LWN.net Weekly Edition for December 2, 2004
A look at Xfce 4.2
As a rule, the Linux desktop discussion is dominated by the two heavyweight desktop environments -- KDE and GNOME. The term "heavyweight" applies to the respective "market share" of those desktops as well as the resources required to run either desktop. Linux users who wish to utilize a slightly slimmer desktop environment, without compromising features, may find the Xfce desktop environment an attractive alternative. With the release of the Xfce 4.2 release candidate, we decided to take a look at Xfce and provide a rundown of some of its more interesting features.
As the Xfce website states, Xfce is "a lightweight desktop
environment for unix-like operating systems
". Xfce started out as a
Common Desktop Environment
(CDE) clone, but has evolved into a unique desktop environment that's much
more interesting (at least to this writer) than CDE.
The site os-cillation has GUI installers for Xfce 4.2RC1. To the best of this writer's knowledge, Xfce is the first desktop with its own GUI installer. There are four installers available; The base Xfce installer, the Gtk+ engine for Xfce installer, the Xfce Goodies installer and an installer for the Terminal term emulator from os-cillation. We chose to go the "kitchen sink" route, and installed everything available. However, only the base package should be required to use Xfce.
Installing Xfce with the GUI installers is a breeze, at least as long as the target system has all of the requisite software that Xfce requires to build. We built Xfce on two systems, a SUSE 9.2 system and a Ubuntu Linux system. The SUSE build went off without a hitch after installing the packages mentioned on the installer page.
The Ubuntu build failed a few times due to missing dependencies. This was
easily fixed, though it was a minor annoyance having to apt-get the
required libraries and re-start the install only to have it fail a few
minutes later at a different point. At start time, the GUI installer
identifies a few major components that are required to proceed, but doesn't
display a comprehensive list of dependencies.
![[Xfce]](https://static.lwn.net/images/ns/xfce-sm.png)
After the installation, it was time to exit the session in progress and log into Xfce. The first thing one will notice about Xfce is that it's much faster to load than KDE or GNOME. For users with systems with processors faster than 2 GHz and an abundance of RAM, this won't be a huge incentive to use Xfce. However, Xfce is a bit snappier than GNOME or KDE, and a great choice for older systems with less horsepower.
Many Linux users have probably run across GNOME and KDE applications that are written in such a way that they require services from their native desktop environments to function. For users that depend on applications that require GNOME or KDE services, Xfce can be configured to run GNOME or KDE services when it starts. This will slow down Xfce start time, but it's a handy feature for anyone who needs specific applications that won't otherwise cooperate with Xfce. Xfce's session settings, by default, do not allow Xfce to manage remote X applications.
The Xfce panel is highly configurable. By default, it includes launchers for the Xfce help system, Xfce configuration settings, Mozilla browser, Mozilla mail, XMMS, the Xfce "fast file manager" (Xffm), a graphical pager, terminal launcher and buttons to log out or lock your X session. Users can add launchers, remove launchers, change the orientation of the panel from horizontal to vertical and so on. The pager also allows the user to move windows from one desktop to another simply by dragging the window's outline in the pager to a different desktop. The Xfce Goodies package includes several useful plugins for the panel, including CPU and network monitors, a "show desktop" plugin and several others.
Xfce's file manager, Xffm is interesting, with quite a few handy
features. Xffm includes a SMB network browser, a "Book" tree to allow users
to bookmark frequently-visited directories, an fstab browser and a fairly
useful find utility (Xfglob4). The Xffm components can also be invoked by
themselves, so a user can call just the SMB browser by running
xfsamba4 or browse only the bookmarked directories files with
xfbook4. Xffm also makes it easy to rename files, create
symlinks and even "scramble" files. The Xffm interface seems a bit clunky,
but this writer doesn't often use file managers anyway.
Xfce is modular, meaning that the user can choose to drop components from the desktop if they are unwanted. Don't want to run the Xfce panel? No problem. Want to skip the GTK Theme Engine? That's an option as well. Users may also run various Xfce components under other window managers / desktop environments, if they prefer.
Does the world need yet another terminal emulator? This writer prefers to just use the venerable xterm, but others want a little more from their terminal emulator. The version of Terminal available from os-cillation for Xfce is only at version 0.1.10, but it seems stable enough for everyday use. Terminal has a few features not available in xterm, such as tabs for multiple terminal instances and transparency or a user-defined background image. Xfce also includes an xterm-like terminal called xfterm4, which is the default Xfce terminal.
Some of Xfce's features are not immediately visible. For example, Xfce supports Freedesktop.org Window Manager hints, XDND (drag and drop protocol) and several others. Xfce can also be configured in "kiosk mode" where Xfce can be locked down to prevent users making changes to the configuration of Xfce.
Another feature that this writer is particularly fond of is the ability to switch desktops by using the mouse scrollwheel. Simply hover the mouse over an "empty" space on the desktop and scroll. This feature is available in KDE as well, but it seems to have appeared in Xfce first.
In short, Xfce 4.2 seems to be ready for prime time. We used the release candidate for several days with no problems to speak of. It's an excellent desktop environment for users who want a clean, fast and attractive desktop.
The Grumpy Editor's Guide to PDF Viewers
| This article is part of the LWN Grumpy Editor series. |
In theory, PDF viewers require little in the way of features. They should present the contents of a file in a quick and readable manner, allow navigation through the file, support printing of (parts of) a PDF file, etc. So it should not be that hard to get things right. One would think. In practice, your editor has found that the quality of the available PDF viewers varies significantly, both in terms of the interface they provide and how well they simply work.
There are two base platforms upon which PDF viewers are built. Some are front ends to the ghostscript utility. Ghostscript is a large, complex, and not entirely bug-free utility (it is also a crucial part of many Linux systems); its strengths and shortcomings will be reflected in any PDF viewers built on it. Most other viewers are built on xpdf. We'll start with the ghostscript-based viewers.
GNOME Ghostview (ggv)
The GNOME PDF viewer of long standing is ggv. Interestingly, this utility
seems to lack a web site, though there is an
online manual available which is only slightly out of date. The most
![[ggv]](https://static.lwn.net/images/ns/grumpy/ggv-ss-sm.png)
recent ggv release was in September of 2004, as part of the GNOME 2.8
package. It is a ghostscript-based viewer.
The ggv screen includes a left-hand side bar which allows instant access to any page in the document. Pages can also be marked, either directly with a mouse click or with buttons which mark all pages, or just the even or odd ones.
There is an option which can be used to print only the pages which have been marked. The "print" button in the menu bar, however, just dumps the entire file into the print subsystem without providing any opportunity for the user to redirect the job or cancel the operation entirely. Your editor, who prefers to fire up his monster duplexing laser printer for the rare large print job, gets grumpy indeed at utilities which throw output at the little inkjet printer without even asking. One should not be able to dump hundreds of pages onto a printer with a single click.
ggv does not take a whole lot of clues from the document regarding its orientation; a file which looks to be in portrait mode, but which has pages that are wider than they are tall, can be presented (and printed!) in the wrong orientation. The window size is always whatever the user used the last time around, and does not react to the orientation of the document. It is possible to ask ggv to zoom the document to fit within the window it has (a nice feature), but doing so disables the manual zoom operations (which is not). The scrollwheel may be used to move within a single page, but it will not scroll between pages, making it mostly useless.
Every now and then your editor encounters a document which ggv is unable to render. With such documents, the usual result is a blank window, which is not particularly edifying.
The visual quality of ggv's output is good; it runs ghostscript in a high-quality, antialiased mode. There is a reasonable set of configuration options for a number of aspects of ggv's operation, including how it uses ghostscript. If it were not for occasional reliability problems and a number of user interface issues, it would be a contender for this editor's favor.
kghostview
The KDE contribution in the PDF viewer arena is kghostview,
shipped as part of the kdegraphics package. Like ggv, kghostview uses
![[kghostview]](https://static.lwn.net/images/ns/grumpy/kghostview-sm.png)
ghostscript as a back end; as a result, it tends to fail on the same PDF
files that confuse ggv. In many ways, kghostview comes across like ggv
with a KDE look; it provides many of the same features. There are some
differences, however.
Like ggv, kghostview provides a navigation bar on the left side; it also allows for the marking of articles. The kghostview version is different, however, in that it includes thumbnail images of each page. These thumbnails take space, making it more likely that the user will have to scroll the navigation bar. They are, however, very nice to have when one is looking for a specific page - the beginning of a section, say, or the end of an interminable table of contents. The thumbnails, alone, make kghostview a nicer tool to use than ggv.
kghostview has a friendlier interface for printing, allowing just about any behavior to be configured. Among other things, kghostview can do 2-up or 4-up printing, which can be useful for many documents. Printing can be restricted to marked pages. And, crucially, nothing is actually sent to the printer until the user has confirmed the operation.
Scrolling through the document with the scrollwheel is supported. If the user scrolls several pages, the application does the right thing - it does not take the time to render the pages in the middle. A single keystroke will fit the rendered document into the current window without disabling the regular zoom operations. If you are currently only viewing part of a page, you can drag a box around in a special thumbnail image to move to any part of that page.
In general, the interface provided by kghostview is as nice as any PDF viewer your editor has been able to find. It is clearly a tool which has received some serious thought - and use - by its developers.
xpdf
xpdf differs from the viewers we have seen thus far in that it is not based on ghostscript; instead, it contains its own PDF interpreter and rendering engine. A couple of the immediate consequences of that difference are (1) xpdf is rather faster than the![[xpdf]](https://static.lwn.net/images/ns/grumpy/xpdf-sm.png)
ghostscript-based viewers, and (2) xpdf can often display documents
which are not viewable with the other tools. In other words, xpdf is an
important tool for those of us who end up working with PDF files often.
It is worth noting that, unlike the ghostscript-based viewers, xpdf (and others built on it) cannot handle PostScript files. That is a fundamental limitation, but, perhaps, also the source of xpdf's speed and robustness.
Compared to the GNOME and KDE viewers, xpdf is a minimalist tool. There are no menu bars, no fancy configuration widgets, and no navigation side bars. A small set of buttons at the bottom of the screen allows for movement through the file, including the ability to go to an absolute page number. A small menu gives a set of zoom options, including a couple of "fit to page" modes. Your editor notes that, when "fit to page" is enabled, the application responds poorly when its window is resized; it fails to skip intervening X resize events, and thus has to render the page numerous times. If you drag the corner of an xpdf window around for a few seconds, you can end up waiting for some time before it catches up.
The apparent simplicity of the xpdf interface hides a couple of vastly useful features. One of those is a "find in text" button, cleverly disguised as a pair of binoculars. If you have ever tried to find a particular string in a PDF file, this capability is priceless. Equally useful, if you are one of those strange people who writes articles about things found in PDF files, is the ability to cut and paste text from those files. Both of these functions silently fail if the file's text is in an image format - as is the case with many scanned legal documents. But, when they work, they are highly useful.
According to its web site, xpdf has the ability to work with encrypted PDF documents. Your editor, not having any such documents sitting around, was not able to try out that capability.
Navigation through PDF files is quick and straightforward, though it would be nice to have a side bar for going directly to pages. xpdf maintains a navigation history which can be useful for bouncing back and forth between specific pages. The scrollwheel works as one would expect. Printing support is minimal, but it has the features one really needs: the ability to print a (contiguous) subset of the file, and to specify which printer is to be used.
gpdf
gpdf is a GNOME-based PDF viewer built upon xpdf. As such, it shares the robustness and speed of xpdf. The gpdf developers, however, have added some new![[gpdf]](https://static.lwn.net/images/ns/grumpy/gpdf-sm.png)
features of their own - and left others out.
gpdf provides a rather confusing toolbar at the top of the page. It is far from clear, for example, how the buttons marked "next" and "previous" differ from those marked "forward" and "back". There are two downward-pointing arrows; experimentation shows that one brings up a file history menu, while the other contains anything which doesn't fit in the toolbar at the current window width. There is a side bar in gpdf. It looks as if, someday, it is meant to contain page thumbnails, but, with gpdf 2.8.0, it renders pages as blank white rectangles with drop shadows. For whatever reason, it uses a two-column format, requiring the user to make the side bar very wide, or to do a bunch of horizontal scrolling.
gpdf uses the GNOME printing widget, so it provides a higher degree of control over printing than xpdf. It can put multiple PDF file pages onto each printed page. Better printing support is a definite improvement over xpdf.
On the other hand, gpdf lacks xpdf's scrollwheel support. It does not provide the "find in text" and "cut and paste" capabilities, which, it seems, are unique to xpdf. It is not clear why those features are missing; one might guess that gpdf forked the xpdf code base before they were added.
kpdf
The first impression one gets of kpdf is that it looks much like kghostview. It has essentially the same icon layout, and a very similar![[kpdf]](https://static.lwn.net/images/ns/grumpy/kpdf-sm.png)
side bar with page thumbnails. kpdf, however, is an entirely different
application, built on xpdf. Like gpdf, it seems to have left out many of
the unique xpdf features.
kpdf is a relatively immature work. Its rendering is poor, by far the worst of any of the PDF viewers reviewed. Somehow, kpdf does not appear to understand font information well, leading to strange spacing between letters on both Fedora and Debian platforms. kpdf is speedy, however, and many of the important features are there.
It does appear that further work is being done with kpdf, at least if one goes by some screenshots linked to by KDE.News. The images suggest that the current development version supports multiple-page displays, string searches, and more. A future kpdf could well be be best PDF viewer of them all; the current version is too unfinished to be usable, however.
Concluding notes
This review has concerned itself with free PDF viewers. No review of this application space can really get away with ignoring Adobe Reader (acroread), however. This tool is certainly not free software, but there is a free-beer version available for x86 Linux systems. It is an old version; Adobe Reader 6 is not available for Linux. Even the older version, however, has its value. Occasionally a PDF file will come along that is so strange that no free viewer can cope with it. Acroread can be counted upon to work in such situations. It is, thus, one of exactly two proprietary programs on your editor's system.
Happily, free PDF viewers have come far enough along that having to fall back to acroread is a rare event.
The free PDF viewer state of the art has advanced in recent years, which is a good thing. This is an area where, for quite some time, the free alternatives lagged far behind. Now we have a wealth of viable programs to choose from. Too many, perhaps. Your editor might like it better if the development community would come together on, say, two viewers, and cooperate on making those two the best they can be. The history of these projects suggests that will not happen, however. There are two rendering engines (ghostscript and xpdf), multiplied by two desktop systems. Crossing those lines can be hard. We are likely to have a large set of actively-developed PDF viewers for some time yet.
Debian and the hot babe problem
This Intent To Package posting was guaranteed to raise a bit of a fuss. The program involved is hot-babe, a graphical CPU utilization monitor. It works by displaying a typical Bruno Bellamy drawing of a minimally-clad, maximally-endowed woman. As the CPU gets busier ("hotter"), the woman undresses to compensate. Your editor, whose journalistic ethics required that he investigate this utility, found it to be an amusing addition to the desktop - for about five minutes, or until the children walk in, whichever comes first.The Debian developers raised the obvious, predictable objection to the inclusion of this utility: the associated images were covered by a non-free license.
Once that little issue was cleared up (the artist made the drawings available under the Artistic License), the way was cleared for the other predictable argument: should a utility seen by some as pornographic be part of the Debian distribution? On the face of it, there would appear to be little basis for keeping it out. The Debian standards for software require that it be free; there is nothing in the software guidelines or social contract about not being offensive to anybody.
There is no doubt that inclusion of hot-babe into Debian is asking for certain kinds of trouble. The imagery involved is no worse than that found on many European billboards, but it will go against many American "community standards" and is completely out of line by the standards of many other parts of the world. Including hot-babe in Debian will render the distribution unsafe for work environments in many places, will complicate the work of those trying to deploy it in libraries and schools, and will simply offend a certain number of the distribution's users.
Then again, the same could be said of fortunes-off, the King James Bible, or the Anarchist FAQ, all of which are already part of Debian. Some people are probably offended by fsck, Doom, or the emacs Zippy quotes file. Your editor, offended by illegible text, immediately and violently disables "color ls" on every system he installs. Creating an offense-free distribution can be a hard task even for companies which adopt that goal explicitly; it's pretty much impossible for a distribution which values freedom, and which has dedicated itself to becoming the biggest collection of free software around.
Unless the Debian Project changes its social contract to allow the exclusion of packages on moral grounds, tools like hot-babe will find a home there. Debian is, increasingly, the master repository for a family of distributions; it should probably be as inclusive as possible. Most of the distributions built on top of Debian, such as Linspire, Xandros, Skolelinux, LinEx, or Ubuntu, apply some discretion in the packages they select. They are unlikely to include tools like hot-babe, and, thus, may be considered safer versions to use in situations where somebody may get offended.
Well, OK, perhaps we can't be too sure with Ubuntu.
Linux developers and distributors clearly must be sensitive to the needs and feelings of their users. The needs that come first and foremost for Debian users are freedom and quality. Applying any other sort of filter to Debian would change that distribution in a fundamental way. The nice thing about Linux is that distributions can be made for a wide variety of audiences. A safe-for-schools version of Debian can be distributed without imposing additional standards on Debian itself. Linux can be configured to meet the tastes, morals, and standards of almost any group of users, without inflicting those standards on others. That is freedom at its best, and how it should be.
Except that your editor really would like to see color ls abolished everywhere.
Security
A java vulnerability
A vulnerability recently reported in Sun's Java browser plugin could provide the basis for one of the first cross-platform exploits. The vulnerability allows a malicious program to break out of the Java security sandbox and perform any action that the browser user has permission to do. That could include destructive filesystem changes, network access, sending email, etc. A user with a Java enabled browser would only need to visit a website that has been crafted to exploit this vulnerability and would fall victim to whatever the malware author intended.The Java sandbox is intended to restrict Java applets so that they can only access certain approved packages in the Java virtual machine, packages that do not access anything outside of the sandbox. The exploit works by using JavaScript to acquire a reference to packages outside of the approved list and then passing that reference to an applet, subverting the sandbox. Disabling either JavaScript or the Java plugin in the browser will protect users until they can upgrade.
The vulnerability was discovered by Jouko Pynnonen in April, was fixed by Sun in October and was announced last week. Java plugin versions 1.4.2_04 and 1.4.2_05 (and presumably earlier versions as well) were found to be vulnerable on both Linux and Windows. Sun has released version 1.4.2_06 that fixes the problem. For a company that touts the security features of its Java technology, as Sun does, 5-6 months between discovery and a fix for a critical security hole seems overly long.
This vulnerability is very different from others we have seen because it exploits a problem in a technology that is specifically focused on cross-platform support. The same Java Runtime Environment (JRE) code base runs on most modern operating systems and underlies the Java support in most browsers. A significant security breakdown in the JRE affects the vast majority of Java enabled browsers in the world, including Firefox, Mozilla, and Internet Explorer. According to this posting on the Full Disclosure mailing list, Opera allows access to the restricted packages in the default security configuration and no exploit is needed to subvert the sandbox.
There are additional concerns for Netscape and IE users because applets can request particular versions of the plugin and, if that version is still installed, the browser will use it. In some cases, if the version is not installed, the user will be prompted to download and install it. This could allow a malware author to ensure that his code is running on a vulnerable JRE.
Due to Sun licensing constraints, free and open source browsers and operating systems cannot bundle the JRE and cannot do an automatic security update of the JRE. Proprietary OS and browser vendors are in the same boat unless they have licensed the JRE from Sun. The end result is that most users will need to get the updated JRE from Sun directly. As many users are not particularly diligent about seeking out security upgrades, this could leave a significant number of systems unpatched and provide an opportunity for some kind of malware to exploit this hole.
Brief items
SCO.com defaced
Somebody managed to deface SCO's web site (running on Apache and Linux, incidentally) over the weekend. For those who have to see it, images have been posted at Netcraft and The Inquirer. This crack may be good for a quick smile, but attacks of this nature are not the way to defeat SCO. Look for the inevitable "see how Linux users behave" press release in the near future.
New vulnerabilities
a2ps: input validation error
| Package(s): | a2ps | CVE #(s): | CAN-2004-1170 CAN-2004-1377 | ||||||||||||||||||||||||
| Created: | November 26, 2004 | Updated: | December 19, 2005 | ||||||||||||||||||||||||
| Description: | The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitrary commands with the privileges of the user running the vulnerable application. More information at Security Focus. | ||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||
nfs-utils: denial of service
| Package(s): | nfs-utils | CVE #(s): | CAN-2004-1014 | ||||||||||||||||||||||||||||
| Created: | December 1, 2004 | Updated: | May 15, 2005 | ||||||||||||||||||||||||||||
| Description: | The NFS statd server contains a denial of service vulnerability which is easily exploited by a remote attacker. | ||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||
Open DC Hub: remote code execution
| Package(s): | opendchub | CVE #(s): | |||||
| Created: | November 29, 2004 | Updated: | December 1, 2004 | ||||
| Description: | Donato Ferrante discovered a buffer overflow vulnerability in the RedirectAll command of the Open DC Hub. Upon exploitation, a remote user with administrative privileges can execute arbitrary code on the system running the Open DC Hub. See this advisory. | ||||||
| Alerts: |
| ||||||
phpbb: input sanitizing
| Package(s): | phpbb | CVE #(s): | |||||
| Created: | December 1, 2004 | Updated: | December 1, 2004 | ||||
| Description: | phpBB fails to sanitize input properly; this vulnerability may be exploited by a remote attacker to execute arbitrary code. Version 2.0.11 contains the fix. | ||||||
| Alerts: |
| ||||||
phpMyAdmin: cross-site scripting
| Package(s): | phpMyAdmin | CVE #(s): | CAN-2004-1055 | ||||
| Created: | November 29, 2004 | Updated: | December 1, 2004 | ||||
| Description: | Cedric Cochin has discovered multiple cross-site scripting vulnerabilities in phpMyAdmin. These vulnerabilities can be exploited through the PmaAbsoluteUri parameter, the zero_rows parameter in read_dump.php, the confirm form, or an error message generated by the internal phpMyAdmin parser. By sending a specially-crafted request, an attacker can inject and execute malicious script code, potentially compromising the victim's browser. | ||||||
| Alerts: |
| ||||||
phpWebSite: HTTP response splitting
| Package(s): | phpWebSite | CVE #(s): | |||||
| Created: | November 26, 2004 | Updated: | December 1, 2004 | ||||
| Description: | phpWebSite is vulnerable to HTTP response splitting attacks. A malicious user could inject arbitrary response data, leading to content spoofing, web cache poisoning and other cross-site scripting or HTTP response splitting attacks. | ||||||
| Alerts: |
| ||||||
sun-jre: Java plugin vulnerability
| Package(s): | sun-jre | CVE #(s): | CAN-2004-1029 | ||||||||
| Created: | November 26, 2004 | Updated: | December 1, 2004 | ||||||||
| Description: | Jouko Pynnonen reported a vulnerability in the plugin mechanism which allows remote attackers to bypass the Java sandbox through the use of javascript. | ||||||||||
| Alerts: |
| ||||||||||
TWiki: input sanitizing
| Package(s): | twiki | CVE #(s): | CAN-2004-1037 | ||||
| Created: | December 1, 2004 | Updated: | December 1, 2004 | ||||
| Description: | The TWiki search function does not properly sanitize input, enabling a remote attacker to execute arbitrary commands. | ||||||
| Alerts: |
| ||||||
yardradius: buffer overflow
| Package(s): | yardradius | CVE #(s): | CAN-2004-0987 | ||||
| Created: | November 26, 2004 | Updated: | December 1, 2004 | ||||
| Description: | Max Vozeler noticed that yardradius, the YARD radius authentication and accounting server, contained a stack overflow similar to the one from radiusd which is referenced as CAN-2001-0534. This could lead to the execution of arbitrary code as root. | ||||||
| Alerts: |
| ||||||
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current 2.6 prepatch remains 2.6.10-rc2; Linus has released no prepatches since November 14.Patches continue to accumulate, slowly, in Linus's BitKeeper repository. These include the un-deprecation of MODULE_PARM() (it is generating too many warnings, and the fixes will not be merged before 2.6.10), a new major number (180) for the "ub" USB storage driver, some x86 single-stepping fixes, a large number of "sparse" annotations, the token-based memory management fix, a memory technology device (and JFFS2) update, a frame buffer device update, some user-mode Linux patches, some page allocator tuning, and a few architecture updates.
The latest patch from Andrew Morton is 2.6.10-rc2-mm4. Recent changes to -mm include a new "DMA32" memory zone on the x86_64 architecture, some big architecture updates, a quiet fix for a seemingly exploitable x86_64 buffer overflow, and lots of fixes.
The current 2.4 prepatch is 2.4.29-pre1, which was released by Marcelo on November 25. The bulk of this patch consists of driver and filesystem backports from 2.6.
Kernel development news
Experiment: archive links in quoted messages
Perhaps the longest of longstanding LWN reader requests is the provision of archive links for messages we quote from the mailing lists. This has been a hard request to satisfy, for a couple of reasons. One is that we have learned, the hard way, that it is best to host a copy of the message ourselves. Web archives can go away or reorganize and break links; then we get a lot of mail about non-functioning links on LWN. The other, larger reason, though, has always been a simple matter of time. Producing the LWN Kernel Page requires reading through a few dozen lists, some of which have a lot of traffic. Reading those lists through a web archive - or even just finding links to quotes messages - would slow down the process and result in less content being written. That has not been a tradeoff we have been willing to make.But we never forgot the request. Of course, it helps that certain readers regularly remind us... Starting this week, we have a tentative solution. The Gmane archive makes it easy to read through archived lists and create URLs to them. Thanks to a bit of script hacking, many of the quoted messaged linked to in this page now have an Archive-link header pointing to the Gmane version of the message, and to Gmane's thread view as well.
This feature should be considered experimental for now; whether it is retained depends on whether readers find it useful, and whether Gmane proves to be sufficiently reliable over time. We're curious to hear whether these links are worthwhile. With luck, an ancient item can now be scratched off the "to do" list.
Kernel headers and user space
The use of kernel headers in user space has long been discouraged. The kernel headers are not written with user space in mind, and they can change at any time. The proper way for user-space applications to interface with the kernel is by way of the C library, which provides its own structures and, when necessary, translates them into whatever the current kernel expects. This separation helps to keep user-space programs from breaking when the kernel changes.Unfortunately, things do not always work that way, and some user-space programs still end up including kernel headers directly. These programs may simply be old, or they may need access to declarations which are not available in the C library include files - strange ioctl() codes, for example. So the kernel code still tries to make it possible for user space to include some header files. In these files, kernel-specific code is contained within #ifdef __KERNEL__ blocks and hidden from user space. This technique works, but it is brittle and adds extra cruft to the kernel code base. Intermixing internal kernel definitions with those needed by user space also makes it easy to break the user-space API.
The kernel developers have, for years, wanted to improve this situation. The latest attempt came in the form of this RFC from David Howells. This proposal would create some new directories in the kernel source tree: include/user and some architecture-specific variations (such as include/user-i386). When a portion of a kernel header file is found to be needed by user space, it would be placed into a separate file in one of those directories, and the new file would be included into the old one. At this point, the definitions needed by user space will have been separated out, but no visible changes will have been made; user space can still include the old file and get what it needs.
At some future point, when user space is deemed to have been fixed, all of the __KERNEL__ references could be removed from the old files. At that point, any application still including the internal header files would break.
One part of the idea which did not get very far was using standard C types (such as uint16_t and such) for the user-kernel interface. The problem with that idea is that the kernel cannot count on those types being consistently defined for all configurations, and cannot create its own definitions for the standard types. So the kernel/user interface must continue to be defined using kernel-specific types (__u16 and such).
Linus was not all that enthusiastic about the idea in general. To him, it looks like an exercise in rearranging things without specific goals and with the possibility of breaking things which work now:
What he would like to see is more specific discussions which identify specific, problematic header files and what will be done to fix them. In the end, the header files might just get split up in the way described by Mr. Howells. It is more likely to happen as a long and slow process, however, and not as a massive, coordinated reorganization.
Merging swsusp2
Once upon a time, the 2.6 kernel had three software suspend implementations - two of which were in the mainline - but none which were seen to work all that well. Since then, the two mainline implementations have been merged, and the out-of-tree swsusp2 implementation has come a long way. Still, two implementations of a low-level core function seems like too many, so there is interest in bringing them together in the mainline. Swsusp2 developer Nigel Cunningham has made a new effort in that direction by posting a set of 51 patches which merge swsusp2 into the 2.6 kernel.There is a great deal of code in these patches. Some of the more interesting pieces include:
- A set of new exported symbols; these
include fundamental things like sys_ioctl(),
avenrun, and a number of low-level swap functions. These
exports were poorly received; there is currently a great interest in
reducing the number of symbols exported to modules. A patch which,
instead, exports fundamental interfaces is bound to encounter some
resistance.
The swsusp2 code wants these symbols exported because the entire suspend mechanism can be built as a module and loaded only when the system is to be suspended. This can be a nice feature; swsusp2 is a lot of code, and it is all excess baggage anytime the system is actually being used. The costs of making swsusp2 modular may prove too high for that feature to be accepted into the mainline, however.
- A change to the workqueue API allowing
the creator of a workqueue to specify whether that queue should be
left running during the suspend process. Some workqueues perform
tasks which are needed during the image writeout process, and thus
cannot be stopped prematurely.
- A replacement refrigerator, the code
charged with putting all processes on hold so that the system is in a
quiet state before suspending. The intrusive macros which
characterized the swsusp2 refrigerator some time ago are gone. The
new version relies upon a PF_SYNCTHREAD task flag to keep
processes (temporarily) from being frozen while they are doing some
work involved with writing data to disk.
- A complicated I/O infrastructure for writing the suspend image to
disk. The new I/O code is said to be much faster, and it supports
features like image compression, writing to swap files or LVM devices,
etc. Future plans call for more esoteric features, such as suspending
across a network. These features may be nice, but it has been pointed out that the swsusp2 I/O code alone
outweighs the entire mainline software suspend code by a significant
amount.
- Various types of "nice displays" when a suspend or resume is in progress. These displays include progress bars, splash screens, and more.
Nigel offers a number of reasons for merging swsusp2. It is claimed to be much faster as a result of the use of asynchronous I/O, readahead on resume, and (for systems with slow drives) image compression. It is far more configurable; users can select the sort of display they like, image compression and/or encryption, etc. Suspending to swap files, LVM devices, and more is supported. And so on. There is little disagreement that swsusp2 offers some nice features, but there is some concern over how Nigel is trying to proceed:
The kernel developers are increasingly resistant to wholesale merging of large blocks of code - especially when that code duplicates functionality already found in the kernel. They would rather see a series of incremental patches, each of which takes a small, useful step in the right direction. Nigel does not want to do that; swsusp2 is vastly different, internally, than the mainline suspend code, and evolving one into the other looks like a long, painful, and pointless job. He may have to do that work, however, before any of the swsusp2 code can be merged.
A bigger obstacle, however, may be the fact that, while swsusp2 was being developed, the mainline software suspend code was progressing too. Your editor is able to reliably suspend to memory and disk with a vanilla 2.6.9 kernel. SUSE enables software suspend and calls it a feature in its 9.2 release. Since the in-kernel suspend code seems to actually work, enthusiasm for replacing it with a larger, more complex version is not as high as it might otherwise have been. The ultimate fate of swsusp2 may yet be to contribute its best improvements to the mainline, but to never be merged in its entirety..
Patches and updates
Kernel trees
Architecture-specific
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Networking
Security-related
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
Debian on AMD64
These days, just about every major distribution (with the notable exception of Slackware) is offering an AMD64 port of their principal product. This is mainly in anticipation of increased popularity of the 64-bit processors in the future and to gain experience in solving challenges that exist while developing a distribution that would be not only considerably faster than its x86 counterpart, but also equally usable - both on servers and workstations. In the upcoming series we will look at how different distributions (Linux and BSDs) handle these challenges. We will try to answer a question that some readers contemplating a new computer system might be asking: is the AMD64 processor ready to satisfy our most demanding computing tasks?We will start with Debian GNU/Linux, which has always been the most multi-platform Linux distribution on the market. Woody, the current stable release for over 2 years, and Sarge, the new upcoming stable release due out in a month or two, support no fewer than 11 architectures. Perhaps surprisingly, AMD64 is not one of them and it won't be in Sarge either. That said, Debian developers have been working on an AMD64 for some time, and unofficial builds, including Sarge installation CDs and documentation, are already available on the Debian AMD64 Port pages. There are two unstable (=sid) branches - "pure64" and "gcc-3.4". The former is compiled with GCC 3.3 and is considered more stable, while the latter is compiled with gcc-3.4 which is said to have a better support for AMD64, but is less well-tested. An AMD64 testing branch is also available with a plan to build a full unofficial Sarge release at a later stage, but it will not enter the main Debian Sarge branch and it is not yet clear how security updates will be handled for this product.
Despite the unofficial status of the port, those who wish to run a fully-enabled 64-bit Debian distribution on an AMD64 processor can do so today. We installed it on a system with the following specifications: AMD64 3500+ processor (2.2GHz), K8N Neo2 (Socket939) mainboard from Micro-Star International, 1 GB of DDR SDRAM, 2 x 120 GB Maxtor hard disks, Plextor PX-712A DVD/CD Rewritable Drive, and NVIDIA GeForce4 Ti 4600 graphics card. If you are curious about the cost, the processor + mainboard + memory came to about $620, but anything newer than the 3500+ processor would cost dramatically more; for example the current prices for the AMD64 4000+ processor start at $715 (without the motherboard and RAM).
To initiate the installation, we downloaded the most recent Debian "netboot" ISO image (4.4 MB). This is a bootable CD that attempts to auto-configure networking before it proceeds with downloading and installing the base system. The installation was rather painless and the only non-standard place was the selection of FTP/HTTP mirrors; as was mentioned earlier, the AMD64 branch has not been included in the Debian's main branch and is maintained separately on the Alioth server. Therefore your preferred download server and selected AMD64 branch have to be entered manually. Besides the main server, a handful of mirrors in Europe and Asia are also available. As soon as the installation completed and the bootloader was configured, we were prompted to reboot into our brand new Debian AMD64 system. We continued with installation of packages for a typical workstation - a full graphical desktop with GNOME 2.8 and KDE 3.3.1, as well as most other general applications. The entire experience was rather dull (in a positive sense of the word) and everything we threw on the apt-get command installed without any problems at all. Perhaps we shouldn't have been surprised - the Debian AMD64 Ports page claims that 97% of all Debian packages compile just fine for the AMD64 processor which is, in fact, the second most complete port, after i386.
Although we were impressed by the quality of the port and the trouble-free system installation and configuration, there was little doubt that sooner or later we would run into some AMD64-specific issues. Firstly, there was the remaining 3% of applications that have yet to be ported to AMD64, with OpenOffice.org being the most glaring of the missing pieces. Secondly, what about the many useful binary-only applications, such as Acrobat Reader, Macromedia Flash Player, the NVIDIA graphics driver, Opera, RealPlayer, etc., most of which are built for i386 only (the NVIDIA graphics driver is the only notable exception)? There are two ways to solve the problem. The first one is by installing a set of IA32 libraries which should allow users to run most i386 applications, while the second one (a more proper way, since some would argue that mixing IA32 and AMD64 libraries is not the right way of maintaining a clean system) requires an installation of a basic 32-bit system into a chrooted environment.
The second option is slightly more involved, but this HOWTO explains the procedure in simple terms. After installing the "dchroot" package, configuring it and creating a simple shell script for launching the chrooted 32-bit applications transparently from within the 64-bit environment, we were able to install and run OpenOffice.org, Acrobat Reader, Opera and RealPlayer with no problems. Thus, we ended up with a Debian system that was almost complete and very close to what we would have on an x86 workstation. There were still some missing pieces - for example, it is not possible to get a 64-bit browser to load the 32-bit Macromedia Flash plugin, so the only way to view Flash-enabled web sites was from within the chrooted 32-bit Opera (or any other chrooted 32-bit browser, if installed). Of course, this method of running certain applications is still a lot more cumbersome, than it should be, but it will do for the time being. Eventually the Debian developers will port OpenOffice.org to the AMD64 platform and, if we scream loudly enough, we might even get the makers of the above-mentioned proprietary software start building AMD64 ports of their applications. In the meantime, it is not too difficult to run a full 64-bit system with a handful of "forbidden" 32-bit applications in a chroot jail.
Before installing Debian on the AMD64 system, we had some worries about the ability to maintain an efficient working environment on this relatively new platform, fearing compatibility issues, maybe even instability. Luckily, this turned out not to be the case. Although still labeled as beta, Debian's AMD64 port has so far proved to be a trouble-free, high-quality distribution that is certainly ready for deployment on high-end developer workstations. The system is incredibly responsive, it boots twice as fast as a the 1.4 GHz P4 box sitting next to it, and overall it has been an enormous pleasure to use it. AMD64 is a great processor and Debian developers have built a excellent product to take full advantage of its power. This experience has removed whatever doubts we had about the present state of quality 64-bit computing.
Distribution News
Debian GNU/Linux
Martin Schulze has announced a new Debian Flyer project in the CVS repository on Alioth. "This should make it easier for translators to get the translations in sync. A ``translation-check'' line has also been added to some translations so it is easier to determine what would have to be changed to ge the translation back in sync."
This Sarge release status report looks at
the possibility of getting GNOME 2.8 into Sarge. "After requests and
a detailed proposal from the GNOME team, we accepted an upload of GNOME 2.8
into sid, and, via the usual mechanisms, into sarge. We should mention
that the release team was running out of objections to GNOME 2.8 in
unstable that the GNOME team hasn't satisfactorily addressed; this, and the
fact that they have demonstrated good reaction times of late are the main
reasons why we're approving it despite the timing.
"
Fedora Core
The Unofficial Fedora FAQ has been updated for Fedora Core 3. The Fedora Core 2 FAQ is still available here.Dirk Westfal has announced a LiveCD with Fedora Core 3, KDE 3.3.1 and GNOME 2.8.
Fedora Core 3 updates: system-config-samba (add missing options), spamassassin (bug fixes from upstream), system-config-date (enable Gujarati and Tamil translations), system-config-securitylevel (fixes tracebacks introduced by the libselinux update), abiword (fixes for tempnam usages and startup geometry crashes), udev (turn off debug logging), prelink (several bug fixes), libselinux (change location of helper applications), policycoreutils (removes FixFiles.cron), alsa-lib (fix bad assertion that trips up gstreamer), man (bug fixes and enhancements), openmotif (latest Xpm patches, fixes CAN-2004-0914), openmotif21 (fixes CAN-2004-0914, CAN-2004-0687, CAN-2004-0688 and other bugs), iptables (fixed autoload problem in iptables and ip6tables (CAN-2004-0986)), postfix (bug fixes), postfix (fixes the fix), tvtime (update to 0.9.15), quagga (new upstream release, bug fixes), gtk2 (fixes some ABI breakage), gtksourceview (rebuild), gedit (rebuild), bash (cleanup), words (major upgrade), slang (corrects buffer overruns), shadow-utils (fixes bug in useradd), man-pages-pl (remove mc.1), aspell-bg (add bulgarian.kbd file), slang (fixes a very slight horizontal line artifact), brltty (don't make /etc/*.conf executable), cvs (replaced old SCCS migration script).
Fedora Core 2 updates: system-config-samba (add missing options), gaim (FC2 Update), tcpdump (fixed nfs protocol parsing for 64 bit architectures), man (bug fixes and enhancements), ppp (bug fixes), openmotif21 (fixes CAN-2004-0914, CAN-2004-0687, CAN-2004-0688 and other bugs), openmotif (fixes CAN-2004-0914, CAN-2004-0687, CAN-2004-0688 and other bugs), slang (fixes a very slight horizontal line artifact).
Mandrakelinux
Updated kdebase, kdelibs and kdepim packages fixing many bugs are available for Mandrakelinux 10.1.Slackware Linux
The slackware-current changelog contains an update from Patrick. "I built a few updates to get my mind on happier things. Maybe I'll have time to look at the kernel sometime soon, too, but getting my health back remains the A-number-1 priority here."
kde/koffice-1.3.5-i486-1.tgz: Upgraded to koffice-1.3.5.
kdei/koffice*.tgz: Upgraded to koffice-i18n-1.3.5.
Also, Bruno H Collovini and Piter Punk in Brazil have been helping to build security updates for Slackware. You can find those updates here.
SUSE Security Summary Report SUSE-SR:2004:002
SUSE has fixed minor security issues in several packages. Click below for details.Trustix Secure Linux
Trustix has updated the following packages: amavisd-new, anaconda, courier-imap, cyrus-imapd, cyrus-sasl, file, kernel, mkbootdisk, mysql, rpm, samba, setup and swup. Bug fixes, enhancements and a few security problems are addressed in this 'multi' update.
New Distributions
Flash Linux released (GnomeDesktop.org)
GnomeDesktop.org has an announcement for the initial release of Flash Linux. "Flash Linux is a compact distribution designed to run off 256Mb USB keys. It includes hardware detection, auto configuration, a fairly complete Gnome 2.8 desktop, and associated office tools. Ideal if you want to try out Gnome 2.8 without touching your current system with over 50Mb of storage left after installation. Note that this is a first release, it should however be pretty usable and stable."
Distribution Newsletters
Debian Weekly News
The November 23 Debian Weekly News is out; it looks at bug-squashing parties, Debian and the Linux Core Consortium, speeding the boot process, debian-installer progress, and more.Debian Weekly News
The Debian Weekly News for November 30, 2004 is out. In this issue; a look at Debian flyers on Alioth, another woody update (3.0r4), DWN in RSS and blog formats, and more.Gentoo Weekly Newsletter
The Gentoo Weekly Newsletter for the week of November 29, 2004 is out. This week's edition covers PegasosPPC boxes from Genesi with Gentoo preinstalled, the Gentoo script repository, some translation project news, a shift to the 2.6 kernel as the default, and more.DistroWatch Weekly, Issue 77
The DistroWatch Weekly for November 29, 2004 is out. "This week we have a brief report on the next release of Gentoo Linux and we also introduce UHU-Linux, a Hungarian project and a major driving force behind Linux adoption in Hungary."
Minor distribution updates
Devil-Linux v1.2.1 released !
Devil-Linux v1.2.1 has been released. "The changes include Kernel 2.4.28, enabled sasl+ldap+mysql for postfix, dramatically reduced size of etc.tar.bz2, many program updates, and many other changes."
Linux Netwosix
Linux Netwosix has announced the release of v1.2 (Jinko). This release has a new setup method, a new How-to, Linux kernel 2.6.9, GCC 3.3.3 and more.Linux Netwosix has also released an updated NEPOTE (NEtwosix POrting Tool Environment).
Newsletters and articles of interest
My workstation OS: Debian (NewsForge)
This NewsForge article advocates Debian on the desktop. "What do you want from a desktop operating system? Of course programs for everyday use (a Web browser, office tools, games, etc.), but those programs are not the main criteria, especially with GNU/Linux, since you can use almost any Linux application easily on your distribution of choice. The real criteria are stability, package management, hardware compatibility, and the people behind the software, the community. For its superiority in those areas, I made Debian my workstation OS."
Page editor: Rebecca Sobol
Development
Looking Past CVS: The Future is Distributed
The field of alternatives to CVS has exploded. Alternatives have been documented and compared, but the trends deserve further analysis.
It's truly a critical moment, as the winds of change are shifting over the landscape of source control. Major projects, such as PostgreSQL, KDE, and emacs are discussing the dumping of CVS for an alternative. Smaller Projects, such as wxRuby and Rhythmbox have already switched.
A Source Control Management (SCM) system is important because this software choice impacts a whole group of developers, and changing systems can be very disruptive to a project. The larger the project, the greater the inertia, and higher the cost to switch.
Here's my analysis of trends that will emerge:
What won't happen: No "CVS replacement" will emerge, at least not with the dominance that CVS has had. Instead, what we will see will follow the patterns of the expanding offerings of scripting languages. Although Perl has long dominated this category, other languages have dared to challenge the heavyweight, and they have prospered. Python, PHP, and ruby are all doing well, with growing communities building up around them.
Don't expect to see one clear SCM leader, with the rest hopelessly out of sight in terms of popularity and usability. Many sufficiently capable alternatives are emerging. The diverse environment we will see will play a part in determining which projects stand out. Those projects that grasp the importance of playing well with other SCMs will see increased popularity.
The young svk project seems to understand this issue. They integrate with VCP, a framework designed for interchanging formats of various SCMs. Svk is being designed so that at maturity, you will be able to use it as a client for several other SCMs.
Consider the following situation for a typical open-source programmer: The programmer would like to contribute to one project that uses CVS, another which uses Subversion, and a third which uses Arch. Rather than learning all three, she can use svk, reduce her overhead time, and improve her overall efficiency. Currently, svk can mirror a CVS archive, but not perform a "commit through" on your changes.
As people contribute to this 'glue' project, it will be easier for participating SCMs to update their own offerings to allow better interoperability.
One important trend is the removal the "single central server" limitation of CVS. New distributed systems allow developers to share changes in a peer-to-peer mode without going through a central server. This feature will gain prominence for two reasons. Most importantly, the centralized model is a subset of what a distributed system can do. So users don't have to pick an "either or" solution. Also, a distributed design maps extremely well onto the organic global network of open source software development.
Developers who do not have "commit access" benefit from distributed systems because they are given a much expanded toolkit, giving them access to the same command set that the core developers have. With better tools for more developers, more time can be spent writing code instead of managing it.
Distributed SCMs should be equally beneficial to corporations, with their increasingly distributed structures. More activity can happen locally to the developers, making a fast link to a distant central server less critical for developer productivity.
I have followed two distributed SCMs in particular, Arch and Darcs. Arch currently has a larger user base, and arch repositories exist for popular projects such as the Emacs and Vim editors. Arch is also noticeably more complex to set up and use.
Darcs, which just turned 1.0, shines because of its ease of use, clear documentation, and powerful underlying unique "theory of patches". Svk is working on emulating the Darcs interface, while Arch would like to support the Darcs patch handling features.
It's not all roses for Darcs, though. While it receives praise for use on small projects, it is known to hang for hours on large trees like the Linux kernel as well as when large scale conflicts occur.
Colin Walters, an Arch hacker, shares my vision of a distributed future. He concluded recently: "The contender for the future of free software revision control is still very much up in the air..
This much is clear: If you are still using CVS, it's time to evaluate the alternatives, and think distributed.
System Applications
Database Software
Glom 0.8.9 announced
Version 0.8.9 of Glom, a database table designer GUI, is out with numerous bug fixes and translation improvements.JabRef 1.6 released (SourceForge)
Version 1.6 of JabRef, a graphical application for managing bibliographical databases, has been announced. "Being the first version preceded by a public beta, we hope that JabRef 1.6 will be the most stable release so far. There are many new features since version 1.55, including greatly improved handling of bibtex strings, export to MODS format and facilities for detecting and handling external changes to open files. Many bugs have been fixed, and the user interface has been improved in many small ways."
PostgreSQL 8.0.0 Beta 5 Now Available
Version 8.0.0 Beta 5 of the PostgreSQL database has been announced. "Its been almost 4 weeks since Beta4. After a lot of work involving a lot of bug fixes and documentation improvements to the source tree, we have just released our 5th Beta of 8.0.0. All of our major Open Items have now been completed, and we're slowly entering the final stages, involving a lot of testing and documentation changes."
PostgreSQL Weekly News
The November 29, 2004 edition of the PostgreSQL Weekly News is available with the week's PostgreSQL database news.
Libraries
libxklavier 1.12 released
Version 1.12 of libxklavier, the X keyboard utility library, has been released. "The very first xmodmap-enabled release of libxklavier is out. The API/ABI were broken again (sure, compatbility in GNOME CVS HEAD is maintained). Really hope to keep 1.1x series API stable from this point."
Mail Software
Standalone email package 3.0 final
Version 3.0 final of the standalone email package for Python is available. "Python 2.4 final will probably be released in a few hours so this seems like a good time to release the standalone email package, version 3.0 final. Unless there's some last second snafu, this will be identical to the version released with Python 2.4."
Networking Tools
Firestarter 1.0 announced
Version 1.0 of Firestarter, a visual firewall tool for GNOME, is out. "The program features a friendly setup wizard, a real time firewall event monitor and an advanced rules based system for creating traffic policy. The program also helps you set up Internet connection sharing in just a few clicks, or port forwarding when used on a LAN." Changes include a redesigned user interface, a new security policy system, DHCP service support, a view of connections, and more.
Web Site Development
BIG SAM 1.2.02 released
Stable version 1.2.02 of BIG SAM, the Built-In Guestbook / Stand-Alone Module (written in PHP) is out.mnoGoSearch 3.2.25 released
Version 3.2.25 of the mnoGoSearch web site search engine has been released. See the Change Log for details.First stable version of phpPgWeb is out
The first stable release of phpPgWeb has been announced. "This PHP lgpl library is intended to make quickly a user friendly web interface to a postgresql database. It is thought to be configurable, manage automatically references between tables, has multilanguage support, and could be extended quite easily. It is not intended as admin tool (see phpPgAdmin), but as an intuitive web mask to a database."
Quixote 2.0a2 is out
Version 2.0a2 of the Quixote web platform is available with lots of changes. "We still have a lot of work to do before a stable release. The documentation needs to be updated. The mod_python publisher is broken. The Quixote 1 style publisher probably needs some more work."
Install XAMPP for easy, integrated development (IBM developerWorks)
Nils-Erik Frantzell writes about XAMPP on IBM developerWorks. "Open source stacks such as XAMPP from Apache Friends are simplifying open source development by making it easier to write and distribute applications in a stable and standardized environment. Traditionally, AMPP -- Apache, MySQL, PHP, and Perl -- have all been installed and configured as separate products. The trend of combining them into integrated middleware stacks promises to make open source development more competitive with J2EE application development, at least for low-end applications. In this article, you'll learn how to install, configure, and back up XAMPP on Mandrake Linux 10.0 and also how to configure and administer XAMPP, as well as how to install your own applications in an XAMPP environment."
Web Services
Make minor backward-compatible changes to your Web services (IBM developerWorks)
Russell Butek covers web services versioning issues on IBM developerWorks. "Web services versioning doesn't really exist. To achieve new versions of a service, you have to create a new set of WSDL/XSD files with new namespaces, essentially creating a new Web service. That's a rather drastic solution. There are some changes you can make to an existing set of WSDL and XSD files that are backward compatible so that you can evolve your service, to a limited degree, without the drastic measure of creating a new one."
Desktop Applications
Audio Applications
amaroK 1.2-beta1 Released
Version 1.2 beta 1 of amaroK, a KDE music player, is out with numerous changes.QjackCtl 0.2.13 released
Version 0.2.13 of QjackCtl, the Qt/GUI frontend for the JACK Audio Connection Kit, has been released with minor improvements.
Data Visualization
Kst 1.0.0 Released
Kst is "a real-time data viewing and plotting tool with basic data analysis functionality." Version 1.0 of Kst has just been released; click below for the details.MultiPlot 0.4 released
Version 0.4 of MultiPlot, an FLTK-based graph plotting utility, has been released. Here is the change summary: "new version with minor bugfixes. sould now easily compile under linux and windows."
Desktop Environments
Elektrified X.org released
The Elektra Project is an attempt to rationalize Linux configuration files by bringing them all into a standard key/value pair format (apply your favorite registry analogy here). The project has just released a major proof of its concept: an "elektrified" version of the X.org server. Click below for lots of details.KDE CVS-Digest for November 26, 2004 (KDE.News)
The November 26, 2004 edition of the KDE CVS-Digest is online. Here's the content summary: "Extended password dialog can define length and strength thresholds. Dell Laptop Buttons Plug-in for KMilo . As-you-type spellchecking with aspell. KAddressbook import/export filter GMX addressbook format. X-Face support for Kmail and KNode. New blogging resource for Korganizer."
gnome-utils 2.9.2 announced
Version 2.9.2 of gnome-utils, a collection of utilities for the GNOME desktop, is available. "The biggest change overall is that GNOME Screenshot has been moved from gnome-panel to gnome-utils."
gnome-panel 2.9.2 announced
Version 2.9.2 of gnome-panel is out. "Since gnome-panel 2.9.2, the gnome-panel use the /apps/panel gconf directory to store its settings. The settings that were previously stored in /apps/panel/profiles will be automatically migrated."
Electronics
Open Collector Releases
The latest new electronics applications on Open Collector include new versions of annotate_gschem, gschem2xpcb, and Oregano.
Financial Applications
SQL-Ledger 2.4.5 released
Version 2.4.5 of SQL-Ledger, a web-based accounting system, has been released. Changes include a couple of bug fixes.
Games
gnome-games 2.9.2 announced
Unstable version 2.9.2 of gnome-games, a collection of games for the GNOME desktop, is out with numerous changes to individual games.New version of 'HLA Adventure' for Linux released
A new release of HLA Adventure, a text-based adventure game, is out.Choosing a Language for Interactive Fiction (O'Reilly)
Liza Daly introduces interactive fiction languages in an O'Reilly article. "IF languages have various structural and syntactic optimizations for writing games. Turn-based time (or even, in some cases, real time) is a built-in. It's easy to define conditions on which the game can be won or lost. An IF language already knows not only that GET HAMSTER means the player would like to perform an action called GET on an object called HAMSTER, but it also knows that PUT HAMSTER ON TABLE is an entirely different matter than PUT TABLE ON HAMSTER and that PUT NORTH ON HAMSTER is something altogether nonsensical."
Graphics
Inkscape 0.40 released
Inkscape 0.40 has been released; click below for the details. There are some major enhancements in this version, including support for layers, the ability to render text along a path, and "bitmap tracing," which turns bitmap images into vector graphics. A new set of tutorials has been added as well.
GUI Packages
Gtk2-Perl 2.9.2 announced
Unstable version 2.9.2 of Gtk2-Perl, the Perl bindings to GTK+, has been announced.gtkmm 2.4.8 announced
Version 2.4.8 of gtkmm, the C++ interface to GTK+, is out with bug fixes and documentation improvements.
Interoperability
Wine Traffic
The November 26, 2004 edition of Wine Traffic is available with the latest Wine project news.
Multimedia
GStreamer Plugins 0.8.6 released (GnomeDesktop)
Version 0.8.6 of the GStreamer plugins have been announced. "Lots of bugs fixed in this release (44 bugzilla items closed). New polypaudio sound server plugin and support for musepack files. Another important addition to this release is support for chained ogg files, which is important for many ogg web radio streams for instance. Some important fixes to our ALSA support was also made, so people who had troubles with ALSA output with earlier releases are advised to give this one a go."
Music Applications
Hydrogen v0.9.1 is out
Stable version 0.9.1 of Hydrogen, a drum machine, has been released. Changes include a new ALSA driver, French documentation, and bug fixes.
News Readers
Liferea 0.6.4 announced
Version 0.6.4 of Liferea, the Linux Feed Reader, is available. Changes include a Polish translation, global article skimming keybindings, and bug fixes.
Office Applications
gcalctool v5.5.16 released
Version 5.5.16 of Gcalctool, the default GNOME desktop calculator, has been announced, it is considered stable. Changes include translation work.
Office Suites
OpenOffice.org 1.1.3-kde released
KDE.News has the announcement for OpenOffice.org 1.1.3-kde. This is a version of ooo-build which has been reworked to fit into the KDE environment; it uses the KDE native widget framework and features KDE icons.KOffice 1.3.5 Released
Version 1.3.5 of KOffice has been released, this is the fifth bugfix package for this series. Changes include Breton language support, a security fix, and KPresenter fixes.OO.o build-1.3.7 is available
Build 1.3.7 of OpenOffice.org has been announced. "This package contains Desktop integration work for OpenOffice.org, several back-ported features & speedups, and a much simplified build wrapper, making an OO.o build / install possible for the common man. It is a staging ground for up-streaming patches to stock OO.o."
Web Browsers
Epiphany 1.4.6 released
Stable version 1.4.6 of Epiphany, the GNOME web browser, has been announced. Changes include numerous bug fixes and more.Epiphany Extensions 1.4.3 released
Version 1.4.3 of Epiphany Extensions has been released. A security bug fix is included, upgrading is advised.Epiphany 1.5.2 released
Unstable version 1.5.2 of Epiphany, the browser for GNOME, is out. Changes include interface improvements, bug fixes, and more.Epiphany Extensions 1.5.2 released
Unstable version 1.5.2 of Epiphany Extensions has been announced. Changes include an important security update, bug fixes, and more.Independent Status Reports (MozillaZine)
The November 2, 2004 edition of the Mozilla Independent Status Reports are available. Here's the content summary: "The latest set of independent status reports includes updates from mozImage, Biobar, fireFTP, Habari Xenu, Checky, citations nd Linkvisitor."
Miscellaneous
Bakery 2.3.10 announced
Version 2.3.10 of Bakery, a C++ Framework for creating document-based GNOME applications, has been released. This is a bug-fix release.gnubiff 2.0.3 is out
Version 2.0.3 of the gnubiff mail notification program is out with bug fixes and security improvements.
Languages and Tools
Caml
Caml Weekly News
The November 23-30, 2004 edition of the Caml Weekly News is online with news of the week's Caml language developments.
Java
Juggle Your Java with JDistro (O'Reilly)
Howard Wen examines the JDistro project on O'Reilly. "Appropriately enough, running multiple Java applications at once can be akin to drinking too much coffee in one sitting: You get erratic results and ultimately crash hard. But having more than one Java program running can be helpful for development. Java programmer Guillaume Desnoix wanted such a robust environment, so he created his own: JDistro."
Enhance looping in Java 5.0 with for/in (IBM developerWorks)
Brett McLaughlin looks at for/in in Java 5.0 in an IBM developerWorks article. "The for/in loop -- often called either enhanced for or foreach is largely a convenience feature in Java 5.0. It doesn't really offer any new functionality, but certainly makes several routine coding tasks simpler. In this article, you'll learn about many of those, including using for/in to iterator over arrays and collections, as well as how it can help avoid unnecessary (or just plain annoying) typecasts. You'll also learn how for/in is implemented, glean details about the new Iterable interface, and even understand how to make your own custom objects usable with this new construct."
Taming Tiger: JDK 5.0 source code licensing (IBM developerWorks)
John Zukowski examines the JDK 5.0 license on IBM developerWorks. "Sun recently released the JDK 5.0 source through the Sun Community Source License (SCSL) and Java Research License (JRL). This month, Tiger columnist John Zukowski takes a break from the details of the new release and overviews the licensing terms and what access to the source offers developers. He also provides a quick look at the surprise early access drop for Mustang, the J2SE 6.0 release."
Lisp
SBCL 0.8.17 released
Version 0.8.17 of SBCL (Steel Bank Common Lisp) is out. "The main new feature of this version is Unicode support."
Perl
Perl 5.8.6 released (use Perl)
Perl 5.8.6 has been announced. "The Perl 5 developer team is pleased to announce the Perl Release 5.8.6, the sixth maintenance release of Perl 5.8."
PHP
PHP 5.0.3RC1 released
Version of 5.0.3RC1 PHP is available. "This is the first release candidate and should have a very low number of problems and/or bugs. Nevertheless, please download and test it as much as possible on real-life applications to uncover any remaining issues."
PHP Weekly Summary for November 22, 2004
The PHP Weekly Summary for November 22, 2004 is out. Topics include: Broken pipe in fork, Overloaded class registration, CLI and go-pear in win32 installer, Binary compatibility broken, SPL's Countable, Cleanup for sprintf, libgd fonts, and Browscap.PHP Weekly Summary for December 1, 2004
The PHP Weekly Summary for December 1, 2004 is out. Topics include: Detached processes, php_iconv_string exportable, Segfault in PHP 5, PHP 4.3.10 RC1, Additional module registration, Per-directory magic quotes, Binary compatibility and Reverted commits.
PostScript
GSview 4.61 beta release
Beta release 4.61 of GSview, a PostScript previewer, has been announced. Numerous changes are included. "Please send in bug reports before the GSview 4.7 release, scheduled for mid December 2004."
Python
Python 2.4 released
Python 2.4 is out; this is a major release which adds a number of new features to the language. Click below for the announcement, or see the Python 2.4 page for download and change information. There is also a 2.4 highlights page for those in a hurry.ActivePython 2.4.0 build 243 is available
Build 243 of ActivePython 2.4.0, ActiveState's quality-assured binary build of Python, is out. "This is a release candidate matching the recently tagged core Python 2.4.0. Builds for Linux, Solaris and Windows are available."
Tcl/Tk
Dr. Dobb's Tcl-URL!
The November 23, 2004 edition of Dr. Dobb's Tcl-URL! is out with the week's Tcl/Tk articles and resources.
XML
Mapping and Markup, Part 1 (O'Reilly)
John E. Simpson discusses the Geography Markup Language (GML) on O'Reilly. "Geography Markup Language (GML), now at Version 3.1, is a specification of the Open Geospatial Consortium (OGC). (This standards body was formerly known as the Open GIS Consortium--GIS being an acronym for Geographic Information Systems.) If you're used to W3C-sized specs--even behemoths like XML Schema--you'd better sit down before glancing at the GML "Recommendation Paper"; it's a monster, weighing in at over 600 PDF-formatted pages, supplemented by nearly three dozen separate schemas."
Location, Location, Location (O'Reilly)
Uche Ogbuji writes about XML locations in an O'Reilly article. "It is often useful to keep track of the location of some data in an XML file being processed. If you are parsing a file in order to perform sophisticated search and analysis tasks, you may want to know in which element or other such node a specific pattern was found (or even at what file location). XPath is the standard way to convey the location of an XML node. In the case of DOM, you might like to be able to compute an XPath expression selecting a specific node. In the case of SAX, you might want to have an XPath location for a current event, or you may want to get information on a current file location from the parser. In this article, I cover techniques for figuring out such location information. Along the way, I shall be providing some examples of marginally documented corners of Python's SAX libraries."
Build Tools
NAnt 0.85 Release Candidate 1 available (SourceForge)
Version 0.85 Release Candidate 1 of NAnt has been announced. "NAnt is a free .NET build tool, allowing applications to be built targeting both Microsoft .NET and Mono while supporting both win32 and Linux." See the latest release notes for change information.
Editors
gedit 2.9.2 released
Version 2.9.2 of gedit, the official text editor for GNOME, is out with lots of bug fixes and translation improvements.
IDEs
DrPython 3.7.0 released (SourceForge)
Version 3.7.0 of DrPython, a cross-platform Python IDE, is available. "I added Optional Text Drag and Drop (Thanks Robin Dunn), and finally nailed the encoding bug (swedish character display). The Plugin List is now updated from the website, so version number do not need to be updated by developers." See the announcement for the full list of changes.
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Torvalds: GPL Needs Minor Work (eWeek)
eWeek talks with Linus Torvalds about the GPL v3. "I'm a big-picture thinker when it comes to licenses, which really means that in the end, I don't care as much about the actual details as Eben [Moglen] does. So, no. My concerns about a GPL [Version] 3 aren't the same as his. My biggest concern is that licenses are something ... personal to developers, and even trivial modifications to the GPL will cause endless debates, and that can easily derail any attempts to improve it. In the end, while I certainly don't tend to agree with the FSF on all the politics, I think the fact that the FSF does control the license and [FSF founder] Richard Stallman has a lot of respect in the community means that a new license is possible."
Linux for Suits: Grass Roots vs. Giant Roars (Linux Journal)
Doc Searls wonders what happened with the Consumer Electronics Linux Forum (CELF). "Even if CELF eventually does produce a working distro, it reminds us in the meantime that Linux is fundamentally a grass-roots phenomenon. It's bottom-up, not top-down. I don't mean to discredit IBM, HP, Novell, Oracle or any of the other BigCos that promote Linux, support its development and fly the penguin flag. I do mean to credit the little guys who not only develop Linux, but deploy it in the marketplace. Especially the ones who deliver and not merely promise."
The 1994 USL-Regents of UCal Settlement Agreement (Groklaw)
Groklaw has come up with a copy of the (formerly) secret settlement agreement between Unix System Laboratories and the University of California. "Now we know why SCO keeps telling us the case is 'just a contract' case, why it has a penchant for suing only those who are, or were, their licensees, and why it sued IBM instead of Red Hat. USL preserves its rights against licensees under the license agreements. I see no expanded rights against third parties who are not licensees, just the preexisting right to try to sue them, with the same likely outcome that USL experienced when it tried to sue the University and BSDi, using the same lame copyright claims that the judge back then found so unconvincing."
Trade Shows and Conferences
Inside EuroBSDCon 2004 (O'ReillyNet)
O'ReillyNet reports from EuroBSDCon 2004. "Jordan kept pushing the button on innovations. Where is the alternative thinking? In the Linux world, if there is a new hardware, idea, or project, there's always someone who stands up and start working on it. Maybe that person will not complete what he or she started or maybe the result will be of low quality, but at least someone tried to contribute. This doesn't happen in the BSD world."
The SCO Problem
SCO motion to stay DaimlerChrysler denied (Groklaw)
Groklaw reports that an attempt by the SCO Group to put the DaimlerChrysler case on hold until the IBM case is decided has been denied by the judge. "I think we may be seeing the first indication of what happens when you put a cap on legal fees. Moral of the story? Pay your lawyer." The next hearing in this case (which now just relates to whether DaimlerChrysler responded quickly enough to SCO's demands) is on January 7.
Companies
Intel more active in desktop Linux (News.com)
News.com reports that Intel will be shipping desktop Linux installation kits along with its processors to OEMs in Asia. "The kit includes driver software, which enables use of specific hardware features; scripts to quickly install software that has been validated to work with various versions of Linux; and a program called the Application Version Compliance Tool that checks to make sure programs are compatible with those Linux versions and Intel electronics."
Lycos screensaver to blitz spam servers (Register)
The Register reports that Lycos has come up with a new approach to spam: distribute a "screen saver" which performs distributed denial of service attacks against spammer sites. "A spokesman for Lycos in Germany told The Register he believed that the tool could generate 3.4MB in traffic on a daily basis. When 10m screensavers are downloaded and used, the numbers quickly add up, to 33TB of 'useless' IP traffic. Seems Lycos may hurt not just spammers."
Linux Adoption
A Year of Victory for Linux (eWeek)
eWeek reports a good year for Linux. "Who's using Linux? Everybody. Small companies, Fortune 50 enterprises, nonprofits, governments. Everybody. Why? Because, when you cut through all of the FUD (fear, uncertainty and doubt), all of the bought and paid-for ROI (return on investment) and TCO (total cost of ownership) studies, all of the intellectual property fears, the bottom line is that Linux simply works."
Linux slashes costs for bank giant (ComputerWeekly)
ComputerWeekly looks at Linux use at Dresdner Kleinwort Wasserstein. "One of the biggest investment banks in Europe is using Linux for up to 70% of its new IT projects after finding that running the open source operating system on Intel-based servers cut running costs by nearly half."
The real cost of open source (FCW.com)
This Federal Computer Week article covers the adoption of open source software by the U.S. Marshal Service. "For the past few years, the Marshal Service has been replacing SCO Group Unix with Linux in some back-office systems. Earlier this year, officials began implementing JBoss Web application servers, another open-source package, across the agency's 94 district offices. Traditional commercial alternatives would have cost $50,000 per processor in software licenses, and "that would have been cost-prohibitive," Campbell said. "JBoss is free upfront; we only have to pay for maintenance."" (Thanks to David A. Wheeler)
Legal
Linus Torvalds gets software patents wrong, says attorney (Out-Law)
Out-Law.com is carrying a critical response to Linus Torvalds on European software patents. "Torvalds and his supporters lack a fundamental understanding of intellectual property rights as they seem to be unaware that copyright can only protect software code, and not software inventions. Allowing for patent protection on software inventions is a requirement of the World Trade Organisation's TRIPS agreement which states that patents must be available in all fields of technology." (Thanks to James Heald).
Interviews
Scott Wheeler: Perspectives on KDE Multimedia (OfB.biz)
Eduardo Sánchez interviews Scott Wheeler, KDE multimedia hacker, on Open for Business. "SW: The beginnings of the introduction of aRts into KDE took place at the KDE 2 meeting. It did indeed show quite a bit of promise. Stefan pitched it to the GNOME folks at GUADEC (Gnome Users and Developers' European Conference) one year as well. aRts continued to move along for a few years and kind of reached a high point in terms of stability in 2001 or so. But as you mentioned, it was mostly developed by Stefan Westerfeld --in fact it was almost exclusively developed by Stefan, which when he became somewhat disenchanted with it eventually led to problems. I suppose we can understand those in the context of a few things that happened --or rather didn't happen." (Found on KDE.News)
Postfix's Wietse Venema Interviewed (Linux IT)
Linux IT talks with Postfix creator Wietse Venema. The interview is available in English and in Portuguese. "How and when did the idea of making Postfix start?"
When I came to IBM research as a visiting scientist late 1996, I had a little list of projects that I wanted to work on. One of those was to build a mail system with the same quality as my TCP Wrapper software: something that just does the job without causing trouble, and that you can forget after you install it. At the time, there were four CERT/CC advisories for Sendmail each year.
Resources
Network and Identity Configurator for Linux (IBM AlphaWorks)
IBM AlphaWorks introduces a new configuration tool. "Network and Identity Configurator for Linux® (NICL) is a tool that enables easy changing of the system name and network address of Linux systems and IBM middleware. It employs a BASH script that can save multiple man-months in system configuration time. This tool was developed within IBM for administrating an internal block of Linux systems."
Wireless on the Road (Linux Journal)
Linux Journal looks for wireless connections in out of the way places. "Wireless Internet access has become easy to find in large cities. But I take vacations in more out-of-the-way places, where "the Internet" still is a new concept. Getting Internet access in most small towns isn't always a straightforward task. Here are some tips that might help you keep your Linux laptop connected on your next trip."
Reviews
Open-Source payroll application launched (ZDNet UK)
ZDNet looks at a new payroll application. "Clockwork Software Systems launched PayThyme, an open-source payroll application, in Birmingham on Thursday. At the company's launch event in Birmingham, Clockwork business manager Jim Welch said it was initially supplying the software pre-installed on hardware, but will supply it as an individual, supported product in 2005. The source code of the product will be available for free download from the company's Web site in two weeks."
The sweet taste of good customer relations (NewsForge)
NewsForge takes a look at SugarCRM. "Sugar Sales should be able to satisfy most of the CRM needs of small to medium-sized businesses. As an open source product built to run on top of other open source products, Sugar Sales offers the same cost-effectiveness you find with any open source product, and it has an impressive feature set for the time it has been in development. That means we can reasonably expect it to improve quickly too."
The open source wiki behind Wikipedia (NewsForge)
NewsForge reviews MediaWiki. "From a user perspective, MediaWiki provides a simple, feature rich environment for editing and contributing content. Content is handled with a simple WYSIWYG editor that makes editing accessible to anyone by default even without a login. All articles also have a discussion tab that allows readers to comment on the article as well as a history tab that lets you view version history when edits have been made. Its ease of use has no doubt been a contributing factor in the growth of Wikipedia."
Miscellaneous
Why Install Linux on Your Mac? (O'ReillyNet)
O'ReillyNet wonders why anybody would replace OS X with Linux. "If you want some element of Linux -- access to certain tools and development environment capabilities, for example -- what you require is already built into Mac OS X. But if you wish to go further, to take maximum control of your computer, and do so on some of the best quality hardware around, Linux makes a lot of sense on a Mac. It offers the kind of low-cost, easy-to-use, properly scalable system that Apple's commercial offering just can't match."
VA drives open-source health records initiative (FCW.com)
Federal Computer Week looks at the reuse of code from the Department of Veterans Affairs. "Twenty-year-old software developed by the Department of Veterans Affairs could serve as the low-cost building block of a nationwide electronic health care record (EHR) system President Bush wants officials to deploy within the next decade, according to health management experts." (Thanks to David A. Wheeler)
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
U.S. Senate passes copyright bill
Public Knowledge has put out a release on the copyright bill that just passed in the U.S. Senate. It would seem that reason has prevailed in the end; all of the worst provisions, including silly language that might have prohibited skipping over commercials, have been removed. "We are also pleased that HR 4077 was dropped from the bill that passed. That legislation would have lowered the standard for copyright infringement. The Senate also wisely removed the PIRATE Act, which would have made the government the entertainment industry's private law firm at taxpayer expense."
Please participate in the 5-minute OpenOffice.org installed base survey!
The folks at OpenOffice.org are requesting your participation in a survey. "The results will be published in the December issue of the OpenOffice.org newsletter. The goal of this survey is to get a better understanding of the usage and distribution of OpenOffice.org."
PEPFAR Software Inventory Report Evaluates Open Source Software (LinuxMedNews)
LinuxMedNews reports on the review of open-source medical software by the President's Emergency Plan for AIDS Relief (PEPFAR). "Open source software, including OpenEMR, is evaluated in the President's Emergency Plan for AIDS Relief ("PEPFAR") Software Inventory Report for use with HIV and AIDS. PEPFAR "FY 2005 budget requests $2.8 billion for fighting AIDS globally, which more than triples the investment since 2001."
FSFE becomes WIPO observer
The Free Software Foundation Europe has announced that it has been accepted as an observer to the World Intellectual Property Organization. "In the scope of the FSFE WIPO project team, the FSFE will work with other players to change WIPO from an organisation that is solely oriented towards monopolisation of knowledge to one that is aimed at increasing the intellectual wealth of all of humankind through a more flexible, sustainable and effective tool set."
Commercial announcements
CFS Announces Early Success for Lustre File System
Cluster File Systems, Inc. has announced the use of its Lustre file system on HP clusters. "The HP StorageWorks SFS product utilizes the Lustre file system's object-based architecture to deliver breakthrough I/O bandwidth for Linux clusters. Building on this CFS(tm) technology, HP SFS enables users to deploy a single file system image on clusters with as many as tens of thousands of CPUs that are capable of throughput in excess of tens of gigabytes per second."
IDC's survey of the server market
IDC has put out a press release summarizing its view of the server market - which appears to be doing well. "Linux server revenues surpassed $1 billion in quarterly factory revenue for the first time in 3Q04. Linux server revenues showed 42.6% growth, while unit shipments grew 31.7%, reaching 9.2% of overall quarterly server revenue. Worldwide investment in Linux servers for both technical and commercial workloads remains strong as the platform continues to expand its presence in data centers around the world. HP maintained its number 1 spot in the Linux server market, with 26.9% market share in terms of revenue, while IBM was second with 20.5%. Dell maintained the third spot with 17.4% of Linux server spending."
Mandrakesoft completes a profitable year
Mandrakesoft has published its shareholder newsletter for the end of the 2003/2004 fiscal year. The bottom line: an €860,000 profit - not bad for a company which was still in bankruptcy at the beginning of the year.Red Flag Offers Opera to Chinese Users
Red Flag Software has announced that the newest version of the Red Flag Desktop operating system will include the Opera browser.Sourcefire Launches Snort Scholarship Program
Sourcefire, Inc. will celebrate Snort's two millionth download by awarding two $5,000 scholarships to computer science students at any college or university that uses Snort as a teaching tool or to help secure its infrastructure.VA Linux Announces Release of 'VA Directory'
VA Linux has announced the initial release of its 'VA Directory' product. "VA Linux Systems Japan K.K. (VA Linux), a leading provider of Linux solutions for the telecommunications and enterprise system markets, today announced it will release 'VA Directory', a new LDAP directory service server software for large-scale enterprise systems. Advance sales of the VA Directory solution will begin immediately, while delivery and full customer support for the system will be available from January, 2005."
New Books
"High Performance Linux Clusters" Released by O'Reilly
O'Reilly has published the book High Performance Linux Clusters by Joseph D. Sloan.KDE-Netherlands Presents Linux Book for Newbies
KDE.News looks at a new Linux book. "During this summer while aKademy was filling our minds and consuming our time other things were cooking in the Dutch KDE community. Some people from KDE-NL, the Dutch KDE community, were offered the opportunity to write a book about Linux and KDE. This month the book 'Linux in 10 minuten' was published and officially launched by Pearson Education Benelux and KDE-NL."
"SWT: A Developer's Notebook" Released by O'Reilly
O'Reilly has published the book SWT: A Developer's Notebook by Tim Hatton."Head First Design Patterns" Released by O'Reilly
O'Reilly has published the book Head First Design Patterns by Eric Freeman and Elisabeth Freeman with Kathy Sierra and Bert Bates."Unit Test Frameworks" Released by O'Reilly
O'Reilly has published the book Unit Test Frameworks by Paul Hamill.
Resources
The 2004 Perl Advent Calendar
It's December, so, inevitably, the 2004 Perl Advent Calender is out. This site features a new bit of Perl goodness each day through the 25th.Perl Debugger Quick Reference (O'Reilly)
O'Reilly has released a downloadable version of their Perl Debugger Quick Reference card. "Perl's debugger is powerful but somewhat esoteric. The core perldebtut tutorial is a good introduction, but who wants to skim through pages of documentation when you only need a quick refresher on the syntax of a command? Let this printable (PDF) Perl Debugger Quick Reference card, excerpted from Richard Foley's Perl Debugger Pocket Reference, be your guide instead."
Contests and Awards
GIMP 2.2 Splash Screen Contest (GnomeDesktop)
A GIMP 2.2 Splash Screen Contest has been announced. "With the imminent release of the GIMP 2.2, the time has come to find the ideal splash screen to go with it. The GIMP website is running a splash contest for this. Now is your chance to join the ranks of the precious few who have had their artwork associated with a major release of the GIMP!"
Upcoming Events
UMeet 2004 Virtual Conference
The UMEET virtual conference will be held from December 9-22, online. "This year UMEET reaches its fith edition. It is a virtual conference, that can be followed using WWW, mailing list and IRC. As in previous years we will have very important speakers and, as in previous editions, we are also open to your proposals and collaboration."
UK Pure Data Workshops in November and December
Aymeric Mansoux and Derek Holzer will present a series of workshops and demos of open-source music software across the UK from November 30 through December 21, 2004. "While many tools exist for sound, multimedia and VJ purposes, few of them are designed with an open architecture which allows artists to configure the tools they use themselves. Fewer still are free to use, share and rebuild. This workshop introduces the software combination of Pure Data, GEM and PDP/PiDiP, running on the Linux operating system, as a platform for audio, video and multimedia artists to explore."
Boston LinuxWorld Keynotes Announced
LinuxWorld Conference & Expo has announced the keynotes for the 2005 event in Boston, Mass on February 14-17, 2005. "Representatives from Novell, HP, Computer Associates (CA), Attitude LLC and MySQL AB will deliver keynote presentations detailing how companies have achieved higher profits and increased productivity by utilizing Linux."
Dutch Perl Workshop 2005 (use Perl)
Use Perl has an announcement for the 2005 Dutch Perl Workshop. "The second Dutch Perl Workshop will take place on February 25, 2005. Nearly all talks will be in Dutch, so we target purely the large community of perl users in the Netherlands and Belgium."
Bellua Cyber Security Asia 2005 CFP
A call for papers has gone out for the Bellua Cyber Security Asia 2005 conference. The event will take place in Jakarta, Indonesia on March 21-24, 2005.OOoRegiCon North America 2005 CFP
A Call for Papers has gone out for the OOoRegiCon North America 2005 conference. The event will take place in conjunction with the Desktop Linux Summit on February 9, 2005 in San Diego, CA. "The acceptance deadline for abstracts is December 10, 2004."
LinuxWorld Conference and Expo Launches in Russia
IDG World Expo has announced the 2005 LinuxWorld Conference & Expo(R) Russia. "The show will follow the successful format of other LinuxWorld events, and will take place from 7-9 September 2005 at Moscow's premier exhibition center - Gostiny Dvor, a stones throw from the Kremlin and in the very heart of Moscow's business and government district."
Events: December 2, 2004 - January 27, 2005
| Date | Event | Location |
|---|---|---|
| December 2 - 3, 2004 | Australian Open Source Developers' Conference | (Monash University)Melbourne, Australia |
| December 2 - 3, 2004 | Linux Bangalore 2004 | (Indian Institute of Science)Bangalore, India |
| December 4, 2004 | Lightweight Languages 2004(LL4) | (MIT Stata Center)Boston, MA |
| December 5 - 18, 2004 | Ubuntu Conference | Mataró, Spain |
| December 9 - 22, 2004 | UMeet Virtual Conference | On the Net |
| December 13 - 17, 2004 | JavaPolis 2004 | (MetroPolis Antwerp)Antwerp, Belgium |
| December 27 - 29, 2004 | Chaos Communication Congress(21C3) | (Berliner Congress Center)Berlin, Germany |
Page editor: Forrest Cook