LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
Recent Features
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for February 3, 2005Interview: OSI's new presidentOn January 31, the Open Source Initiative announced an expansion of its efforts and the appointment of Russ Nelson as its president. Mr. Nelson was kind enough to answer a few questions from LWN on the OSI and where he thinks it is headed. The questions, and his answers, can be found below. We thank Russ for taking the time to fill us in.LWN: So you're the new president of OSI. Why did you take on that role, and where do you anticipate taking the OSI in the near future?
To Infinity ... and Beyond!
No, wait, that's Bruce Perens' line [Bruce worked for Pixar and is in the Toy Story credits]. Never before in history have we had a time when one person of ordinary intelligence can write a program which becomes used by half the worldwide computer-using population. This creates so many problems between countries that I really feel they have to be addressed with a treaty. I think that the end goal is an international treaty concerning Open Source. Just to take one tiny portion of that issue: today somebody asked us for an "official Spanish version de license MIT". We can't do that. I mean, we could translate it (or more properly find a volunteer to translate it and publish it on opensource.org), but the problem is that almost certainly the author of the MIT-licensed software didn't give us permission to license his software under the Spanish-language MIT license. In many ways, the OSI appears to have fallen from view. Until this news hit, the most recent item listed on the front page was dated October, 2001. The OSI gets called upon to put its stamp on a license occasionally; what else does the OSI do now? Is it relevant to the free software development process, and how?
When were we ever relevant to the free software development process?
We've always been an education/advocacy group. If you're already
convinced that open source is a good thing, what more would we say to
you? Really, the only time somebody inside the open source community
needs to be concerned with us is when they talk to someone outside the
community. If that person needs to be whupped around a little, send
'em to us and we'll give 'em what for.
We continue to do what we've always done: talk to people about open source. Calm their fears, and renew their hopes. The press release states that OSI will set out on "the establishment of principles of Open Source development and best practices" and "the creation of a registry of software projects that adhere to those principles." What need is driving the creation of these principles and the associated registry?
I believe that there is such a thing as an "Open Source effect". That
effect requires more than just a license that complies with the Open
Source Definition (OSD). We need to be more clear about that, because
we sometimes have people who come along and want to create a license
which complies with the letter of the OSD but not the spirit. The
trouble is that the benefits come with the spirit. We need to do a
better job of codifying the spirit.
When you talk about "inclusion of international perspectives and initiatives related to Open Source," what do you mean?
Working towards the end goal (as above) and adding board members from
outside the US. We're starting to get some non-US, non-Europe (if you
look at the map of locations of Debian developers, there are a LOT of
them in Europe) countries that are signing on to open source in a BIG
way. Take Brazil for example. We need better representation in those
countries.
Why does the OSI need *two* legal counselors? What do they do?
Why does a computer need *two* power supplies? We felt that the job
had grown to the point that one sole-proprietor lawyer (Larry Rosen)
couldn't do the job anymore, and Larry's open source practice had
expanded. It's possible that one law-firm lawyer could have brought
in enough resources, but we wanted to share the work. In essence,
Mark is inward-facing and Laura is outward-facing. She has been on
the license-discuss mailing list for years now. She has also started
to help with legally-oriented correspondence. Mark will help us with,
among other things, registering the OSI-Certified mark, and with
overhauling our bylaws.
How will the new OSI board members be selected? In general, how is the OSI kept accountable to the community it hopes to represent?
We are still a small, self-selecting board. We expect to change that
in some way, but the details are still in the air. Having a larger
board will take us in that direction no matter what.
How do you expect OSI to work with other free software-oriented groups, such as OSDL and the FSF? Will there be more cooperation in the future?
CAGE MATCH!! BLOOD, GORE, AND DEATH! Er, um, sorry. We had a dinner
last summer with OSDL to talk about license proliferation issues. We
are on cordial relations with the FSF, AND EXPECT TO TAKE THEM OVER
SHORTLY! Sorry, I must apologize for all these capital letters. I
don't know where they're coming from. I'll be in Boston in a couple
of weeks for Linux World. I expect that I'll run into Bradley Kuhn
and HE'LL DIE we'll talk about further ways in which the OSI and FSF
could cooperate. I know of no reason why any animosities between us
cannot be overcome AND CRUSHED LIKE A BUG.
Is there anything else which you would like to communicate to LWN readers?
Is this the point at which I add various mealy-mouthed corporate
statements?
I think it's great to be President of the OSI at this point in time. We've had a strong president in Eric Raymond who took us from nothing to a highly respected member of the open source community. As corporations and governments come to be part of the community, we have to double and redouble our educational and advocacy efforts. We need to make sure that corporations know how to work with individual developers, and that governments know how to set the rules so everybody can work together. And we have to squash software patents, but that's a different interview.
GNOME and KDE prioritiesWith the KDE 3.4 and GNOME 2.10 releases on the horizon, we decided to take a look at both projects to see where both desktop teams were focusing their efforts. To get a feel for the priorities of each team, this reporter "test drove" the KDE 3.4 beta 1 using the SUSE 9.2 packages and GNOME 2.9.4 with Ubuntu's Live CD. We also spoke to KDE core developer Zack Rusin about the 3.4 release and GNOME release team member Luis Villa about GNOME's 2.10 release.
Both KDE 3.4 and GNOME 2.10 are incremental releases. That is to say,
neither desktop is undergoing dramatic changes in the upcoming release and
casual users may not notice many changes. Instead, there are a number of
Both projects are concentrating on backward compatibility. KDE's Rusin said that the 3.x series is basically in "maintenance" mode, with the KDE team trying to add features that users want, without major changes that would compromise compatibility with older releases. He noted that one of the goals for the 3.4 release is to maintain binary compatibility with the earlier 3.x releases. GNOME's Villa said that the GTK core toolkit has a strict ABI/API compatibility policy. "If you build against GTK 2.0, you should be able to run against GTK 2.6 with no problems." He also said that other core GNOME libraries provide the same guarantee, "that's why we have Firefox and Eclipse building against us."
According to Villa, the 2.10 release will see more bugfixes than
usual. He said that, depending on how you track bugs, the 2.10 release
Another focus for the GNOME team in 2.10 is implementation of freedesktop.org standards agreed upon by the GNOME and KDE teams. Villa noted that the GNOME team had revamped the menu structure to comply with the freedesktop.org menu specification. The GNOME release adds a new "Places" menu to the panel that allows the user to quickly navigate between their home folder, the desktop, CD-ROM and network locations. Villa said that the GNOME team has also addressed some of the complaints about the file chooser from the last version of GNOME, and that the typeahead feature has returned. Both desktops are increasingly friendly for users with disabilities. Villa said that the 2.10 release did not focus on improvements to accessibility because GNOME is "already far and away the leaders in accessiblity." The KDE team, on the other hand, has made accessibility a major priority in 3.4. One major new feature that users will find in 3.4 is the text to speech system in 3.4, which would be available in many applications. Rusin said there is also a new "mono" theme for 3.4 that would be better for users who had difficulty with the high-color styles used in KDE. Rusin noted that working on accessibility was difficult because it is "such a hugely complicated area," and that the KDE team will continue to add functionality in future releases. Multimedia has also gotten a boost in GNOME 2.10. According to Villa, the Gstreamer integration is greatly improved in GNOME 2.10. This is the first release where Totem has been integrated into the GNOME release process, and Villa also said it was the first release where the Totem team had worked more closely with the Gstreamer team. Totem had previously worked with Xine, but Villa said that Xine had "legal encumbrances" that made it more difficult for vendors to distribute. There is also a new and improved mixer applet in GNOME 2.10 that hides some of the complexity from the user, at least at first. Villa said users would still be able to get to all of the functionality of their sound card with the mixer, but wouldn't be presented with it at first glance. Both KDE and GNOME teams have been beefing up their groupware offerings. Rusin told LWN that KDE PIM had been "hugely improved" for 3.4. Kontact has expanded its support of GroupWare servers with support for Novell GroupWise and OpenGroupware.org, and partial support for Microsoft Exchange Server 2000. Kontact also supports OpenExchange Server, eGroupWare and Kolab. Evolution's latest release includes eplugin, a plugin architecture to allow developers to extend Evolution with new features. Some of the plugins available now include an inline audio player for Evolution, an Exchange account setup plugin and an "automatic contacts" plugin that creates address book entries when a user replies to e-mails. Evolution already includes the Exchange plugin, and Villa said that Evolution was also getting a lot of work to be compatible with Novell GroupWise. KDE 3.4 marks the first inclusion of aKregator, a feed aggregator for KDE. This writer found aKregator very easy to use, and its integration with Konqueror and Kontact makes it a great choice for KDE users. The KDE team has also beefed up KPDF to include support for the text-to-speech features. From talking to developers on both teams, it's clear that both desktops are trying to move towards better "enterprise" capability, and making it easier for others to develop applications for the respective desktops. From using both, it's clear to this writer that GNOME and KDE view users differently. GNOME continues to move towards a simple end-user interface, while KDE is more about adding features that users want -- even if it increases complexity. Users who want to try out GNOME 2.10, without the hassle of compiling GNOME or installing it, should look to the Ubuntu Live CD for the upcoming Hoary Hedgehog release. Rusin said he wasn't aware of any Live CDs with KDE 3.4 beta just yet, but something might pop up on the Knoppix lists.
Grokster, the Little Engine that Could, Chugs Up One Last Hill
There is a lot more at stake than just the fate of a couple of peer-to-peer file sharing services. What's at stake, to quote from one of the many amici briefs filed in this high-profile case (this one by the Computer & Communications Industry Association and NetCoalition) is nothing less than this: it's a push to overturn the court's ruling in Sony Corp. of America v. Universal City Studios, 464 U.S. 417 (1984) (the "Betamax case") and replace it "with new standards that would as a practical matter give the entertainment industry a veto power over the development of innovative products and services." [Editor's note: due to the length of this article, we have not put the whole thing inline in the Weekly Edition. The full text of PJ's Grokster article may be found on its own page.]
European software patent updateOn 24 September 2003, after 19 months of consideration, the European Parliament voted on the software patent directive, and made substantial amendments to exclude patents on pure software and business methods. However, regular rows between the European Council and Parliament; the Council ignoring many of the Parliaments amendments; and the Committee for Legal Affairs of the European Parliament's (JURI) subterfuge tactics to try and push it through, mean that pure software patents in Europe are still a scary possibilityRestart the process? Under the co-decision rules for European lawmaking, the European Parliament, Commission and the Council all have to agree to the text of the directive before it can come into force. However at this stage in the legislative process (it is now at its second reading), if the European Council continues to ignore the Parliament's amendments, it will be extremely difficult for the European Parliament to keep them. An absolute majority (two thirds of all MEPs, or at least 367 votes) is required in a second reading for each Council amendment the Parliament wishes to reject. Every MEP absent in the plenary chamber that day and every abstention vote would count in favor of the Council proposal. In 2004, the University of Duisburg-Essen released a study which showed that on average only 56.2% of Italian MEPs took part in the 4,437 roll call votes held in European Parliament between 1999 and 2003. The most diligent MEPs are from Luxembourg with a presence of 85.2%. We would, in other words, have to encourage an abnormally high turnout of MEPs for an issue that struggles to capture their imaginations. This is even more worrying when you consider that a majority of the MEPs currently in parliament were elected in 2004 and did not even participate in the first reading of the directive. Ten new countries, with no previous say in the directive, also joined the EU in 2004. If the council position is officially announced, the Parliament will be forced to vote on the second reading within three to four months. This would give a relatively new Parliament little opportunity for discussion and consultation, and could lead to software patent loopholes if critical amendments were left out. On the 2nd of February, JURI is set to decide whether or not to restart the procedure. This decision has only been possible because of a motion, signed by 61 members of the European Parliament, calling for a new first reading of the software patent directive. Poland has also helped significantly by repeatedly postponing the adoption of the Council's software patent agreement, but can only do this for so long before other states pressure them on issues more important to the Polish economy. A complete restart is one of the best (and only) feasible solutions left. As there are no absolute majority requirements in first readings, it would be easier for European Parliament to pass amendments. The Council would have to have a new first reading, canceling their current pro-software patent position and putting pressure on them to avoid adopting a similar stance so contrary to the will of Parliament. A restart would also enable new member states to have their say from the beginning, making it a more democratic directive. What can you do? The only reason we don't have software patents in Europe is because of the efforts of activists protesting and lobbying against them. In Europe, according to the European Patent Office, already 7% of applicants hold more than 50% of patents. If we don't want to go down a path whereby a start-up or open source company with no patents will be forced to pay whatever price larger corporations choose to impose, we must get out there and fight to stop it happening. Here are a few ideas to get you started:
(Edward Griffith-Jones contributed to the writing of this article).
Security Address space randomization in 2.6Arjan van de Ven has posted a series of patches which add some address space randomization to the 2.6 kernel. With these patches applied, each process's stack will begin at a random location, and the beginning of the memory area used for mmap() (which is where shared libraries go, among other things) will be randomized as well. These patches represent an improvement in the kernel's security infrastructure, but the reception on the public lists has been surprisingly hostile.Many buffer overflow exploits, especially those used in large-scale attacks, contain hardcoded addresses. An exploit which overflows a stack variable will place some executable code on the stack; it then overwrites the return pointer so that the broken function "returns" into the exploit code. If you look at a given distribution's shipped version of a vulnerable program, an exploit will always be able to place its payload at the same address on the stack, so it can contain that address directly. If, instead, the exploit author does not know ahead of time where the payload will end up, actually getting the computer to execute that code will be much harder. That is why the stack randomization patch helps. When the stack location is deterministic, a relatively simple exploit can be made to work on all systems running the vulnerable distribution. If the stack moves, instead, hardcoded addresses no longer work. Moving the mmap() area has similar benefits. One popular type of exploit prepares the stack and then "returns" into a shared library somewhere. That return can, for example, cause the application to behave as if it had intentionally called system() or a similar library function. Moving the libraries around makes these attacks harder. One of the biggest complaints that has been raised is that the amount of randomization is insufficient. The patches, as posted, vary the stack base within a 64KB area and the mmap() base within a 1MB range. Alignment requirements prevent just any address from being used with the result that only a relatively small number of possible base addresses exists. So a determined attacker could repeatedly run a hardcoded exploit with some assurance that, within a reasonable amount of time, the stack would land at the right place and the exploit would work. Placing a long series of no-op instructions at the beginning of the payload can also make an exploit more robust when faced with randomization. Arjan responds that the amount of randomization is not the issue at the moment. He is trying to get the infrastructure into the kernel and tested in a minimally disruptive way; the degree of randomization can be tweaked upward later on. That amount may never get as high as some people would like, at least on 32-bit systems, because it cuts back on the available virtual address space. But it is likely to go up once the developers are convinced that things are working. In any case, a larger randomness makes the problem harder, but does not change its fundamental nature. With the ability to keep trying, an attacker will eventually get around any degree of randomization possible on 32-bit systems (64-bit systems are a different story). Thus, says Ingo Molnar:
conclusion: stack randomisation (and other VM randomisations) are
not a tool against local attacks (which are much easier and faster
to brute-force) or against targeted remote attacks, but mainly a
tool to degrade the economy of automated remote attacks.
Randomization is not a magic bullet which solves a wide range of security problems. It does make an attack harder, however, and that can only be a good thing.
New vulnerabilities bind: validator function denial of service
ClamAV: multiple issues
cpio - file permissions error
f2c: insecure temp files
FireHOL: insecure temporary file creation
Gallery: cross-site scripting vulnerability
ncpfs: multiple vulnerabilities
ngIRCd: buffer overflow
openswan: stack based buffer overflow
perl: setuid vulnerabilities
postgresql: privilege escalation via LOAD
SquirrelMail: multiple vulnerabilities
uw-imap: authentication bypass
Updated vulnerabilities a2ps: input validation error
AWStats: remote code execution
cdrecord: failure to drop privilege
chbg: buffer overflow
cups: multiple vulnerabilities
cyrus-sasl: remote buffer overflow
dhcp: format string vulnerability
enscript: arbitrary code execution
ethereal: multiple vulnerabilites
evolution: arbitrary code execution
exim: buffer overflows
Foomatic: Arbitrary command execution in foomatic-rip
FreeRADIUS: denial of service
gaim: buffer overflow in MSN protocol
gtk2, gdk-pixbuf: buffer overflows
gettext: Insecure temporary file handling
ghostscript: symlink vulnerabilities
glibc: Information leak with LD_DEBUG
glibc: tempfile vulnerability in catchsegv script
gnome-vfs: backend script vulnerabilities
groff: insecure temporary directory
gtkhtml: malformed messages cause crash
imagemagick: .psd image file decode vulnerability
imlib2: buffer overflows
iptables: missing initialization
kdebase: screen saver crash
kdelibs: unsanitzied input
kerberos5: execution of arbitrary code by authenticated user
kernel: i386 SMP page fault handler privilege escalation
Konversation: multiple vulnerabilities
libdbi-perl: insecure temporary file
libgd2: buffer overflows in PNG handling
libpam-radius-auth
libpng: multiple vulnerabilities
libtiff: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libxpm4: stack and integer overflows
lvm10: creates insecure temporary directory
mailman: cross-site scripting
mikmod: buffer overflow
mpg123: frame header buffer overflow
mpg321: format string vulnerability
mysql: several vulnerabilities
mysql-dfsg: insecure temporary files
nasm: Buffer overflow vulnerability
netkit-telnet: invalid free pointer
nfs-utils: denial of service
nfs-utils: arbitrary code execution
openssl: der_chop script temp file vulnerability
OpenSSL: denial of service vulnerabilities
php: remotely exploitable memory errors
php: multiple vulnerabilities
ProZilla: Multiple vulnerabilities
qt3: BMP image parser heap overflow
realplayer: integer overflow
rp-pppoe, pppoe: missing privilege dropping
ruby: infinite loop
samba: integer overflow vulnerability
sharutils: arbitrary code execution
sox: buffer overflow
SpamAssassin: Denial of Service vulnerability
Squid: multiple vulnerabilities
Subversion: Remote heap overflow
sudo: environment variable sanitizing
sword: missing input sanitizing
File overwrite vulnerability in tar and unzip
tiff: buffer overflows
TikiWiki: arbitrary command execution
unarj: buffer overflow vulnerability
vdr: insecure file access
vim: modeline problems
vim: symbolic link attack
wv: buffer overflow
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
xpdf: buffer overflow
xpdf: integer overflows
xtrlock: buffer overflow
zhcon: privilege escalation
zip: arbitrary code execution
zlib: denial of service
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch remains 2.6.11-rc2.Linus's BitKeeper repository, which looks like it is heading for a 2.6.11-rc3 release before too long, contains an XFS update, a set of out-of-memory killer fixes, a generic transport class mechanism (which replaces the SCSI transport code), some architecture updates, the removal of bcopy(), a fix for writable module parameters in sysfs (it never actually worked before), and various fixes. The current -mm release is 2.6.11-rc2-mm2. Recent changes to -mm include the unexporting of register_cpu() and unregister_cpu(), an InfiniBand update, a tool for tracking page-level memory leaks (see below), the addition of the unprivileged realtime scheduling rlimit code (covered here last week; this code replaces the SCHED_ISO patch), and a fair number of fixes. The current 2.4 kernel remains 2.4.29; the 2.4.30 process has not yet begun.
Kernel development news Quotes of the week
We argued that the owner of a Digital Audio Workstation should be
free to lock up his CPU any time he wants. But, no one would
listen. We were told that we didn't really know what we needed,
and were asking the wrong question. That was very discouraging.
It looked like LKML was going to ignore our needs for yet another
year.
-- Jack O'Quin, finding the process long
and frustrating.
The Linux acceptance process is not about "whose patch sucks
least", but whether it hits a subsystem-specific bar of
architectural requirements or not.... We'll rather live on with
one less feature for another year than with a crappy feature that
is twice as hard to get rid of!
-- Ingo Molnar explains that process.
Whoever's responsible, prepare to be flamed to a crisp the likes of
which has never been witnessed before by observers of solar probes, nor
conceived of by the most visionary and imaginative of eschatologists.
-- William Lee Irwin. I'd stand back if I
were you.
NETIF_F_LLTX and race conditionsNetwork drivers must provide a function (hard_start_xmit()) for the networking layer to call whenever it decides the time has come to send out a packet. Normally, calls to hard_start_xmit() are serialized with a spinlock (xmit_lock) in the net_device structure. In this way, the networking subsystem guarantees that it will not attempt to send multiple packets simultaneously on the same interface.This method works, but it is not quite ideal, especially for high-performance network adaptors. Most drivers already implement their own internal locking, rendering xmit_lock redundant. The xmit_lock can also cause a certain amount of cache line bouncing on SMP systems with a lot of networking traffic. To work around these problems, the NETIF_F_LLTX "feature" flag was added in 2.6.9. If a driver sets NETIF_F_LLTX on its interface, it is declaring that it performs its own locking, and its hard_start_xmit() function will be called without the xmit_lock held. All seemed well for a while, but, back in December, Roland Dreier noticed a problem. When a network driver notices that an interface's transmit buffers are too full to accept any more packets, it calls netif_stop_queue() to inform the networking layer. Its hard_start_xmit() method should then not be called until the driver (with a call to netif_wake_queue()) indicates that new packets can, once again be accepted. Network drivers thus can count on not being asked to transmit packets when they have stopped the queue. Unless, as it turns out, they have set NETIF_F_LLTX. The lack of transmit locking in the networking layer itself leads to a situation where hard_start_xmit() can be called simultaneously on multiple processors; hard_start_xmit() is supposed to handle that situation with its own locking. But, if one hard_start_xmit() call fills the transmit buffer and stops the queue, the second call will proceed in a state it had not expected: it has a packet to transmit but no place to put it. In most cases, this race leads to a strange error message in the system logs. In a poorly-written driver, worse things could happen. Roland's initial problem report included a patch which silenced the log message. The networking hackers did not like that solution, however; they feared that it could hide serious (unrelated) bugs. So they set out to come up with a better solution. The result was a lengthy patch which made some significant changes to how network driver locking works. Uses of xmit_lock were changed to disable interrupts, so that lock could be used in interrupt handlers as well. Drivers could then use xmit_lock (rather than their own lock) for internal locking. The NETIF_F_LLTX flag was redefined to indicate that the transmit routine was completely lockless, a condition which only applies to certain types of software device. The end result was most of the advantages of NETIF_F_LLTX but with the race condition solved. A version of this patch was merged as part of 2.6.11-rc2. Unfortunately, there were some difficulties. The locking changes led to deadlocks in certain situations where the driver would try to grab a lock already held by the networking code which called it. Network drivers had to be careful not to do anything (such as spin_unlock_irq()) which would enable interrupts while xmit_lock was held. dev_kfree_skb() could no longer be called in any place where xmit_lock was held, since its use is not legal when interrupts are disabled. Overall, there were enough problems with this approach that the patch was backed out after the -rc2 release, and the developers started over. The current approach, as proposed by David Miller, is to leave things as they are and silence the log message. The patch has been tweaked a bit since first proposed by Roland in December; it now tries to distinguish the NETIF_F_LLTX race from other (more serious) calls to hard_start_xmit() with the transmit buffer full. This is done by checking to see if the queue has been stopped; if so, it is a harmless race and transmission of the packet is silently deferred. If the queue is still running, however, then something has gone wrong somewhere. This change must be made in all drivers which use NETIF_F_LLTX - a relatively small set. It's a small change, but it is a change in the rules for network drivers and worth being aware of.
Yet another approach to memory fragmentationA number of developers have taken a stab at the problem of memory fragmentation and the allocation of large, contiguous blocks of memory in the kernel. Approaches covered on this page recently include Marcelo Tosatti's active defragmentation patch and Nick Piggin's kswapd improvements. Now Mel Gorman has jumped into the fray with a different take on the problem.At a very high level, the kernel organizes free pages as shown in the diagram below. ![[cheesy memory diagram]](/images/ns/kernel/mmzone1.png)
The system's physical memory is split into zones; on an x86 systems, the zones include the small space reachable by ISA devices (ZONE_DMA), the regular memory zone (ZONE_NORMAL), and memory not directly accessible by the kernel (ZONE_HIGHMEM). NUMA systems divide things further by creating zones for each node. Within each node, memory is split into chunks and sorted depending on its "order" - the base-2 logarithm of the size of each block. For each order, there is a linked list of available blocks of that size. So, at the bottom of the array, the order-0 list contains individual pages; the order-1 list has pairs of pages, etc., up to the maximum order handled by the system. When a request for an allocation of a given order arrives, a block is taken off the appropriate list. If no blocks of that size are available, a larger block is split. When blocks are freed, the buddy allocator tries to coalesce them with neighboring blocks to recreate higher-order chunks. In real-life Linux systems, over time, the larger blocks tend to get split up, to the point that larger allocations can become difficult. A look at /proc/buddyinfo on a running system will tend to show quite a few zero-order pages available (one hopes), but relatively few larger blocks. For this reason, high-order allocations have a high probability of failure on a system which has been up for a while. Mel's approach is to split memory allocations into three types, as indicated by a new set of GFP_ flags which can be provided when memory is requested. Memory allocations marked by __GFP_USERRCLM are understood to be for user space, and to be easily reclaimable. In general, all that's required to reclaim a user-space page is to write it to backing store (if it has been modified). The __GFP_KERNRCLM flag marks reclaimable kernel memory, such as that obtained from slabs and used in caches which can, when needed, be dropped. Finally, allocations not otherwise marked are considered to not be reclaimable in any easy way. Then, the buddy allocator's data structures are expanded to look something like this:
![[The Gorman approach to buddy allocators]](/images/ns/kernel/mmzone-mg.png)
When the allocator is initialized, and all that nice, virgin memory is still unfragmented, the free_area_global field points to a long list of maximally-sized blocks of memory. The three free_area arrays - one for each type of allocation - are initially empty. Each allocation request, when it arrives, will be satisfied from the associated free_area array if possible; otherwise, one of the MAX_ORDER blocks from free_area_global will be split up. The portion of that block which is not allocated will be placed in the array associated with the current memory allocation type. When memory is freed and blocks are coalesced, they remain within the type-specific array until they reach the largest size, at which point they go back onto the global array. One immediate benefit from this organization is that the pages which are hardest to get back - those in the "kernel non-reclaimable" category - are grouped together into their own blocks. A single pinned page can prevent the coalescing of a large block, so segregating the difficult kernel pages makes the management of the rest of memory easier. Beyond that, this organization makes it possible to perform active page freeing. If a high-order request cannot be satisfied, simply start with a smaller block and free up the neighboring pages. Active freeing is not yet implemented in Mel's current patch, however. Even without the active component, this patch helps the kernel to satisfy large allocations. Mel gives results from a memory-thrashing test he ran; with a vanilla kernel, only three out of 160 attempted order-10 allocations were successful. With a patched kernel, instead, 81 attempts succeeded. So the new allocation technique and data structures do help the situation. What happens next remains to be seen, however; there seems to be a big hurdle to overcome when trying to get high-order allocation patches merged.
Useful gadget: /proc/page_ownerIf you look far enough into the 2.6.11-rc2-mm2 announcement, you'll find a mention of a "page owner tracking leak detector" patch. The addition of this patch was almost certainly motivated by the series of memory leak problems which have afflicted the 2.6.11 prepatches. It is a heavy-handed tool, but, for some situations, it might make the problem of finding memory leaks far easier.Essentially, this patch causes the kernel to keep track of the call chain that leads to the allocation of every page. This information is made available via /proc/page_owner; it looks something like this:
Page allocated via order 0 [0xc0146f01] kmem_getpages+49 [0xc014846d] cache_grow+173 [0xc0148aac] cache_alloc_refill+460 [0xc0118a8f] copy_files+431 [0xc0148ff5] kmem_cache_alloc+149 [0xc011986b] copy_process+3051 [0xc01199d1] fork_idle+65 [0xc041824a] do_boot_cpu+42 Your editor's 256MB sacrificial kernel box has, after a short period of run time, over 13,000 such entries. So plowing through the raw data is probably not what most people want to do. To help out, a small program (page_owner.c) has been put into the Documentation directory (though one might argue that it should be in scripts instead). This program boils down the contents of /proc/page_owner to something which looks like this:
856 times: Page allocated via order 0 [0xc0146572] __do_page_cache_readahead+290 [0xc0146a70] max_sane_readahead+48 [0xc0140166] filemap_nopage+790 [0xc013fe50] filemap_nopage+0 [0xc0150861] do_no_page+193 [0xc0150cc6] handle_mm_fault+246 [0xc01126cc] do_page_fault+492 [0xc0151b3c] remove_vm_struct+140 839 times: Page allocated via order 0 [0xc0146572] __do_page_cache_readahead+290 [0xc0146a70] max_sane_readahead+48 [0xc0140166] filemap_nopage+790 [0xc013fe50] filemap_nopage+0 [0xc0150861] do_no_page+193 [0xc0150cc6] handle_mm_fault+246 [0xc01126cc] do_page_fault+492 [0xc013c207] ltt_log_event+71 With this output, finding the source of a major memory leak should be relatively straightforward. It's worth noting that this program fails if told to read directly from /proc/page_owner (it does a stat() to determine the size of its input), so you must copy the data to a regular file first. This patch is also a major memory consumer in its own right, since it must store the call chain information for every allocated page. It's thus not something most people would put onto a production system - or even on most development systems. But it can be a useful thing to have around when a page-level memory leak bites.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Arch Linux for Power UsersSince its humble beginnings in early 2002 Arch Linux has been growing in popularity, occasionally even winning over users of more popular power distributions, such as Slackware or Gentoo. What are the reasons behind its success? We installed the recently released Arch Linux 0.7 on a Pentium 4 test machine to find out.The first point where Arch Linux is ahead of both Slackware and Gentoo is the system installer. Although similar to Slackware's own installer in that it is a curses-based, menu-driven installation program with several sub-screens for fine tuning of various installation options, we were pleasantly surprised by the number of choices the installer provided. As an example, it let us choose a preferred kernel (2.4 or 2.6), X window system (XFree86 or X.Org), boot loader (GRUB or LILO), text editor (nano or vim), and it even went as far as to provide an option to compile a custom kernel prior to completing the installation. For configuring the basic system, we were dropped right into well commented configuration files in /etc/ to make any changes (e.g. to enable networking with DHCP). The availability of choice was what made an excellent first impression; contrast that to the Slackware installer where the only available bootloader is LILO, or to Gentoo, which forces you to edit text files in nano (at least until you get to the point where you can install alternative text editors). The recommended way of installing Arch Linux is to select a base system only for initial installation, configure it, then reboot. Additional packages can be installed later - either from the installation CD (note, however, that in terms of desktop environments, the Arch Linux installation CD only provides IceWM, WindowMaker and XFce, but no GNOME or KDE), or over the network. The tool to install packages on Arch Linux is called "pacman", written in C++. After spending some time perusing the fairly comprehensive Arch Linux Installation Guide, we concluded that pacman, in its basic form, resembles Debian's apt-get in more than one way. With a simple 'pacman -Sy' (equivalent to 'apt-get update') we retrieved the current list of available packages from the master repository, then proceeded with installation of X.Org, followed by KDE and GNOME. If the '-S' switch (short for '--sync') is specified, pacman is capable of resolving any dependencies required by the given package(s). Therefore a simple command like 'pacman -S xorg kde gnome' was all that was needed to turn a very basic Arch Linux system into a powerful workstation with both KDE and GNOME. Next, we went on to create an xorg.conf file with 'X -configure', then updated the ~/.xinitrc file to start KDE instead of the default WindowMaker, before we found ourselves in a pristine KDE desktop. Unlike Slackware or Gentoo, Arch Linux does include some branding on the KDE splash screen and on the default wallpaper, but the KDE theme, menu items and desktop icons are left in their default states. We noticed the absence of Firefox, so we fired up a terminal and went back to pacman (there is no graphical edition of the package installation tool). Here we used pacman's search capabilities to locate available files with commands like 'pacman -Ss firefox', then installed the packages that we wanted. Besides the usual open source software applications, we also noticed the availability of some non-free packages, such as MS TrueType fonts, NVIDIA driver, Opera and Acrobat Reader. Altogether, there are over 1,800 binary packages available in the current and extra directories on Arch Linux mirrors. Those of you who read the Ubuntu Hoary story last week will recall our disappointment on not being able to install the beta version of OpenOffice.org 2.0. Luckily, we found this package (version 1.9.74) in the Arch's unstable directory, so we invoked pacman one more time to take a look at this preview of the much anticipated release. It installed and downloaded as expected and we were soon greeted with the OpenOffice.org 2.0 splash screen. At first glance, there are no visible changes in the user interface, but this list of new features leaves little doubt about the extent of the improvements in the open source office suite. We found the package very stable, although not much speedier than the 1.1 series. The developers of Arch Linux tend to provide other experimental packages for interested users - besides OpenOffice.org 2.0, Arch binary packages of the first beta of KDE 3.4 are now also available in a third-party repository. Comparing this distribution to Gentoo, there is another aspect of Arch Linux that will appeal to power users - the Arch Build System (ABS). ABS was designed to fulfill a role of building Arch binary packages from source code with relative ease - either for packages that do not exist in the official Arch repositories, or to rebuild packages with custom options. This is done by modifying a pre-built template in /var/abs/PKGBUILD.proto, then executing the 'makepkg' command to build an Arch Linux binary package. The resulting file can be installed with pacman. Unlike Gentoo, however, there is no easy way to rebuild the entire system or to optimize it for the processor at hand, and currently there are no plans to support architectures other than the i686. Arch Linux is a clean, powerful distribution. Apart from the two package management utilities of pacman and pkgbuild, the developers have resisted any temptation to implement package customizations or add new utilities. As such, the system requires a fair amount of post-install tweaking to bring it to a usable level. Security updates are handled in a style of FreeBSD's ports of constantly updating packages to their latest versions. This may occasionally break the system, but problems are usually fixed in a reasonably short time. One area where Arch Linux trails behind Gentoo is documentation; except for the two man pages for pacman and pkgbuild, the installation manual and a sparse wiki, there is little else to guide novice users to configure their Arch Linux system. On the other hand, the distribution has active user forums and mailing lists, as well as several international community sites in German, Italian and Polish. Next time you find yourself at home during a rainy weekend, give Arch Linux a try - it is one of the more interesting and powerful dark horses among Linux distributions.
Distribution News Ubuntu LinuxUbuntu has announced the creation of Local Community Teams (LoCo Teams), to promote the use, adoption, and localization of Ubuntu.The Ubuntu development team has reached its first milestone in the production of the Live CD version of the upcoming release of Ubuntu codenamed "Hoary Hedgehog." This edition features a completely redesigned system for creating Live CDs. "While some people have tried rough previews, this is the first proper milestone for the live CD version. Anyone, especially folks who are using our previous release (4.10 "Warty Warthog"), are encouraged to try this out." Ubuntu has issued a call for help for a new kernel team. "The Linux kernel in Ubuntu has, up until this point, been primarily maintained by a series of different individuals. As Ubuntu takes on more architectures and more users, its *needs* a solid team to help maintain this essential piece of infrastructure. Ubuntu will not be able to do this without the community's support."
Fedora Extras available for downloadThe Fedora Project has announced, with apologies for the delay, that the Fedora Extras repository is now available with over 500 packages. Click below for the details.
Debian GNU/LinuxThe debconf5 organization team has declared that registrations for the sixth annual Debian Conference are now open.Another Bug Squashing Party has been proposed for February 4 - 6, 2005.
LBA Reveals Plans For Next Linux ReleaseSOT Finnish Engineering Ltd has revealed plans for the next version of the Linux Business Alliance's flagship product, LBA-Linux R3. The upcoming release will include new features that focus on security and improved usability. Click below for more information.
LACommunity goes gentoo...Gentoo users looking for audio applications may be interested in Arnold Krille's gentoo-portage overlay. "Today I decided to make my little but constant gentoo-portage overlay available for the public. It contains only some apps not in already in portage. Currently available are aeolus-0.3.1 with aeolus-stops-0.1.1, fmit-0.9.[89], museseq-0.7.0, tuneroid-0.9.4 and (not an linux-audio-app) ktechlab-0.1.2." Click below for more information.
LNA: Linux Netwosix Virtual World CommunityThe first Linux Netwosix Virtual World Community is born! All Netwosix users are invited to join the community. "If you have a problem with Netwosix or you just want to talk about Linux, if you want to improve our work or if you just want to help us to grew up, join the first Linux Netwosix Virtual Community at : http://www.netwosix.org/community". Click below for additional details.
The Live CD ListLooking for a Live CD? The Live CD List provides a comprehensive, easy-to-search list of Linux-based Live CDs.
Quick instructions:
*click a name to be taken to the project homepage *click a header to sort *click a Primary Function to show only Live CDs with that Primary Function
Announcing The Slackware Handbook Project (MadPenguin)MadPenguin has announced the Slackware Handbook Project. "The Slackware Handbook is a project co-ordinated and hosted by Mad Penguin in an effort to keep Slackware documentation as up-to-date as possible. This is accomplished by creating a format in which the entire Slackware community can take part in the process by being capable of adding/editing content as they see fit. All of this content is also moderated by peer review system, keeping it as accurate as possible."
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for February 1, 2005 looks at DebConf registration, Debian installation in expert mode, Debian at FOSDEM, dealing with missing dependencies, library packaging guideline, the transition of MySQL related packages, how to upgrade Woody to Sarge, the new 2005 Debian archive key, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of January 31, 2005 is out. Topics in this edition include Trusted Gentoo, a request for EM64T developers, the release of a Gentoo/PPC GameCD, and more.
Ubuntu TrafficTwo new issues of Ubuntu Traffic, a newsletter summarizing the goings-on in the Ubuntu community, are out. The Ubuntu Traffic #18 covers the week after the conference in Mataró. Ubuntu Traffic #19 covers the last week of 2004.
DistroWatch Weekly, Issue 85Here's the DistroWatch Weekly for January 31, 2005. "Welcome to this year's 5th issue of DistroWatch Weekly! In this issue we will bring you a couple of resources that can help with building a custom live CD, introduce the Debian Volatile project, and present Xandros Desktop OS 3 as our featured distribution of the week. Happy reading!"
Package updates Fedora Core updatesFC3: selinux-policy-targeted-1.17.30-2.73 (allow dhcpd to read random devices), procps-3.2.3-5.1 (add support for /proc/slabinfo 2.1), system-config-kickstart-2.5.19-1.fc3 (bug fixes and improvements), elinks-0.9.2-2.1 (bug fixes prevents crashes), NetworkManager-0.3.3-1.cvs20050119.2.fc3 (bug fixes), gaim-1.1.2-0.FC3 (corrects update id), openssl096b-0.9.6b-21 (adds missing fix for CAN-2004-0081), curl-7.12.3-2 (upgrade to 7.12.3), system-config-printer-0.6.116.1-1 (bug fixes), ruby-1.8.2-1.FC3.1 (backported changes from devel), rhgb-0.16.2-1.FC3 (fixes various errors), file-4.12-1.FC3.1 (upgrade and bug fixes), net-tools-1.60-37.FC3.1 (bug fixes), gimp-2.2.3-0.fc3.2 (make desktop icon theme-able), system-config-services-0.8.18-0.fc3.1 (fix off-by-one bug), mc-4.6.1-0.12.FC3 (upgrade to mc-4.6.1-pre3 and many bug fixes), dump-0.4b39-1.FC3 (fixes for unintentional writes to target partition and other bug fixes), selinux-policy-targeted-1.17.30-2.75 (contains the SELinux example policy configuration), policycoreutils-1.18.1-2.6 (merge upstream changes), dbus-0.22-10.FC3.2 (fix for CAN-2005-0201).FC2: procps (add support for /proc/slabinfo 2.1), elinks-0.9.1-1.1 (bug fixes prevents crashes), zlib-1.2.1.2-0.fc2 (fixes 2 DoS issues), gaim-1.1.2-0.FC2 (corrects update id), openssl096b-0.9.6b-20 (adds missing fix for CAN-2004-0081), dump-0.4b39-1.FC2 (fixes related to possible data corruption, other bug fixes).
Mandrakelinux updatesMandrakelinux 10.1 updates: kde (bug fixes), kdebase (fix a problem with the previous update)Mandrakelinux 10.0, 10.1, Corporate Server 3.0 updates: nut (fixes a bug in the upsd initscript), mdkonline (fixes a permissions flaw), clamav (upgrade to clamav 0.81)
Slackware updatesSlackware has gotten many updates, upgrades and fixes in slackware-current this week. Click below for this week's slice of the changelog.
Distribution reviews A Week in the Life of an Arch Linux Newbie (OSNews)OS News has published a review of ArchLinux. "ArchLinux quotes itself as being "an i686-optimized linux distribution targeted at competent linux users." Part of its philosophy is that by not providing you with lots of configuration utilities, you are forced to "learn the ropes" and you will benefit from the additional knowledge acquired. A sensible approach you may think, and is fine for experienced and/or fearless techies. You know that this isn't going to be the distro to recommend to your mother! But, I wouldn't say ArchLinux is elitist as some readers may fear. Sure, you will be frowned upon (to put it mildly) if you ask questions in the forums that are blatantly answered in the main documentation. However, expecting users to actually edit the appropriate config files manually isn't a bad thing in my opinion."
Ubuntu Linux--Would You Like Some Community With That? (LinuxPlanet)LinuxPlanet reviews Ubuntu Linux. "This review discusses both Ubuntu 4.10 (AKA "Warty Warthog") and the upcoming 5.04 (AKA "Hoary Hedgehog") release, the latter of which is currently only available in live CD form as a preview but is slated for full release in April 2005 (hence the numbering convention--2005, fourth month). I'd suggest losing the cutesy names, but no one is asking me. Both of these are available and actively supported on the x86, AMD64, and G4 and G5 PowerPC platforms."
Page editor: Rebecca Sobol Development The Open Clip Art LibraryThe Open Clip Art Library is An Online Massive Open Source 2d Graphics Repository according to the project FAQ. The project was started in early 2004, it now boasts over 3,000 images. The goal of the project is simple and clear:
This project aims to create an archive of clip art that can be used for free for any use.
All graphics submitted to the project should be placed into the Public Domain according to the statement by the Creative Commons.
We have packaged up this month's release and our package size has gone up from a 20M package to 23M. We now have 3207 images that pass our Library tests and have the proper meta-data embedded. Its pretty amazing!
Images are stored as SVG (Scalable Vector Graphics) and PNG (Portable Network Graphics) files in a multi-level directory tree. To get an idea of the available images, the library's top level directories include: animals, buildings, computer, decorations, education food, geography, logos, office, people, plants, recreation, shapes, signs_and_symbols, special, transportation, unsorted See the online clip art browser for examples. New clip art images may be created with applications such as Inkscape and Sodipodi, typical office users can then import the images into OpenOffice.org, KWord, and AbiWord, or any other application that supports the SVG or PNG formats.
The project releases are being synchronized with timely events:
The complete version 0.10 library is available for download here (23 MB). Also, a set of Perl language tools (zip file) are available for working with the clip art archive. If you need a selection of images for creating web pages, holiday cards, or presentations, the Open Clip Art Library is the first place to look. If you have an artistic ability, the project could surely make use of your contributions.
System Applications Audio Projects Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include a cleanup of the Fedora Core repository, new kernels, and new versions of ALSA, and the CMT LADSPA Plugins.
Database Software PostgreSQL Weekly NewsThe January 28, 2005 edition of the PostgreSQL Weekly News is out with a collection of the latest PostgreSQL database articles.
Interoperability Samba 3.0.11rc1 Available for DownloadVersion 3.0.11rc1 of Samba has been announced. "This is a release candidate of the Samba 3.0.11 code base and is provided for testing only. While close to the final stable release, this snapshot is *not* intended for production servers. If all goes well, this this version will become the final 3.0.11 stable release (with possible minor changes)."
Libraries ObjectHandler 0.1.0 released (SourceForge)Version 0.1.0 of ObjectHandler, part of the QuantLib library for quantitative finance, has been announced. Here is the change explanation: "QuantLib (or any generic C++ library) integration into spreadsheets and other end user tools requires a standalone ObjectHandler component, a repository allowing objects to be stored, shared, updated, interrogated, and destroyed."
Networking Tools Release of iptables-1.3.0rc1Release 1.3.0rc1 of iptables, a packet filtering framework, is available. "1.3.0rc1 is the first release candidate of the iptables-1.3.x branch, featuring a libiptc rewrite for major performance improvements at rule loading time. Apart from that, a surprisingly big number of small bug fixes have accumulated since the 1.2.11 release in June 2004."
SSL-Explorer v0.1.7 released! (SourceForge)Version 0.1.7 of SSL-Explorer, an open-source SSL VPN solution, has been announced. "This release includes many new features, the most important of which being the automatic installation of Java applications from our online application store as well as client-side native application execution. Also HTML-based application content may now be launched in a similar manner to provide support for Java Applets and ActiveX controls through the VPN."
Desktop Applications Audio Applications Aqualung 0.9beta4 releasedVersion 0.9beta4 of Aqualung, a music player with gapless track changes, is available. "This new release adds many new features, including file metadata (FLAC/Vorbis/ID3) display & importing, volume calculation and playback RVA (relative volume adjustment) support."
ccAudio2 Version 0.2.1 (beta) releasedBeta version 0.2.1 of ccAudio2 has been announced. "'ccaudio2' is a simple, highly portable, stand-alone, C++-based framework for manipulation of audio data. It is meant to be a C++ framework that is as useful as "audiofile" or "sndfile" is for C programming, and to cover various generic and useful manipulations of audio data as well as audio file access. The package includes a stand-alone audio processing command line tool to demonstrate library functionality." See the Change Log for a description of changes in this version.
QjackCtl 0.2.14 released!Version 0.2.14 of QjackCtl, Qt application for controlling the JACK sound server daemon, has been released. "No big features, only a bunch of optimizations and cleanups."
jack_convolve 0.0.4 announcedVersion 0.0.4 of jack_convolve, a convolution engine for jackd, has been announced. Here are the change notes: "new version. the executable is called jack_convolve again. I added libsamplerate support and support for multiple response files."
CAD Twenty-second release of PythonCAD now availableRelease 22 of PythonCAD is available. "The twenty-second release contains primarily internal code enhancements in regards to the Python language. PythonCAD running under PyGTK releases after the 2.4.0 release will now utilize the gtk.ComboBox and the gtk.ColorButton widgets, while PythonCAD running under older releases will still utilize the same widgets as before. This change removes the DeprecatationWarning users with the newer PyGTK release would see. A problem where restoring a deleted TextBlock entity was fixed, and a variety of other fixes and improvements are also included in this release."
Desktop Environments GNOME Software AnnouncementsThe following new GNOME software has been announced in the last week:
KDE Software AnnouncementsThe following new KDE software has been announced in the last week:
KDE CVS-Digest (KDE.News)The January 28, 2005 edition of the KDE CVS-Digest is online. Here's the content summary: "Digikam adds an image border tool. Kopete oscar_rewrite merged into HEAD. Plus many bugfixes and improvements in Quanta and Kopete."
Electronics gEDA NewsThe latest releases from the gEDA project include new versions of PCB and gnucap.
Games Eris 1.3.3 ReleasedVersion 1.3.3 of Eris, a client-side session layer for the WorldForge game project, has been released. "This is the third unstable release of the current development work that will become Eris 1.4, and is being made to coincide with the release of Ember. Minor API changes have taken place since the previous release, related to how Eris::Connection reports time-outs (they are now handled by the existing Failure signal). Various crashes related to time-outs and the meta-server query code have been resolved."
GUI Packages Linux GUI Testing tool - release 0.1.0Initial release 0.1.0 of the Linux GUI Testing tool is out. "This is the first release of a testing framework for GNOME, Open Office, Firefox, and QT4 (though at this point only tested against GNOME.) Ideally it'll allow for regular automated testing of complete desktops, just like LTP allows the kernel to do. The main development so far has been done by a Novell group in bangalore, but they'd love to have more involvement from outside."
FLTK NewsThe latest news from the FLTK project (Fast, Light ToolKit) include the release of version 1.0 of the FLTK training videos, fldiff 0.3, and a home site update.
Interoperability Wine TrafficThe January 28, 2005 edition of Wine Traffic is available with all of the latest Wine project discussions.
Medical Applications Future of FreeB (LinuxMedNews)Fred Trotter posted an article on LinuxMedNews concerning the future of the FreeB medical billing system. "Yesterday I spent several hours talking to David Uhlman about a new approach to medical billing. As a result of this discussion I have decided to hand over the reigns of FreeB development to him and his new company, Uversa For a good few of you, that is really all you will care to know about this issue. FreeB development will continue, and its main goals, to be a separate biller useful to several projects will continue. Some of you will be curious as to why... so that rather lengthy technical monologue follows."
Music Applications liblo 0.16 announcedVersion 0.16 of liblo, the Lite OSC library, is available with bug fixes. "Liblo, the Lite OSC library, is an implementation of the Open Sound Control [1] protocol for POSIX systems. It is written in ANSI C and released under the GNU General Public Licence. It is designed to make developing OSC applictions as easy as possible."
MIDI to CSV Utilities 1.0Version 1.0 of the MIDI to CSV (comma separated values) Utilities have been announced. "Not a long time ago, somebody asked in Linux-audio-users mailing list for a commandline utility allowing MIDI to text conversion. I'm proud to introduce you a set of tools from John Walker, who wrote and released it into the public domain."
Office Suites ooo-build 1.3.8 AnnouncedBuild 1.3.8 of OpenOffice.org has been announced. This version adds several new features, GCC 3.4 support, and lots of bug fixes.
OpenOffice.org Newsletter - Volume 02 - Issue 7 - 01/2005The January, 2005 edition of the OpenOffice.org Newsletter is online with a number of new articles.
Hacking Open Office (O'Reilly)Peter Sefton works with OpenOffice.org internals on O'Reilly. "In this article, I'm going to explore some of the ways that OpenOffice.org's Writer application (I'm using version 1.1.2 on Linux and 1.1.3 on Windows XP) is open to customization and configuration. I'll walk through some of the techniques I used to set up the first templates I built with the application in my quest for an interoperable, XHTML-ready system of templates and styles which will work across Microsoft Word and Writer."
Video Applications gephex 0.4.2 releasedVersion 0.4.2 of gephex, a real-time video effects platform, is available. "0.4.2 is a bugfix and stabilization release of the 0.4 branch. It also introduces minor feature enhancements."
Web Browsers Updated Schedule for Mozilla Firefox 1.1 (MozillaZine)MozillaZine covers the latest release schedule for version 1.1 of the Firefox browser. "The final version of 1.1, previously scheduled for March, will now be released a little later than originally planned (an exact date isn't given). In addition, there will be a series of test builds issued before 1.1 final: a Developer Preview, a Preview Release and one or more release candidates. Mozilla Firefox 1.1 isn't expected to contain any major new features but will include updated versions of core components such as Gecko, which has received many improvements over the last few months."
Firefox Roadmap Update (MozillaZine)MozillaZine covers the latest Firefox 2.0 Roadmap. "The update calls for a Developer Preview (Alpha) in March, a Preview Release (Beta) in April and Firefox 1.1 final release in June 2005."
Pyphany: Epiphany Python Bindings (GnomeDesktop)GnomeDesktop looks at the Pyphany project. "Yesterday marks the first Pyphany release. Pyphany is a set of Python bindings for Epiphany and a Python extension loader for Epiphany. You can use Pyphany to write Python extensions for the Epiphany web browser."
Languages and Tools Caml Caml Weekly NewsThe Caml Weekly News for January 25 - February 1, 2005 is out with the latest Caml language articles.
HTML Nvu 0.80 Released (MozillaZine)Version 0.80 of the Nvu web authoring system has been announced. "Also known as Nvu 1.0 Beta pre-Release 3, this latest version has experimental XHTML support, line numbers in the HTML Source view, support for editing PHP code and HTML comments and fixes for many bugs."
Java Internals of Java Class Loading (O'ReillyNet)Binildas Christudas discusses Java class loading issues on O'Reilly. "When are two classes not the same? When they're loaded by different class loaders. This is just one of many curious side effects of Java's class-loading system. Binildas Christudas shows how different class loaders relate to one another and how (and why) to build your own custom class loader."
Advanced Synth (IBM developerWorks)Michael Abernethy looks at Synth on IBM developerWorks. "Take an in-depth look at the Synth look and feel, the newest addition to Swing introduced in Java 5.0. Synth lets developers rapidly create and deploy custom looks for an application by introducing the concept of a "skin" to Java UI programming. Software Engineer Michael Abernethy takes you through Synth concepts step-by-step to build an application with a Synth look from scratch. After reading this article, you should be able to create professional-looking UIs in no time."
An Introduction to Service-Oriented Architecture from a Java Developer PerspectiveDebu Panda works with SOA architecture applications under Java on O'Reilly. "The use of heterogeneous technologies and applications in corporations is a reality. At a time when resources are scarce, IT shops cannot just throw away their existing applications; rather, they must leverage their existing investments. service-oriented architecture (SOA) is popular because it lets you reuse applications and it promises interoperability between heterogeneous applications and technologies. In this article, I will introduce SOA from a Java developer perspective and examine the technologies available in the Java space to build service-oriented applications."
Lisp CL-PPCRE 1.2.1 releasedVersion 1.2.1 of CL-PPCRE, a Perl-compatible, fast, portable regular expression library written in Common Lisp, is out. "These versions provide a cleaned-up build procedure, performance improvements, better Allegro CL compatibility, and a few bug fixes."
SBCL 0.8.19 releasedVersion 0.8.19 of Steel Bank Common Lisp has been released. "This version features improvements to foreign library loading, debugging and profiling. SBCL has also been ported to native 64-bit mode on x86-64/Linux."
PHP Active Calendar 1.0.1 ReleasedStable version 1.0.1 of Active Calendar, a PHP class that generates calendars as HTML tables, has been announced. "It generates calendar for 1971-2037 and can produce static calendars without any links or calendars with navigation controls, a date picker control, and linked days. User confige the layout through CSS; JavaScript is not required."
IBT PHP Library Release 0.9.2 Stable (SourceForge)Stable release 0.9.2 of the IBT PHP Library, a shell of high-level PHP functionality that encases PHP content and logic, has been announced. "The 0.9.2 release of the IPL is our second release. It has been thoroughly tested and is stable. This release comes earlier than expected and has, so far, outperformed expectations. 0.9.2 holds many exciting new features such as an entire workflow engine, the ability to create action scripts, a workflow class for building cusom workflow engines, a new email class to ease the tasks involved in sending email, and some added header and data manipulation functions."
Programming eBay Web Services with PHP 5 and Services_Ebay (O'Reilly)Adam Trachtenberg uses PHP to work with eBay web services on O'Reilly. "By using eBay's web services APIs, members of the eBay Developers Program can hook into the eBay platform using XML to integrate eBay into their own applications."
Python Dr. Dobb's Python-URL!The January 28, 2005 edition of Dr. Dobb's Python-URL! is online with another week's collection of Python articles and resources.
Dr. Dobb's Python-URL!The February 1, 2005 edition of Dr. Dobb's Python-URL! is out with new Python language articles and resources.
Enhanced Interactive Python with IPython (O'ReillyNet)Jeremy Jones looks at IPython on O'Reilly. "An interactive programming environment can be a powerful tool to assist in writing programs. Python has one as part of its standard distribution. Yet IPython, "an enhanced Interactive Python shell," is a far superior replacement."
Ruby Ruby Weekly NewsThe January 24, 2005 edition of the Ruby Weekly News is available with the latest Ruby language articles.
Tcl/Tk Dr. Dobb's Tcl-URL!The December 27, 2005 edition of Dr. Dobb's Tcl-URL! is online with the week's Tcl/Tk articles.
Dr. Dobb's Tcl-URLThe February 1, 2005 edition of Dr. Dobb's Tcl-URL is online, take a look for the latest Tcl/Tk articles.
Scripting a Binary Tree Using Tcl (O'ReillyNet)Michael Norton puts Tcl to work on binary trees. "I tend to use Tcl extensively because I look at this scripting language as a big tub of Lego bricks. Who doesn't like to play with Legos? To me, Tcl is Legos for the computer programmer. It comes with lots of bricks that snap together, enabling you to build something incredible. But here's a thought that will surely make the pragmatic C programmer's head spin. I'm going to put the Tcl language to work with managing binary trees."
XML Formal Taxonomies for the U.S. Government (O'Reilly)Michael Daconta explains XML taxonomies on O'Reilly. "The FEA DRM specifies three abstract layers of an organization's information: business context, information exchange, and data element description. Business context specifies the use of a taxonomy to categorize government information. One definition of a taxonomy is "a scheme that partitions a body of knowledge and defines the relationships among the pieces. It is used for classifying and understanding the body of knowledge.""
Cross Compilers GNU Development Chain Release 3.0Release 3.0 of the GNU Development Chain, a set cross compiler, debugger, and other utilities for the Motorola 68HC11/68HC12 microprocessor family, is out. "It is based on Binutils 2.15, Gcc 3.3.5, Gdb 6.2 and Newlib 1.12.0."
Page editor: Forrest Cook Linux in the news Recommended Reading The Future Is Open: What OpenDocument Is And Why You Should Care ~ by Daniel Carrera (Groklaw)Groklaw looks at the OpenDocument format. "I asked Daniel Carrera, an OpenOffice.org volunteer, if he'd please explain to us the OpenDocument format. How does a format get chosen? And is OpenDocument on the list when governments like the State of Massachusetts make up such lists of acceptable formats for governmental use? If not, what can be done to change that? He graciously agreed. Because we are all concerned about proprietary formats and standards, and more and more governments are adopting policies requiring open standards, it's a very important subject."
Group to Divide Linux Standards Base (eWeek)eWeek covers a Free Standards Group decision to break the LSB into modules. ""We decided that rather than add everything to the LSB core, it would be better to break this up into separate parts, the first of which is on the server side. We are thus looking at making the current, ongoing server work a branch of the LSB core," Chris Maresca, a senior partner at Olliance Group, an open-source consulting company that is working with the FSG, told attendees at the OSDL (Open Source Development Labs) Enterprise Linux Summit here on Monday."
Rewriting GPL No Easy Task (eWeek)eWeek covers a talk by Eben Moglen on version 3 of the GPL. "Another change to the technical paradigm that the license must address is the issue of trusted computing and the threat it poses. 'If I knew what the solution to the problem of trusted computing was, we would have a draft version of it in circulation by now,' Moglen said."
Trade Shows and Conferences Hawaii now has its own open source conference (NewsForge)NewsForge covers the Trans-Pacific Open Source Software Conference. "The first-ever Trans-Pacific Open Source Software Conference (TPOSSCON) was held at the Hawaii Convention Center January 17 - 21, 2005. In many ways, it was a "pilot project" meant to gain credibility for what organizer Scott Belford of the Hawaii Open Source Education Foundation (HOSEF) hopes will become a yearly event that attracts people not only from Pacific Islands but also from "mainland" countries on both sides of the world's largest ocean."
13-year old to address Linux conference (ZDNet)ZDNet Australia looks forward to Linux.Conf.Au, where Bdale Garbee's daughter is on the program. "Elizabeth will be speaking on 'Extending Tuxracer - Learning by Playing', a seminar which Chair of the 2005 organising committee Steven Handley has said will revolve around making modifications to Tuxracer (a popular open source game involving Linux's cuddly mascot) with the aim of making the game more fun. Ex-Debian Project Leader and dad Bdale will also present at the conference."
The SCO Problem Bitter struggle to control company (Salt Lake Tribune)The Salt Lake Tribune reports that things are getting ugly at Canopy. "On one side is Ralph Yarro, ousted chairman, president and chief executive of the Lindon-based Canopy, an investment firm whose extensive holdings include SCO Group, a company now widely known for its Linux-related lawsuits against IBM and others. Yarro is joined by ex-chief financial officer Darcy Mott and former corporate counsel Brent Christensen. The three are suing for at least $100 million, alleging they were illegally ousted in December by a group led by Noorda's daughter, Val Noorda Kriedel of Orange County, Calif.; longtime Canopy investment adviser Terry Peterson, and William Mustard, an independent senior executive consultant appointed CEO in Yarro's place." (As seen on Groklaw).
Companies Are Microsoft's licences unfair to open-sourcerers? (Register)The Register examines the effects of Microsoft's protocol licensing scheme on open-source development. "Carlo Piana, a partner at Milan law firm Tamos Piana & Partners, which represents FSF Europe, told eWeek:"Microsoft has proposed a licencing agreement blatantly tailored to exclude free software from accessing it." The terms of the Microsoft licence require that the holder does not distribute the source code of their implementation of the protocol, except to other licence holders." Thanks to Nigel Arnot.
Red Hat unveils government business unit (News.com)Here's a brief News.com article on Red Hat's new government sales group. "Red Hat also said that it has landed a new government customer: the U.S. Department of Energy's national laboratories and technology centers. Under the seven-year agreement, Red Hat Enterprise Linux will be broadly deployed at the labs and tech centers."
Open-Source Foes (ComputerWorld)Here's a ComputerWorld article on the differences between the Linux and Solaris approaches to open source. "Linux has propeller-head cachet and market credibility, along with billions of dollars in technical and marketing investment from companies such as IBM, Red Hat and Novell. OpenSolaris has one company behind it and Scott McNealy at its press conferences."
Sun: Patent use OK beyond Solaris project (News.com)In this News.com article Sun claims that its recently released patents may be used for all open source projects. "The server and software company clarified its position somewhat on Monday. "Clearly we have no intention of suing open-source developers," said Tom Goguen, head of Solaris marketing. However, he added, "We haven't put together a fancy pledge on our Web site" to that effect."
Linux at Work IT Powerhouse Strikes Back (IPSnews)Here's an article on the IPS site about embedded Linux uses in India. "It is unlikely that Linus Torvalds, creator of Linux, ever intended this open-source operating system to be put to military use. But it is a mark of the robustness of this revolutionary operating system that the Indian army is reposing faith on it -- and indeed, has now completed user trials on the device. Called SATHI (short for Situational Awareness and Tactical Handheld Information and Hindi for buddy), the 875-gramme device helps soldiers coordinate with one another on the battlefield."
Legal The open-source patent conundrum (News.com)Bruce Perens examines software patents, on News.com. "The latest tactic in the software-patenting battle is the granting of patent rights to open-source developers. But are the grants really the equivalent of wolves in sheep's clothing?"
JURI Votes: It's Restart (Groklaw)Groklaw carries the news that the European software patent process will be restarted from the beginning. This is good news, but it means that the lobbying effort will have to start over as well.
Interviews The Big Kolab Kontact Interview - Part I (KDE.News)KDE.News talks with some people from the Kontact and Kolab projects. "Steffen Hansen: Kolab is a Free software groupware solution. The components are the Kolab server and Kontact, which is the KDE Kolab client. There is also a Kolab web client in the works."
The social structure of open source development (NewsForge)Tom Chance talks with Andreas Brand about KDE's social structure, on NewsForge. "Andreas Brand is a sociologist researching ways of recruiting and organising teams of volunteers on the Internet. He has been studying KDE as an example of an open source project based upon collaboration without hierarchies. As part of his work he has conducted interviews with KDE developers, participated in several open source conferences, analysed the KDE home page, and distributed a questionnaire among volunteers. We asked him about his thoughts on the KDE development model."
Resources KDE tips and tricks (NewsForge)NewsForge explores KDE tips and tricks. "The K Desktop Environment (KDE) is incredibly popular in the world of GNU/Linux. Distributions such as SUSE and Mandrakelinux use it by default. KDE has some useful features that, while easily accessible, are less prominent. Just as a camera inexplicably makes a cell phone more fun to use, KDE's cool but unnoticed details may make it more attractive to prospective users. Read on to learn about a few such features may help you every day."
Reviews Pentium-based ETX module supports Linux (Linux Devices)Linux Devices looks at a new Linux-compatible single-board computer from Adlink. "Adlink has released an ETX form-factor single-board computer (SBC) that supports embedded Linux on Celeron and Pentium processors. Target markets for the ETX-IM333 include medical automation, instrumentation, gaming, POS, mobile computing, and transportation, according to the company. The ETX-IM333 is based on an Intel 855GME chipset and supports Pentium M processors from 1.1 GHz to 2.0 GHz, as well as Celeron M processors from 600 MHz to 1.3 GHz."
Freevo: Freedom For Your TV (O'ReillyNet)O'ReillyNet covers the Freevo Project. "Freevo is a media platform that brings together various applications for video recording and playback. Under its open format, the user can fully customize Freevo to suit his media viewing needs. Its main feature is its ability to schedule and record television broadcasts."
Hacking Google (O'ReillyNet)O'ReillyNet presents excerpts from Google Hacks, 2nd Edition. "With access to more than three million documents in over 30 languages, Google is a researcher's dream. But like any invaluable tool, knowing the insider tricks of the trade is a must to save time and needless effort. Tara Calishain and Rael Dornfest, authors of Google Hacks, 2nd Edition, have set out to educate the masses to the ins and outs of Google. In today's excerpt, they offer the inside scoop on scattersearching, cartography, Google on the go, gmail-lite, and AdSense. With over 150 million Google searches conducted every day, why be just a number?"
GRAMPS got roots (NewsForge)NewsForge has a review of the GRAMPS genealogical application. "GRAMPS is easy to use, produces a variety of reports, handles GED files with ease, and allows you to add notes, photos, and other data to individuals in your database. Citing its web site, "GRAMPS is a genealogical application, the name being an acronym for Genealogical Research and Analysis Management Programming System. It allows you to store, edit, and research genealogical data, with similar functionality to other genealogical programs.""
How Beaverton, Ore. is boosting budding open source businesses (NewsForge)NewsForge takes a look at OSDL's new Open Technology Center. "[Executive director LaVonne] Reimer called the center the first and only place bringing together the best minds in the business to explore the benefits of open technology. She indicated the Beaverton business center would focus on and fund different aspects of business and provide space for startups, technology with which to experiment, and an executive program for open tech entrepreneurs and those who surround them."
Miscellaneous Steal This Show (New York Times)The New York Times (registration required) looks at the television business model, BitTorrent, MythTV, the broadcast flag, and more. "Cecil Watson, a 32-year-old software expert in Fontana, Calif., created KnoppMyth to make the installation of MythTV as simple as possible. The MythTV movement is 'picking up steam,' Mr. Watson said, because it satisfies the way he wants to watch television today - and he doesn't have to pay rental fees for a cable box or a DVR if he chooses not to. 'It records the shows I want to watch and I now have the choice to spend the time the way I want,' he said."
Where is the spirit of Linux? (LinuxFocus)LinuxFocus has an editorial on the spirit of Linux. "Linux really used to have a spirit and a small but very active community. It was almost like a little garage. Everybody was working on some part of the car. Adding tires, polishing and tuning the motor.... New people came and were amazed. Hey, this is a cool idea! How can I help? Give me that screw driver. I will fix the mirror. Next Linuxfocus came into the garage. The Linux "car" is a nice one! It is a bit difficult to drive but we like it so we will contribute by documenting how to use it. Everybody who was using the Linux "car" was also contributing to it in some way. It was very exciting." (Thanks to Mats Schneider)
Running Windows viruses with Wine (NewsForge)Matt Moen has some fun playing with Windows viruses on Linux under Wine. "Out of the five Windows viruses I ran under Wine, not a single one was able to send email and propagate itself. When I went out of my way to be part of the Windows community by doing my part to propagate Windows viruses (lots of Windows users seem to think this is important, seeing as how they run random executables and use Microsoft Outlook and Internet Explorer) I discovered that it couldn't easily be done with GNU/Linux tools." Thanks to Tres Melton.
The Real Price of Linux Software (law.com)Law.com has run a low-clue article on how businesses can protect themselves from the (perceived) threats of free software. "Open-source software's potential risks for intellectual property infringement litigation and the lack of warranties, indemnities and other protections mean businesses should be clamping down on open-source software. Despite the possibility of legal action by SCO, most companies have little understanding of how much open-source software they are using because they don't manage it properly and don't understand how many commercial applications have embedded open-source software."
Page editor: Forrest Cook Announcements Non-Commercial announcements A reorganization at the Open Source InitiativeThe Open Source Initiative has put out a press release describing a fairly major organizational thrashup. Eric Raymond leaves as president, to be replaced by Russell Nelson. A number of new initiatives are in the works, including "the establishment of principles of Open Source development and best practices" and the maintenance of a registry of projects which are deemed to follow those principles.
Organizations ask for renegotiation of the software patent directiveCCOO, Proinnova, Hispalinux, AI, Libro Blanco and Caliu have asked for renegotiation of the software patents directive in the Council and expressed their solidarity with ThankPoland.info. "In the 40 days between 2004-12-21 and today, over 40 000 citizens (over 28 000 verified signatures [1]) thanked the Polish Information Minister for his position at the Council of the EU. The signatures may be handed to the authorities this week. Poland twice delayed the formal adoption of a document for the software patents directive [2] that, without defining restrictive criteria, left the door open for software patents in the EU. In recent years, Eurolinux has gathered more than 380.000 signatures against software patents [3]." (Thanks to Xavi Drudis Ferran)
PDPC 2005 FundraiserThe PDPC 2005 Fundraiser has been announced. "Peer-Directed Projects Center, the IRS 501(c)(03) not-for-profit org which runs the Freenode network, has begun its 2005 fundraiser. We're soliciting funds for PDPC's 2005-2006 fiscal year, which begins July 1."
The PHP Security Consortium AnnouncedA new organization called the PHP Security Consortium has been launched. "The PHP Security Consortium (PHPSC) is an international group of PHP experts dedicated to promoting secure programming practices within the PHP community."
Software Freedom Law Center foundedThe Software Freedom Law Center has announced its existence. This center, headed by Eben Moglen, will provide pro-bono legal services to non-profit developers of free software. "The Law Center will initially have two full-time intellectual property attorneys on staff and expects to expand to four attorneys later this year. Initial clients for the Law Center include the Free Software Foundation and the Samba Project." OSDL is putting up some of the initial cash to get it going; click below for the press release.
Commercial announcements ActiveGrid joins OSDLThe Open Source Development Labs (OSDL) has announced that ActiveGrid, Inc. has joined OSDL and will participate in the lab's Data Center Linux (DCL) working group.
Appgen releases MyBooks Professional for LinuxAppgen's accounting solutions has announced availability of MyBooks Professional. "Appgen general business and accounting applications are Linux-native, and have been since 1997."
EMS PostgreSQL Manager 2.8 ReleasedVersion 2.8 of the EMS PostgreSQL Manager, a commercial PostgreSQL database administration and development tool has been announced. A freeware version is available for download.
Hyundai Deploys SGI Altix Supercomputers running LinuxSGI has announced a deployment of their Altix Supercomputers by the Hyundai Motor Company. "A subsidiary of Silicon Graphics, Inc. (NYSE: SGI), SGI Korea has delivered four SGI(R) Altix(R) servers and an SGI(R) InfiniteStorage solution. These new servers, powered by a total of 148 Intel(R) Itanium(R) 2 processors and running Red Hat(R) Enterprise Linux(R) operating system, were installed in November and will be used for full car analysis, engine analysis, drag test and the prediction of airborne noise."
IRMA to Deliver Complete Translations of Linux in 78 Languages by 2006Linspire has announced its online IRMA translation site. "Linspire, Inc. today announced the release of a new Web-based translating application that will allow volunteers to easily translate leading Linux applications into nearly 80 different languages. Dubbed the International Resource Management Application, or IRMA, the project calls on users who speak English and another language to volunteer to translate parts of the operating system. Currently, 24 languages are supported through the system, with 54 additional languages to be added over the next few weeks."
Jybe Beta Released (MozillaZine)MozillaZine covers Jybe, a Firefox extension. "Jack Mott writes: "Our company, Advanced Reality, recently released a new product as an open beta. Jybe is an extension for Firefox that allows you to link your browser together to one or more friends' browsers and allows you to chat and browse the web together. Initial features included full frames support, chat, and a powerpoint presentation system, with more to come."
Levanta Joins Open Source Development LabsOpen Source Development Labs has announced the latest new member, Levanta. "The Open Source Development Labs (OSDL), a global consortium dedicated to accelerating the adoption of Linux in the enterprise, today announced that Levanta, Inc., a leader in Linux configuration management, systems provisioning and software deployment, has joined OSDL and will participate in the Lab's Data Center Linux and Desktop Linux working groups."
Maguma Workbench PHP IDE 2.2Release 2.2 of Maguma Workbench, an IDE for PHP, has been released. "Maguma has published the newest version of Maguma Workbench. Maguma Workbench 2.2 has new features, more stability and a new pricing concept. During the same period Maguma will also publish the Maguma Workbench SDK, for more independence to create new modules for your "Workbench". For this reason Maguma has created a competition for developers, to create new plugins."
Hack your Nokia phone in PythonNokia has announced the availability of a development kit enabling applications to be written for its Series 60 phones in Python.
PatentCafe Launches New Open Source Software Patent Search EnginePatentCafe has announced the opening of its Open Source Software (OSS) Patent Search Engine devoted entirely to worldwide search access to OSS patents. Click below to see the press release.
Skype 1.0 availableSkype Technologies has announced that version 1.0 of its voice-over-IP application for Linux is available for free (beer) download. "Skype for Linux 1.0 has been successfully been tested on many recent distributions, including, but not limited to: SuSE 9, Gentoo 1.4, Debian 'unstable', Fedora Core 2, Sun Java Desktop System Release 2 and Xandros."
New TiVo Application Platform Opens Its Doors to Third Party DevelopersTiVo Inc. has announced the availability of an early-access software development kit (SDK) that allows third parties to create entertainment and information applications that extend the TiVo service. "As part of the launch of the early-access SDK, TiVo is also announcing a developers contest. Developers are encouraged to submit their applications to be judged by a panel of industry luminaries that includes James Gosling, CTO of Sun Microsystems' developer products group, and Chris Anderson, Editor-in-Chief of WIRED magazine. Complete contest rules and prizes can be found online at http://www.tivo.com/challenge."
New Books "Buffer Overflow Attacks: Detect, Exploit, Prevent" Released by SyngressSyngress has published the book Buffer Overflow Attacks: Detect, Exploit, Prevent by James C. Foster.
ThoughtWorks publishes Pragmatic Version Control Using SubversionThoughtWorks has announced the publication of the book Pragmatic Version Control Using Subversion by Mike Mason.
"Linux Server Security" Released by O'ReillyO'Reilly has published the book Linux Server Security by Michael D. Bauer.
Resources openEHR Foundation News (LinuxMedNews)LinuxMedNews has published the latest openEHR Foundation News. "Thomas Beale, Chair of the openEHR ARB posts an openEHR status review and progress outlook for 2005 to the openEHR mailing lists."
User Documentation for OpenEMR (LinuxMedNews)LinuxMedNews mentions the availability of new documentation for OpenEMR, an open-source electronic medical records system. "The OpenEMR community received a 25 page User Documentation Manual for OpenEMR. The OpenEMR community thanks Dr. Bowen for his gracious contribution of a 25 page user manual for OpenEMR version 2.6."
Contests and Awards KDE Edu Applications Strike in Qt Contest (KDE.News)KDE.News covers the QtForum.org programming contest award winners. "Today QtForum.org, a site dedicated to Qt development discussions, presented the winners of the QtForum.org programming contest award, sponsored by Trolltech. The contest selected the best educational software written with the Qt libraries, and these two programs from the KDE Edutainment Project took first and second prize, while third place was shared among two also KDE-based applications."
OO.o Splashscreen Vote - take twoThe OpenOffice.org spashscreen contest is again underway. "Voting is once again open for the OpenOffice.org 2.0 splashscreen. This screen will be seen by tens of millions. If you voted last month, please vote again; all votes cast that time were thrown out as invalid."
Upcoming Events O'Reilly Open Source Convention CFPO'Reilly has sent out a call for participation for the 2005 Open Source Convention (OSCON). The event will be held in Portland, Oregon on August 1-5, 2005, proposals are due by February 13.
Free Linux Certification at 2005 LinuxWorld Conference and ExpoIDG World Expo has announced a free LPI certification testing program at the Boston Linux World Conference & Expo event. "Each day of the conference at 1:00 p.m., LPI will be conducting the LPI 101 exam in Room 205. The proctored exams are free to all conference delegates, and a special discounted price of $25 is also offered to all exhibitors and exhibit hall attendees."
6th Annual Libre Software Meeting CFP (LinuxMedNews)The 6th annual LSM 2005 Libre Software Meeting for Medicine has been announced. The event will be held on July 5-9, 2005 in Dijon, France. "LSM is the annual international meeting of experts (prividers and users) on new developments in free software medical systems (open source) and their applications. An important objective of the LSM/2005 is to open contacts between people from different domains mainly IT (Information Technology) and Medicine."
Golden Penguin Bowl at LinuxWorld Conference and ExpoIDG World Expo has announced the next Golden Penguin Bowl, an event that pits media agains analysts. The bowl will take place on February 15 at 4:30 PM as part of the World Conference & Expo 2005 in Boston.
Malaga Named as Location for 2005 KDE Conference (KDE.News)KDE.News has announced the location selection for the 2005 KDE Conference. "After an evaluation process of several possible locations, Malaga in southern Spain has been chosen as the location of the 2005 KDE conference by the KDE e.V. membership in a recent vote. The conference will be held by KDE e.V. in cooperation with different sponsors."
WFS 2005 - Call for PapersThe 6th International Workshop on Free Software will be held on June 1-4, 2005 in Rio Grande do Su, Brazil. Papers are due by March 14.
Events: February 3 - March 31, 2005
Web sites The GCC WikiA new Wiki Site has been launched for discussion of GCC, the GNU Compiler Collection.
The Open Skills SiteOpenSkills 2 is a new site for the discussion of various Linux issues: "Welcome to OpenSkills 2 (Beta 2), a Collaborative Knowledge Portal, an Insane Experiment of System Exposure Just Another Linux-and-More WebSite for SysAdmin". The site is also available in Italian.
Page editor: Forrest Cook Letters to the editor Comments re: An Early Look at Ubuntu Hoary
Hi Ladislav!
eWEEK, I think you've missed the point of the GPL
Quoting http://www.eweek.com/article2/0,1759,1754298,00.asp -
Misquote/misattribution in your Mercury article?
> The SCO Group says that IBM and other companies inserted its Unix
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[KDE screenshot]](/images/ns/kde-3.4-sm.png)
![[GNOME screenshot]](/images/ns/gnome-2.10-sm.png)
![[Open Clip Art Library]](/images/ns/openclipart.png)
Version 0.10 of the library was just released:
![[ocal-hearts]](/images/ns/ocal-hearts.png)
"