 stable version. It is nicknamed "Ooops," and is incompatible with 1.2 in a number of ways; read the announcement closely.

Lion Internet Worm Analysis. Max Vision has posted his analysis of the Lion worm and the three variants of it that have been identified so far. (Thanks to Jose Nazario).

Security Focus announces Malware Repository. Security Focus announced this week that they will be maintaining a repository of malware samples in order to make such software readily available for analysis. "Initially, the page will contain samples for Ramen, Lion, and Adore, plus anything else that comes out between now and then. We will be maintaining copies of new items from now on, and will not be making an attempt to go back in time to get a complete collection, unless someone wants to volunteer a personal collection".

Bastille Linux 1.2.0rc1. Bastille Linux has version 1.2.0rc1, the first release candidate for their upcoming 1.2.0 release. This version is considered stable enough for use on production systems.

Detecting Loadable Kernel Modules (LKM). Toby Miller has posted a paper on detecting loadable kernel modules. It goes over the basics of loadable kernel modules, /lib/modules, conf.modules and kstat.

Linux Security Module mailing list. Crispin Cowan has announced a new mailing list called linux-security-module. "The charter is to design, implement, and maintain suitable enhancements to the LKM to support a reasonable set of security enhancement packages. The prototypical module to be produced would be to port the POSIX Privs code out of the kernel and make it a module. An essential part of this project will be that the resulting work is acceptable for the mainline Linux kernel"

Events

Upcoming Security Events.

Date	Event	Location
April 12, 2001	RSA Conference 2001	San Francisco, CA, USA
April 17 - 18, 2001	E-Security Conference	New York City, NY, USA
April 20 - 22, 2001	First annual iC0N security conference	Cleveland, Ohio, USA
April 22 - 25, 2001	Techno-Security 2001	Myrtle Beach, SC, USA
April 24 - 26, 2001	Infosecurity Europe 2001	London, Britain, UK
May 13 - 16, 2001	2001 IEEE Symposium on Security	Oakland, CA, USA
May 13 - 16, 2001	CHES 2001	Paris, France
May 29, 2001	Security of Mobile Multiagent Systems(SEMAS-2001)	Montreal, Canada
May 31 - June 1, 2001	The first European Electronic Signatures Summit	London, England, UK
June 1 - 3, 2001	Summercon 2001	Amsterdam, Netherlands
June 4 - 8, 2001	TISC 2001	Los Angeles, CA, USA
June 5 - 6, 2001	2nd Annual IEEE Systems, Man, and Cybernetics Information Assurance Workshop	United States Military Academy, Westpoint, New York, USA
June 11 - 12, 2001	7th Annual Information Security Conference: Securing the Infocosm: Security, Privacy and Risk	Orlando, FL, USA.

For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.

Section Editor: Liz Coolbaugh

LWN Resources
Security alerts archive

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Security Projects
Bastille
Linux Security Audit Project
Linux Security Module
OpenSSH

Security List Archives
Bugtraq Archive
Firewall Wizards Archive
ISN Archive

Distribution-specific links
Caldera Advisories
Conectiva Updates
Debian Alerts
Kondara Advisories
Esware Alerts
LinuxPPC Security Updates
Mandrake Updates
Red Hat Errata
SuSE Announcements
Turbolinux
Yellow Dog Errata

BSD-specific links
BSDi
FreeBSD
NetBSD
OpenBSD

Security mailing lists
Caldera
Cobalt
Conectiva
Debian
Esware
FreeBSD
Kondara
LASER5
Linux From Scratch
Linux-Mandrake
NetBSD
OpenBSD
Red Hat
Slackware
Stampede
SuSE
Trustix
turboLinux
Yellow Dog

Security Software Archives
munitions
ZedZ.net (formerly replay.com)

Miscellaneous Resources
CERT
CIAC
Comp Sec News Daily
Crypto-GRAM
LinuxLock.org
LinuxSecurity.com
Security Focus
SecurityPortal

See also: last week's Kernel page.

Kernel development

Nailing down the bugs. This week saw significant progress toward finding and fixing the remaining serious bugs in the 2.4 kernel.

• The elusive problem that would cause processes to hang in an uninterruptible ("D") state turns out to have been caused by a bug in the reader/writer semaphore implementation. These semaphores had not been much used until recently, so the bug, which has been present for a long time, had not caused any trouble. Andrew Morton, after pounding on the problem for a while, finally gave up and wrote a completely new implementation which fixes the problem - at the cost of breaking a fair amount of code. It also turns out to be hard to implement the new scheme on old 386 processors, which lead to a long discussion of just how well 386 systems should be supported at this stage. It looks like it will be possible to make 386's work reasonably well, though, in the end.

• The "filesystem corruption under high load" bug was, after great effort, nailed down by Ingo Molnar and others at Red Hat. There is a rare case in the ext2 filesystem where it can drop a block that is still in use; it was introduced in 2.4.0-test6. A patch is out which fixes the problem.

• One other D-state bug in the logical volume manager code was fixed by Jens Axboe.

• Jonathan Morton has posted a patch with a number of virtual memory fixes - including one which fixes the problem where the out-of-memory process killer would be invoked too soon.

Those two fixes should show up an a 2.4.4 prepatch shortly, though the semaphore fix may take a little while to stabilize.

There appear to some outstanding issues with the aic7xxx SCSI adapter driver, though many of them seem to be the result of incorrectly applied patches.

No more jiffies? An interesting discussion (and patch) came up this week which could lead to a very different timekeeping technique in the kernel. We'll start with a little background...

The kernel currently handles most of its timekeeping tasks by means of the timer interrupt. It's a hardware interrupt driven by the clocks that all modern systems have; on most architectures the clock is programmed to deliver this interrupt 100 times per second (but the Alpha and IA-64 run at 1024). The clock interrupt handler does a number of things, including seeing if the current process has used its allotted CPU time, running any deferred tasks whose time has come, updating process accounting, and incrementing a little variable called jiffies. The jiffies counter is, among other things, a measure of the uptime of the system; it is used for many timing-related tasks within the kernel.

The timer tick system has been seen as imperfect for a while. Among other things, it imposes a 10ms resolution on most timing-related activities, which can make it hard for user-space programs that need a tighter control over time. It also guarantees that process accounting will be inaccurate. Over the course of one 10ms jiffy, several processes might have run, but the one actually on the CPU when the timer interrupt happens gets charged for the entire interval.

A new problem came up, however, over at IBM. On their S/390 mainframes, they can run a great many independent "Linux images," each of which is a full, independent kernel. With its own timer interrupt. As Martin Schwidefsky pointed out in his posting on the subject, with 1000 images running, the timer interrupt overhead gets to be significant - up to 100% of the available CPU. That, of course, is not the sort of mainframe performance that IBM had in mind, so they had to make some changes. Those changes, essentially, were to eliminate both the timer tick and the jiffies variable.

The timer tick can go away because the kernel does, in general, know when something will next need its attention. There's a handy, sorted list of upcoming timer events, and the kernel knows how long the current process should be allowed to run before being scheduled out. So, the system's interval timer can be set to exactly the right time when something needs to happen. This timer can, simultaneously, be set with much higher resolution and to a much longer interval than the regular clock tick.

Eliminating jiffies is a little tricky, since a great deal of code makes use of it. A quick grep for jiffies the 2.4.3 source turns up over 3700 references. The variable needs to go, since there isn't a nice, regular clock tick to keep it updated. But fixing that many places in the source just does not sound like a whole lot of fun. For those of you who are into the details, the IBM S/390 fix looks like:

  #define jiffies ({ \
          uint64_t __ticks; \
          asm ("STCK %0" : "=m" (__ticks) ); \
          __ticks = (__ticks - init_timer_cc) >> 12; \
          do_div(__ticks, (1000000/HZ)); \
          ((unsigned long) __ticks); \
  })

This approach fixes almost all of the problems with the old scheme. The regular timer interrupts, along with their overhead, is gone. The timer on most systems can be programmed with great precision, meaning that very high resolution timers can be supported. That will make certain types of processes (MIDI sequencers, software modem drivers, high-speed video, etc.) run far better. And process accounting, done when the process reschedules, will be extremely accurate.

The change is not without its costs, though. The code changes are significant, of course, meaning that this change is a 2.5 item. A certain amount of extra overhead will need to be added to system calls to keep everything updated in the absence of a timer tick. If not done carefully, this overhead could outweigh the savings on normal systems (which do not run 1000 independent Linux images...). There is also some overhead added to the scheduler.

In fact, George Anzinger, one of the developers behind the high resolution timers project, posted a message stating that the project had decided to avoid the no-tick approach due to the cost of that extra overhead. They seem willing to reconsider, though. The advantages of this approach seem to be strong; we may well see it adopted in the 2.5 development series.

CML2 1.0 released. Eric Raymond has announced the 1.0 release of CML2, the new kernel configuration system. The announcement talks about the plans for integrating CML2 into the 2.5 development series, and provides a lengthy discussion on why CML2 is better. (See also last week's LWN kernel page for a discussion of the new kernel build system as a whole).

Kernel summit webcast available. As LWN readers are probably tired of hearing, the Linux 2.5 Kernel Summit was held on March 30 and 31. The presentations at the summit were videotaped, and they are now available in RealPlayer format from the OSDN web site.

Toward a security module interface. One of the conclusions that came out of the Kernel Summit was that the various groups working on security enhancements to Linux should agree on a standard interface. In that way, the projects could interoperate, and it would be easy to switch from one approach to another. To that end, Crispin Cowan has announced the creation of the "security module" mailing list. The purpose of the list is to explore the enhancement of the kernel module interface to support the development of pluggable security modules. Those who are interested in the topic are encouraged to sign up; subscription instructions are in the announcement.

Other patches and updates released this week include:

• Romain Dolbeau has posted a framebuffer driver for the Permedia3 chipset.

• Jeff Dike has released a version of user-mode Linux for the 2.4.3 kernel.

• Daniel Phillips has posted a document describing the on-disk format of his ext2 directory indexes.

• Maneesh Soni posted a patch which improves the performance of file descriptor management on SMP systems.

• Justin Gibbs released version 6.1.11 of the aic7xxx driver.

• Andre Hedrick posted an IDE driver patch which provides support for the Promise Ultra100 TX2 chipset.

• LVM 0.9.1 was released by Heinz J. Mauelshagen.

• Version 0.1.1 of the device registry patch (which provides a database of all physical devices on the system) has been posted by Tim Jansen.

Section Editor: Jonathan Corbet

For other kernel news, see:

• Kernel traffic
• Kernel Newsflash
• Kernel Trap
• 2.5 Status

Other resources:

• L-K mailing list FAQ
• Linux-MM
• Linux Scalability Effort
• Kernel Newbies
• Linux Device Drivers

See also: last week's Distributions page.

Lists of Distributions
distrowatch
ibiblio
Kernelnotes
Linux.com
LinuxLinks
Woven Goods

Embedded Distributions:
3ilinux
Bifrost
Blue Cat Linux
BluePoint Embedded
Compact Linux
Coollinux
DSPLinux
ELinOS
ELKS
Embedded Debian
Embedix
Etlinux
FlightLinux
Hard Hat Linux
Jailbait
Linux/Coldfire
LEM
Midori
NeoLinux
OnCore Systems
PeeWeeLinux
RedBlue Linux
RedIce-Linux
Royal Linux
RTLinux
Tynux
uClinux
White Dwarf Linux

Handhelds/PDAs
Agenda-VR
Familiar (iPAQ)
Intimate (iPAQ)
Linux DA
PocketLinux
PsiLinux

Secured Distributions:
Astaro Security
Castle
Engarde Secure Linux
Immunix
Kaladix Linux
NSA Security Enhanced
Openwall GNU/Linux
Trustix

Special Purpose/Mini
2-Disk Xwindow System
Mindi Linux
SmoothWall

Floppy-based
Brutalware
BYLD
Coyote Linux
DLX
Fd Linux
Fli4l (Floppy ISDN/DSL)
floppyfw
Floppix
FREESCO
Linux in a Pillbox (LIAP)
Linux Router Project
LOAF
muLinux
Nuclinux
Proxyfloppy
ShareTheNet
Small Linux
Tomsrtbt
Viralinux_II

CD-based
BasicLinux
BBLCD Toolkit
CDLinux
Crash Recovery Kit
DemoLinux
Devil-Linux
Finnix
Gibraltar
innominate Bootable Business Card
Linuxcare Bootable Business Card
LNX-BBC
MkCDrec
RunOnCD
Sentry Firewall
SuperRescue
Timo's Rescue CD
Ututo
Virtual Linux

Zip disk-based
NBROK
ZipSlack

Small Disk
hal91
MicroLinux
--> Peanut Linux
PKLinux
Relax Linux
TA-Linux
Tomukas
ttylinux
VectorLinux

Wireless
Bambi Linux
Flying Linux

Hardware-specific
(ARM)
ARM Linux
(Beowulf)
Scyld Beowulf
(IBM)
Think Blue Linux
(Oracle's NIC)
NIC Linux
(PA-RISC)
PA-RISC Linux
(Playstation)
Runix
(PowerPC)
Black Lab Linux
LinuxPPC
MkLinux
Yellow Dog
(Sparc)
Splack
UltraLinux
(Older Intel)
ClarkConnect
Monkey Linux
TINY

DOS/Windows install
Armed Linux
DragonLinux
Phat Linux

Diskless Terminal
GNU/Linux TerminalServer for Schools
K12LTSP
LTSP
Pygmy
Xdenu

Distributions

New Distributions

Fried Chicken Linux. In our amusements category this week falls our newest distribution, Fried Chicken Linux, from the IT University of Copenhagen. Why the name "Fried Chicken Linux"? Apparently some imaginative people think the logo for the IT University of Copenhagen looks like a fried chicken.

Fried Chicken Linux is a distribution tied to Red Hat Linux. It serves as a repository for packages specific to the IT University of Copenhagen. Those packages are then integrated with Red Hat and served up. Get your Fried Chicken here! (Thanks to Jesper Juhl).

DSPLinux. On the embedded front, RidgeRun, Inc. announced its DSPLinux distribution. In the embedded field, it is interesting to note how the terminology changes. Rather than being promoted as an operating system, DSPLinux is promoted as a Software Development Kit (SDK). "The demonstration shows how the company's DSPLinux Software Development Kit (SDK) can reduce development time by allowing application developers to work in parallel with developers writing the low-level drivers and board support functions".

In any case, DSPLinux, as the name suggests, is targeted at Digital Signal Processors (DSPs). The Linux kernel is run on the ARM chip, while real-time tasks are run on the DSP.

CDLinux. Another project to develop a version of Debian that runs directly off of CD was recently announced: CDLinux. When it was pointed out that DemoLinux, a distribution with a similar goal, is also Debian-based, the author gave a few reasons for his decision to build CDLinux instead. "There're some reasons I started to do my own, one of them is they only provide ISO images, while I'm a poor dial-up user. The other reason is their deeply involved kernel patch is for 2.2 and I feel porting the code to 2.4 is too tiresome. The third reason is I don't like there many special dialogs asking user questions".

As a result, instead of providing a separate distribution hierarchy, CDLinux will essentially be a program that will build a CDLinux image given access to "some kind of Debian archive".

Housewife's Linux (a.k.a. Linux washing powder. Housewife's Linux is a new distribution mentioned on MandrakeForum. However, we've chosen not to include it on our distributions list due to its failure to follow even the most basic rules of building a Linux distribution. "While claiming to be generic linux, this package isn't compatible with any other Linux distribution. Even the "GIC" (grains in carton) packaging format is completely different from well-known "rpm-" and "deb-" packages we grew accustomed to". (Thanks also to Christof Damian).

Distribution News

Red Hat News. Stephen Smoogen sent us an official announcement of Red Hat's new ftp structure. It includes a complete remapping from the old directory structure to the new.

Meanwhile, new perl packages for Red Hat have been released. They fix problems with the DB_File module introduced by the recently released Berkeley db packages (which were in turn required to support the rpm 4.0.2 release ...).

The process from upgrading from Wolverine to Rawhide is ready to be tested. If all goes well, it should be pretty slick. "How's about a virtually painless up2date session to bring Wolverine up to today's rawhide? And what if the new version of up2date actually upgrades your kernel for you?!?!" Note, this is for bleeding-edge, Red Hat testers, not for the faint of heart.

Debian News. A progress report on the Woody freeze has been released. "In short: there hasn't been any". The optimistic schedule has been bumped back a couple of months. The lack of working boot-floppies is the key stumbling block. However, not all the news is bad. "The remaining aspects of the release aren't looking too bad: almost all the outdatedness in testing is fixed (glibc 2.2, X 4, perl 5.6, debconf), and the only remaining issues (KDE and Gnome 1.2/1.4) look like they should be able to be resolved in the next few weeks".

Meanwhile, the next Bug-Squashing Party will be held this weekend, the 13th through the 15th of April.

Debian developers should also note the new instructions on orphaning a package.

"Dwarf's Guide to Debian GNU/Linux" has now been packaged up. This is a book, by Debian developer Dale Scheetz, which covers package management tools, installation and basic systems administration.

Slackware News. All three platforms got security updates this week for ntp, joe and splitvt. Symlinks have been added to support Java and other packages that expect to find basic commands (date, echo, false ...) in /usr/bin. Openssl has been upgraded to 0.9.1a. GNU screen-3.9.8 was installed, but is not setuid root by default due to security concerns. This means that the 'w' command will not work with it correctly and neither will 'talk'. Many other package updates went in this week as well.

Both the Intel and Sparc platforms got a merge of the recent ham package updates from Arno Verhoeven.

Linux-Mandrake News. Last week, we managed to miss Mandrake Forum's transformation into a multi-lingual site. The site now supports German, French and English, so you can follow threads in the language of your choice. This doesn't guarantee that all posts will be translated into all languages, and the most active is still English, but if you prefer to post in German or French, you can, and only readers that have asked to see posts in that language (presumably because they can read them) will see your comments. Fun stuff.

Tractopel RC1 is out. Of course, this is better known as the first release candidate for the upcoming Linux-Mandrake 8.0. Problems have already been reported with this version, so don't plan on installing it on any production systems. Another candidate will likely be out shortly.

Also out this week was the first release candidate for MandrakeSecurity, (a.k.a MandrakeFirewall, a.k.a Mandrake Internet Security Pack, a.k.a "cookfire"). MandrakeSecurity is a light-weight version of Linux-Mandrake aimed at creating an easy-to-use firewall. The latest version has been upgraded to Linux 2.2.19 and contains many other additional features as well.

Progeny Linux ships. Progeny Linux Systems, Inc. announced the release of the first edition of Progeny Debian. The download edition is available now at www.progeny.com/download. The box set will be available on April 23rd.

Trustix Secure Linux News. Trustix has announced the release of Trustix Secure Linux 1.4.80, a beta release toward the 1.5 stable version. It is nicknamed "Ooops," and is incompatible with 1.2 in a number of ways; read the announcement closely.

Conectiva News. Conectiva published this description of various updates made recently to their High Availability support, including an update to the more stable heartbeat 0.4.9.

Redmond Linux News. Redmond Linux Beta 3 had been released. This distribution is aimed at personal use and is intended to be an easy introduction to Linux for the newcomer and casual computer user. "'This Beta 3 release brings Redmond Linux to the level of stability and number of features needed for home use,' he [Joseph Cheek] continues. 'We've got everything a home user needs - full Internet access, word processing, spreadsheet, and financial management software, multimedia, and entertainment - without the excess software that's commonly attached to an operating system'".

deepLinux News. After a year of near-dormancy, deepLinux has been reformed. The company will announce a number of new product offerings, including a web server, a firewall, and a database server, in the very near term. One of those announcements made it out this week, their release of deepLinux ExOp Server beta 1, a full version of GNU/Linux featuring the SGI-optimized Apache Web server.

KRUD News. KRUD users can now use krudlookup to find the package in which a required binary is currently stored. Check the announcment for more details.

A similar functionality that covers multiple RPM-based distributions can be found on Rpmfind.net.

Hard Hat News. MontaVista Software Inc. announced the 2.0 release of its kernel 2.4 based Hard Hat Linux operating system. Hard Hat Linux includes support for x86/IA-32, PowerPC, StrongARM, MIPS, and SH architectures. For more details on their Hitachi SuperH support (SH), check this press release.

BlueCat News. Also from the embedded space, LynuxWorks' BlueCat Linux 3.1 now supports the MIPS architecture. "Supported architectures now include MIPS, Intel's Pentium, XScale and x86 compatibles, ARM family (including Thumb extensions), StrongARM, PowerPC (including PowerQUICC) and Hitachi SuperH".

Astaro Security Linux News. Astaro Security Linux, a Linux-based firewall solution that also includes stateful packet inspection, released version 1.803 this week. This minor update to the stable tree includes new virus pattern files.

Distribution Reviews

Conectiva Linux 6.0. We seemed to have missed this originally, but C|Net did a rather reasonable review of Conectiva Linux 6.0 back at the end of March. "Although we were generally impressed with the installation procedure, we were frustrated that Conectiva installed headers for kernel 2.2.18 rather than the included 2.2.17 kernel--an annoying oversight. Thankfully, the problem is easily fixed by downloading a new kernel or the correct headers from Conectiva's Web site."

Section Editor: Liz Coolbaugh

Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.

Leading
Caldera OpenLinux
Debian GNU/Linux
Linux-Mandrake
Red Hat
Slackware
SuSE
TurboLinux

Also well-known
ASPLinux
Best Linux
Conectiva Linux
e-smith
Kondara MNU/Linux
Progeny
Rock Linux

Non-technical desktop
easyLinux
Icepack Linux
Independence
LibraNet
Redmond Linux
WinSlack

Education
Boston University
kmLinux
LinuxFromScratch
OpenClassroom
Red Escolar

General Purpose
Alzza Linux
aXon Linux
Bad Penguin Linux
BearOps
Black Cat Linux
BluePoint Linux
BYO Linux
CAEN Linux
Cafe Linux
ChainSaw Linux
Circle MUDLinux
cLIeNUX
Complete Linux
Console Linux
Corel Linux
CRUX
Darkstar Linux
DLite
easyLinux
Elfstone Linux
ESware Linux
Eurielec Linux
eXecutive Linux
Fried Chicken
FTOSX
FullPliant
Gentoo
Go!Linux
HA Linux
Halloween Linux
HispaFuentes
IceLinux
Ivrix
ix86 Linux
J-LINUX
JBLinux
Jurix
KRUD
KSI-Linux
Lanthan Linux
Laonux
LASER5
Leetnux
Linpus Linux
Linux Cyrillic Edition
Linux MLD
LinuxOne OS
LinuxPPP
Linux Pro Plus
Linux-SIS
LNX System
LoopLinux
LSD
Lute Linux
MageNet
Mastodon
MaxOS
minilinux
MSC.Linux
nmrcOS
NoMad Linux
Omoikane GNU/Linux
PingOO Linux
Plamo Linux
PLD
Project Ballantain
PROSA
Rabid Squirrel
Repairlix
Root Linux
Scrudgeware
Serial Terminal
Sorcerer
spyLinux
Stampede
Stataboware
TechLinux
TimeSys Linux/RT
Tom Linux
Trinux
Turkuaz
Ute-Linux
VA-enhanced Red Hat
Vine Linux
Virtual Linux
WholeLinux
WinLinux 2000
XTeamLinux
ZipSpeak

Country-specific
Argentina
GNU/Linux Ututo
Britain
Definite Linux
Eridani
China
COSIX
Red Flag
France
Linux/MNIS
Italy
LinuxEspresso
Madeinlinux
Vedova
Spain
Linux Esware
Thailand
Kaiwal Linux
Thai Linux Extension

Related Projects
Chinese Linux Extension

Historical (Non-active)
Dualix
Gentus
Giotto
MCC Interim Linux
OS2000
Storm Linux
Yggdrasil

See also: last week's On the Desktop page.

Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Office Suites
Ability (*)(w)
Anywhere Desktop (*)
(formerly "Applixware")
GNOME Office
HancomOffice
KOffice
StarOffice / OpenOffice
Siag Office
WordPerfect Office 2000 (*)(w)

Java / Web Office Suites
ThinkFree Office (*)
Teamware Office (*)
Cybozu Office (*)

Desktop Publishing
AbiWord
iceSculptor (*)
Impress
Maxwell Word Processor
Mediascape Artstream (*)
Scribus

Web Browsers
Mozilla
Netscape (*)
Opera (*)
Konqueror
Galeon

Handheld Tools
KPilot
JPilot
Palm Pilot Resources
Pilot Link
SynCal

On The Desktop

-- Senior Editor, Michael J. Hammel

Ximian releases Bonobo 1.0. While not something the average desktop user is likely to use directly, Bonobo 1.0 is a major step forward to the interoperability users are demanding from the Linux desktop. Bonobo is the component object library for GNOME that is to be used by applications to share resources with other applications. This release was announced by Ximian, the commercial group formed by original GNOME author and leader Miguel de Icaza.

So what is Bonobo? As Ximian developer Michael Meeks told me at LinuxWorld at the end of January, a Bonobo is actually a monkey which happens to be "very good at coupling". In software terms it refers to a product which is supposed to be very good at allowing software packages to interoperate more seamlessly. Bonobo provides an interface which applications can use to embed features from other applications in themselves. It also allows a program to offer features to other applications which they can use. Examples of this might include a spreadsheet embedding a postscript graphic or a finance package embedding an HTML browser.

The reason this release is important to end users is that Bonobo is a major piece of the core GNOME facilities - the stability of many applications is dependent on those core facilities. Without a stable core, you have unstable applications. And that's bad. But the 1.0 release is considered stable (not perfect, just stable), and that means the road to a stable GNOME desktop is paved just a bit smoother now.

So while Bonobo in itself isn't something end users will use directly, it is something they should care about. Applications can now begin to integrate on the GNOME desktop in a fashion that is consistent and requires less duplication of development effort - and thus we get those applications sooner.

Despite the promise that Bonobo 1.0 brings, there is still a downside for the Linux desktop as a whole. KDE and GNOME use different methods for embedding features of one application into another. While GNOME's Bonobo is based on the standardized CORBA definition, KDE uses an implementation called KParts which is not compatible with Bonobo. This means KDE applications can integrate with each other and GNOME applications can integrate with each other but KDE applications can't integrate with GNOME applications. And even though both KDE and GNOME are both committed to working towards common goals and an easily integrated desktop, this particular issue will be a sticky one for some time to come.

GUADEC Results. The GNOME User and Developer European Conference was held last week and by all accounts was very productive. A posting to the GNOME Office mailing list gave a summary of the conference, which was held in Copenhagen. There were some interesting items noted in this summary. The first is that a list of applications is being considered for the official GNOME Office distribution. Four applications - the Gnumeric spreadsheet, the AbiWord word processor, Guppi for charting and graphing, and Dia for diagramming - are considered essential. A list of eight other applications are under consideration for inclusion including the Evolution mail system and GIMP. Although each application in this secondary list is a valuable too in its own right we have to ask if they are really necessary for the average office. Software bloat has been a serious problem in the past with applications, and with office packages now including 5, 6 or even 10 applications the problem is only multiplied. Another point raised during the talks was release dates for various packages. The Gnumeric 1.0 spreadsheet release is expected by the end of the year and should include Bonobo support. On a larger scale, the release of GNOME Office 1.0 is expected to come with GNOME 2.0. This means by Dec 31, 2001. Things could get rather interesting for the GNOME desktop user in time the New Years holiday period.

Eazel launches Reef Project. Eazel has announced their next major project, known as Reef, intended to handled live content over the Web. " Our current primary target language is Python, but multi-language support is in the works. For communication back to the server, we will be working with both XML-RPC and SOAP, since they each have their advantages and disadvantages. We will also be watching the nascent XML Protocol working group of the W3C closely."

It appears that the goal here is to provide packaged sets of tools that are easily downloadable by users in order to make use of live content. While a laudable goal, one has to wonder if the pipes to the home will ever be large enough to make live content even worth your time.

Desktop Environments

Building KDE themes for Linux. IBM developerWorks posted an a tutorial this week that shows the average user how to make use of the new KDE 2.1 environment and themes. "Overall, there's much more functionality in the new Control Center, and some extensive improvements in fine-grained control of the user interface. As the KDE2 beta cycles continued in the late Summer and early Fall of 2000, e-mails and bug requests for a Theme Manager flew fast and furious." (A free registration is required to access this tutorial.)

Minutes of the GNOME Advisory Board Meeting. The GNOME Advisory Board met during GUADEC on Thursday, April 5th and Sunday, April 8th last week in Copenhagen. Minutes from that meeting have been published. High on the todo list are the formation of regional foundations and working on better interoperability with KDE, as well as the determination as to whether an official office suite should be specified for GNOME.

Office Applications

Configuring Outlook to use Linux servers. The folks at Bynari have posted a configuration manual describing how to make the Outlook client work with Linux-based servers. Essentially, it's a recipe for eliminating Exchange.

Desktop Applications

Review of Konqueror/Embedded. BrowswerWatch took a look at KDE's Konqueror/Embedded version and its impact on embedded browser technology. "'While Konqueror is based on the KDE HTML rendering engine, Hausmann explained, 'It is not a fork of the KDE browser codebase. Part of the build process copied the original browser sources into the new build environment."

Tax software furthers Linux spread (News.com). C|Net says you can buy tax software for Linux now - if you file your taxes in Germany.

GIMP on MacOS X. This isn't a Linux desktop issue, but a desktop issue of interest in general to GIMP users:   MacGIMP is reporting that Chris Turkel has GIMP 1.2 running on MacOS X, with screenshots to prove it.

Building, or dropping, the future...

Trolltech Previews Qt 3.0. The preview of QT 3.0, Trolltech's next version of the toolkit used by the KDE Desktop environment, includes support for database access and an updated Qt Designer.

Plug is pulled on Indrema box plans (VideoBusiness Online) . The Linux-based Indrema game console project has apparently died. According to this story, the company was unable to find funding for the product development to continue. "[Indrema president John] Gildred said that although Indrema is dead, he will take the interactive TV portion of his dream to his new employer, a major Japanese consumer electronics company."

Section Editor: Michael J. Hammel

Note: An asterisk (*) denotes a proprietary product, (w) denotes WINE based tools.

Desktop Environments
GNOME
GNUstep
KDE
XFce

Window Managers (WM's)
Afterstep
Enlightenment
FVMW2
IceWM
Sawfish
WindowMaker

Minimalist Environments
Blackbox

Widget Sets
GTK+
Qt

Desktop Graphics
CorelDRAW (*)(w)
GIMP
Kontour
Photogenics (*)
Sketch

Windows on Linux
WINE
Win4Lin
VMWare

Kids S/W
Linux For Kids

Send link submissions to lwn@lwn.net

See also: last week's Development page.

Development projects

News and Editorials

• Support for Unix/Posix threads which allows Apache to run in a hybrid multiprocess/multithreaded mode.
• A New build system that is based on the popular autoconf and libtool packages.
• Multiprotocol Support Work to allow for the serving of protocols other than http.
• Better support for non-Unix platforms including BeOS, OS/2 and Windows.
• Platform Specific Multi-Processing Modules which allow for the isolation of platform specific code from the main server and can also be used to select threaded or forking operation.
• A New Apache API which addresses problems with the Version 1.3 module ordering and adds more capabilities from new modules.
• Native IPv6 support to support the next generation of Internet protocol.
• I/O Filtering by Apache modules which allows CGI script output to be filtered on the server side.

The list of Module Enhancements for Apache 2.0 includes:

• mod_auth_db with support for the Berkeley DB 3.0 database.
• mod_auth_digest with support for session caching across processes.
• mod_charset_lite a new module for character set translation.
• mod_dav a new module that supports HTTP Distributed Authoring and Versioning (DAV).
• mod_file_cache a new caching module that duplicates mod_mmap_static functionality and extends the caching abilities.

The Changes with Apache 2.0.16 document lists all of the changes in detail.

Overall, this is a fairly major release of Apache with some nice new capabilities, and no doubt, some new bugs. Apache 2.0 is not recommended for production servers, but it would be a good idea to try it out in an experimental mode and report any problems that you encounter back to the development team.

Databases

mSQL 3.0 pre 2 available. Hughes Technologies has announced the availability of mini SQL (mSQL) version 3.0 pre 2.

Documentation

LDP Weekly News - 2001-04-10. This week's updates to the Linux Documentation Project include new HOWTO's for 3D Modeling and LDAP use, and updates to the Linux Kernel HOWTO and Secure Programming HOWTO documents.

Embedded Systems

Embedded Linux Newsletter for Apr. 5, 2001 (LinuxDevices). The summary for the past week in the embedded Linux marketplace has been published by LinuxDevices.com. The Embedded Linux Newsletter this week covers Rick Lehrbaum's "State of Embedded Linux" talk at the Colorado Linux Info Quest and Wind River's acquisition of BSDi, as well as other stories.

Developer interest in Embedded Linux skyrockets (LinuxDevices). According to this LinuxDevices.com report, interest in using Linux as an embedded system solution has surged since 1998, making it the #2 system of choice behind Wind River's VxWorks.

Filesystem Software

Learning Linux LVM, Part 2 (IBM developerWorks). IBM developerWorks shows how to add a logical volume to the root filesystem in order to add more disk space. "While the transition to LVM is a bit of an ordeal, once the transition is complete, managing filesystems becomes tremendously easier. As an example, I decided to resize my new /home logical volume, adding about 2 Gigabytes worth of space to the end of the filesystem. First, I added additional capacity to my "lv_home" logical volume, and then I used the resize_reiserfs utility to expand the filesystem so that it would use this additional capacity."

Interoperability

Wine Weekly News seeks a new editor. The Wine Weekly News is looking for a new editor, if you have talents in that area, there's a void to fill.

Network Management

Preventative DNS (kuro5hin). In this column on kuro5hin, Dylan Griffiths shows, in fairly complete detail, the process involved in moving from BIND to djbdns for DNS services.

OpenNMS Update v2.15. The latest edition of the OpenNMS Update is out and covers the release of OpenNMS 0.7.2, web UI authentication problems, and configuration issues.

Printing Systems

Open Source Omni Printer Driver version 0.0.8. A new version of the Omni Printer Driver has been released. "The Omni printer driver provides support for over 250 printers using the Ghostscript framework. In addition, it provides a model for dynamically loading printer drivers, creating new devices by editing device description files, and simplifies new printer driver development by allowing for the subclassing of previous device features." The list of supported printers contains quite a few printers, but HP models are noticeably absent. Omni is licensed under the Lesser Gnu Public License (LGPL). (Thanks to Kelli Wiginton.)

Science

Linux in Science report #8. The April 2, 2001 edition of the Linux in Science Report is out, covering the recent Linux World Expo. "Overall, there were a number of interesting displays. Among these were the dual-processor Athlon system demonstrated by ASL Labs at the MandrakeSoft booth, a very cool display by members of the Brookhaven National Laboratory demonstrating the use of Linux in physics research there, the Flight Gear flight simulator project with a running FlightGear demo, and also the Etherboot project which has made important strides in making booting x86 PCs over a network an easier proposition." A number of open source science projects are listed at the bottom of the report.

Medical software's free future (bmj.com). BMJ.com's letters section contains a discussion about open source software in medicine. "An obvious route forward for the public sector would be to state that all software developed at the public's expense be licensed as open source, although the General Public License may not be the optimum licence."

Molecular Biology related programs for Linux. The Bioinformatics site is now hosting Molecular Biology related programs for Linux, a repository for Linux based Molecular Biology software. Over 50 programs are featured on the site to help you with that penguin cloning project.

Scientific Python 2.2 released. Version 2.2 of Scientific Python is available. "ScientificPython is a collection of Python modules that are useful for scientific computing. In this collection you will find modules that cover basic geometry (vectors, tensors, transformations, vector and tensor fields), quaternions, automatic derivatives, (linear) interpolation, polynomials, elementary statistics, nonlinear least-squares fits, unit calculations, Fortran-compatible text formatting, 3D visualization via VRML, and two Tk widgets for simple line plots and 3D wireframe models." This release features a revised package structure and has built in support for the netCDF data format.

Telephonics

Kandy, a new KDE PIM program for telephones. A new KDE PIM program known as Kandy has been announced. "Say hello to Kandy. Kandy is an application which allows to you communicate with your mobile phone. It aims at providing synchronisation for phone book, appointments and other data stored on the mobile." The Kandy project is in its early stages and the developer is looking for help.

Web-site Development

Zope News. The latest news from the Zope site contains a number of new Zope related software updates. Included are LDAPLoginAdapter 1.2 and New Core Session Tracking 0.8 as well as info on browsing Zope source on line and a new Hong Kong Zope users group.

Zope Developer's Guide preview release. The first preview release of the Zope Developer's Guide has been announced. "The ZDG picks up where the Zope Book leaves off. Its main focus is teaching you how to develop Zope products."

PHP Weekly Summary for April 9, 2001. The April 9, 2001 edition of the PHP Weekly Summary is out. This week's topics include a patch that allows libc style argument swapping in printf, a recently opened XML-RPC extension with a PHP extension, from Epinions, Hebrew and Polish manual translations, and more.

Window Systems

Kernel Cousin KDE Issue #5 is Out. Topics covered in this week's KDE development mailing lists include Kaboodle, the light-weight embeddable media player, KDE DB connectivity issues, global KPrinter support, the new Gideo development branch and sending mail with KMail.

KDevelop 3.0 Now Developer-Ready. KDevelop contains Gideon, "which is very near to being usable and complete", according to Bernd Gehrmann. Gideon, the codename for KDevelop 3.0, can be thought of as a modular lego-like framework for an IDE.

GNUStep Weekly Update. The latest news from the GNUStep project is the announcement of the LaunchPad 1.0 release. LaunchPad is a collection of libraries for creating non-graphical tools and applications using an API based on OpenStep and the MacOS X API.

Section Editor: Forrest Cook

Application Links
GIMP
Mozilla
Galeon
High Availability
ht://Dig
mnoGoSearch
MagicPoint
Wine
Worldforge
Zope

Open Source Code Collections
Berlios
Freshmeat
OpenSourceDirectory
Savannah
Le Serveur Libre
SourceForge
Sweetcode

Programming Languages

Java

Build your own Java-based supercomputer (IBM developerWorks). Aashish Patil writes about building a Java based supercomputer in an IBM developerWorks article. "If you've ever wanted to build your own supercomputer but have been held back by the demands of parallel programming in C, Pseudo Remote Threads is for you. This prize-winning Java programming model greatly simplifies parallel programming on clusters, bringing supercomputing out of the laboratory and into the hands of everyday Java programmers." The examples are run on Windows boxes, but the concepts apply to Linux as well.

Lisp

LISA 0.7 released. Version 0.7 of LISA, the Lisp-based Intelligent Software Agents, has been announced. "LISA is approaching the middle stages of development and is now considered 'alpha' software. The inference engine itself is quite stable, and it should be possible to develop reasonably sophisticated knowledge bases for experimentation."

Perl

New stable and development versions of Perl. A new stable version of Perl, version 5.6.1, has been announced. This release includes a long list of bug fixes and compatibility improvements.

Also, for those who are interested in the latest development release of Perl, version 5.7.1 has been announced. Improved Unicode support seems to be the main area of work in this release, some new modules are also included.

The Perl Journal returns (Use Perl). The recently demised Perl Journal is coming back to life according to Jon Orowant. "It's been a very long winter, full of angst and attorneys. I'll write more later, but wanted to share the good news as soon as possible."

Python

Dr. Dobb's Python-URL!, Apr 9. This week's retrospective on the python world includes PEP 245 and 246 updates, PyTalk - a natural language program, a 2.0 port to OS/2 and installation help for Windows users (who apparently tend to cry a lot).

Pygame 1.0 released. Version 1.0 of Pygame has been released. Changes since the 0.9 release include a finished surfarray module, module exit cleanups, bug fixes, and cleaner code for different platforms.

Also included on the site is a new Pygame Code Repository with some example programs.

PyChecker - a Python source code bug finder. Neal Norwitz has announced PyChecker, a bug finder for Python.

The announcement claims that pychecker can find the following problems:

• No doc strings in modules, classes, functions, and methods
• self not the first parameter to a method
• Wrong number of parameters passed to functions/methods
• No global found (e.g., using a module without importing it)
• Global not used (module or variable)

Ruby

Ruby Cookbook Web site launched. A new web site dedicated to the Ruby programming community has launched. The site provides code fragments, classes, and modules, intended to help the new Ruby programmer get up to speed quickly.

Smalltalk

Squeak Smalltalk 3.0. Squeak is a multi-platform open-source Smalltalk compiler with built in multimedia capabilities. Version 3.0 of Squeak has recently been released. "Squeak is an open, highly-portable Smalltalk-80 implementation whose virtual machine is written entirely in Smalltalk, making it easy to debug, analyze, and change." Squeak is being distributed under an Apple Computer, Inc Software License.

Tcl/Tk

This week's Tcl-URL. Here is Dr. Dobb's Tcl-URL for April 9, 2001, with the usual collection of useful information from the Tcl/Tk development community. This week's edition mentions a call for Tcl core team Tk maintainers, the upcoming Tcl-2001 conference, and more.

Tcl/Tk 8.3.3 released. Tcl/Tk version 8.3.3 has been released. This version features lots of bug fixes and performance improvements.

XML

maki: serving XML via Apache and Python. The initial release of maki, a Python based XML server for Apache, has been announced. "The purpose of maki is to serve XML files via the web. A web developer can specify that the XML data be processed or transformed through any number of steps. Each step is either a stylesheet transformation or a custom process. A processor that evaluates embedded Python code is included. The output of each step is passed as the input to the next step (similar to a Unix pipe). Additionally, the output of each processor step can be cached for a user-specified time period. All configuration is in a central XML file that specifies rules based on matching paths against regular expressions."

If you are wondering about where the name comes from: "The name maki refers to maki-zushi (rolled sushi). The choice of name is somewhat arbitrary, although you are welcome to read meaning into it." Maki has been released under the GPL license.

Miscellaneous

History-making components (IBM developerWorks). James Durham looks at the history of Object Oriented Programming in an IBM developerWorks article. "This timeline explores some of the key events of components and object-oriented programming in the last 50 years. We could have gone back further to John von Neumann's 1946 proposals that changed computer architecture forever, or perhaps further back to ENIAC, Babbage or even Pascal. However, we decided to begin in 1951 since the birth of the widely publicized UNIVAC seems to spark the commercial engine that drives the modern pursuit of object-oriented programming and development."

The Story Behind the Parrot Prank (O'Reilly). Simon Cozens reveals the truth about the April Fools Day Parrot Language hoax. "All right. I admit it. In case you haven't guessed by now, Parrot was a very elaborate April Fools' Day hoax. It seems to have caught a lot of people out... including some people who really ought to know better. I've had a couple of requests from people who want to know how the hoax was perpetrated, so here's the story."

Section Editor: Forrest Cook

See also: last week's Commerce page.

Linux and Business

Embedded Systems have a Hot Time in San Francisco. This week the Embedded Systems Conference hit San Francisco and with it came a flood of press releases as vendors vied to show off their best new products. New alliances and new resolves promise a great future for Linux in the embedded space. Most of the major Linux players made multiple announcements, so by company (and in no particular order):

MontaVista made a range of announcements, from the release of Hard Hat Linux 2.0 and the Hard Hat Linux 2.0 Professional Edition which features a comprehensive suite of development tools, to the open source release of its hot swap infrastructure code. Now a Source Forge project. Then, in cooperation with Hitachi Ltd. they released Hard Hat Linux and development tools for the Hitachi SH-3 and SH-4 microprocessors. If that wasn't enough for one week, they also joined with Trolltech to provide Trolltech's Qt/Embedded development framework with MontaVista's Hard Hat Linux distribution in a comprehensive platform - OS, development framework and embedded windowing system. Conference goers were treated to the latter running on a Compaq iPAQ.

Lineo, Inc. released new SecureEdge Appliances, Firewall and Network Attached Storage and the Lineo Embedix[tm] Board Development Kit (BDK). They announced the opening of the new Lineo Embedded Systems Center in Silicon Valley. Lineo also made some alliances: they announced a partnership with ARM to further the development and use of embedded Linux on ARM®core-based microprocessors; with Trolltech, to ensure that Trolltech's Qt/Embedded application framework integrates seamlessly into Lineo's Embedix[tm] software development kit; and with Metrowerks, makers of CodeWarrior®. The CodeWarrior for Embedix Development System for the PowerQUICC II[tm] MPC8260 is shipping now.

Red Hat, Inc. announced that it has joined the EEMBC, the Embedded MicroprocessorBenchmarking Consortium. Through its membership in this consortium, Red Hat will have access to the EEMBC (tm) benchmark code, which will allow it to optimize code generation for its partners. Working with Altera Corporation they announced a version of the Red Hat GNUPro embedded development tools that support Altera's ARM.-based and MIPS.-based Excalibur(tm) embedded processor solutions. The company is also supplying Morpho Technologies with a GNUPro tool suite compatible with their m_RISC-based reconfigurable DSP (rDSP(tm)) chip.

Lynuxworks announced a new release of BlueCat(TM) Linux with MIPS support and the CodeWarrior(TM) Integrated Development Environment (IDE) Edition for LynuxWorks Development Tools. With these tools, companies using Linux and Solaris host development environments can deploy on LynxOS(R) and BlueCat(TM) Linux targets.

Any way, that's the tip of the iceberg. More announcements from ESC are scattered through the press releases, and not just in the categories created specially for this week. Look for ZF Micro Devices, Inc., formerly ZF Linux Devices, Altera, ARM and many other exciting embedded announcements.

Intel releases iSCSI reference software as open source. Intel has released a reference implementation of the iSCSI specification for next generation storage systems as open source software.

Mountain View Data Announces Availability of SnapFS Beta. Mountain View Data announced the availability of the beta version of SnapFS, enhancing journaling file systems with the capability to capture and retain multiple snapshot versions of