![[LWN Logo]](http://old.lwn.net/images/lcorner.png)
![[LWN.net]](http://old.lwn.net/images/bigpage.png)
|
|
|
|
Bringing you the latest news from the Linux World.
Dedicated to keeping Linux users up-to-date, with concise
news for all interests
 Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters
Other LWN stuff:
Archives/search
Recent features: Here is the permanent site for this page. See also: last week's LWN.
|
Leading items and editorialsCaldera's new releases and per-seat licensing. On June 26, Caldera International announced a couple of new distribution products: OpenLinux Workstation 3.1 and OpenLinux Server 3.1 Both of these releases contain a great many new features which should be of interest to Caldera users (and others); they are covered in depth on this week's Distributions page. There is another aspect of this release, however, that we'll look at here. The OpenLinux press releases and web pages say very little about licensing for these products, which could lead many to believe that OpenLinux is yet another free distribution. If, however, you dig into the OpenLinux Workstation Reviewer's Guide (warning: 5MB PDF), you'll find the following text: OpenLinux Workstation licensing has changed from previous versions. OpenLinux Workstation, as a product, is licensed per system and cannot be deployed without limit. Caldera will provide a certificate of license authenticity (COLA) with each unit sold, and Caldera expects each customer to have a COLA for each system that deploys OpenLinux Workstation.
Linux users have grown accustomed to being able to copy distributions at will. It's not uncommon for a company to buy a small number of distribution CDs and to install them on dozens or hundreds of systems. By imposing per-system licensing, Caldera is challenging that practice, and, in the process, raising some interesting issues. We'll look at Caldera's licensing from two angles; the next article goes into why Caldera is taking this path, and the following will examine whether members of the free software community are right to criticize the company. Why is Caldera doing this? Given that a move of this sort is guaranteed to provoke criticism from the free software community, what could have inspired Caldera to go with per-system licensing? We talked with John Harker, Caldera's vice president of server product management, and asked him that question. In general terms, Caldera is trying to do two things:
The folks at Caldera have made the observation that Linux has been most successful in situations where it can be made to do something right out of the box. Tasks like running web or file servers, for example. In situations where integration of tools is required, adoption of Linux has been slower. Caldera's purpose is to make a version of Linux that works "out of the box" in a wider range of situations, and to help others do the same. The company has a particular focus on independent system vendors who integrate the operating system with some other, task-specific software and resell the result. Those vendors want an operating system that "just works." Something that is stable, lacking bleeding-edge software, has a development roadmap, and will be supported by its vendor for a long time. In other words, these people want something that "looks more like a traditional operating system." Caldera will be trying to provide that system for these vendors. So the company's target is not, in general, the current set of Linux users. Caldera is thus not afraid of losing customers as a result of the new licensing. As Mr. Harker put it, Caldera may lose a number of "users," but the company does not expect its paying customers to go elsewhere. And, in fact, it expects to attract quite a few more of them through the new features in this distribution. Thus, according to Caldera, the company remains committed to Linux and free software, and it wants to continue to see them succeed. It's just taking a different path to make that happen. Meanwhile Caldera continues to support free software projects (including XFree86 and KDE). They are also, according to Mr. Harker, looking at whether there are any interesting parts of SCO Unix that could maybe be released under an open source license, and would appreciate input from the community on that topic. Interestingly, Linux has progressed far enough that, it would seem, traditional Unix systems have little to offer in the way of additions. Caldera has chosen a path that is unproven, to say the least. But then, that could be said of almost every Linux company. But it is a path that remains based in Linux, and is not the complete departure that some people have made it out to be. Whether it succeeds or not depends on whether the company can find customers who agree with its vision of what is needed. Should Caldera be taking this path? Needless to say, per-system licensing has drawn some criticism. Some pretty severe things have been said about this business approach and Caldera's position in the free software community. Much of the energy that has gone into that criticism might have been better expended elsewhere, however. There is no evidence that Caldera is violating the license of any free software package that it is including in its distribution. Source for free software packaged by Caldera is available - it's included in the box. Caldera is not attempting to restrict the redistribution of the free software it uses; instead, it is restricting a compilation which includes a fair number of proprietary packages. These packages, including Volution, JBuilder, and Forte, do not allow unlimited copying. So a distribution which includes them can not allow copying either. Caldera's reliance on proprietary software is neither new nor surprising. A mix of proprietary and free packages has always been part of the company's plans. This plan has always implied restrictions on copying; it is, perhaps, a bit late to criticise Caldera at this point. There are, in fact, a couple of good aspects to Caldera's techniques. Here's why free software advocates should be glad that Caldera is taking this approach:
It would be difficult to overemphasize that second point. History is full of captive IBM, DEC, CDC, etc. shops which found themselves in a difficult position when their vendors failed them. No Linux shop need ever fear that fate. Transitioning to a new distribution is not without its challenges, but those challenges are miniscule even compared to switching between proprietary Unix variants. Any Caldera user who is unhappy with the new licensing will find several other, well-engineered, well-supported distributions waiting. So Caldera is causing little, if any, harm with this approach. In the best (for Caldera) scenario, it will have found a way to add value to Linux that suits its customers, and the company will flourish. Otherwise, its users will make their feelings clear by voting with their feet for one of the many alternatives. Either way, we're seeing a demonstration of the freedoms that come with free software. The end of the Alpha. Compaq this week announced a new deal with Intel. The end result will likely be the end of the Alpha processor architecture, and a reduction of choices for Linux users. The details: Compaq will be moving away from the Alpha processor, which it picked up as part of its acquisition of Digital Equipment Corporation a few years ago. In the future, Compaq expects to use the Itanium processor for all of its 64-bit servers. Much of the Alpha technology, and staff that goes along with it, will be transfered to Intel. This isn't happening right away, of course; Compaq is trying to give advance warning to its Alpha customers. Thus, for example, the goal of having all Compaq 64-bit servers using Itanium isn't to be met until 2004. In the mean time, new Alpha-based servers and a new generation of Alpha processors will be forthcoming. Of course, Compaq isn't the only company working with the Alpha processor; most of them are made by Samsung, and an important partner is API Networks. We talked with a couple of managers at API (Guy Ludden, senior marketing manager and Tom Morris, director of product strategy) about API's plans for the Alpha. API sees no real impact in the short term (the next couple of years), but they acknowledge that there is little chance of the Alpha living on after Compaq loses interest. The more cynical among us have been heard to mutter that the Alpha will live on in the form of new Itanium processors that actually work. But we can't speak to that. In truth, the Alpha appears to be dead. The Alpha processor is important to Linux historically, of course. Way back in the beginning, Linus didn't think that Linux would ever run on anything other than the 386: I'd say that porting is impossible. It's mostly in C, but most people wouldn't call what I write C. It uses every conceivable feature of the 386 I could find, as it was also a project to teach me about the 386.
Now, of course, Linux is one of the most portable (and ported) operating systems available. That change came about when Jon 'maddog' Hall, then working at DEC, got an Alpha-based system delivered to Linus in 1994. Since then, Linux has been ported to numerous systems, but the Alpha has retained a strong following. It remains the processor of choice for people building high-end clusters, and for anybody with serious processing requirements in general. Many users will be sad to see it go. What is truly unfortunate, though, is the reduction in choices for all Linux users. The end of the Alpha takes us a little closer to a world completely dominated by a single processor architecture. And that, of course, can not possibly be good for anybody. Next week's LWN.net weekly edition will come out on Wednesday, July 4, so that we can enjoy the U.S. Independence Day holiday. We'll return to our normal schedule the following week. Inside this week's Linux Weekly News:
This Week's LWN was brought to you by:
|
June 28, 2001
|
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Security page. |
SecurityNews and EditorialsThe responsibility of the individual. While not laying blame on individuals for security problems, two articles this week took a look at educating non-experts about what they can do to help. The Defense Department talked about simple things to do to make life harder for the bad guys. "Use different passwords at Web sites and on every machine you use. Reject all site and system offers to "remember" you and your password. Bad guys know many people use just one password, so attacking an easily hacked site gives them "skeleton keys" to tough ones". Meanwhile, a survey of British employees took a look at bad password practices. "The survey, conducted by UK domain registry CentralNic, revealed that nearly half of the workers polled use their own name or a nickname and a third used a favorite sports team or celebrity for their passwords". This is one lesson we've seen taught over and over again for the past twenty years. Yet there are still people who haven't heard it yet. Multi-nation cybercrime pact gets OK (ZDNet). ZDNet's Robert Lemos reported on ratification of the Convention on Cyber-Crime by a committee on crimes for the Council of Europe. "Last month, the European Committee on Crime Problems bowed to pressure from international rights groups and included some provisions in the treaty to limit surveillance to criminal investigations and added some safeguards to civil liberties. But it's still not enough, [James X.] Dempsey said. 'Unfortunately, it remains a fundamentally imbalanced document,' he said". Ethics challenge' softens hacker con (SecurityFocus). SecurityFocus reports on a planned CyberEthical Surfivor, a new challenge planned for this year's Def Con Nine conference, being held July 13th through the 15th in Las Vegas, Nevada, USA. "CyberEthical Surfivor will pit two teams of nine hackers head-to-head in a public struggle with weighty moral decisions. Example: You are seventeen-years-old, about to graduate to an Ivy League university when a vindictive teacher monkey-wrenches your academic dreams by wrongly flunking you on a final exam. The Principal won't listen to you. Should you crack the school's computer and give yourself the grade you deserve?" Security ReportsNasty Samba security hole. The Samba team sent out an urgent security advisory regarding a remotely-exploitable hole in all versions of the code. The security hole involves the use of the '%m' macro in /etc/smb.conf. Replacing '%m' with '%I' is one possible workaround. Note that not all distributions are vulnerable by default. Nonetheless, the Samba team has made patches available and an upgrade is strongly recommended, since this can potentially be exploited to overwrite a Samba log file to gain root access.The vulnerability was originally found and reported by Michal Zalewski.
OpenSSH PAM session evasion vulnerability. Christian Kraemer reported that OpenSSH fails to call pam_open_session if no pty is used. As a result, on a system where PAM is used to enforce additional login restrictions, OpenSSH can be used to evade such restrictions. OpenSSH 2.9p1 and earlier are reported vulnerable. Check BugTraq ID 2917 for more details.Portable OpenSSH team member Damien Miller acknowledged the problem, which was introduced because some PAM modules on some platforms "fail utterly or perform in unpredictable ways" when called without a controlling terminal. Meanwhile, the call to pam_open_session has been reintroduced in CVS and will be included in the next stable release. SGI Performance Co-Pilot (pmpost) symbolic link vulnerability. SGI Performance Co-Pilot is a product originally developed by SGI for use on IRIX systems. However, SGI has Open Sourced the product under the GPL and it is available for Linux systems.A symbolic link vulnerability has been reported in pmpost, one of the utilities shipped with Performance Co-Pilot. An exploit has been published. The problem can be resolved either by removing the setuid bit from pmpost or by upgrading to Performance Co-Pilot version 2.2.1-3. ePerl preprocessor input validation vulnerability. ePerl, also known as Embedded Perl, expands Perl 5 programming statements within text files. It can be used as a filter to generate files or as a webserver scripting language. David Madison reported that all C-based versions of ePerl, including the current versions 2.2.14, appeared to be vulnerable to an input verification vulnerability. When including untrusted files, ePerl fails to prevent such files from, in turn, including additional files without filtering perl commands from such files. Workarounds for the problem exist. Alternately, David suggested using the perl-based ePerl instead of the C-based version. w3m buffer overflow vulnerability. w3m is a text-based browser similar to Lynx. A buffer overflow in w3m can be triggered when a base-64 encoded string longer than 32 characters is found in a MIME header field. Source code patches to fix the problem were posted to the w3m developers' list.cfingerd buffer overflow and format string vulnerabilities. Both a buffer overflow and a format string vulnerability were reported this week in cfingerd by Steven Van Acker, who also provided unofficial patches for resolving the problems. These vulnerabilities can be exploited locally to gain elevated privileges, possibly including root access. Check BugTraq ID 2914 for more details.scotty (ntping) buffer overflow. Scotty is a Tcl-based network management package. A buffer overflow has been reported in ntping, a component of scotty. This can be exploited locally to execute arbitrary code. Scotty 2.1.10 and earlier are vulnerable; scotty 2.1.11 has been released with a fix for the problem.eXtremail remote format string vulnerability. eXtremail, a freeware SMTP/POP3 mailserver (free to use, no specific license, no source found) has been reported to contain a remotely-exploitable format string vulnerability. eXtremail runs currently on Linux and AIX. It runs as root, so this vulnerability can be used by a remote attacker to gain root access on the local server running eXtremail. An exploit has been published. eXtremail 1.1.9 and earlier are affected; a binary version of eXtremail 1.1.10 has been made available to resolve the problem on Linux; no AIX version as of yet. Disabling the service is recommended until an upgrade is in place.LPRng + tetex tmplink vulnerability. Reported in Bug ID #43342 in Red Hat's Bugzilla, when both LPRng and tetex are installed, a tmplink vulnerability is created in Red Hat 7.0 and 7.1 that can result in a local attacker gaining elevated privileges. A patch is currently in Red Hat's Rawhide distribution; no advisory has been released so far. Check this posting for additional details. It is not known whether or not this might impact other distributions. GNATS-Web input verification vulnerability. GNATS-Web is a PHP-based interface for the GNATS open-source bug-tracking and problem-accounting system. Joost Pol has reported a vulnerability in gnatsweb where the name of a help file could be provided via a URL, but the input was not properly checked before being used. The problem was acknowledged by the GNATS-Web team and patches provided.web scripts. The following web scripts were reported to contain vulnerabilities:Proprietary products. The following proprietary products were reported to contain vulnerabilities:
Updatesfetchmail buffer overflow. Check the June 21st LWN Security Summary for the original report. This is remotely exploitable and could lead to root access if fetchmail is run by root. An upgrade to fetchmail 5.8.6 will resolve the problem.This week's updates: Previous updates:rxvt buffer overflow. Check the June 21st LWN Security Summary for the original report from Samuel "Zorgon" Dralet. A patch is available to fix the problem.This week's updates: Previous updates:
XFree86 X font server (xfs) denial-of-service vulnerability. Check the June 14th LWN Security Summary for the original report. This is only applicable to font servers that are listening to TCP/IP, which is likely only the case for a machine that is serving X terminals.This week's updates:
exim format string vulnerability. Check the June 14th LWN Security Summary for the original report.This week's updates: Previous updates:
ispell symbolic link vulnerabilities. Check the June 7th LWN Security Summary for the original report.This week's updates: Previous updates:
gnupg format string vulnerability. Check the May 31st LWN Security Summary for the initial report. gnupg 1.0.5 and earlier are vulnerable; gnupg 1.0.6 contains a fix for this problem and an upgrade is recommended. Werner Koch also sent out a note warning of minor build problems with gnupg 1.0.6 when compiled without gcc.This week's updates:
KDEsu tmplink vulnerability. Check the May 3rd LWN Security summary for details. Fixes for the problem are included in kdelibs-2.1.2. The KDE Project recommends an upgrade both to kdelibs-2.1.2 and to KDE 2.1.1.This week's updates:
Linux Kernel 2.4 Netfilter/IPTables vulnerability. Check the April 19th LWN Security Summary for the original report. The NetFilter team has provided a patch for Linux 2.4.3. Note that the patch may be subject to future revision; a URL is provided where the latest version can be found.This week's updates:
Samba local disk corruption vulnerability. Check the April 19th LWN Security Summary for the original report. This problem has been fixed in Samba 2.0.9 and an upgrade is recommended. Note that all versions of Samba from (and including) 1.9.17alpha4 are vulnerable (except 2.0.9, of course). BugTraq ID 2617.Note that 2.0.8 was originally believed to fix this problem, but did not. As a result, some of the original distribution updates had to be re-released with 2.0.9. Samba 2.2.0 users are not affected by this problem. This week's updates:
Apache directory listing error. Check the March 8th LWN Security Summary for the initial report. Apache 1.3.18 and earlier are vulnerable; Apache 1.3.19 contains a fix for the problem. This week's updates: Previous reports:
ncurses buffer overflow. Check the October 12th, 2000 LWN Security Summary for the initial report of this problem. Note that the buffer overflow impacts applications linked against ncurses. Such applications must be relinked against a fixed ncurses or curses library.This week's updates:
esound tmpfile link vulnerability. Check the September 7th LWN Security Summary for the original report of this problem from FreeBSD.This week's updates: Previous updates:
Resources
. EventsFinal Reminder: Black Hat Briefings. A final reminder for the Black Hat Briefings 2001 USA, scheduled for July 9th through the 12th in Las Vegas, Nevada, USA, was sent out this week. "This year's topics include: Reverse Engineering, the Honey Net Project, the CVE, 802.11b WEP security, ICMP scanning, SQL security configuration, GSM and WAP security, and more". Upcoming Security Events.
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net. Section Editor: Liz Coolbaugh |
June 28, 2001
LWN Resources | |||||||||||||||||||||
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Kernel page. |
Kernel developmentThe current kernel release is still 2.4.5. The 2.4.6pre6 prepatch came out on June 27, just as this page was going to "press." Sometimes we think Linus does it on purpose. In any case, this prepatch contains another set of fixes, and the resumption of merging from the "ac" patch series (which is currently at 2.4.5ac19). The 2.2.20 prepatch is up to 2.2.20pre6. 2.5 is coming soon. In a message on page locking, Linus let slip the following: I don't have any objections to the patch in that case, although it does end up being a 2.5.x issue as far as I'm concerned (and don't worry, 2.5.x looks like it will open in a week or two, so we're not talking about long timeframes).
That message was posted on June 21, meaning that the new development series can be expected anytime. The 2.4 kernel has had an especially long settling period - a full six months if it lasts until July 4. The kernel hackers (and others) are more than ready to have a bleeding edge to live on once again. It's certainly time. Transitioning to the new kbuild system. The approach of 2.5 has motivated the developers of the new kernel build subsystem to think about how they will effect the transition. The current plans, as last heard from Linus, call for that transition to happen somewhere around the 2.5.2 release. So it's not too soon to be wondering how it will happen. A draft transition plan has been posted to the kbuild list. The developers have decided that the first step will be to replace the configuration system with CML2. That code is stable, and it appears that an important enhancement will not be implemented soon: For you CML2 Adventure fans, Eric has decided not to implement monster combat at this time. On the other hand, the dungeon walls may soon develop graffiti.
The new Makefile scheme implemented by Keith Owens is just about ready, but there are a couple of loose ends yet to be taken care of. So the Makefiles will come second, as a large patch of their own. A third, cleanup patch will follow later. Of course, all this is subject to acceptance by Linus... Memory management I: the early flush patch. Linux, like most Unix-like systems (and most systems in general), does not immediately flush data written by processes to the disk. Data, instead, is cached in order to improve performance. By delaying writes, the system can fold multiple operations into a single write to the disk. Performance can also be improved by allowing writes to consecutive disk sectors to accumulate, so that they can all happen at once. In general, this approach works well. Recently, however, some developers have begun to question one aspect of write caching: how the system decides that it is time to write cached data to disk. Currently, the decision to write comes about in two ways: (1) the system needs memory for other purposes, or (2) the data has been sitting in memory for too long. Neither case is optimal, as it turns out. Using memory for cache until the system needs it for something else seems like a sensible policy, and it often is. In the real world, however, memory pressure is often associated with a high disk I/O load. So if the system waits until memory is short to write cache to disk, it ends up increasing the load on memory just when it's already at a high point. The result can be even worse memory pressure, an overheating disk, and possibly a thrashing system. Writing out cache on a regular basis (the second case, above) may or may not create I/O at a bad time. It can, however, create suboptimal behavior on laptops, or any other system where disks have been set to spin down after an idle period. Activity which generates data to write to disk has a good chance of having already caused the disk to spin up. If the actual write of the data is delayed up to 30 seconds, the spindown of the disk will be delayed accordingly. Both cases suggest that it might often make sense to write out cached data quickly, especially if the disks are not doing much at the time. Daniel Phillips has put together a patch which attempts to do just that. Daniel's patches are always interesting to read, since he includes a detailed and clear description of what he is doing; this one is no exception. Essentially, the patch sets up a new polling loop within the kernel which runs every 100ms. At each poll, if the I/O backlog is small, a flush of cached data will be initiated. That flush may not write out absolutely everything; it tries to fill up the I/O queues while still leaving some slack, in case a burst of activity comes along. The patch is relatively small and simple, but it has the potential of improving performance for a number of different types of workloads. And getting data written to disk sooner doesn't hurt either. (Those who want to try out the patch should see the updated version which contains a few improvements.) Memory management II: the VM requirements document. Jason McMullan recently posted a rant (his word) on how work with the VM subsystem is going. According to him, people have been bashing on virtual memory without a strong idea of just what they are trying to accomplish. He would like to see a summary of the motivations behind the VM work. What if the VM were your little Tuxigachi. A little critter that lived in your computer, handling all the memory, swap, and cache management. What would be the positive and negative feedback you'd give him to tell him how well he's doing VM?
The ensuing conversation remained calm, despite the fact that the VM hackers did not entirely agree with his summary of their work. Jason followed up a few days later with a draft VM requirements document analyzing the constraints on memory management for a number of system types, from embedded systems to servers. In particular, he looked at caching and swapping behavior. It boils down to a few rules of thumb, including:
This sort of analysis, of course, is just a first step. Turning the above items into actual strategies for the VM subsystem, and from there into code, will take some time. But it is a useful exercise in the ongoing effort to improve Linux memory management. (See also: Rik van Riel's FREENIX paper on Linux memory management, available in PDF format from his lectures page). Other patches and updates released this week include:
Section Editor: Jonathan Corbet |
June 28, 2001 For other kernel news, see: Other resources: |
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Distributions page.
Lists of Distributions |
DistributionsPlease note that security updates from the various distributions are covered in the security section. News and EditorialsCaldera OpenLinux Workstation 3.1. Caldera announced its release of Caldera OpenLinux Workstation 3.1 this week, approximately 14 months after Caldera OpenLinux eDeskTop 2.4 began shipping last year. This bucks the trend of many commercial Linux distributions, with most releasing new versions between two to three times a year. Are the two products comparable? OpenLinux eDeskTop was aimed at the basic desktop user. OpenLinux Workstation clearly has a target audience among developers, specifically commercial applications developers. In addition, there is some indication that a non-targeted version, Caldera OpenLinux, will still be supported, though version 3.1 has not yet been released. What is included in Workstation 3.1? Caldera's description starts with the inclusion of Borland's Jbuilder Foundation and Sun Microsystems' Forte Java development environments. Existing Linux developers may be less interested in these tools, but application developers using them on non-Linux platforms will presumably be happy to see them. As is common with Caldera's products, don't expect to see the latest version of packages included. Both XFree86-3.3.6 and XFree86-4.0.2 are included, but the new 4.0.3 and 4.1.0 versions are not. Apache 1.3.19 is included (Apache 1.3.20 was released May 19th). Sendmail 8.11.1 is included (sendmail 8.11.4 is the current default, released May 28th). KDE 2.1 is the base for the system (KDE 2.1.1 was released March 28th). For the first time, a version of Gnome is reported to be included, not by default but available on the 'Skunkware' contrib CD that is bundled with Workstation 3.1. Note, the terminology 'Skunkware' has apparently migrated from SCO to Caldera, and refers to unsupported software. The kernel in use is linux-2.4.2. Note, however, that Caldera has likely applied many patches to this kernel, to close known bugs, while choosing not to upgrade to a later kernel in case of the introduction of new bugs. The use of older versions of the software is in keeping with Caldera's emphasis on stability. As with the kernel, the older versions may include security fixes or bugfixes that have been backported from newer versions. What is the user reaction so far? The released product appears to be pretty much what was seen in the beta, so no big surprises. As is discussed on this week's front page, licensing issues are causing many people to discuss moving to an alternate Linux distribution. SuSE, Linux-Mandrake and Linux From Scratch were discussed quite a bit. On the other hand, not everyone was upset with the decision to charge a per seat license. Those that weren't, though, were unhappy that no upgrade price was provided, meaning that people who have been buying box sets for each of their machines in the past will still pay the same price as new Caldera users. In addition, the lack of a discounted price for multiple seats caused a lot of complaints from people who maintain 10 to a 1000 machines rather than just one or two. One point made by several users was that the quality of support on the caldera-users mailing list was their reason for preferring Caldera, rather than the product itself or the support available directly from Caldera. These people were very concerned that the licensing changes would drive away many of the technical people that they had been counting on for free support. Meanwhile, some of the caldera-users members are apparently migrating over to linux-users@linux.nf, a mailing list that is not specific to any particular Linux distribution, but was created and supported in part by Caldera users looking for a new home. New DistributionsNew distribution: LNX-BBC. The LNX-BBC project has announced its existence. LNX-BBC is taking the cool Linuxcare bootable business card distribution and continuing its development and support outside the company (which appears to no longer have the resources to work on it). All of the original BBC developers are working on LNX-BBC now. They have some ambitious plans; see the announcement for details. This new distribution is having a logo contest. The deadline is August 1. Distribution NewsRed Hat News. An updated version of gcc-2.96-RH, Red Hat's tailored GNU gcc 2.96, has been made available for Red Hat 7.0 and 7.l. "This update fixes several Internal Compiler Errors on invalid input as well as some on valid input. It also fixes a number of cases where code was miscompiled". Note that they recommend all previously released patches be applied before applying this update. Also in the bug-fix vein, Red Hat users running the Linux 2.4.3 kernel or higher may be interested in their recent update to SysVinit, which fixes problems receiving input from a serial console. Red Hat announced this week the availability of Red Hat Deluxe for Compaq's AlphaServer systems. Unrelated to that, Red Hat recently replaced the original ISOs for Red Hat Linux 7.1 for the Alpha due to a packaging problem. Although the applications were fine, the dependency lists were inconsistent, causing a problem when Red Hat Network was used to update packages. The new ISOs should resolve this problem. For those of you wanting to do some IPv6 testing, Pekka Savola has made available ISOs for an IPv6-enabled Linux host/router based on Red Hat Linux 7.1. Meanwhile, on the embedded side, Red Hat announced support for the Hitachi SuperH processors for both their embedded version of Red Hat and for eCos. Debian News. The process of creating a Debian package is covered in part 2 of this series from Linux Journal. They also cover the creation of "fake" debian packages, when and why you may want to use them. The Debian project has posted the June 25th edition of the Debian Weekly News. Bleeding edge KDE 2.2 packages have been made available by Ivan E. Moore II, the location of traceroute became the topic of debate, Debian-friendly laptops were discussed and Debian's master ftp server crashed, causing testing to disappear for a day. Three new packages have been put up for adoption this past week: apt-zip, diskless and rarpd. Also included is the current list of orphaned packages and packages that have been available for adoption for some time. This past week was a difficult one for those people tracking debian-unstable. Sam Hartman put out an apology after uploading a new PAM package to unstable that broke all logins. He's got a fixed version out there now and has promised to revamp his testing procedures before the next upload. The June 27th edition of the Kernel Cousin Debian Hurd discusses the desirability of using the GNU autotools for busybox, so that the autobuilding system could be used for GNU/Hurd instead of just for GNU/Linux. The exim and ae packages have been ported to the Hurd, along with bsd-games. "Now that we have games, we are a real OS, right?", commented Neil Walfield. Linux-Mandrake. The latest community newsletter from Linux-Mandrake is now available. This issue includes discussions on the new MandrakeFreq release, the PPC beta status, and the business case of the week: Viata Online, an application service provider in Hawaii. "Viata Online, an application service provider based in Hawaii, develops business to-business solutions for the travel industry. All of their 50+ workstations run Mandrake Linux instead of Windows, as well as 10+ servers". Slackware News. Ogg Vorbis libraries were upgraded to provide the last bit of 1.0 functionality. In reaction to reports of segfaults with util-linux-2.11f, current has been switched back to the mount/umount from util-linux-2.11b. The rest of the package is still version 2.11f. The segfaulting versions are available as mount-2.11f and umount-2.11f. Although Slackware is not vulnerable to the recently reported remote root Samba vulnerability in its default configuration, current was upgraded to Samba 2.2.0 just in case. Various patches went in to expand support for the vfat and reiserfs file systems. Most of the kernels have been recompiled to remove SMP support by default. 2fsprogs was upgraded yet again to version 1.22, with yet more bugfixes. Other upgrades include python-2.0.1, gnome-utils-1.4.0.1, gnome-media-1.2.3, ibsafe-2.0-2, SDL-1.2.1, and parted-1.4.14. Meanwhile, new ZipSlack.zip and fourmeg.zip files have been created. Rock Linux News. Rock Linux returns to LinuxTag this year with the generous support of Compaq Germany. Rock Linux representatives will be present to demonstrate Rock Linux running on a Compaq Alphaserver DS20. Free CDs will also be made available. MaxOS/BearOps News. MaxOS Linux is apparently on the way to becoming "BearOps Solutions". As part of that, a beta version of their next operating systems release, BearOps-Beta-1 is available for download in ISO format. Feedback and bugs should go to bugzilla@maxos.com. e-smith News. e-smith has put out a Documentation Update. It includes a number of user-contributed documents on a variety of topics ("How to set up Windows NT/2000 machines for Domain Logon to e-smith", "How to install an IDE tape drive on e-smith 4.1.x", ...). Staff effort has been focused on improving documentation in preparation for the next version of e-smith server. Kondara MNU/Linux News. Maya Tamiya reports from Japan on Kondara MNU/Linux. "Kondara MNU/Linux put out a very short announcement which said "At last, our work's paid off!" (and no more than that) recently.[0] According to some sources [1][2][3], this announcement implies that they are happy because PS2 Linux Kit is, apparently, based on Kondara MNU/Linux". Minor Distribution updates
Distribution ReviewsSoftware review: Engarde Secure Linux (NewsForge). NewsForge reviews Engarde Secure Linux. "With minimal system access allowed and every precaution taken, Engarde Secure Linux just might be the best distribution for Web/mail servers yet. It doesn't have all the bells and whistles of other distributions or operating systems, but it would seem that, unlike other companies that market server OSes, Guardian Digital does not think Pinball is an appropriate application for a server." Section Editor: Liz Coolbaugh |
June 28, 2001
Please note that not every distribution will show up every week. Only distributions with recent news to report will be listed.
|
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's On the Desktop page.
|
On The DesktopOffice solutions. Many Linux followers know well the triumvirate of office suites most commonly associated with the their favored desktop - KOffice, GNOME Office, and OpenOffice. But office solutions for Linux exist in many forms and provide many features, and those solutions extend to offerings far beyond this well-known trio. Before stalking the wilds of the 'Net to find alternative office tools, it would be wise to define what we mean by "office suite". Linux Journal carried a review of available tools back in April 2000. In that article, they defined an office suite this way: Generally speaking, office suites include word processing, spreadsheet and database software for use on a personal computer. However, of late, presentation software, e-mail and even Internet browsers have been considered to be parts of a full office suite. To be certain, an office suite can be many things to different people. Many Linux users also throw in graphics applications as a required part of their suite, while some users are now expecting more financial-based applications in order to handle real world business accounting. For this study we'll consider any package containing three or more of the following tools in its set, with a word processor and a spreadsheet required, to be an office suite. The usefulness of that set is left as an exercise for the reader, but we will examine which packages contain which tools.
Native applications A native application is one that was compiled on a Linux system and directly accesses system libraries designed for use on Linux. This generally means real GUI programs (not Web based tools) that make use of Qt/KDE, GTK+/GNOME or Motif. These are the Holy Grails of office applications - the tools naysayers say don't exist yet and are expected to be the most efficient and well integrated into the desktop environment. Unfortunately, the maturity of some of the more favored options in this category still leaves something to be desired.
But all this is a little deceptive at this point. The GNOME Office web
site lists all these programs as part of the complete office package but
there is no GNOME Office package to download. So essentially, you
have to download a bunch of packages that are all GNOME compliant.
Integration is at the API level, but not at the distribution level. At
least not yet. Of course, Ximian will probably address that issue at some
point. They'll have to wait for most of these applications to mature
first, however.
So while GNOME Office lists many programs, it has no integrated package. On
the other hand, KOffice actually includes a set of programs but not a
complete set for an office even though KDE actually has a number of those
missing tools. Once again, it
comes down to what individual users need from an office suite and whether
they want to retrieve missing pieces from alternative sources.
OpenOffice, and its predecessor StarOffice, are integrated office packages and include a word processor, web browser, and spreadsheet tools. In fact, StarOffice 5.2 contained just about everything a desktop user could need, including an integrated desktop. But with the adoption of desktop environments such as GNOME and KDE, future releases of StarOffice and OpenOffice will no longer carry the integrated desktop. Additionally, OpenOffice will not offer all the features of StarOffice 6.0, including (but not limited to) some international language support, some font support, spell checking and the integrated database. These features are proprietary add-ons which Sun has licensed for its 6.0 version alone. Both the email and scheduling software from 5.2 are being dropped from both StarOffice 6.0 and OpenOffice according to the FAQ on the OpenOffice web site. StarOffice 5.2 is still offered for free by Sun while OpenOffice offers developer-only releases for download from that projects main web site site.
This past week Sun announced that the U.S. Defense Information Systems
Agency was
replacing ApplixWare with StarOffice on up to 10,000
workstations.
ApplixWare.
A long time Unix offering, Applixware's future is uncertain. This office
package was originally developed by Applix, Inc. for use on a variety of
Unix systems. After porting to Linux, the company spun off their Linux
division into a company called VistaSource, which was
recently sold
to Parallax Capital Partners.
Parallax is known for its investing in and acquisition of companies in the
software, telecommunications, and technology markets,
focusing on companies with between $5 and $25 million of revenue.
According to a letter to customers, the new parent is focused on
"server-centric technology solutions that are real-time capable,
customizable and web-enabled." Where that leaves the desktop is
anyone's guess.
The main advantage Applix has (or at least had) over other office solutions
was stability. Their package has been a native Unix application for many
years and their recent port to GTK+ went fairly smoothly.
While the graphics tool in Siag, Egon Animator, can be used for creating
images it is better used as a means to generate animations from
existing images. It will import Magic Point and Power Point presentations
for editing.
HancomOffice.
Hansoft, the largest software maker in Korea,
handed their Linux product line to HancomLinux in 1999.
HancomLinux now provides the country
specific versions of the
HancomOffice suite for Linux in
English,
Japanese,
Chinese and
Korean.
The office suite is Qt/KDE-based and offers a word processor, spreadsheet,
presentation manager and graphics application. The graphics tool,
HancomPainter, is a raster tool similar to GIMP or
Photogenics.
The English version appears to be a couple minor revisions behind the
multiple Asian versions.
StarOffice, GNOME and KDE all offer support for PDAs to one extent or another though only StarOffice has integrated that support directly into the office package. The OpenOffice version will likely, as with most tools from its parent project, become componentized with its initial public release. What limits the native office suites the most is that - except for StarOffice 5.2 - they aren't integrated packages. They are collections of separate tools that can be distributed as GNOME or KDE (or whatever) packages, much like Ximian does for GNOME. But the complete set of tools are seldom found in a single distribution of Linux. It will more than likely be left to either companies like Ximian or distributors like Red Hat, SuSE or perhaps even Debian to package the complete set and distribute them as an office solution. Some of these tools are already distributed by Linux vendors but are not presented specifically as an office suite. Expect changes to vendor distributions (and even the GNOME and KDE packages themselves) to make the tools more recognizable as complete office suites over the next 6-12 months. Windows on Linux: WINE based solutions. While the native packages are still evolving, many Linux desktop users are resorting to using existing Windows and NT based offerings. These tools can be run in one of two ways: either under an operating system emulator such as VMWare or as packages ported to Linux using the WINE environment. WINE (which stands for Wine is not an emulator) allows Windows and NT applications to run directly on Linux by using a special library that converts Windows calls to their Linux counterparts. That's the good news. The bad news is this doesn't always work as advertised. VMWare offers a virtual environment that simulates one operating system on another, such as Windows on Linux. While we could list a whole slew of solutions that might run under VMWare and similar environments, we'll skip those for now. VMWare and its brethren require rather fast and powerful computing systems to run well. Desktop users may not have the power to make applications behave in a reasonable manner on their more meager systems using these virtual systems. For that reason, we'll consider only WINE-based offerings.
Corel has invested quite an effort into making their Windows versions of applications work on Linux using WINE.
Reports of this suite having problems with RH7.1 are not distribution
related but have to do with Corel's package having insufficient startup
scripts. Currently, the most stable way to start WordPerfect Office 2000
on Linux is to download and compile Corel's latest version of WINE and
to modify the startup scripts appropriately for your specific needs.
Ability Office 2000.
This package underwent a complete rewrite in 1997 for the Win32 API. At
that time work was also done to abstract the OS interfaces. That made
the
port to Linux using WINE more straightforward, at least more so than the
methods used by Corel.
Ability's PhotoPaint is modeled after Photoshop but doesn't appear to
provide plugin support. The office package does seem to include a
primitive vector drawing tool as well. The office package provides a
MS Access compatible SQL relational database.
Other Tools. One office package that sits outside the lines in all of this is ThinkFree Office. This is a Java based package that requires the IBM Java Runtime Environment. It includes a word processor, a spreadsheet and a presentation graphics tool. Other tools that individually provide office-style features but that are independent of any package suites include:
Office and Word Processor reviews. SoftLandIndia posted a review on May 26, 2001 for quite a number of the office suites listed here. They gave all but one of them their highest rating though the reviews sound more like press clippings from the respective companies or development groups. LinuxPlanet recently announced their intentions to review a wide selection of word processors available for Linux. Their reviews will be posted in the coming weeks. Finding more tools. Tucows list of Linux Office tools offers a wide range of tools not found in packaged sets. Desktop EnvironmentsKOffice 1.1 Beta 3. A new beta release of the KOffice 1.1 package has been announced by the KDE project. Bonobo 1.0.6. A bug fix and UI update release of Bonobo, the GNOME component object model, was made this week. Gnome-- 1.2.0. A new version of the C++ wrappers, known as Gnome--, for the GNOME library widget set was also released this past week. gnome-utils 1.4.0.1. A new release of the gnome-utils package is now available. This release includes a few new tools, including a backported gcalc from the GTK 2.0 version and a new program to make archives called the meat-grinder. GNOME Summary 17 June to 23 June. This week's GNOME Summary includes news on Ximian Setup Tools 0.6, a review of Galeon and the next generation of Glade. Ximian Setup Tools 0.6 have been released.. A new release of the Ximian Setup Tools is now available. This release fixes a number of major bugs but has no new features. Office ApplicationsAbiWord Weekly News #49. AbiWord moves toward 0.9.0. Read about it in the AbiWord Weekly News. Gnumeric 0.66. This latest developer release of Gnumeric now defaults to a GNOME build with associated dependency on Bonobo 1.0.x. Building without GNOME/Bonobo is still possible with --without-bonobo, but this is not the default. Moneydance Personal Finance Manager (Linux Journal). Linux Journal reviews Appgen's Java-based Moneydance Personal Finance Manager. "If you are already using Quicken, Moneydance lets you import Quicken data as a QIF file. I tried this with the version of Pocket Quicken I've been using for years on my HP100LX, and it worked fine, bringing in all my accounts, balances and transactions." Desktop ApplicationsGIMP 1.2.2-pre2. A new developers release of GIMP has been announced. This new version is still not intended for end users, but according to reports if this release yields little bug reporting then the official 1.2.2 should follow shortly. Chess Interfaces (FirstLinux). FirstLinux looks at a few graphical interfaces for playing chess over the Internet. "To play chess over the Internet you need to obtain a chess client which logs you into a chess server. There are a wide range of servers on the net, ranging from the commercial Internet Chess Club, to numerous free chess servers. The focus of this review is to compare and contrast the four main Linux chess interfaces on the Free Internet Chess Server." GamesKohan for Linux Now in Beta. Loki Software, Inc. released a beta version of the game Kohan from TimeGate Studios this week. No One Lives Forever goes open source (ZDNet). According to a Gamespot report, the popular first person shooter code has been released in an effort to help build the game's online community. And in other news...A very apt app (ZDNet). Conectiva's port of Debian's apt-get to manage RPM formatted packages gets a "thumbs up" in this ZDNet article. "But apt-get's capabilities go far beyond simplifying installation. Most notable is an option that updates your system by comparing the release levels of the software on your system to those of a remote benchmark site." People Behind KDE. The ongoing series of interviews with KDE developers offered two new interviews this past week: Martin James, author of many KDE screensavers, and Michael Goffioul, author of the printing system for KDE 2.2. Intel: Linux has 'no place' on desktop (ZDNet). Intel Chief Executive Officer Craig Barrett thinks the OS has a place in the computing world, but Linux wasn't designed for the desktop. "...the crucial thing is for Linux to come up with a body of applications to compare with the tens of thousands available for Windows; until then it will have "no appreciable place on the desktop." Section Editor: Michael J. Hammel |
June 28, 2001
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Sections: Main page Security Kernel Distributions On the Desktop Development Commerce Linux in the news Announcements Linux History Letters See also: last week's Development page. |
Development projectsNews and EditorialsLinux Cluster Systems The Parallel Research Group of the Department of Computer Engineering at Kasetsart University in Bangkok, Thailand has announced the release of SCE 1.0. SCE is the Scalable Computing Environment and features the following tools for working with clusters:
|