LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for November 11, 2004An open source licensing white paperThe Olliance Group has announced the availability of a white paper entitled "Open Source Intellectual Property and Licensing Compliance: A Survey and Analysis of Industry Best Practices." The paper is available for free download to those willing to fill in a registration form.The press release includes a recommendation from the president of the Free Standards Group, and the paper itself includes a foreward by OSDL head Stuart Cohen. So one might conclude that it would be a relatively high-clue work on how to interpret and comply with free software licenses. The sad truth, however, is that it appears to have been thrown together quickly (it contains a number of grammatical errors, for example), and the ultimate goals of its authors are unclear at best. The purpose of the paper seems to be to help companies figure out how to avoid "open source risk." But that risk is not defined or justified anywhere in the paper. The closest it gets is toward the end, where we read:
The best defense against the risk of losing proprietary IP to
certain open source licenses such as the GPL or Mozilla is through
a sound compliance program that minimizes the risk of inadvertent
commingling of open source code and proprietary code.
In other words, we have the same old "the GPL can cause you to lose your intellectual property" argument. This line has been debunked numerous times: there is nothing in the GPL which can legally force a company to loosen its death grip in its valuable IP. The GPL can subject a non-compliant company to copyright infringement suits, fines, and injunctions stopping distribution of a product. These are real risks which should be understood by any company which is considering incorporating GPL-licensed code into its products. But it is discouraging to see representatives of the Free Standards Group and OSDL putting their names on a report that brings back the "lose all your IP" scarecrow. Oh, there is one other risk mentioned on the same page:
However, open source licenses, unlike proprietary software
licenses, are generally not irrevocable--meaning that a
company that has violated a license term may have its right to use
the software revoked. While we do not know of any case in which
this has happened, it remains a possibility that companies should
be aware of.
In fact, the revocable nature of the GPL came out at the end of the KDE wars, when Richard Stallman revoked the right of the KDE developers to distribute the FSF's code, then magnanimously forgave them their sins:
More precisely, those who as of
September 4, 2000 have used some FSF code in violation of the GPL
solely by linking it with Qt, and thus have forfeited the right to
use that code under the GPL, will once again have full GPL
permissions to use that code upon switching to a GPL-covered
version of Qt.
The real point, however, is that revocability is certainly not a feature which is unique to free software licenses. Consider the Windows XP EULA:
6. TERMINATION. Without prejudice to any other rights, Microsoft
may cancel this EULA if you do not abide by the terms and
conditions of this EULA, in which case you must destroy all copies
of the Product and all of its component parts.
Almost any proprietary software license includes a term like this one. Olliance's claim that such terms are unique to free software licenses is simply false. So what does Olliance recommend be done to address those scary free software risks? The first step is to perform an audit of every free application in use in the company. Employees are to be required to document every program they use, its version numbers, the dates over which it has been used, the reason why it is used, the manager who approved its use, and so on. A database is then to be built containing all of that information. What then is to be done with this database is not entirely clear. Some other "best practices" include:
In the midst of all this is a recommendation which actually makes sense:
Forbidding the modification of open source software or its
inclusion in any product that is distributed, without further
detailed analysis, and executive level management review, for
companies that have significant intellectual property at risk.
OK, so maybe it doesn't make that much sense. The core of this recommendation is, however: think before you incorporate free software into your products. One could extend that to "think before you incorporate any software copyrighted by others into your products," but that would be asking a lot of the authors of this particular work. As far as your editor can tell, the goal of this particular white paper is to stoke fears about open source licensing, and to urge companies to create a vast, grinding bureaucracy to impede the adoption of free software internally. Following its recommendations is unlikely to make many companies safer, but it will increase the apparent costs of using free software. There is a place for documentation of the real risks of using code copyrighted by others - both free and proprietary - and on how to avoid distributing products which violate free software licenses. But this paper does not fill that role.
Sendmail XSendmail has a difficult reputation. It is the canonical example of how large, complex programs are subject to security problems. It has a configuration file format which makes obfuscated Perl code seem highly readable by comparison. Its performance when dealing with large amounts of mail is held to be inferior. One could, of course, point out that sendmail's security problems appear to be mostly behind it, that few people ever have to look at the raw configuration file, and that sendmail was a cherished gift, once upon a time, to anybody who had ever tried to convince delivermail to route a message along a uucp bang path, by way of the Arpanet, from a CSNet node. For all of its blemishes, sendmail has been a crucial and valuable part of the network's infrastructure for many years.After all those years, however, sendmail may just be due for a major upgrade. As it turns out, work on the next generation of sendmail, called sendmail X, has been under way for some time. Some early code has been made available; sendmail X 0.0.16 is available from this page. Do note that it is billed as "pre-alpha" code; using it on a server which handles real mail is probably not a good idea. A lengthy design document for sendmail X is available; it gives some insight into what the next version of sendmail will look like. The first impression that comes out is that sendmail X will be so different that one wonders why the "sendmail" name is being used at all. Sendmail X is a completely new mail transfer agent, redesigned and rewritten from the beginning. As is the norm for contemporary MTA design, sendmail X is implemented as a set of (relatively) small, cooperating processes. The system is divided in this way:
In addition, there will be a collection of local delivery agents, mail filter processes, etc. Much thought has been given to performance, to the point that may cause some to wonder if there might be some premature optimization going on. For example, the SMTP server has been designed to use an Apache-style mode, where multiple processes exist, each of which runs several server threads. This design will certainly add complexity to the server, but few sites are likely to benefit from the associated performance increase. System administrators will be glad to know that the sendmail.cf configuration file is gone. Sendmail X will use a C-like configuration syntax, similar to that used by BIND. Configuration of real-world mail systems will, perhaps, never be an entirely simple task, but sendmail X should be easier to set up than its predecessor. Unsurprisingly, security is said to be a core design goal. The multi-process design is clearly motivated by security concerns, though the relatively high level of interaction between these processes may complicate things. The qmail design, for example, has a far lower level of interaction and trust between its components - though that approach leads to problems of its own. There are no setuid programs in sendmail X. It is necessary to run the master control program as root; it then handles any privileged tasks that it can before starting the subsidiary processes under a different user ID. Thus, for example, it binds to the SMTP port before starting the SMTP server. Since the master control program does not actually handle mail or communicate with the outside, it should be relatively hard to compromise. The code consists of almost 600 C files. In some ways it resembles the qmail code; it has many short files with reimplementations of many functions normally found in the C library. A special string type is used to avoid buffer overruns. A casual look suggests that the code really is being written with security in mind. That much new code is sure to have a surprise or two in it somewhere, however. The author of sendmail X (Claus Aßmann) claims to have been running it since the beginning of the year without losing any mail. Even so, it will probably be some time before it is put forward as a viable option for production sites. What happens then will be interesting. Sendmail X will be jumping into an environment where several other options exist and are in wide use. The MTA ecosystem has, over the years, gone from being a single-program monoculture to a diverse field with several alternatives. Sendmail X will have to be significantly better than those alternatives, and much better than sendmail 8, to be widely successful in that environment. (Thanks to Xose Vazquez Perez for drawing our attention to this project).
The state of RTAIAfter the Approaches to realtime Linux article drew a great deal of interest, we decided to drill down and offer a closer look at one of the projects mentioned therein: The Real Time Application Interface (RTAI) project, whose developers felt that our portrayal of the project was not entirely accurate. To set things straight, we touched base with RTAI hackers Philippe Gerum and Paolo Mantegazza.First, we learned that there are actually two ongoing projects, the first is the original RTAI project, funded by the Dipartimento di Ingegneria Aerospaziale, Politecnico di Milano (DIAPM). The other project is RTAI/Fusion, which is a different approach that merges the RTAI interfaces with the Xenomai development framework. The RTAI project with Linux RealTime (LXRT) uses several kernel modules to gain the realtime functionality that one may need. RTAI makes changes in the Linux interrupt and scheduling policies to provide real time capabilities within the non-real time Linux environment. According to the RTAI website:
RTAI offers the same services of the Linux kernel core, adding the features
of an industrial real time operating system. It consists basically of an
interrupt dispatcher: RTAI mainly traps the peripherals interrupts and if
necessary re-routes them to Linux. It is not an intrusive modification of
the kernel; it uses the concept of HAL (hardware abstraction layer) to get
information from Linux and to trap some fundamental functions. This HAL
provides few dependencies to Linux Kernel. This leads to a simple
adaptation in the Linux kernel, an easy RTAI port from version to version
of Linux and an easier use of other operating systems instead of RTAI. RTAI
considers Linux as a background task running when no real time activity
occurs.
The original RTAI project was designed specifically for DIAPM projects, says Mantegazza:
The whole of RTAI, so LXRT also, was born to satisfy DIAPM needs first, it
was made available much as it is in the form 'if you like it use it.' Bugs
fixing apart, there is very little of RTAI that has been done to show up or
to solve non DIAPM problems. However our applications are not trivial, you
can bet we have_pushed/are_pushing LXRT to the extremes.
On the other hand, Xenomai was designed to allow developers to port applications from other realtime systems, and therefore it takes a different approach. Gerum describes Xenomai as a "kind of generic RTOS (Real Time Operating System) core" that enable a developer to plug in their own real-time APIs. Gerum says the idea was that most RTOS vendors offer the same functionality, but with "different API window dressings." Xenomai was designed to "provide one generic core running side-by-side with the Linux kernel" that would allow for different APIs. The RTAI/Fusion project that is now under development works with a "vanilla" Linux kernel running on top of the Adeos (Adaptive Domain Environment for Operating Systems) nanokernel. By running the Linux kernel and Fusion under the Adeos nanokernel, Fusion cooperates with Linux and allows developers to use "any number of real-time APIs at the same time." Given that there are a number of real time projects for Linux, not to mention the other various RTOSes, we asked whether it would be possible to come up with a "one size fits all" solution for real time operating systems. Mantegazza says yes, but Gerum is not so sure:
Since the traditional RTOS vendors did not succeed in capturing more than a
half of the real-time market during the last 20 years, the rest consisting
of home-grown solutions, I guess that the answer is no. This said, it
should be possible to have a real-time framework which is extensible enough
to allow people to build their real-time solution of choice over it. The
system would simply provide a few canned interfaces in order to be usable
out of the box, by people with common needs.
Simple design and straightforward code layers make the above possible. For instance, DSP-like applications do not necessarily need a full-fledged multi-tasking infrastructure; basic interrupt handlers with predictable preemption time are often enough here. On the other hand, you are not going to run a complete telecom software stack over interrupt service routines, so you need a complete RTOS core and rich utility libraries. It's important to note that RTAI/Fusion would not replace RTAI/LXRT so much as envelope it, if successful. According to Gerum, the plan is to "refactor the original RTAI 3.x interfaces over Fusion, if this technology is successful." What's left to implement in Fusion? Gerum says there are several things left to be done:
What remains is about porting to other CPU architectures, extending the
toolset and the available canned real-time interfaces including new
traditional RTOS emulations.
Fusion already provides a full-fledged event-driven simulator with a nifty GUI for debugging applications on the host system; GDB can also be used to debug the real-time threads in user-space on the target. However, LTT (Linux Trace Toolkit) support is missing, for instance. Users that are interested in trying RTAI/Fusion can get a jump-start with Debian, which has RTAI packages in testing and unstable. Though the Real Time market is a small niche of the Linux community, it's good to see healthy projects like RTAI/LXRT and RTAI/Fusion that will give Linux the opportunity to achieve the goal of world domination.
Security Brief items Habeas returnsRemember Habeas? This is the company which copyrighted a bit of haiku, then restricted the right to include that "work of art" in the headers of an email message. Only non-spam messages could contain the poem without violating the license. The idea was that mail filters could look for the Habeas mark and, upon finding it, deliver the mail with confidence that it was legitimate.The folks at Habeas were, apparently, surprised to discover that spammers are not as respectful as one might like of copyright law - or much of anything else. It did not take them all that long to start including the Habeas headers in their solicitations, especially once they figured out that filters like SpamAssassin gave a strong bonus to such messages. Rather than being a guarantee of legitimacy, the Habeas headers quickly became one of the most reliable indicators of spam. The SpamAssassin bonus came out, and Habeas disappeared from view. The company is still there, however, and they have not given up. A new press release issued by the company celebrates the fact that SpamAssassin 3.0 once again gives a bonus to Habeas-marked mail. There is a new twist, however: Habeas now implements an online whitelist of senders whose mail is really thought to be legitimate. Strangely enough, getting onto the whitelist requires that a fee be paid to Habeas. This new service might just work for certain kinds of commercial emailers, as long as Habeas sticks to its anti-spam standards. We may be seeing the beginning of a shift to a reputation-based mechanism for the filtering of email. Blacklists were clearly the first step in that direction, but they are limited in their scope. A scheme which can track positive reputations might, just, bring a finer degree of control to the spam filtering problem. Or it might just herald an era where purchasing yet another useless digital certificate will be required to get email delivered at all. Either way, it is a development worth watching.
Some Linux kernel security vulnerabilitiesPaul Starzetz has discovered a set of security holes in the kernel ELF loader; click below for the details. Essentially, bugs in how the kernel interprets binaries could conceivably be exploited by a local attacker to obtain root privileges or leak information from the kernel. Paul discusses 2.4, but fixes for these problems have just been merged for 2.6 as well. Expect a set of distributor updates in the near future.
New vulnerabilities apache2: denial of service
dhcp: format string vulnerability
freeamp: arbitrary code execution
Gallery: cross-site scripting vulnerability
gnats: format string vulnerability
gzip: insecure temporary files
Kaffeine, gxine: remotely exploitable buffer overflow
ImageMagick: EXIF buffer overflow
mtink: insecure tempfile handling
ruby: infinite loop
samba: remote DoS vulnerability
shadow: unauthorized modification of account information
zgv: multiple buffer overflows
zip: arbitrary code execution
Updated vulnerabilities apache: mod_ssl cipher negotiation problem
apache: arbitrary code execution
Archive::Zip: Virus detection evasion
aspell: bounds checking problem
cabextract: missing directory sanitizing
catdoc: insecure temp file
cdrecord: failure to drop privilege
Cherokee: format string vulnerability
ncompress: Buffer overflow
cyrus-sasl: remote buffer overflow
Filename disclosure vulnerability in fam
flim: insecure file creation
Foomatic: Arbitrary command execution in foomatic-rip
FreeRADIUS: denial of service
gaim: buffer overflow in MSN protocol
gaim: command execution via smiley themes
gtk2, gdk-pixbuf: buffer overflows
gettext: Insecure temporary file handling
ghostscript: symlink vulnerabilities
glibc: Information leak with LD_DEBUG
glibc: tempfile vulnerability in catchsegv script
gnome-vfs: backend script vulnerabilities
groff: insecure temporary directory
gtkhtml: malformed messages cause crash
imagemagick: buffer overflow vulnerability
imlib2: buffer overflows
iproute: local denial of service
iptables: missing initialization
kernel-utils: setuid vulnerability
libgd2: buffer overflows in PNG handling
libpng: multiple vulnerabilities
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libxpm4: stack and integer overflows
logcheck: symlink vulnerability
lvm10: creates insecure temporary directory
Midnight Commander: extfs vfs vulnerability
mikmod: buffer overflow
MIME-tools: parsing bug
mozilla products: arbitrary code execution and other vulnerabilities
mpg123: buffer overflow bug
mpg321: format string vulnerability
mysql: several vulnerabilities
netkit-telnet: invalid free pointer
netpbm: insecure temporary files
openssh: timing attack leads to information disclosure
OpenSSL: denial of service vulnerabilities
pavuk: buffer overflow
perl: insecure temp file creation
php: remotely exploitable memory errors
PostgreSQL: Insecure temporary file use in make_oidjoins_check
ppp: denial of service
proxytunnel: format string vulnerability
qt3: BMP image parser heap overflow
rp-pppoe, pppoe: missing privilege dropping
sharutils: arbitrary code execution
sox: buffer overflow
SpamAssassin: Denial of Service vulnerability
Speedtouch USB driver: Privilege escalation vulnerability
squid: denial of service vulnerability
Subversion: Remote heap overflow
subversion: metadata information disclosure
File overwrite vulnerability in tar and unzip
tiff: buffer overflows
WordPress: HTTP response splitting and XSS vulnerabilities
wv: buffer overflow
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xpdf: integer overflows
zlib: denial of service
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch remains 2.6.10-rc1, which came out on October 22.Patches currently sitting in Linus's BitKeeper repository include fixes for the ELF loader security problems, kprobes support for the x86-64 architecture, a frame buffer device update, a set of user-mode Linux patches, an NTFS update, version 2.0 of the USB gadget serial driver, some kernel build tweaks (the preferred name for kernel makefiles is now Kbuild), the ext3 block reservation and online resizing patches, sysfs backing store, locking behavior annotations for the "sparse" utility, a reworking of spin lock initialization, the un-exporting of add_timer_on(), sys_lseek(), and a number of other kernel functions, an x86 signal delivery optimization, an IDE update, I/O space write barrier support, a frame buffer driver update, more scheduler tweaks, some big kernel lock preemption patches, a large number of architecture updates, and lots of fixes. The current tree from Andrew Morton is 2.6.10-rc1-mm4. The biggest recent change in -mm, perhaps, is the inclusion of the four-level page table patch in 2.6.10-rc1-mm3 and subsequent fixes in -mm4; Andrew has stated that he expects to merge four-level page tables in the near future. Other changes include support for the FRV architecture, some scheduler tweaks, the un-exporting of cdev_get() and cdev_put(), a number of architecture updates, and the usual pile of fixes. The current 2.4 prepatch is 2.4.28-rc2, released by Marcelo on November 7. It contains some networking updates and a patch for a (difficult to exploit) security problem; if nothing new turns up, it will become the official 2.4.28 release.
Kernel development news Into the ABISSVersion 2 of the Active Block I/O Scheduling System (ABISS) was released on November 9. At a first glance, ABISS looks like yet another I/O scheduler for a kernel which already has a few of them - and that it is. But there is more to ABISS which makes it worth a look.The goal behind ABISS is to enable applications to request (and receive) a guaranteed I/O rate to a specific file. It is implementing a sort of isochronous stream capability for the Linux block layer. The target applications might be multimedia recording and playback programs, or, perhaps, some sort of data acquisition system. Any application which needs assurance that it can transfer data to or from the filesystem at a given rate could benefit from ABISS. For now, guaranteed data rates are only supported for read access, and only for a few filesystems. The core of the read side of ABISS is the "playout buffer." It is, for all practical purposes, a circular buffer in kernel space which is filled at the requested I/O rate. As long as the application does not exceed its requested rate for long periods of time, the data it requests should always be located in the buffer, and thus immediately available. The playout buffer is integrated with the page cache, so accessing the file via mmap() will also work - though, in that case, the application must inform ABISS of its progress through the file so that playout buffer pages can be released when no longer needed. Setting up this buffer requires a few steps. The application uses an ioctl() call to request a guaranteed read rate; that request is then passed back to a user-space daemon for approval. The daemon is supposed to keep track of all such requests and ensure that the system actually has enough resources to implement another fixed-rate stream. Any policy decisions on which processes are allowed to request guaranteed-rate behavior - and the rates they can ask for - are also made in the user-space daemon. If the daemon approves the request, the kernel builds an in-memory map of the location of the file's data blocks. This map is used when filling the playout buffer; its real purpose is to do the file location lookup work ahead of time and minimize unexpected I/O while the file is being processed. The operational phase consists of filling the playout buffer at the given rate while not allowing it to get too large. The idea is conceptually simple, though the actual implementation involves a number of somewhat tricky details. ABISS differs from other I/O schedulers in that it does not just fit neatly into the block layer. Each filesystem must have ABISS support explicitly added to it. In particular, ABISS must be able to intercept ioctl() calls and, build the location map. When the filesystem-level code decides to look for a specific block within the file, the ABISS code, which may already have that location in its map, needs a chance to short out the usual lookup code. Finally, ABISS must be notified when a file is truncated, since it needs to adjust the location map to match the new size. Since filesystem-level changes are needed, ABISS does not support all filesystems in the Linux kernel; version 2 only works with FAT, VFAT, and ext3. Underneath it all is a real I/O scheduler. The primary feature there is the implementation of I/O request priorities. Requests to fill the playout buffer go in at a high priority, and will be executed before most others. The ABISS I/O scheduler also implements a set of "best effort" priorities which can be used when guaranteed I/O rates are not required. More information can be found on the ABISS project page.
Stackable security modulesThe Linux security module framework allows the flexible loading of security modules into the kernel. These modules are allowed to hook into a large number of kernel functions and, if they deem it appropriate, block an attempted user-space operation. As a way of helping security modules, many core kernel structures include a void * "security" pointer which may be used to attach security-related information. These structures include those representing inodes, files, open sockets, processes, and more.One shortcoming of the security module mechanism - according to some developers, at least - is that it makes life hard for people who are trying to load more than one module. There is some rudimentary support for stacking modules; essentially, any modules which request stacked loading are simply passed to the "primary" module. The primary module can refuse to accept the stacked module at all (in which case the load fails), or it can, in its own way, arrange to call the stacked module's hooks when it sees fit. So stacking a module requires that the author of the first-loaded module explicitly thought about and coded support for that mode of operation. Since that support must be added to a large number of security hooks, most security module authors conclude that they have better things to do with their time. There is also the little matter of that void * security pointer in all those structures. If modules are to be stacked, they must come up with some way of sharing that single pointer without creating chaos. Serge Hallyn has been trying to address the stacking problem for some time; his latest attempt was recently posted to linux-kernel with a request for comments. He certainly got a few of those. The patch supports stacking security modules by separating them from each other to the greatest extent possible. The existing security hooks are all set to a set of "stacker" hooks; each one calls the associated hook provided by each stacked module, and returns a failure code if any of the modules decides to block the operation. The various void * pointers are each replaced by a static array, dimensioned to the maximum configured number of security modules (four by default). Each loaded module is given an index into the array, and is expected to work with its entry only. Thus, all security modules must be changed to work properly in the stacking mode. The code itself has drawn a few complaints; not everybody is convinced by how the locking works, for example. Adding static arrays to heavily-used kernel data structures (such as files and inodes) will significantly increase kernel memory usage. Your editor, in his reading of the patch, can find no code which prevents loading more than the configured maximum number of modules and corrupting all of those structures. And so on. The real issue of contention, however, is whether security module stacking makes any sense in the first place. Stacked modules operate without any awareness of each other, but could interact to produce surprising results. In the security world, surprising results tend not to be welcome. The right approach, as expressed by James Morris (and others), is to load SELinux and let it handle the loading of other security policies. SELinux was designed to do this, and it should be able to handle module interactions in a more predictable way. Whether other developers are willing to accept SELinux as the One True Base Security Module remains to be seen; it seems more likely than getting blind security module stacking into the kernel, however.
Partitioned loopback devicesThe expanded device number type in the 2.6 kernel makes it possible, at the lowest level, to support vast numbers of partitions on every block device in the system. Unfortunately, the Linux block drivers have not caught up with this change. SCSI, in particular, is still limited to 15 partitions per device. There are a few reasons for this lag, but the largest is simple compatibility: there is no easy way to incorporate support for more partitions without breaking the existing device numbering scheme. The block layer assumes that partitions have consecutive minor numbers, so supporting more partitions means increasing the portion of the minor number which is dedicated to the partition number. But changing the interpretation of minor numbers in this way would break existing systems, and that is something the kernel developers are reluctant to do.Carl-Daniel Hailfinger has recently posted an interesting solution to the partition limit: partitioned loopback devices. A loopback device is a kernel-implemented virtual block device which is backed up by something real - usually a disk partition or a file on a disk somewhere. Common uses for loopback devices include mounting regular files as filesystems or the creation of encrypted filesystems (though the device mapper is the preferred means for the latter application in 2.6). Loopback devices do not support partitions in their own right; they simply provide block-level access to the backing store as a single partition. Carl-Daniel noticed, however, that adding partition support to loopback devices would be a relatively straightforward thing to do. In 2.6, partition handing is (finally) part of the block layer; all that is really required to support partitions in the loopback driver is to tell the block layer that those partitions exist. So, with a small patch, each loopback device can have up to 127 partitions. The bulk of the patch, in fact, is there to ensure continued compatibility for users of non-partitioned loopback devices. This capability is interesting because it is a simple matter of one losetup command to create a loopback interface to a real disk drive. Thus, by using loopback devices in this mode, system administrators can get around the partition limits enforced by the real hardware drivers and divide their disks into lots of tiny little pieces. There is some small overhead associated with using the loopback device, but, for users in need of more partitions, it may well be a price worth paying.
Patches and updates Kernel trees
Build system
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials A First Look at Novell Linux Desktop 9Early this week, Novell announced the availability of Novell Linux Desktop 9, a new $50 (per seat per year) desktop Linux distribution for the enterprise. We rushed to create a Novell profile account in order to download the 30-day evaluation edition. After all, Novell is the first well-known commercial entity undergoing a large-scale migration of its desktop computers to Linux. Also, this is the first release of what will eventually become Novell's main, fully supported Linux distribution, with SUSE LINUX reportedly being turned into a "community" project, à la Fedora Core. We were especially curious about one aspect of Novell Linux Desktop: what has been done to make the new operating system acceptable to thousands of Novell employees, most of whom are likely to be displeased with such a drastic change in their working routines?Let's start with the installation. As expected, the system installer is YaST, somewhat automated, re-branded, and with a nice neutral-looking theme. GNOME 2.6 and KDE 3.2.1 are the only two desktop environments available and users need to make an explicit decision to install either of them, or alternatively, select both in the detailed package selection dialog. GNOME seems to be Novell's preferred desktop with more obvious customizations - icons for the Firefox browser, Novell Evolution collaboration client (the word "Ximian" has been dropped from the application), and OpenOffice.org Writer prominently displayed on the task bar. If software updates are available, a Red Carpet icon will also be around to alert the user to the fact. On the other hand, KDE has more or less the default SUSE look with Konqueror and Kontact as the preferred web browsing and mail/organizer clients. Much thought was given to the selection of applications and their names in menus. As has been the trend with other user-friendly desktop distributions, most software packages were renamed to give a clear indication of their purpose. Names such as Gaim or K3B were replaced with "Instant Messenger" and "CD Burner". This brings up an interesting point regarding preferred applications - although K3B is a KDE application, it is the default CD burner on the GNOME desktop. This example indicates that Novell developers chose what they believed was the best application for each task, irrespective of the application's affinity in terms of development toolkits and class libraries. Overall, the Novell GNOME desktop is very nicely designed, somewhat reminiscent of that found in any recent Fedora Core release, and the users' first impressions, after booting into their new operating system for the first time, are likely to be positive. Although Novell Linux is based on SUSE Linux Enterprise Server 9, many of the more visible applications were updated to later versions. This includes not only the above-mentioned GNOME desktop, but also OpenOffice.org (1.1.3), Evolution (2.0.1) and Firefox (0.10.0). The kernel is at version 2.6.5 and the X window system is the last pre-release of XFree86 4.4.0 before that project's infamous license change. A number of Novell-specific applications and compatibility layers with other Novell products were also included - among them iFolder, Red Carpet, Novell ZENworks and Connector for Microsoft Exchange Server deserve a special mention.
We liked the new Novell Linux Desktop 9. It is a meticulously designed application suite, especially the GNOME desktop, with many user-friendly enhancements and a careful selection of applications. Its integration with some business-oriented solutions, such as iFolder and Connector provide added functionality that will appeal to enterprises. There is also a lot of developer enthusiasm behind the product - see this blog by Luis Villa, or the Novell Linux Desktop Cool Solutions page with an incredible amount of articles, tips and tricks, application notes, FAQs, links to user forums, and other useful information. The source code is also available. The price is reasonable and additional support options can be purchased through Novell for that extra peace of mind. All in all, a very good product indeed.
Distribution News FedoraThe Fedora Project has announced the release of Fedora Core 3. See the download instructions or the torrent tracker to get your copy.Fedora Core 2 updates: system-config-users (fixes bug #130379), wget (adds support for large files), system-config-users (fixes bugs #138093, #102637, #126756 and #131180) and openoffice.org (lots of bug fixes) Fedora Core 3 upgrades to KDE 3.3.1, which updates the following packages: kde-il8n, kdeaddons, kdeadmin, kdeartwork, kdebase, kdebindings, kdeedu, kdegames, kdegraphics, kdelibs, kdemultimedia, kdenetwork, kdepim, kdesk, kdetoys, kdeutils, kdevelop, kdewebdev and arts. Other Fedora Core 3 updates: udev (removes debugging code), initscripts (minor bug fixes), hotplug (load sg module), ipsec-tools (fixes the use of 'setkey'), gpdf (rebuilt for FC3), wireless-tools (fixes a memory leak), redhat-artwork (fixes issues when using redhat-artwork on 64-bit platforms), gnome-media (merge from devel), gnumeric (64bit excel {im|ex}port backport fixes), openoffice.org (lots of bug fixes) and jwhois (fixes a crash when a processing a query requires more than one redirection).
MandrakelinuxMandrakelinux 10.1 for x86-64 is now available. This new version is compatible with the following 64-bit processors: AMD Athlon 64, AMD Opteron, Intel Xeon 64 and Intel EM64T.Various packages are available that fix certain bugs in KDE-related packages in Mandrakelinux 10.1 Official edition.
Novell Linux Desktop 9 announcedNovell has announced the availability of Novell Linux Desktop 9, its entry into the desktop arena. "Novell does not rule out general replacement of Windows and other proprietary operating systems with Novell Linux Desktop."
Trustix Secure LinuxTrustix Secure Linux has announced the release of TSL 2.2 (Sunchild). The announcement contains a list of new packages and major upgrades in this version of TSL.The first set of updates for TSL 2.2 includes various bug fixes for php, postfix, kernel, sqlgrey and sqlite.
UbuntuThe first batch of pressed Ubuntu 4.10 "Warty Warthog" CDs are shipping. "If you or someone you know would like to order pressed Ubuntu 4.10 CDs and have not yet, you will need to place an order on or before Friday November 12, 2004. After this, all orders will be not be shipped until we finish the next release of Ubuntu. Of course, with our quick release cycle, this is less than 6 months away."X.org packages are now available for Ubuntu's Hoary Hedgehog. "For the last two weeks, Fabio Massimo Di Nitto and Daniel Stone have been locked in a room together, and we now have packages to show for it. The upgrade from XFree86 to X.Org should be perfectly smooth and seamless, and it is supported across Ubuntu's three architectures: amd64, i386, and powerpc." A summary and log of Ubuntu's fourth community meeting is available, along with some information for those interested in getting a sponsorship for the Ubuntu conference in Spain.
Yellow Dog LinuxYellow Dog Linux v4.0 is now shipping from the Terra Soft Solutions on-line Store and will be available to resellers soon. Terra Soft has also announced the Yellow Dog 4.0 based Y-HPC, a complete 64-bit OS for PowerPC code development and High Performance cluster Computing.
Debian GNU/LinuxColin Watson provides a Sarge release update, including the news that Andreas Barth and Frank Lichtenheld are now Release Assistants, the toolchain is final with glibc 2.3.2.ds1-18 (already in testing), Sarge will release with KDE 3.2, plus a debian-installer update and much more.There will be a Bug Squashing in Frankfurt, November 27-28, 2004. "The focus of this event will be to close as many RC-bugs as possible and to test some woody -> sarge upgrades. BSP coordinator and release assistant Frank Lichtenheld will be attending the meeting."
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for November 9, 2004 has a summary of the DebConf5 preparation meeting, debian-installer remote network tests, the search for distributable firmware, Alioth project naming conventions, installing Debian on a desktop, and more.
Gentoo Weekly Newsletter 8 November 2004The Gentoo Weekly Newsletter for the week of November 8, 2004 is out. This week's edition looks at the preliminary results of the Gentoo User Survey, and other topics.
Ubuntu Traffic #10Issue #10 of Ubuntu Traffic is available for the week of October 23-29, 2004. Here are the topics covered: Ubuntu Marketing, Wiki Update, New Documentation List, Hoary Kickoff Meeting, Community Council Meeting, Warty Live CD Released, Meet the Hoary Hedgehog, and Security Advisories.
DistroWatch Weekly, Issue 74The DistroWatch Weekly for November 8, 2004 features FreeBSD and covers several other topics.
Minor distribution updates blueflopsblueflops has released v2.0.8. "Changes: The kernel was updated to 2.6.9. busybox was updated to 1.0.0. There is a new pppd binary."
DNA LinuxDNA Linux has released v0.4. "Changes: The system is now based on Slax 4.1.4. EMBOSS was updated to 2.9.0 with full PNG and X11 support for prettyplot, dotmatcher, and polydot. FinchTV 1.2, an ABI DNA raw sequence data graphical viewer was added."
NSA Security Enhanced LinuxThe NSA has released Security Enhanced Linux v2004110116. "Changes: This release is based on Linux 2.6.9, and includes significant scalability enhancements to the core SELinux code. Numerous improvements to libselinux, policycoreutils, and policy have also been merged. An updated version of setools from Tresys has been merged. Updated userland patches and SRPMS have been merged from the Fedora Core 3 development tree. This release includes the first public release of a new tool by MITRE, polgen, which attempts to generate policy for an application based on patterns in its behavior."
Newsletters and articles of interest Mozilla-Based Linspire Internet Suite Released (MozillaZine)MozillaZine looks at the Mozilla-based Linspire Internet Suite. "The new program is an enhanced version of the Mozilla Application Suite with several additional features developed for Linspire by the Mozdev Group."
Distribution reviews In-depth Mandrakelinux 10.1 Official Edition review (Linux Tips for Free)Linux Tips for Free takes a long look at Mandrakelinux 10.1 Official. "For this review I went out of my way and installed on all systems I could get my hands on. This should give a much better overall impression of the capabilities of the tested operating system than when it just gets tested with 1 or 2 systems. What few people realise when reading a review, is that their experience might well be different due to differences in hardware."
Entry-level Linux: Linspire OS 4.5 (LinuxWorld.au)LinuxWorld.au takes a quick look at Linspire OS 4.5. "The Linspire interface contains many familiar conventions that Windows users will find comforting, although Linspire (perhaps ironically, considering the lawsuits brought against it by Microsoft) doesn't seem to try as hard as some distributions to mimic the Microsoft operating system. After starting for the first time after installation, a slick multimedia tutorial starts up. As far as these types of tutorials go, it's quite a good one and well worth a watch if you can't be bothered reading the slim, full-colour manual."
Page editor: Rebecca Sobol Development The Darcs Revision Control SystemDarcs is a relatively new revision control system that was written in Haskell by physicist David Roundy. The system is designed around a "theory of patches" which has its roots in quantum mechanics. Darcs has been released under version 2 of the GNU General Public License. The Darcs manual explains the project in more detail:![[Darcs]](/images/ns/darcs.png)
Darcs is a revision control system, along the lines of CVS or arch. That means that it keeps track of various revisions and branches of your project, allows for changes to propagate from one branch to another. Darcs is intended to be an ``advanced'' revision control system. Darcs has two particularly distinctive features which differ from other revision control systems: 1) each copy of the source is a fully functional branch, and 2) underlying darcs is a consistent and powerful theory of patches.
The manual further describes these two distinctions: Functional Branches - "This has several advantages, since you can harness the full power of darcs in any scratch copy of your code, without committing your possibly destabilizing changes to a central repository." The Theory of Patches - "This patch formalism means that darcs patches have a set of properties, which make possible manipulations that couldn't be done in other revision control systems. First, every patch is invertible. Secondly, sequential patches (i.e. patches that are created in sequence, one after the other) can be reordered, although this reordering can fail, which means the second patch is dependent on the first. Thirdly, patches which are in parallel (i.e. both patches were created by modifying identical trees) can be merged, and the result of a set of merges is independent of the order in which the merges are performed. This last property is critical to darcs' philosophy, as it means that a particular version of a source tree is fully defined by the list of patches that are in it, i.e. there is no issue regarding the order in which merges are performed." Darcs differs from other revision control systems: "In the world of darcs, the source tree is not the fundamental object, but rather the patch is the fundamental object. Rather than a patch being defined in terms of the difference between two trees, a tree is defined as the result of applying a given set of patches to an empty tree. Moreover, these patches may be reordered (unless there are dependencies between the patches involved) without changing the tree. As a result, there is no need to find a common parent when performing a merge. Or, if you like, their common parent is defined by the set of common patches, and may not correspond to any version in the version history." Here is a brief list of Darcs features:
Darcs version 1.0 was released this week, the Linux kernel is being used as a test of the system on a large project. "With the release of 1.0, Roundy is also making available a copy of the Linux kernel as a darcs repository. With this proving ground, darcs is expected to soon scale to perform well on the largest projects as well." Darcs could prove to be a very useful tool for numerous open-source development projects. Project leaders should certainly consider its adoption.
System Applications Database Software Berkeley DB 4.3 releasedSleepycat has announced the availability of Berkeley DB 4.3. Many of the improvements appear to be performance related; this release also includes in-memory transaction logging. Click below for the details.
knoda 0.7.2-test3 releasedVersion 0.7.2-test3 of knoda, a database frontend, has been released. Changes include index support for SQLite2 and SQLite3, database preselection for the Postgres and the ODBC drivers, Tri-state TRUE/FALSE/NULL support for boolean fields, and more.
MaxDB PHP extension releasedThe MaxDB PHP extension has been released. "Compared to the previous version that worked over php's odbc extension, the new driver offers good benefits. Firstly, the extension supports the MaxDB native interface, and thus delivers significantly better performance. Secondly the extension offers a broader feature set (which is mostly compatible to PHP's mysql and mysqli extensions) compared to the earlier driver's limited ODBC functionality. The new driver enables an easy migration of existing PHP application or solutions to MaxDB."
Interoperability Samba 3.0.8 Available for DownloadSamba 3.0.8 has been released with new features and several bug fixes. Included is a fix for a remote denial of service vulnerability.
Libraries libDSP 5.0.0 announcedVersion 5.0.0 of libDSP has been announced. "libDSP is a C++ library of digital signal processing functions. It also contains a wrapper for C. Assembler optimizations for E3DNow!, SSE2 and x86-64 (SSE2)."
libxklavier 1.11 announcedVersion 1.11 of libxklavier, the X keyboard utility library, has been released. "Another development release in 1.1x series of the library is out. The most important thing is significant internal reogranization, further separation of XKB-dependant code - which eventually (soon?) would allow putting some xmodmap support in."
Mail Software Beat spam using hashcash (IBM developerWorks)David Mertz discusses hashcash as a spam prevention method on IBM developerWorks. "Built on the widely available SHA-1 algorithm, hashcash is a clever system that requires a parameterizable amount of work on the part of a requester while staying "cheap" for an evaluator to check. In other words, the sender has to do real work to put something into your inbox. You can certainly use hashcash in preventing spam, but it has other applications as well, including keeping spam off of Wikis and speeding the work of distributed parallel applications. In this article, you'll meet David's own Python-based hashcash implementation."
Web Site Development Easy web publishing for GNOME users (GnomeDesktop)GnomeDesktop.org has an announcement for GPWS, the GNOME Personal Web Sharing project. "For those unfamiliar with Mac OS X, Personal Web Sharing lets you publish web pages or share files on the internet or on your companys (or schools) local area network from a folder on your hard disk. You can get your website up and running in no time. GNOME Personal Web Sharing works very similarly, a folder named website is created after you install it where you can put your web pages or any other files you want to share. All you have to do to get your own web server up is run the program."
mnoGoSearch-php 3.2.6 is outVersion 3.2.6 of mnoGoSearch-php, the PHP frontend to the mnoGoSearch web site search engine, is available with bug fixes. See the Change Log for details.
UnCommon Web 0.3.2 releasedVersion 0.3.2 of UnCommon Web, a Common Lisp web application development framework, is available. "This version features a new component class hierarchy and new components, better documentation, an interface to the SLIME inspector, an improved session.value API, and more."
Zope X3 3.0.0 final releasedThe long-awaited final release of Zope X3 3.0.0 is out. It is a complete rewrite of the Zope application server based around a component-oriented architecture. Note that "Zope X3" is not quite the same as "Zope 3", which will include backward compatibility with Zope 2. See the Zope X3 FAQ for more information.
Which Open Source Wiki Works For You? (O'Reilly)Shlomi Fish reviews a number of Wiki implementations on O'Reilly. "The purpose of this article is to give an overview of several popular Wiki implementations and see how they fare. It is not trivial to switch from one Wiki implementation to the other, because this will usually require translating all of the pages from the old syntax to the new one. Thus, choosing a Wiki engine requires some care, taking possible future developments into account."
Miscellaneous Xen 2.0 releasedXen 2.0 has been released. Xen is a virtual machine implementation which allows the running of Linux and BSD instances on a virtual system. New features included improved virtual I/O configuration for virtual machines and "live migration" of system images across a cluster. Click below for the announcement, or see the Xen project home page for more information.
Desktop Applications Accessibility gok 0.11.15 is availableVersion 0.11.15 of GOK, the GNOME Onscreen Keyboards Suite, is available with bug fixes and improvements to the dynamic accessibility keyboards.
Business Applications GanttProject 1.10.2 (SourceForge)Version 1.10.2 of GanttProject is out. "It is a bugfix release which fixes several annoying bugs. Ganttproject lets you plan projects using a Gantt chart. It is written in Java. GanttProject use a XML file format. It can export the project in HTML Web pages or PDF document (using XSLT) or image files. It support 21 languages."
Desktop Environments GNOME 2.9.1 Development ReleaseGNOME 2.9.1, the GNOME development branch, is out. "This is our first of our 2.9 development series releases, working towards GNOME 2.10 in March 2005. There are a number of new features present in this release..."
gnome-panel 2.9.1 is availableVersion 2.9.1 of gnome-panel has been released. "This is the "Mieux vaux tard que jamais" release: it comes way too late for the GNOME 2.9.1 release, but we want people to be able to test this unstable release without waiting for GNOME 2.9.2."
KDE CVS-DigestThe November 5, 2004 edition of the KDE CVS-Digest is online. Here's the content summary: "KDevelop adds extension support. kommander improves signal and slot editor. Kwallet is now asynchronous. Juk adds support for GStreamer 0.8. KPasswordDialog adds password strength meter."
Electronics gEDA NewsThe latest releases from the gEDA project include new versions of gspiceui, a GUI frontend to several Spice circuit simulators, and Confluence, a language for synchronous reactive system design.
Open Collector ReleasesThe latest new electronics applications on Open Collector include Oregano 0.3.3 (a schematic capture and simulation application), InFormal 0.1.0 (a Verilog and PSL formal verification utility), and NuSMV 2.2 (a reimplementation and extension of SMV model checker).
Games Eris 1.2.1 ReleasedVersion 1.2.1 of Eris has been released by the WorldForge game project. "Eris is a client library designed to simplify client development. This release adds support for libsigc++ 2.0.x in addition to libsigc++ 1.2.x supported by the previous release. It is only of interest for people wishing to build software against libsigc++ 2.0.x".
GNOME War Pad 0.3.4 announcedVersion 0.3.4 of GNOME War Pad, A VGA Planets client for GNOME, is out. Changes include bug fixes, a new Magallanes version, new constellations, and more.
GUI Packages FLU 2.14 releasedVersion 2.14 of FLU, the FLTK Utility Widgets, are available with some bug fixes and feature enhancements.
Gtk# 1.9.0 released (GnomeDesktop)Version 1.9.0 of Gtk#, the GNOME 2.6 bindings to .Net, is out. "Announcing release 1.9.0 of Gtk#. This is an unstable development release for the GNOME 2.6 bindings. It is parallel installable with the latest stable release, 1.0.4."
Java-Gnome 2.8.2 and 2.9.1 announcedTwo new versions, a stable and development release, of Java-Gnome are out with numerous changes. Click below for the details.
Interoperability Wine TrafficThe November 5, 2004 edition of Wine Traffic is online with the latest news from the Wine project.
Mail Clients Thunderbird 0.9 releasedVersion 0.9 of the Thunderbird mail client is out. Major new features include saved search folders, message grouping, better POP3 support, and more; see the release notes for details and download information.
Music Applications DSSI 0.9 releasedVersion 0.9 of DSSI, an audio plugin API designed for software instruments with custom user interfaces, is available. "The main improvements in 0.9 are to the reference host implementation and sample plugins. The 0.9 API itself is binary compatible with the previous 0.4 release. A new convention for plugin-global (rather than instance-local) configuration data and a convention for setting a plugin's project working directory have been introduced, and 0.9 clarifies certain implementation points in the documentation."
dssi-vst 0.3 announcedVersion 0.3 of dssi-vst, a DSSI plugin wrapper for VST effects and instruments, has been released. "The main improvement since the initial 0.1 release is that dssi-vst now works correctly with plugins with complex GUIs that use back-channel information to communicate things like patch data to the audio plugin. In practical terms, this means that VSTs with test keyboard widgets, patch load and save, and other natty features in their GUIs should work properly as DSSI plugins without losing automatability for the true automatable parameters."
Wired: music production and composition software for Linux (GnomeDesktop)GnomeDesktop looks at Wired, a music production and composition system for GNOME. "Wired aims to be a professional music production and composition software running on Linux. It is using the GTK+ widget set (via wxWidgets) for better integration with the Gnome desktop. It brings musicians a complete studio environment to compose and record music without requiring expensive hardware."
Peer to Peer Gnomoradio 0.15 announcedVersion 0.15 of Gnomoradio, a peer to peer music playing system, is available. "The release of version 0.15 makes Gnomoradio the first player to be able to import playlists based on the new XSPF file format (www.xspf.org). Other changes to 0.15 include migration to gtkmm 2.4 and a few bug fixes." Gnomoradio 0.15.1 was announced a few days later, it adds more bug fixes.
Digital Photography digikam 0.7 releasedVersion 0.7 of digikam,a digital photo management application for KDE, is available. This release features a metadata database backend, improved photo tagging support, a built-in image viewer with numerous plug-ins, and much more.
Video Applications avideomux 2.0.34-test1 releasedVersion 2.0.34-test1 of avideomux, a graphical video editing tool, has been announced. "Let's put it that way : 2.0.30 was awful. 2.0.32 was just bad. Most audio processings were broken. 2.0.34 is not average, it is good. All bugs are fixed and the version is globally good. So please drop 2.0.30 and 2.0.32 and use 2.0.34."
Web Browsers Firefox 1.0 releasedAt last, Firefox 1.0 is out. Changes since the last release candidate consist mostly of bug fixes, but there is also an improved facility for controlling how links opened by other applications are handled. See the release notes for details and download information.
GNOME-Fx 0.10.1: "GNOME Firefox themes"Version 0.10.1 of GNOME-Fx, the GNOME Firefox themes, are out. "The GNOME-Fx themes try to make Firefox look like a native GNOME application. Version 0.10.1 is a huge improvement because the themes use more native looking GTK widgets and also the help is GNOMEized."
Miscellaneous Alexandria 0.4.0 is outVersion 0.4.0 of Alexandria, a GNOME book collection management application, is available. Changes include support of several new library formats, CueCat barcode scanner support, manual editing of books, and much more.
Coaster 0.1.0 announcedVersion 0.1.0 of Coaster, a disc burning application for GNOME, has been released.
GNOME Comics Organizer 0.5.0 is outVersion 0.5.0 of GNOME Comics Organizer, a comic book collection tracking utility, has been released. This is a major rewrite, it adds support for the latest GNOME/GTK, an XML file format, and more.
Languages and Tools C GCC 3.4.3 ReleasedVersion 3.4.3 of GCC, the Gnu Compiler Collection, has been released. "This release is a bug-fix release, containing fixes for regressions in GCC 3.4.2 relative to previous releases of GCC." See the Changes document for details.
gcc newsletter #14The November 3, 2004 edition of the gcc newsletter is online. Topics include release schedules, version-specific speed regressions, language extensions, optimization tests, the Ada frontend, and more.
Groovy Practically Groovy: Unit test your Java code faster with Groovy (IBM developerWorks)Andrew Glover unit tests Java with Groovy, a Java-based scripting language, on IBM developerWorks. "Not long ago, developerWorks contributor Andrew Glover penned an article introducing Groovy, a new proposed standard language for the Java platform, as part of our alt.lang.jre series. Reader response was fantastic, so we've decided to launch this column to offer a practical guide to using this hot new technology. This first installment introduces a simple strategy for unit testing Java code with Groovy and JUnit."
Java Using SSL with Non-Blocking IO (O'ReillyNet)Nuno Santos shows how to use SSL with the Java 1.4 non-blocking IO package. "Previously, the IO support in Java was limited to stream-based, blocking IO, which although elegant and simple, is significantly impaired in terms of scalability, requiring one active thread for each network connection. Java NIO introduced support for IO multiplexing and non-blocking IO, which are necessary tools to build highly scalable applications."
What's new in JAXP 1.3? (IBM developerWorks)Neil Graham and Elena Litani review JAXP 1.3 in part one of an IBM developerWorks article. "For a mature technology, the XML space is surprisingly active. Java API for XML Processing (JAXP) 1.3 was recently finalized, and is the conduit through which many of the newest open standards relating to XML will enter the J2SE platform. In this installment of a two-part article describing the JAXP 1.3 API, authors Neil Graham and Elena Litani provide a brief overview of the JAXP specification, give details of the modifications to the javax.xml.parsers package, and describe a powerful schema caching and validation framework."
Lisp ECL 0.9d releasedVersion 0.9d of ECL (Embeddable Common-Lisp) is out. "This version features support for shared libraries under Windows and Mac OS X, includes a working CLX library, provides a pretty printer, and more."
Perl This Fortnight on Perl 6 (O'Reilly)The November 4, 2004 edition of This Fortnight on Perl 6 is online. Take a look for the latest Perl 6 discussions.
Perl 6 grammars and regular expressions (IBM developerWorks)Teodor Zlatanov compares Perl 5 and 6 regular expressions on IBM developerWorks. "Perl 6 is finally coming within reach. In this article, Ted gives you a tour of the grammars and regular expressions of the Perl 6 language, comparing them with the currently available Parse::RecDescent module for Perl 5. Find out what will be new with Perl 6 regular expressions and how to make use of the new, powerful incarnation of the Perl scripting language."
PHP PHP Weekly Summary for November 8, 2004The PHP Weekly Summary for November 8, 2004 is out. Topics include: ./configure, SuSE and the AMD64, Negative string offset continued, spl interfaces, Reflection API, PDO meeting at phpconf, isset and the new VM, localeconv not working, serialize (again), Upload progress meter, new overloading feature?, __call interceptor and static methods, MySQL win32 libraries, PostgreSQL and Boolean values, and make test and rfc1867.
Conduct Web experiments using PHP, Part 2 (IBM developerWorks)Paul Meagher has written part two of an IBM developerWorks series on PHP web experiments. "In Part 1 of this two-part series, Paul Meagher showed you how to improve the quality of your Web offers by developing PHP-based tools to set up and run Web experiments. In Part 2, you focus on simulating and analyzing the contingency table data arising from these Web experiments."
Python Python 2.4 beta 2 releasedThe beta 2 version of Python 2.4 has been released. "Python 2.4b2 is a beta release. We'd greatly appreciate it if you could download it, kick the tires and let us know of any problems you find, but it is probably not suitable for production usage."
urwid 0.8.2 announcedVersion 0.8.2 0f urwid, a curses-based UI/widget library for Python, is available. "New in this release: - Re-released under GNU Lesser General Public License. Enjoy!"
Python Memory ManagementEvan Jones explores the issues behind Python's appetite for system memory. "Hence, the Python interpreter uses a variety of optimized memory allocation schemes. The most important one is a malloc implementation called pymalloc, designed specifically to handle large numbers of small allocations. Any object that is smaller than 256 bytes uses this allocator, while anything larger uses the system's malloc. This implementation never returns memory to the operating system. Instead, it holds on to it in case it is needed again. This is efficient when it is used again in a short time, but is wasteful if a long time passes before it is needed."
Tcl/Tk Dr. Dobb's Tcl-URL!The November 8, 2004 edition of Dr. Dobb's Tcl-URL! is online with the week's Tcl/Tk article links.
XML Hacking iTunes (O'Reilly)Niel Bornstein works with the iTunes music player on O'Reilly. "In this article I'll explore ways to work with the iTunes Music Library file, an XML document, for fun and education, including transforming the library into an HTML page using various technologies, and querying Amazon and Google's web services for other suggested recordings and related information."
Editors Conglomerate 0.7.16 ReleasedVersion 0.7.16 of Conglomerate, an XML editor, has been released. "This is still an unstable release; there are still some known repeatable crash bugs. Please download it and test that no new bugs have been introduced!"
MlView 0.7.1 releasedVersion 0.7.1 of MlView, a generic XML editor for GNOME, has been released. This is a bugfix release in the stable branch.
Page editor: Forrest Cook Linux in the news Recommended Reading Trademarks: A threat to free software's freedom? (NewsForge)NewsForge tackles possible conflicts between trademarks and the Debian Free Software Guidelines. "Do trademarks require a special license for software to be free? That is the question that Debian developers are currently debating. The specific concern is whether AbiWord's recent assertion of trademarks conflict with the Debian Free Software Guidelines (DFSG), the set of principles under which the Debian distribution operates. However, the implications could affect not only Debian's use of other trademarked packages, such as Mozilla, Evolution, and OpenOffice.org, but other GNU/Linux distributions' use of them as well."
The Problem of Software Patents in Standards (Technocrat.net)Bruce Perens has written an article on software patents in standards, at Technocrat.net. "Patents, originally created to stimulate innovation, may now be having the opposite effect, at least in the software industry. Plagued by an exponential growth in software patents, many of which are not valid, software vendors and developers must navigate a potential minefield to avoid patent infringement and future lawsuits. Coupled with strategies to exploit this confusion over patents, especially in standards setting organizations, it appears that software advancement will become stifled unless legal action is taken to resolve the situation. This article examines the current situation facing software developers and users, the methods employed by standards setting organizations to address these problems, and recommends strategies for resolving the problem caused by software patents."
Firefox maps its next moves (News.com)News.com looks at what comes after Firefox 1.0. "Now that it has the Firefox 1.0 milestone under its belt, the Mozilla Foundation has identified three areas for future growth and development: Cell phone and small-device browsing, desktop search integration, and OEM (original equipment manufacturer) distribution."
Trade Shows and Conferences Linux, x86 clusters take over top 500 supercomputer ranking (CBR)Computer Business Review looks at the trends at SuperComputing 2004. "It wasn't all that long ago that the entire Top 500 list was measured in tens of teraflops, and when Lawrence Livermore National Laboratory takes final delivery of Blue Gene/L early next year, this behemoth will have 131,072 customized PowerPC 400 cores running at 700MHz and it will deliver over 360 teraflops of peak computing power. Blue Gene/L, as you might have guessed from the name, runs a cut down version of Linux on its compute nodes and Novell's SuSE Linux Enterprise Server 9 on its I/O and management nodes."
The SCO Problem Novell's reply motion on GroklawGroklaw has Novell's reply in support of its motion to dismiss SCO's "slander of title" lawsuit. Among other things, Novell turned up a the minutes of a 1995 board of directors meeting where it was stated that copyrights would be retained. "And there is another bombshell. Novell says that by introducing evidence outside the complaint, such as the Ed Chatlos declaration, SCO is inviting the Court to convert the motion to dismiss into a summary judgment, which they say means the Court now has the option to decide the matter once and for all and with finality right now."
Companies Top Linux exec departs from Novell (News.com)News.com reports that Chris Stone, Novell's vice chairman, has resigned from the company. "Stone had been instrumental in Novell's acquisition of two Linux companies, Ximian, in 2003, and SuSE Linux, in 2004. Stone had been in charge of technology development and alliances for Waltham, Mass.-based Novell, leaving most financial matters to Chief Executive Jack Messman."
PalmOne ponders OS options (News.com)The palmtop hardware company PalmOne, which recently split off its Palm OS subsidiary PalmSource, is considering the use of Linux (and Microsoft) operating systems on its devices, according to this article on News.com. "Using the royalty-free Linux OS would enable PalmOne to reduce the costs of building its handhelds. By how much is not certain, but analysts estimate that the company currently spends anywhere from $5 to $15 per device for the Palm OS, depending on the price of the gadget."
Linux cluster companies attract new funds (News.com)News.com reports on new funding for cluster computing. "San Francisco-based Penguin Computing raised $10 million, while Linux Networx in Salt Lake City received a $40 million investment. Both companies will use the funds to develop new technology and expand into new markets, they said in announcements Thursday."
Japan Atomic Energy Research Institute Will Introduce Linux Supercomputer (Phys.Org)Phys.Org reports on a new SGI Linux-based supercomputer to be installed at Japan's Atomic Energy Research Institute. "As a result of a competitive bidding process, Fujitsu Limited in cooperation with SGI Japan will deliver to JAERI the new SGI(R) Altix(R) 3700 Bx2 model which is based on 2,048 Intel(R) Itanium(R) 2 processors, the Linux(R) operating environment and over 13 terabytes of memory -- the world's largest memory capacity."
Linux at Work Police use Linux to comply with Freedom of Information (Silicon.com)Silicon.com reports that a Scottish police force is developing a Linux-based system for ensuring it complies with the impending Freedom of Information Act legislation. "Inspector Campbell Dick, of Central Scotland police, told silicon.com the system will be rolled out across the force's 1,100 users if the three week pilot, which begins on 15 November, is successful."
Interviews Interview: OSDL chief Stuart Cohen - Part 1 (vnunet)Vnunet talks with Stuart Cohen, CEO of OSDL. "What are the OSDL's main successes to date? Technical: Obviously with [Linux creator] Linus Torvalds and [kernel maintainer] Andrew Morton we're doing our fair share of code development, and the subsystem maintenance and performance testing work we do is significant. Business: some thought leadership we've been doing has been very helpful. Legal: the white papers, the legal defence fund, education, ideas around a prior art repository and work we're doing around trademark, patents, licensing and copyright is all very important [although] we haven't come out very much on that [yet]. Then there's our work in the telecoms market [with carrier grade Linux]."
Firefox launches with a Kiwi boost (Computerworld NZ)Computerworld NZ interviews Ben Goodger of the Firefox browser project. "Firefox wasn't the first experimental Mozilla browser. A version for Mac OS X lives on as the Camino browser, and Goodger says an even earlier version was built with .Net which raises some intriguing possibilities. From the beginning, however, Firefox was envisaged as a browser for the masses. Open source projects are often criticised for including every feature or UI widget that some developer was motivated enough to add, but Goodger says keeping the interface simple was always a priority."
Interview with Inkscape Founder Bryce Harrington (KDE.News)KDE.News has an interview with Bryce Harrington, author of the Inkscape vector drawing program. "When we formed Inkscape it was important to us to communicate where the project intends to go, and what steps are needed to get there. There were several reasons for this. First, having an established plan makes it easy to figure out where to "fit" your work in. When working on projects where the overall vision is not communicated, you find your patches getting rejected for unpredictable reasons. By specifying a clear vision, it helps new developers in figuring out how to make their contributions tie into the project's goals."
Kim Polese: Next stop--open source (ZDNet)ZDNet interviews Kim Polese, CEO of the open-source services company SpikeSource."Q: Is the idea of SpikeSource to make it look like there's a commercial outfit like an IBM or Microsoft behind a set of open-source products?" "A: Yeah. What is sort of interesting right now is that IT developers, architects and chief information officers are aggressively adopting open source. The problem has become how to manage the abundance. There are more than 85,000 different open-source projects today. All the things that IT is used to, like support documentation, reliability, road maps--none of that exists for open source when you start moving beyond a single component. When you start talking about actually integrating the components into applications, there is no sort of product management for open source. That is where we see an opportunity."
Koders.com: Find (open) source code fast (NewsForge)NewsForge talks with Darren Rush of Koders.com. "Rush: Koders is essentially a search engine for source code. It was initially developed as an internal tool, for our team. We were looking for a better way to leverage all of our past project work. So we created a search engine that would allow us to easily find code snippets from our previous code and integrate them into our current projects."
Resources Advanced Linux Installations and Upgrades with Kickstart (O'ReillyNet)O'ReillyNet discusses Kickstart customization, scalability, and security. "Most Kickstart experiments begin with a single ks.cfg file, though this approach is less suitable for large deployments. Even a farm of cloned hardware will require some settings unique to each host. That means you have either several one-use ks.cfgs, or one file to tweak for each Kickstart target. These methods are brittle because they bind two elements that may vary independently of one another: host-specific data (the IP address) and build-specific data (packages to install). When either one changes, the ad hoc edits to resync the two may introduce errors."
The MJPEG tools (NewsForge)NewsForge uses MJPEG tools for video processing. "The original intent of the MJPEG Tools was to provide a package which would enable Linux users to capture and play back video through a PCI card based around the Zoran ZR36067 MJPEG chip. Wrapped in the standard Audio/Video Interleaved (AVI) container format, MJPEG -- properly known as Motion JPEG -- is essentially a sequence of JPEG still images which, when played back fast enough, show as a movie."
The Open Gaming License (O'Reilly)Andrew M. St. Laurent examines the Open Gaming License in part three of an O'Reilly series on licenses. "This, the third and final article of the series, describes the Open Gaming License (OGL), a license designed to open source license certain parts of the Dungeons & Dragons roleplaying game, and two related documents, the d20 System Trademark License and the d20 System Trademark Guide Version 5.0."
Reviews Application of the Month: KAddressBookKDE.News mentions a review of KAddressBook. "This time we take look at the underadvertised addressbook application within KDE, KAddressBook which is currently maintained and developed by Tobias Koenig."
Novell launches an enterprise Linux desktop (NewsForge)NewsForge takes a look at Novell's new desktop. "Novell describes NLD-9 as a complete "desktop productivity environment." It includes a complete set of the basic applications enterprise workers need: an office suite, a mail suite, and browser. Novell has tweaked OpenOffice.org to fill the office suite chores, Evolution as its mail suite, and Mozilla Firefox for the browser. That's not all that's included, of course, but those are the big three items required for basic desktop chores. It's called NLD version 9 because it is built atop SUSE Linux Enterprise Server 9. That gives it a degree of hardening, reliability, and performance that is hard for other distributions to match."
Which Open Source Wiki Works For You? (O'ReillyNet)O'ReillyNet looks at several wiki implementations. "The purpose of this article is to give an overview of several popular Wiki implementations and see how they fare. It is not trivial to switch from one Wiki implementation to the other, because this will usually require translating all of the pages from the old syntax to the new one. Thus, choosing a Wiki engine requires some care, taking possible future developments into account. This article will hopefully help you make that choice if the need arises."
Komodo 3.0 Review (O'Reilly)Jason Purdy reviews Komodo 3.0, a commercial IDE for Perl, PHP, Python, Tcl and XSLT, on O'Reilly. "I'm a GUI IDE kind of guy, and I've been through quite a few of them to find the one that best suits me as a Perl Web Developer. ActiveState's Komodo (version 3.0.1) fits the bill, though there remains room for improvement. Let's start with the positive, and then I'll address where Komodo can improve."
Miscellaneous To Evil! of October 2004 (O'ReillyNet)Danny O'Brien's To Evil! column for October is out. "Despite previous polls, it appears that the Ubuntu Nude Man has sneaked ahead of Voting Machines in the final count. It seems that, in the evilness stakes this month, moral values beat the invasion of a self-electing junta of semi-sentient tabulating machines. Ubuttnaked Guy wears the Evil crown, and not much else, and invites us all back to his pad for some Twister and a toast... to evil!" (Thanks to Steve Mallett).
PHPSurveyor Plays Key Role In US Elections (SourceForge)SourceForge.net reports on the use of PHPSurveyor in tracking election irregularities. "PHPSurveyor, a PHP based online survey tool, is being used to gather data across the United States about all voting irregularities. In the first 10 hours of voting alone, over 13500 incidents had been recorded using the software."
Page editor: Forrest Cook Announcements Non-Commercial announcements OSDL and the Service Availability Forum Jointly Support OpenAISOpen Source Development Labs, Inc. has announced that it will be working with the Service Availability Forum on OpenAIS, an interface specification for high availability network infrastructure in the telecommunications industry.
For the FSFE, the battle continuesThe Free Software Foundation Europe has sent out an announcement concerning efforts by commercial software vendors to influence supporters of an EC antitrust case. "Microsoft has steadily been soliciting supporters of the European Commission antitrust case to withdraw their support for the Commission by offering a series of financial settlements. The agreement with Sun Microsystems to withdraw has now been joined by financial settlements with Novell and the CCIA, in which they also agreed to withdraw from the case."
European Patent Process Under ReviewOpen Source Risk Management has announced a new study that concerns European patents. "Open Source Risk Management, the only vendor-neutral provider of Free and Open Source Software risk mitigation and management solutions, today announced the launching of a study designed to assess whether current European laws regarding technology patents achieve their stated objective of recognizing and protecting true innovation."
Commercial announcements From Beijing to Pittsburgh: Gelato Champions ItaniumThe Gelato Foundation announced the participation of its members in several recent conferences. "Representatives from more than 25 Gelato Federation member institutions and corporations met on October 11-13, 2004, at Tsinghua University in Beijing, China to review and exchange research advances for Linux on the Intel(R) Itanium(R)2 platform. Twenty-one technical presentations by top research and industry users focused on high-performance computing issues and collaborative solutions. Three weeks later, over 20 Gelato member institutions are gathering at SC2004 in Pittsburgh (November 8-11)."
Linux Networx Secures $40 Million Equity FinancingLinux Networx has announced the receipt of $40 Million in Series B funding for expediting new products and expanding the company.
Lulu publishes free software editionsRed Hat co-founder Bob Young's latest company, Lulu, has announced that it will be providing tools for publishing and distributing independently developed software projects. "The first five software sets available on Lulu include popular open source projects OpenOffice.org (an alternative to Microsoft Office), Fedora (a version of the Linux operating system), Slash, and Bugzilla. Also available is a preparation program for the Cisco Certified Network Administrator (CCNA) test."
Mandrakesoft revenues increaseMandrakesoft has announced its financial results for the fiscal year ending September 30, 2004. "Mandrakesoft's revenue for fiscal year 2003-2004 has reached 5.18 millions Euros, representing a 33% increase over the previous year. This revenue is the highest in the company's history. The revenue growth strongly accelerated during H2 2003/2004, with a 49% year over year rise in revenues, when compared to a 21% year over year increase in H1."
Microsoft's protocol license agreementMicrosoft has published a protocol license agreement which can be signed to get a license from Microsoft to implement a whole set of interesting protocols. The list is at the end of the agreement; it includes AppleTalk, Bluetooth, the TCP discard protocol, DHCP, echo, FTP, HTTP, Gopher, IPSec, lpd, Firewire, ping, PPP, POP3, rlogin, Telnet, TFTP, TCP/IP (v4 and v6), and many others. Bet you didn't know Microsoft owned those... (as seen on Slashdot).
Microsoft's indemnification offerMicrosoft has put out a press release stating that its indemnification guarantees now apply to all users of most of its software offerings. "Microsoft's ability to offer strong protection is bolstered by the company's commitment to managing the intellectual property rights in its software. This commitment includes development process controls, inbound licensing of necessary third-party rights, cross-licensing agreements with other industry leaders, and protection of Microsoft innovations through patent and copyright."
Novell Settles One Antitrust Claim with Microsoft for $536 MillionNovell has announced an agreement with Microsoft to settle potential antitrust litigation related to Novell's NetWare operating system in exchange for $536 million in cash. Novell also announced that by the end of this week it will file an antitrust suit against Microsoft in the United States District Court in Utah seeking unspecified damages in connection with alleged harm to Novell's WordPerfect application software business in the mid-1990s. (Thanks to Stuart Cunningham)
OpenIB Alliance gets DOE grantThe U.S. Department of Energy has given a grant (of undisclosed size) to the OpenIB Alliance; its purpose is to fund further development of a free InfiniBand implementation for the Linux kernel.
Platform Computing Launches Platform RocksPlatform Computing Inc. has announced the launch of its Platform Rocks product. "Platform Computing Inc. today announced a powerful new software solution called Platform Rocks, a comprehensive cluster management toolkit that simplifies and speeds the deployment and management of small to large scale Linux clusters."
Qtopia 2.1 releasedTrolltech has announced the availability of Qtopia 2.1. Qtopia is a development platform for embedded devices; it is available under the GPL or (as with the other Trolltech products) with a commercial license. New features include touchscreen support, handwriting input, and better theme support.There are also press releases stating that Datang Mobile has chosen Qtopia for its phone reference platform and Motorola will use it in its Linux-based E680 and A780 phones.
SCO's new deal with its lawyersSCO has finally nailed down a new deal with its lawyers; the full text of the agreement has been filed with the SEC. The deal calls for an immediate payment of $12.6 million, and a $2 million payment per quarter going into the future. There is still a contingency component, with the lawyers getting 33% of the first part of any take, dropping to 20% for any amount over $700 million. The same sort of payments apply if SCO is acquired. A separate $5 million escrow account must be set up to pay expert witnesses and other out-of-pocket expenses.
SteelEye Technology Joins MySQL Partner ProgramSteelEye Technology, Inc, a provider of data and application availability management software, has announced that it has joined the MySQL Partner Program. "Through this agreement, SteelEye and MySQL have chosen to formalize this cooperation and will now work more closely together to bring greater knowledge and awareness of their joint solution to the marketplace."
TimeSys Delivers Eclipse 3.0-based TimeStorm Development and Testing ToolsTimeSys Corporation announced its TimeStorm Linux Development Suite and TimeStorm Linux Verification Suite for the Eclipse 3.0 development platform.
VA Linux expands its kernel businessIt looks like something from 1998: VA Linux has put out a press release stating that it is hiring more Linux kernel hackers. In this case, however, the company involved is VA Linux Systems Japan K.K. Evidently the company's kernel-related consulting business is going well, and is set to expand; click below for the details.
Highlights from Super Computing 2004Pogo Linux announces PerformanceWare 5864, an eight processor AMD Opteron-based server (press release).Cray Inc. has new Opteron/Linux supercomputers (press release). Terra Soft Solutions announces Y-HPC, a complete 64-bit OS for PowerPC code development and High Performance cluster Computing (press release). Absoft will manage, sell, and support a new High Performance Computing (HPC) Software Developers Kit (SDK) for IBM Linux on POWER clusters and servers (press release). Linux Networx partners with Novell to create a High Performance Computing (HPC) Certification Center (press release).
New Books Addison-Wesley/Prentice Hall PTR publishes "PHP 5 Power Programming"Addison-Wesley/Prentice Hall PTR & IBM Press have published the book PHP 5 Power Programming by Gutmans, Bakken and Rethans.
"Programmer's Ultimate Security DeskRef" Released by SyngressSyngress Publishing, Inc. has published the book Programmer's Ultimate Security DeskRef by James C. Foster.
"Windows to Linux Migration Toolkit" Released by Syngress PublishingSyngress Publishing, Inc. has published the book Windows to Linux Migration Toolkit by David Allen.
Resources Why Open Source Software / Free Software (OSS/FS)? Look at the Numbers!David A. Wheeler has published a new release of his analysis of the advantages of using open-source software. "This paper provides quantitative data that, in many cases, using open source software / free software is a reasonable or even superior approach to using their proprietary competition according to various measures. This papers goal is to show that you should consider using OSS/FS when acquiring software. This paper examines market share, reliability, performance, scalability, security, and total cost of ownership. It also has sections on non-quantitative issues, unnecessary fears, OSS/FS on the desktop, usage reports, governments and OSS/FS, other sites providing related information, and ends with some conclusions." Here's a blog entry on changes in the paper.
Linux Gazette Issue #108The November issue of Linux Gazette is out. Topics in this edition include GRUB boot diskette for Knoppix, Using a Non-Default GUI (in RHEL and kin), Preparing For My Interviews Part 1: MySQL and Perl, Advanced Features of netfilter/iptables, and more.
FSF Europe NewsletterThe November 6, 2004 edition of the FSF Europe Newsletter is online with the latest coverage of FSFE happenings.
Audio Libre column announcedDaniel James has announced a new column on Audio Libre. "I've recently started writing a column on music software for LinuxUser & Developer magazine. Unfortunately, it's not generally available on the web at the moment. The first Audio Libre column is on AGNULA/DeMuDi". The column is available for download as a pdf document.
Upcoming Events Third-Annual Desktop Linux Summit announcedThe third annual Desktop Linux Summit has been announced. "Now in its third year, the annual Desktop Linux Summit has added an extra day, expanding its focus to include discussions of open source leaders Mozilla and OpenOffice.org. A two-day event in prior years, the Summit is now three days and will be held February 9-11, 2005 at the Del Mar Fairgrounds in San Diego."
Help Support GNOME in South America (GnomeDesktop)GnomeDesktop.org mentions the first Forum GNOME event in Brazil. It will be held on November 11 and 12, 2004.
EclipseCon 2005 Announces Conference Keynotesthe Eclipse Foundation has announced the conference keynotes for EclipseCon 2005. Tim O'Reilly, Urs Hoelzle, and Lee Nackman will be featured. "The second annual EclipseCon conference will be held Feb. 28 through March 3, 2005, at the Hyatt Regency, Burlingame, Calif."
The JBoss World 2005 User ConferenceJBoss, Inc. has announced the JBoss World 2005 User Conference. "JBoss(R), Inc., the Professional Open Source company, today announced that registration is now open for JBoss World 2005, its first annual users conference and exhibition, at the Omni/CNN Center in Atlanta, Ga., March 1-2, 2005. The conference will be a landmark gathering field and networking opportunity for the rapidly growing number of users and partners deploying open source middleware from JBoss into production."
GlobusWORLD Grid Event, BostonGlobusWORLD will be held in Boston, Mass on February 7-11, 2005. "GlobusWORLD 2005 will feature a full roster of technical Grid content including: tutorials (from beginner- to advanced-level); enterprise Grid panels moderated by Network World, CIO Magazine, and Computerworld; essential Grid standards updates; and keynotes by leading Grid pioneers, vendors and end users."
January 17-21 PostgreSQL Bootcamp at the Big Nerd RanchA PostgreSQL Bootcamp will be held at the Big Nerd Ranch, near Atlanta, Georgia, on January 17-21, 2005.
Python Bootcamp at the Big Nerd Ranch Feb 21-25, 2005A Python Bootcamp will be held at the Big Nerd Ranch, near Atlanta, Georgia, on February 21-25, 2005.
Events: November 11, 2004 - January 6, 2005
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||