LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in Business
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for October 17, 2002The Eldred v. Ashcroft argumentsEldred v. Ashcroft, the copyright case described on this page two weeks ago, was argued before the U.S. Supreme Court on October 9. This case remains interesting because it asks a fundamental question: are there constitutional limits on the monopoly rights that the Congress can grant to copyright holders? A 20-year extension on copyrights is not, itself, that important to the free software community - by the time 70-year-old software might pass into the public domain, most users are likely to have upgraded to something else, libc5 die-hards excepted. But the question of limits on Congressional power bears directly on issues like the DMCA, the CBDTPA, and others. This case matters.We're going to have to wait some months to find out how it went, though. The Supreme Court doesn't rush into these things. Until then, the definitive commentary on how the arguments went has to be Lawrence Lessig's weblog:
The Court clearly got it. Though the other side had written
literally 300 pages trying to show all the good CTEA did (and
pronounce it like it is a disease -- sateeeya), the Court hadn't
bought any of it. Congress was not acting to promote progress, it
was acting to reward "court favorites." The only question the Court
was struggling with is whether it has the power to do anything
about it.
Go read the whole thing, it's worth it. Lawrence Lessig and all those who have worked on the Eldred case over the last few years deserve our thanks for taking on this fight. Let's hope they get some sleep soon.
Monocultures and software securityA vulnerability which allows a cracker to break into a computer is, in general, a bad news. But a vulnerability which exposes a large percentage of the entire network can be catastrophic. There will come a day when a truly malicious individual or group finds a hole first and makes use of it to trash as many machines as possible; how can one, reading the headlines, doubt that claim? We have been lucky that it has not happened yet.When that time comes, our biggest problem will be the "monocultural" aspect of much of the software landscape. If everybody is running the same software, it only takes a single vulnerability to expose all systems. Unfortunately, that is exactly the situation we find ourselves in with a number of security-critical applications. Consider Apache, OpenSSH, Bind, and Sendmail for starters. Each accounts for well over half the installed systems in its class. A vulnerability in any of these programs puts a large portion of the net at risk. Of course, it is easy to point out that this situation is going to bite us. It is harder to suggest things to be done about it. The free software community produces a great diversity of products. There are, seemingly, almost as many editors available as users to run them. We have multiple desktops, numerous mail clients, a wealth of scripting languages, etc. But the core infrastructural components tend to narrow down to a small number of choices. We have many shells, but only one secure shell protocol and implementation worthy of note. When a free infrastructure component achieve dominance, it seems a waste of time to work on (or use) a competitor. That is a perception that, perhaps, needs to change. If we can improve the diversity of our network ecosystem, we will all be better off as a result. A wide choice of distributions (and operating systems), along with multiple machine architectures, is a good start; exploits tend to be specific to a particular distribution and processor. But we really need a wealth of choices for the individual software components as well. In some areas (i.e. mail transfer agents) that range of choices exists now. But in others it does not: where are the viable, free alternatives to OpenSSH and Bind? We will all be better off when popular alternatives to those programs emerge - even if we do not run them ourselves.
LWN Status UpdateAs of this writing, there are just under 2000 subscribers to LWN.net. As we had expected, the rate of new subscriptions has dropped off; we are going to have to work harder to attract more subscriptions at this point.Nonetheless, we have as a goal the doubling of our subscriber count in the next few months. If we can do that, we'll have a stable base upon which to build the LWN for the next five years. We're still working on just how we'll pull that off; if any of you have suggestions on ways to attract more subscribers, we would love to hear them at lwn@lwn.net, or as comments posted to this article. We sure would like to see some more corporate subscriptions as well; the response from Linux-oriented companies (and others) has, so far, been below our expectations. Meanwhile, we will begin making some other changes to help LWN live within the means available to it. One step in that direction will be the elimination of the "Linux in Business" page starting next week. We will continue to watch press releases for relevant news, and the really interesting ones will show up on the Announcements page. but the big, categorized press release section will be going away. In the long term, it hard to imagine how we can get to where we want to be without top-quality business coverage. But LWN does not have that now, and maintaining a page marked "Linux in Business" does not change things. Readership of that page has been low for years. We are determined that the Linux in Business page will return when we are able to do a high-quality job of it. But, for now, we'll do without. We will also probably be dropping the Linux stocks page; it is a maintenance hassle, and, as traffic on the page shows, Linux stocks just aren't all that interesting these days. We are doing everything we can to maintain and improve our development, legal, and security coverage. There is no end of interesting stuff going on in the free software community, and we want to do an ever-better job of bringing it to you. Stay tuned.
Security Brief items The first Linux Security Protection System stable releaseThe Linux Security Protection System (LinSec) is another project dedicated to the creation of secure Linux systems through the use of mandatory access controls. LinSec is not packaged as a full distribution, however; instead, it comes as a kernel patch and a set of useful utilities. The project has just announced its first stable release.When you finish the (lengthy) process of installing LinSec on your system, you'll have the following:
LinSec has a lot of tools which can help in the creation of highly secure Linux systems. What it lacks, still, is any real solution to the administrative problem. Experience has shown that administrators have trouble keeping track of even the basic permissions bits on the many files in their systems. Capabilities add another 28 bits to deal with. The LinSec installation guide describes setting up capabilities as "the most daunting task" in the whole installation process for a reason. Capabilities and fine-grained privilege control are great ideas, but they are unlikely to see widespread adoption until the management issues have been dealt with.
'Firewalls and Internet Security' input soughtThe second edition of the classic book Firewalls and Internet Security is in the works. This is happening none too soon: the first edition is copyrighted 1994. The authors are looking for suggestions for the second edition; in particular, they want to know where you go to find important security-related information. If you want to help out, click below for the request, and send them your suggestions.
This month's CRYPTO-GRAM newsletterBruce Schneier's CRYPTO-GRAM newsletter for October is out. This issue looks at the "National Strategy to Secure Cyberspace," the possible cryptoanalysis of AES, one-time pads, and more. "This is about as pathetic as you can get. The Federal Trade Commission has decided that computer security needs a mascot, kind of like Smokey the Bear. So we now have Dewey the Turtle, who's here to promote secure computing for everyone. 'When you see the ping of death, duck and cover.'"
New vulnerabilities dvips: command execution vulnerability
heartbeat: remotely exploitable buffer overflow
squirrelmail: cross-site scripting vulnerability
syslog-ng: buffer overflow vulnerability
Updated vulnerabilities Apache shared memory scoreboard vulnerabilities
Heap corruption vulnerability in at
bind buffer overflow vulnerability in DNS resolver libraries
Multiple vulnerabilities in bugzilla
Potential unauthorized root access vulnerability in dietlibc
Ethereal buffer overflow, infinite loop and memory management vulnerabilities
SSL certificate validation vulnerability in evolution
Filename disclosure vulnerability in fam
Another set of fetchmail buffer overflows
GNU fileutils race condition
Potential remote root exploit in glibc
Buffer overflow in groff
Buffer overflow in gv
Buffer overflows in heimdal
HylaFAX 4.1.3 fixes multiple vulnerabilities
UW imapd remotely exploitable buffer overflow
Cross-site scripting vulnerability in Konqueror for KDE 3.0.3
Kerberos 5 unauthorized root access to KDC host vulnerability
LPRng accepts jobs from any host.
Cross-site scripting vulnerability in mhonarc
PHP Remote Compromise/DOS Vulnerability
Mozilla XMLHttpRequest file disclosure vulnerability
Buffer overflow in nss_ldap
String format bug in pam_ldap logging
Safemode vulnerability in PHP
Remotely exploitable vulnerability in pine
Buffer overflow vulnerabilities in PostgreSQL
PXE server denial of service vulnerability
Local arbitrary code execution vulnerability in Python
Multiple-use vulnerability in Safe.pm
sendmail smrsh bypass vulnerability
Sharutils potential privilege escalation using uudecode
Multiple vulnerabilities fixed in Squid-2.4.STABLE7
File overwrite vulnerability in tar and unzip
Malformed NFS packet buffer overflow vulnerability in tcpdump
Multiple vendor telnetd vulnerability
Temporary file vulnerability in tkmail
Tomcat 4.x JSP source code exposure vulnerability
Local root vulnerability in chfn
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
Multiple vulnerabilities in wordtrans
Problems with libgtop_daemon
Wwwoffle remote privilege escalation vulnerability
Local privilege escalation vulnerability in XFree86
Denial of service vulnerability in xinetd
Resources Hackers send Sendmail a message (News.com)This article at News.com claims that sendmail.com's source distribution was not directly compomised, as previously reported. "The apparent attack on Sendmail didn't leave a back door in the popular open-source e-mail software package, as previously believed, but compromised the download software on the Sendmail consortium's primary server so that every tenth request for source code would receive a modified copy in reply. "The exploited code that we see is not in our (development) tree at all," said Eric Allman, chief technology officer of Sendmail Inc., which sells a version of the open-source e-mail server program, and a member of the Sendmail Consortium, the development group for the software. "It seemed to be going to the (Sendmail) host, but it was delivering a corrupted file that wasn't on our server anywhere.""
Review: Honeypots: Tracking HackersLinuxSecurity.com reviews Honeypots: Tracking Hackers by Lance Spitzner. "The detailed definitions and descriptions make it a great book even for the honeypot novice to understand. It grabs your attention right from the very beginning, holds it to the end and leaves you wanting more."
Linux Security WeekThe LinuxSecurity.com Linux Security Week newsletter for October 14 is available.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel is 2.5.43, which was announced by Linus on October 15. He described this release as "a huge merging frenzy for the feature freeze." It includes the read-copy-update patch (described in the July 18 LWN Kernel Page), more network asynchronous I/O patches, SMP support for User-mode Linux, a version of the InterMezzo filesystem that works in 2.5, more memory management work, the removal of kiobufs (see below), JFS and XFS updates, an AFS filesystem implementation, the "oprofile" profiler, IBM "Summit" architecture support, an ARM update, and many other fixes and updates. The long-format changelog is also available.2.5.42 was released on October 11. There was a lot of stuff in this patch, including NFS work, numerous patches from the -dj tree, the 64-bit sector ("large block device") patch, more asynchronous I/O patches, the IDE tagged command queueing patch, and a lot of other fixes and updates. See the long-format changelog for all the details. The latest prepatch from Alan Cox is 2.5.42-ac1. He has taken a stand in the LVM debate (see below) by merging the LVM2 device mapper; other than that, this prepatch consists mostly of compilation fixes. The current 2.5 status summary from Guillaume Boissiere is dated October 16. The current stable kernel is 2.4.19. Marcelo took another step toward 2.4.20 with 2.4.20-pre11, which was released on October 15. Alan Cox released 2.4.20-pre10-ac1 on October 10; the only item in the changelog is "resync with Marcelo."
Kernel development news Choosing a volume manager for 2.5As the feature freeze date gets closer, people are starting to get worried about some of the unresolved issues in the 2.5 series. At the top of the list, currently, is volume managers. The LVM code in the 2.4 kernel is not much loved by kernel developers; it has gone unmaintained in 2.5 and simply does not work. One thing that everybody seems to agree on is that LVM has reached the end of its life and needs to be removed.But that, of course, begs the question of what will replace LVM. There are two contenders out there:
Both volume managers have been proposed for inclusion into 2.5 as replacements for LVM. There is currently very little consensus on which, if either, should go in, and Linus has stated that he is undecided on the issue. LVM2/DM is the smaller and simpler of the two volume managers. Its goals are to be a cleaner, better implementation of LVM, so it does not add a great many features. It can combine volumes in a linear (appending one partition to another) or striped (interleaving data across partitions) manner, but does not support higher-level RAID features. The lack of RAID 4/5 support is not necessarily a problem, since the kernel "md" driver provides those capabilities. LVM2 also does not try to understand the filesystems on the volumes it manages, so changing the sizes of volumes can be a multi-step process. LVM2 is backward compatible with LVM, and provides a very similar interface to administrators. EVMS is a much larger, more complex development. It supports RAID 4 and 5, and other features such as bad block remapping. EVMS comes with a comprehensive graphical interface. It also can work with several filesystem types to make filesystem resizing easy. From the user level, EVMS comes across as a far more complete tool. There is substantial resistance in the kernel hacker community to merging EVMS, however. A number of coding style issues have been raised; for example, the declaration of static variables within header files is considered to be in poor taste. There are objections to the duplication of the RAID functionality already provided by the md driver. EVMS also hides the internal structure of its volumes. Imagine creating two large volumes by combining two drives (for each) in a linear mapping, then making one big volume by striping across the two linear volumes. The internal, linear volumes would not be visible as separate devices. Critics of this implementation dislike the duplication of code (against the block layer) implied by creating a new type of hidden block device; it also complicates operations that need to be performed directly on the internal devices. So there has been pressure to expose the internal devices, or, even, to work many of these volume management functions directly into the block layer API. LVM2 has not been subjected to the same level of criticism; the consensus seems to be that the code is relatively clean and correct. The level of capability offered by LVM2 is lower, however. The development teams for both EVMS and LVM2 have stated their willingness to address complaints in order to get their projects merged. The problem, of course, is that the feature freeze date is getting closer, and neither project will be "complete" by then. Some developers are talking seriously about merging neither volume manager, and simply doing without until the next development series opens. Releasing a stable kernel without a logical volume manager is probably not a realistic option, however. Something will probably go in. Linus stated in the 2.5.42 announcement that he was leaning toward EVMS; EVMS also appears to be the choice of people who use volume management, as opposed to those who have to deal with the code. So the odds probably favor an EVMS merge, but it is far from a sure bet at this point.
Kiobufs removedOne of the advantages of the new "commits" mailing list is that one can see the patches which slip quietly into the kernel without public discussion. One of those is this patch by Christoph Hellwig, via Andrew Morton, which removes the "kiobuf" infrastructure from the kernel. This patch has been merged by Linus, and will show up in the 2.5.43 development kernel.The kiobuf structure was developed by Stephen Tweedie as a way, initially, of implementing the raw block I/O devices in the 2.3 development series. Using kiobufs, kernel code can perform operations directly to and from user-space buffers without having to worry about walking page tables, pinning pages into memory, and so on. Kiobufs did the job they were designed to do, and they found their way into a number of kernel developments. Not everybody was happy with the kiobuf interface, however. Many saw it as a heavyweight structure, requiring a lot of time (and memory) to set up and tear down. Kiobufs also forced the splitting of large I/O operations into small chunks - often as small as a single 512-byte sector, but never larger than 64KB. As a result, kiobufs never became the high-performance I/O mechanism that it was intended to be. So what replaces kiobufs in the 2.5 kernel? Modern direct I/O code uses the get_user_pages() function:
int get_user_pages (struct task_struct *tsk,
struct mm_struct *mm,
unsigned long start, int len,
int write, int force,
struct page **pages,
struct vm_area_struct **vmas);
This function faults in len user pages starting at start, and locks them into the page cache. Return values include the struct page pointers (in pages) and pointers to the associated VMA structures (in vmas); either can be NULL if the caller is not interested in that information. Code which used kiobufs will want the struct page pointers, which can be used to set up DMA operations or other direct transfers; most callers do not need the VMA pointers. The pages should be passed (individually) to page_cache_release() when the operation is complete. The asynchronous I/O patches have also, at times, included a new kvec structure which looks like a lighter, faster version of kiobufs. No patches with kvecs have been merged by Linus, however. Kiobufs, meanwhile, have reached a dead end. It's worth remembering, though, that kiobufs were the pioneering effort into the use of struct page pointers for direct I/O. The code may be gone, but the lessons learned from kiobufs live on in the current implementation.
Xbox Linux kernel patchesFor those who are wondering what it takes to make Linux run on an Xbox: Michael Steil of the Xbox Linux Project has posted a note describing the project's kernel patches (and asking how to get them merged). The required changes include a workaround for an Xbox PCI bug, compensation for a faster system timer, a different way of shutting down and rebooting, the lack of a keyboard controller, support for the "FATX" filesystem, and a driver for the "Xpad" controller. The changes seem to be uncontroversial; expect Xbox support in the mainline kernel before too long.
Making security hooks optionalThe Linux Security Module effort ran into a bit of a snag this week as its developers tried to get another set of hooks merged into the 2.5 mainline. The result was a "back to the drawing board" experience which is likely to improve the quality of the LSM Patch overall.The LSM team posted a set of hooks for networking operations for inclusion. There has been concern about the performance impact of the networking hooks since last June's Kernel Summit, so the LSM developers have put quite a bit of effort into minimizing any potential slowdowns. The current patches, it is said, have no measurable impact in 100MB/s networking, and a 1-2% slowdown with gigibit networks. That is a small impact, but it was still too much for the networking hackers. Those folks have put a great deal of effort into creating the fastest networking on the planet, and they are not much interested in patches which slow things down. They take particular exception to just how these hooks are implemented. Consider one piece from the network hooks patches:
if (skb) {
security_ops->skb_recv_datagram(skb, sk, flags);
return skb;
}
The LSM patch, of course, adds the security_ops line. The problem here is that the security hook is always called. If no particular security module has been loaded, then a dummy hook is called. So, even in the case where no security policy is being implemented (the usual case for most systems into the foreseeable future), a long-distance, indirect call is being made, with the usual effects on cache and TLB performance. The impact may be small, but it is still too much for the networking developers. The solution, as posted by Greg Kroah-Hartman, is to move the hook invocation into a separate (inline) function. So the code fragment above would change to something like:
if (skb) {
security_skb_recv_datagram(skb, sk, flags);
return skb;
}
where security_skb_recv_datagram() would look like:
static inline void void security_skb_recv_datagram(...)
{
security_ops->skb_recv_datagram(...);
}
This approach may not seem all that different. But now it is easy to introduce a CONFIG_SECURITY configuration option that makes all of the security hook invocations disappear entirely. Thus, for people who know that they will not load security modules (and for distributors who choose not to support security modules), the overhead of the module hooks vanishes entirely. With this change in place, the networking team is happier. This change will also help address a couple of other problems that Rusty Russell (fresh back from his honeymoon) has pointed out. There is current a (small) race condition with module removal; it is possible that a security module could be removed from memory while other threads are still executing within the module's code. Fixing this problem will require the addition of some sort of reference counting, or the use of the recently-merged read-copy-update mechanism. It may also be desirable to control the environment in which security hooks run; for example, it could be decided that security hooks should run with preemption disabled. Both problems are more easily solved if the invocation of the hooks is wrapped within another function.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Kernel building
Memory management
Networking
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Openwall GNU/*/Linux (Owl) 1.0 releaseVersion 1.0 of "Openwall GNU/*/Linux" (or just "Owl" for short) has been released. Owl is a security-enhanced distribution produced by Solar Designer and others. There have been lots of changes since Owl 0.1-prerelease came out on May 11, 2001. Owl documentation is now available in French, German and Russian in addition to English. Naturally there have been plenty of security fixes. Owl is stable and secure, but it's intended for professionals. You should have Linux system administration experience to use Owl. Alternately, you can outsource the administration or security administration of your servers to the Owl team, including remote installation of the OS. Owl is available for x86, Sparc and Alpha architectures. Owl can be freely downloaded, but in order to support future Owl development, please consider helping out the Owl team by buying a CD, or making a donation.
Linux Distributions - Facts and Figures (DistroWatch)Most people who use Linux have a favorite distribution, and many of them get very passionate about their favorites. With so many distributions to chose from it's no wonder that many people are able to find the "perfect distribution" that can inspire that sort of passion. DistroWatch has compiled some facts and figures about some popular distributions, looking at some of the factors that inspire people's passions.
Distribution News Debian GNU/LinuxThe Debian Weekly News for October 15, 2002 is available. This week introduces a new web-based Debian forum. Debian and the Freedom CPU, human rights and free software, the sendmail trojan, and many other topics are also covered.For those keeping up with the new Debian installer, this latest status report covers what has been done, and what remains to do. There is now a Debian developers todo list, with information about all sorts of jobs that need to be done, from those requiring a skilled developer, to those that an average user might do. Here is some advance warning from the uw-imap maintainer. The latest version of the uw-imap packages (upstream version 2002RC7) are going to make some significant changes due to the inclusion of crypto in main. SpamAssassin filtering has been enabled on the Bug Tracking System. "30% of the mail sent to the BTS(at least the mail that enters the receive script) is spam, and of that, there were no false hits(at least with a quick glance at the files)."
Mandrake LinuxThe Mandrake Linux Community Newsletter for October 10 is out; it looks at the LSB certification for the Mandrake Linux 9.0 ProSuite Edition, the first 9.0 errata, and more.Mandrake Linux has released an update advisory for drakconf. Errors were discovered in the Mandrake Control Center that prevents users using the nl_NL, sl, and zh_CN locales from starting the program. The error generated would be "cannot call set_active on undefined values" on line 423. With the release of Mandrake Linux 9.0, some older distributions will no longer be supported, particularly versions 7.1 and Corporate Server 1.0.1. MandrakeSoft suggests you upgrade to a more recent version of Mandrake Linux if you are still using one of these older versions.
Slackware LinuxThe latest updates to slackware-current include glibc-2.3.1, e2fsprogs-1.29, util-linux-2.11w, bison-1.50, make-3.80, openssl-0.9.6g, fetchmail-6.1.0 (this fixes a fetchmail security issue), cups-1.1.16, and espgs-7.05.5. Read more below, or see the change log for complete details.
New Distributions LonixLonix is a console-based full Linux system which runs from a live CD. Based on Linux From Scratch, this distribution includes useful utilities for students and developers. Some servers, such as Apache, Proftpd, and sshd are pre-configured and included. It can also be used as a partition tool (featuring fdisk and parted) or as a rescue CD. Currently, the homepage and some scripts in the CD are just in Spanish. There may be a future release that is also in English. The initial Freshmeat announcement for v1.0rc3 was made on October 13, 2002. Thanks to Joseph J Klemmer
Minor distribution updates BanShee Linux/RBanShee Linux/R has released v0.60 with major feature enhancements. "Changes: Updated to Linux 2.4.19, smartsuite 2.1, bzip2 1.02, dosfs tools 2.8, file (freefile 1.8), and vche 1.7. Iptables 1.2.7a has been added."
Fli4l (Floppy ISDN/DSL)Fli4l (Floppy ISDN/DSL) has released stable version 2.0.5 with minor bugfixes. "Changes: Small bugfixes for host variables, a new PCMCIA-drivers, a new tulip driver, a bugfix for the PPtP reconnect problem, new SSH key management, an ISDN routing fix, and smaller bugfixes for proxying."
KNOPPIXKNOPPIX has released v3.1-10-10-2002 with minor feature enhancements. "Changes: This release includes bugfixes in knoppix-autoconfig and hwsetup signalhandling, and updates to XFree 4.2.1-2."
LRs-LinuxLRs-Linux has released v0.3.0. "Changes: There are more bugfixes. This release uses LFS (LinuxfromScratch) 4.0. There is a new tool called AutoDEP; needed dependencies are recognized and can easily be selected per AutoSelect."
uClinuxuClinux has released v2.5.41-uc0 with major feature enhancements. "Changes: This release updates to the latest kernel, and includes lots of MM updates."
WarewulfWarewulf has released v1.2 with minor bugfixes. "Changes: Apostrophe parsing in masterconf has been fixed. dhcp-build has been fixed so that it works with Red Hat 8's version of DHCPD (V3). A bug in 'nodeconf' in admin boot device selection has been fixed. There is some logic to help with defining the network using IP and netmask, and an RPM spec file."
Distribution reviews Gentoo Linux Reloaded (O'Reilly Network)The O'Reilly Network has an article about Gentoo Linux. "Portage, our ports system, is really the heart of Gentoo Linux. Portage allows you to set up Gentoo Linux the way you like it, with the optimization settings that you want, and with optional build-time functionality (like GNOME, KDE, MySQL, ALSA, LDAP support, etc.) enabled or disabled as you desire. If you don't want GNOME on your system, your apps won't have optional GNOME support enabled, and if you do, then they will. We prefer to think of Gentoo Linux as a meta-distribution or Linux technology engine. You decide what kind of system you want, and Portage will create it for you."
November 18 date set for UnitedLinux (Register)The Register reports on the upcoming release of UnitedLinux, which is scheduled for November 18. "The first full version of UnitedLinux will be available from November 18. That's one of the main snippets of news from an informative presentation on the progress and rationale of the UnitedLinux from a presentation by Gregory Blepp, VP at SuSE and board member of UnitedLinux, made at the London Expo show in London yesterday."
Lindows Version 2.0.0 reviewExtensiontech.com has a review of Lindows 2.0.0, from the perspective of a Windows user. "Lindows is supposed to bring choice to your computer. Not that it's really unlike any other version of Linux. With it's modified KDE interface, and basically running wine, the Linux emulator for Win32 applications. While Linux has struggled to make it to the desktop, talk to any Linux geek, and they may say otherwise. One reason I've personally stayed away from Linux is compatibility with the programs that I'm used to. MS Office for example."
Page editor: Rebecca Sobol Development PIKT, the Problem Informant/Killer ToolVersion 1.16.0 of PIKT, the Problem Informant/Killer Tool, has been announced.PIKT is defined as:
...an innovative new paradigm for administering heterogeneous networked
workstations, is a cross-platform, multi-functional toolkit for monitoring
systems, reporting and fixing problems, and managing system configurations.
You can also use PIKT as a basis for managing system security. PIKT
consists of an embedded scripting language with unique, labor-saving
features; a sophisticated script and system config file preprocessor,
scheduler, and installer; and other useful tools. PIKT is a category buster
with many, many different uses limited only by your ingenuity and imagination.
See the PIKT Introduction and the PIKT home page for more information. New features with this release include an option for performing backups when doing changes, multiple alert timing specs, improved exit code and error messages, a new PIKT help utility, and bug fixes. PIKT is licensed under the GNU GPL; the project has been around since October of 1988. It looks like it could be a big time-saver for those who maintain large networks of heterogeneous Unix machines.
System Applications Audio Projects Ogg Vorbis newsThe latest news from the Ogg Vorbis open-source audio compression project is the inclusion of Speex. " Speex is a patent-free, open source compression codec designed for compressing voice at low bitrates. The project is now part of Xiph. Visit the project's page for samples, mailing list, code, and the rest of the usual good stuff. There is also an update from the CEO about a minor Vorbis release, news about Icecast2, and a quick blurb on Theora."
Database Software MySQL 3.23.53 releasedVersion 3.23.53 of the MySQL database is available. A number of bugs have been fixed.
Electronics Gerber Viewer 0.0.10 releasedVersion 0.0.10 of gerbv, the Gerber Viewer, has been released. Gerber files are used for circuit board CAD designs. See the release notes for a list of changes.
Libraries GNU C Library ported to 64-bit PowerPCIBM has finished a 64 bit port of the GNU C library for the PowerPC platform. The software has been assigned to the Free Software Foundation.
Networking Tools OpenSSH 3.5 releasedVersion 3.5 of OpenSSH has been released. A long list of changes is included in the announcement.
Web Site Development Midgard Weekly SummaryA new issue of the Midgard Weekly Summary is out. Topics include a Midgard 1.4.4 and 1.5.0 Roadmap Proposal, Asgard 1.4.3 released, Roadmap to Asgard 1.4.4, and Midgard Paths - Beta Release.
Mod_python 3.0 beta 3 availableThe Beta 3 release of Mod_python 3.0 is available. Change notes can be found in the code.
Zope Members NewsThe most recent headlines on the Zope Members News include: RDFCalendar: Syndication of events, Zope 2.6.0 Beta 2 Released, Translation Service 0.2: i18n for ZPT, TextIndexNG 1.05 FINAL released, CMF-1.3 AMP released as package, mxmRelations v.1.0 has been relased, ree Forum, and the Infrae Content Management Sprintathon.
mnoGoSearch 3.2.7 search engineVersion 3.2.7 of the mnoGoSearch web site search engine is available. See the Change Log for more information on what has changed.
Miscellaneous Get to know your textutils (IBM developerWorks)IBM's developerWorks has an article by Jacek Artymiak on textutils. "This introductory series of tips for Linux users offers an easy introduction to the GNU text processing tools -- how to use them, how to avoid pitfalls, and how to combine them to create powerful custom tools."
Desktop Applications Audio Applications Sweep 0.5.7 releasedDevelopment version 0.5.7 of sweep, a sound wave editor, is available. "This version includes support for Ogg Vorbis import and export, including both variable and average bitrate encoding modes. There are many other user interface updates, including new input controls for sample rates and channels."
WaveSurfer 1.4.5 releasedDevelopment on the WaveSurfer sound visualization and manipulation tool continues at a rapid pace. Version 1.4.5 was released on October 14, 2002, the changes include new sound mixing functionality, new time display formats, bug fixes and minor improvements.
Gnome Wave Cleaner 0.17-6Version 0.17-6 (beta) of Gnome Wave Cleaner is available. "GWC is an app for digital audition, denoising, declicking audio files."
Meterbridge 0.0.5Version 0.0.5 of the JACK Meterbridge is out, this version adds a new stereo phase meter and some bug fixes.
Desktop Environments KDE 3.0.4: Fourth Enhancement ReleaseKDE.News has an announcement for the release of KDE 3.0.4, which features enhancements to stability and usability, as well as two security fixes.
FootNotesTopics on the GNOME desktop FootNotes site include: GNOME 2 & 2.1 bug day, Yet Another Gnome2 Build Script, Pan 0.13.1 released, GnuCash 1.7.1 alpha released, Evolution 1.1.2 released, GIMP 1.3.9 released, Mozilla Status Update, libferris for Redhat 8.0, Sodipodi 0.27 released, an Owen Taylor and Havoc Pennington Interview, and more.
Games Free Frags with Cube: The Linux First-Person Shooter (O'Reilly)Howard Wen examines Cube on O'Reilly. "The last thing the gaming development community needs is probably another 3-D graphics engine designed for first-person shooters. After all, there are lots of them in the market. Some, such as the original Quake engine, have even been released as open source (although long after they became technically outdated and were no longer of value to license for game development). Cube, however, stands apart because it was targeted at Linux since its inception, and has always been free."
Graphics The GIMP 1.3.9 ReleasedVersion 1.3.9 of the GIMP has been released. The release notes say: "This is an unstable release in the development branch. Here's where the development takes place on the road to the next stable release dubbed GIMP 1.4."
Interoperability Wine Weekly NewsIssue #139 of the Wine Weekly News is out. Topics include Wine-20021007, a TransGaming Update, Frank's Corner, the Jack Audio Driver, Creating a Test Framework for the New DLL, Languages & Locales, and User Level Security in Apps.
Office Applications AbiWord Weekly NewsIssue #113 of the AbiWord Weekly News is out with the latest AbiWord word processor development news.
OpenOffice Developer Build availableOpenOffice.org has released a beta version of OpenOffice version 1.0 for MacOS X. "In addition, a new developer release, which charts the path for future user versions of OpenOffice.org 1.0 (for the Solaris, Windows and Linux operating systems), is also ready for developer use and testing."
Kernel Cousin GNUeIssue #50 of Kernel Cousin GNUe is out with a ton of GNU enterprise news.
Web Browsers Phoenix 0.3 availableVersion 0.3 (Lucia) of the minimalist Phoenix web browser has been released. The list of changes includes: Image Blocking, a Pop-up Blocking Whitelist, Bookmarks Changes, a Global Go Menu and Other Menu Changes, Tabbed Browsing Improvements, Size and Speed Improvements, and Bug fixes.
Mozilla Status UpdateThe October 9, 2002 Mozilla Status Update is out. Topics include Phoenix 0.3, Thunderbird, Palm HotSync, Mailnews, Spam/junk mail filtering, XML prettyprinting, Xft/fontconfig support, GTK2, a Tree lockdown, Venkman documentation, and Independent project status updates.
mozillaZineThe latest mozillaZine topics include a New Phoenix Help Site Online, Review of 'Creating Applications with Mozilla' at Slashdot, Mozilla Support an Option in Adobe SVG Viewer Poll, Phoenix 0.3 Released, Jon Lasser on the Mozilla Security Bugs Policy, and more.
Miscellaneous Quanta Plus 3.0 Final Rolls Out (KDE.News)KDE.News has an announcement for version 3 of Quanta, an HTML editor. "Quanta has been transforming from a basic HTML editor to an extremely competent and flexible tagging and scripting editor. Quanta 3 supports XHTML, XML dialects, XSLT and more."
Blender released as open sourceThe 3D software known as blender has been released as open-source. Thanks to Andreas Lauser.
Languages and Tools Caml Caml Weekly NewsThe October 15, 2002 Caml Weekly News is out. Topics include Camlp4, OCamlODBC, Cameleon debian packages, cameleon-list, PostgreSQL and Ocaml, Num library, and xlib out of cdk.
The Caml HumpThis week, the new software on The Caml Hump includes AIFAD and MLDonkey.
Java Coding for accessibility (IBM developerWorks)Barry A. Feigenbaum discusses Java accessibility coding issues on IBM's developerWorks. "All Java applications should be accessible to users who have disabilities. Special care is required to achieve this with GUI applications. This article shows you how to achieve the maximum level of accessibility with a minimum level of effort, using a JFC/Swing-based accessibility toolkit."
Perl This Week on perl5-porters (use Perl)The October 7-13, 2002 edition of the Perl 5 Porters summary is out. "This week, the porters were busy with small bugs, compilation problems, and a few interesting new ideas."
PHP PHP 4.3.0pre1 ReleasedVersion 4.3.0pre1 of PHP has been released. "PHP 4.3.0 incorporates a very large number of changes, new features, and bugfixes and thus requires extensive testing. This preliminary release is meant to kick-start this testing while the fixes are still being performed. Please join in and help us make this a high-quality release."
PHP Weekly SummaryTopics on this week's PHP Weekly Summary include the complete GD fork, an new PWEE extension, The path to 4.3.0, a rewritten parse_url, an aspell extension, and more.
Python Python 2.2.2 releasedPython 2.2.2 is out; this is a "fully backwards compatible bugfix release" in the 2.2 series.
Dr. Dobb's Python-URL!This week's Python-URL contains:Alex Martelli recommends Twisted to asyncore/Medusa users Edward K. Ream posts his Amazon review of _The Python Cookbook_ Guido van Rossum announces the release of Python 2.2.2b1 and much more.
The Daily Python-URLThis week's Daily Python-URL topics include Python 2.2.2 (final), The Camel and the Snake, or "Cheat the Prophet", sgmlop 1.1 beta 1, Freevo, FixedPoint 0.1.0, a Python Cookbook review, and more.
Python-dev Summary for October 13The Python-dev Summary for October 13 is out; it looks a new proposal for interfaces, Psyco, rational numbers, and many other issues of interest to the Python development community.
Make Python run as fast as C with Psyco (IBM developerWorks)David Mertz writes about Psyco on IBM's developerWorks. "In some ways the design of Python resembles the design of Java. Both utilize a virtual machine that interprets specialized pseudo-compiled bytecodes. One area where JVMs are more advanced than Python is in optimizing the execution of bytecodes. Psyco, a Python specializing compiler, helps to even the playing field. Right now Psyco is an external module, but it could someday be included in Python itself. With only a tiny amount of extra programming, Psyco can often be used to increase the speed of Python code by orders of magnitude."
Ruby The Ruby Weekly NewsTopics on this week's Ruby Weekly News include XMLscan 0.1.1, Coco/Rb LL(1), YAML 0.44, RDE 0.9.8.0, Default Hash Behaviour, Polymorphism, isomorphism, and Sorting an Array of Hashes.
The Ruby GardenTopics on this week's Ruby Garden include instance_variable issues, String.subs, File::Stat structure returned by FileTest methods, and a reflection on method ancestors for class Method.
Scheme Scheme Weekly NewsThe October 15 edition of the Scheme Weekly News is out, with the latest Scheme development news.
Tcl/Tk Dr. Dobb's Tcl-URL!This week's Dr. Dobb's Tcl-URL is out with the latest Tcl/Tk news.
XML Introducing Mutation Events (O'Reilly)Antoine Quint introduces mutation events on O'Reilly's XML.com.
Printing from XML: An Introduction to XSL-FO (O'Reilly)Dave Pawson covers XML printing issues on O'Reilly's XML.com. "One of the issues many users face when introduced to the production of print from XML is that of page layout. Without having the page layout right, its unlikely that much progress will be made. By way of introducing the W3C XSL Formatting Objects recommendation, I want to present a simplified approach that will enable a new user to gain a foothold with page layout."
Profilers OProfile merged in 2.5.43The OProfile software profiler has been merged into the 2.5.43 development kernel.
Miscellaneous First Alpha of KDevelop 3.0 is OutThe first alpha release of KDevelop 3.0 (Gideon) has been announced. "This represents a complete redesign of KDevelop and includes tons of new features, and a new interface. Available through KDE ftp mirrors, the KDevelop web site and CVS, Gideon brings out the best in what an Integrated Development Environment should be."
Page editor: Forrest Cook Linux in Business Business News Progeny launches 'Platform Services'Progeny has been pretty quiet since it got out of the distribution business. Now the company has put out a press release describing what it is up to. Progeny has become "the Linux platform company," offering "Platform Services" to companies who are selling products and services based on Linux. "Platform Services" appears to be a sort of subscription-based distribution tied in with some integration services. They list HP as an initial customer. Some more information can be found in a white paper, available in PDF format.
SuSE Linux Openexchange Server announcedSuSE has gotten into the "Exchange replacement" market with its announcement of the "SuSE Linux Openexchange Server." It handles the usual email tasks, along with calendar, project management, and task planning tools; base cost is $1249 for a ten-seat license.
Press Releases Open Source Announcements
Distributions and Bundled Products
Software for Linux
Products and Services Using Linux
Hardware with Linux support
Cross Platform/Porting Product
Linux at Work
Java Products
Books and Documentation
Trade Shows and Conferences
Partnerships
Financial Results
Personnel and New Offices
Miscellaneous
Page editor: Rebecca Sobol Linux in the news Recommended Reading MIT tries free Web education (News.com)News.com covers MIT's release of courseware on the internet. "MIT embraced a comparison to the open-source model, in which the source code for both grass-roots and corporate software titles is published, developed and licensed free of charge. "We are fighting the commercialization of knowledge, much in the same way that open-source people are fighting the commercialization of software," Potts said."
DMCA critics get chance to object (Register)The Register reports that the US Copyright Office has opened the door to exceptions to the Digital Millennium Copyright Act by inviting comments on the controversial law. "The Copyright Office is looking for examples of where these measures have caused verifiable problems. It's not looking for critiques of the Act itself, which will likely go straight in the bin."
Trade Shows and Conferences Linux Expo: One size doesn't fit all (ZDNet)ZDNet goes to Linux Expo UK in London. "Business clearly had a bigger presence at the expo than last year, with the relatively small venue dominated by large stands set up by IBM, HP SCO and others. Non-profits and independent organizations such as KDE and the Gnome Foundation, which create Linux desktop software, were also there, but concentrated towards the edges of the show."
Companies LinuxIT using Lindows, Ximian in custom desktops (Register)The Register reports on the release of the "Professional Open Desktop" series from the UK's LinuxIT. The Linux distribution comes with Lindows and is aimed at "organizations with non-technical staff."
Ballmer: Windows prices are firm (ZDNet)ZDNet covers Microsoft's response to the $199 Lindows PC that WallMart is selling. ""Somebody is subsidizing that hardware. Somebody's losing--people know what power supplies and processors cost," Microsoft Chief Executive Officer Steve Ballmer said at a Gartner technology conference here. The $199 price tag is less than half the price of Windows-based PCs from low-priced vendors like Dell Computer or Gateway, which sell PCs for as little as $500 or $600. It's also below the $399 entry-level price at eMachines."
Slashdot Star Leaves the Fold (Wired)Here's a Wired article about Chris DiBona, who is leaving /. to start a game company. "The company's first game, Rekonstruction, is slated for release in time for Christmas 2004. Using high-resolution satellite and geographic data, Rekonstruction will let players work together and against one another to rebuild a parallel Earth that has been devastated by an asteroid strike."
UnitedLinux developing a desktop (ZDNet)ZDNet reports on the development of desktop software by UnitedLinux, as well as the possible inclusion of several more distributions in the group effort. "UnitedLinux, the joint software development effort by four Linux distributors, is working on a version of its software for desktop computers, according to executive Gregory Blepp. Attending last week's Linux Expo UK in London, Blepp also said that the group was considering bringing in new members once version 1.0 of its main server software is out the door."
Business Microsoft Licensing Terms Drive Some Smaller Firms To Linux (TechWeb)TechWeb covers some smaller companies that are switching to Linux because of Microsoft's licensing terms. "The company began investigating Linux when big companies such as IBM began to support it, but Microsoft's licensing terms accelerated its migration, said ISS systems administrator Curtis Turner."
Linux gaining acceptance in Canberra (Computerworld)Computerworld reports on the spread of Linux into Australian government. "Peter Gigliotti is the assistant director of computing at the Bureau of Meteorology. He has had no problems using Linux for about two months on a development cluster for one of the government's largest Web servers. Gigliotti is typical of government IT managers turning to Linux. "Everybody's looking at the bottom line these days. I'd estimate we've made a cost saving of about 30 per cent, that's hardware and software," he said." Thanks to Vladimir Likic.
Have it your way -- with Linux, of course (LinuxDevices)LinuxDevices.com covers a Sicom Systems Inc. announcement that they are in the process of installing 160 Linux-based SL-18 point-of-sale (POS) systems in all of the Burger King restaurants in Puerto Rico. "The systems are controlled by a customized Linux operating system implementation put together by Sicom. Each system contains a Sicom-developed custom computer board which is based on a National Semiconductor Geode system-on-chip processor."
Travel Service Explores Open-Road Possibilities (TechWeb)TechWeb takes a journey with the Linux-based Exxon Mobil Travel Guide. "The travel service already is migrating newly developed travel and database applications for its new Mobil Companion to IBM, which will host and maintain them on a mainframe running SuSE Linux."
Big European Manufacturer Expands Linux Commitment (TechWeb)Another business choses Linux, according to this story on InternetWeek. "Villeroy & Boch, a manufacturer of ceramic products, said Wednesday it has selected Linux as the platform of choice for supporting critical business applications, including those from SAP AG. It's another big endorsement of Linux as a platform to run applications that are central to the functioning of a business."
Police put Linux on trial (ZDNet)ZDNet UK reports on a Linux desktop trial by the West Yorkshire police; if all goes well, it will involve 3500 desktops and save the police £1 million per year. "If successful there could be a much wider deployment of a secure open-source desktop, with the potential replacement of over 60,000 desktop computers in the police service as a whole."
Legal Free Mickey Mouse (Economist)The Economist reports on the Eldred v. Ashcroft arguments. "Facing Hollywood's battery of high-paid lawyers and lobbyists, Mr Lessig may seem hopelessly outgunned. But the case before the Supreme Court this week shows what determined public-interest lawyers such as Mr Lessig can achieve, even against heavy odds. And Mr Lessig has most consumers on his side, something that the entertainment industry, sooner or later, will have to reckon with."
Perspective: The copyright conundrum (News.com)News.com attempts to unravel the puzzle of U.S. copyright laws. "This renewed interest in copyright law could be a very good thing. The reason: More and more of what people do in real life--trading files on peer-to-peer networks and descrambling DVDs, for instance--has become illegal."
Glitterati vs. Geeks (Newsweek)Newsweek covers the Eldred v. Ashcroft case currently before the U.S. Supreme Court. "Since the issues in the case don?t break down into liberal or conservative, legal handicappers are at a loss to predict the outcome. But everyone expects a vivid session as the justices grill [Lawrence] Lessig and, representing Congress and its Hollywood backers, Solicitor General Ted Olsen. Outside, there will be wireheads wearing T shirts emblazoned with Article I, Section 8 of the Constitution, which contains the copyright clause."
Lindows: Don't let Windows shut us down (ZDNet)ZDNet reports on the status of Microsoft's legal case against Lindows. "Lindows' summary judgment filing, which opens with a cartoon poking fun at the origin of the Windows name, requests that the judge dismiss once and for all Microsoft's claims and its attempts to get the site shut down."
Eldred v. AshcroftFor those of you who wish to keep up on the latest copyright issues, Eldred v. Ashcroft is a web site which is following an important ongoing court case. "This site collects material related to the constitutional challenge of the Sonny Bono Copyright Term Extension Act, which extended by 20 years both existing copyrights and future copyrights."
Interviews Rethinking the GUI for the Big Picture (CIO Insight)CIO Insight interviews computer scientist and entrepreneur David Gelernter on the topic of computer interface design. "I think the field of knowledge management is struggling to express the fact that it wants to move up an entire conceptual level from where conventional software has pegged it. It doesn't want to deal with traditional operating system ideas of files or even applications or dataor for that matter, information. All this is irrelevant. People want to connect directly at a higher level to the knowledge or the information that defines their lives, and they don't want to be boxed in by an operating system or any particular machine."
OpenOffice.org as a 2-year-old (NewsForge)NewsForge talks with Sam Hiser of the OpenOffice.org Marketing Project. "Honestly, just [OpenOffice's] file format is enough to make governments around the world swoon. It's because, ex-USA, they are very nervous about a single entity (and an American one, to boot) controlling, like, noticeable portions of their national budgets and they just want to be sure that their citizens have open access to information forever. OpenOffice.org 1.0 / StarOffice 6.0 do that."
Resources Linux Journal's Annual Readers' Choice AwardsLinux Journal has posted the results of their 8th annual Readers' Choice Awards. To be in the main stream, you should be running Mandrake Linux, using bash under KDE, writing C programs with Vim, and browsing the web with Mozilla while drinking coffee.
Embedded Linux NewsletterThe Linux Devices Embedded Linux Newsletter for October 10, 2002 is out, with the usual collection of embedded Linux articles.
Using CFS, the Cryptographic Filesystem (Linux Journal)Here's a how-to article in the Linux Journal about the Cryptographic Filesystem. "Briefly, CFS allows you to safeguard your files in encrypted form in a normal directory. By using a key (or password, if you will), you temporarily decrypt your files to clear-text form for the window of time in which you need to work with them."
Building a Linux-Based Appliance (Linux Journal)Dave Feinleib and Jed Stafford detail the process behind the selection of the Linux platform for development of network "appliance" devices. "Have you ever solved the same system administration problem for many clients and wished you didn't have to reinvent the wheel every time? Or had the desire to build your own appliance but not known how? A recent consulting project gave us the incentive we needed to build our own appliance. By sharing the technical and business challenges we encountered and the solutions we implemented, we hope to offer some insight that will help you bring your own Linux-based appliance to market."
Chroot Jails Made Easy with the Jail Chroot Project (Linux Orbit)Linux Orbit looks at the Jail Chroot Project. "There are always difficult jobs to do as a GNU/Linux system administrator. Sometimes the difficulty lies in finding out how to do a particular job, not neccessarily the job itself. This can be particularly true in the open source world where documentation can often take a back seat to implementation. But once in a while, you can stumble on a real gem that simplifies even the most difficult administration tasks. One such gem is the Jail Chroot Project."
Radio E-mail in West Africa: The Complete Version (Linux Journal)Linux Journal examines remote networking with high-frequency (HF) radio and qmail. "On top of the operator's radio set, connected to the serial port of his PC, sat a dingy black box simply labeled 9002 HF Data Modem. I noticed the operator used a proprietary, MS-DOS program to make his file transfers, but I immediately began wondering: if this device is truly some kind of modem, moving binary data over the ether of radio, why couldn't we set it up with Linux and network with PPP connections as well?"
AcquiSuite -- a building automation data acquisition device (LinuxDevices)LinuxDevices.com looks at AcquiSuite, a computerized device which is used for building automation and energy management. "The system's embedded Linux OS is based on a static-compiled v2.4.19 Linux kernel (soon to be updated). Libc 5 is used to reduce space. BusyBox and thttpd are used extensively in the system. The MTD Flash technology support for the DiskOnChip also turned out to be very valuable."
Reviews The incredible shrinking PC (ZDNet)ZDNet reports on some new, miniature Linux machines that are showing up. "Some of the smallest PCs around were on show at the LinuxExpo in London's Olympia exhibition center last week. One was even smaller than a pack of playing cards."
Miscellaneous Tackling Breast Cancer on a Grid (Wired)Oxford University's eDiamond grid computing project is using open source tools to combat breast cancer. "Applications developed for eDiamond will be incorporated into Open Grid Services Architecture when it becomes available in 2003. OGSA is an evolution of the Globus Toolkit, an open-source "bag of services" that can be used to develop grid applications and programming tools."
Hackware Author Arrested -- Maybe (Wired)Wired covers the arrest of a black hat cracker. "Torner's Linux-based Tornkit hacking program was hardly in the same league as Melissa or Love Bug, the mainstream Windows worms created by David Smith and Onel de Guzman, respectively. But to Teresa Hall and a group of other system administrators and Internet users, Torner was public enemy No. 1."
Page editor: Forrest Cook Announcements Resources UK Free Software Network LaunchesThe UK Free Software Network has been launched. "UKFSN is an Internet Service Provider with a difference - all of the profits from the operation will be donated to fund Free Software projects in the UK."
LyX Quickstart (Linux Productivity Magazine)Linux Productivity Magazine has published a LyX Quickstart, with book authors in mind.
Translate.org.za October UpdateThe October Update from Translate.org.za is out. Translate.org.za is working to translate software into the eleven official languages of South Africa.
Upcoming Events Mark-Jason Dominus Teaching in Seattle (use Perl)Mark-Jason Dominus, top-rated speaker at Perl conferences, will be teaching November Perl classes in Seattle, through Consultix. Early Bird tuition discounts expire on October 18, 2002.
Open Source conference in Washington, DC.Linux Med News mentions: "The Cyberspace Policy Institute of The George Washington University, in collaboration with the US Department of the Navy, the General Services Administration, and other sponsors TBA is planning to hold a 3-day conference on Open Source in March 2003 in Washington, DC." The event is in the planning stages.
Sun sponsoring Linux.conf.au 2003 regional delegate programSun will be sponsoring the Linux.conf.au 2003 Regional Delegate Program, which will help bring people across Australia to the conference.
Events: October 17 - December 12, 2002
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Miscellaneous LWN Text Ads updateSince we began having trouble with our previous credit card bank, the LWN Text Ad payment system has been restricted to paypal only. As of this morning, however, customers may once again purchase text ads with their credit card, through our TrustCommerce payment gateway.
Happy Birthday OpenOffice.org!OpenOffice turned two on Sunday. So today, October 14th they are celebrating the event with a special archive of pages.
The Perl Journal Lives! (use Perl)Use Perl mentions that the Perl Journal has received enough subscriptions to continue publishing.
Page editor: Forrest Cook Letters to the editor BK licence and other licences...
The BK licence sounds moderately benign, as there seems to be no suggestion
that if you pay for a BK licence you are prohibited from writing version
control software with it. I personally want all my software to be as good as I
can possibly make it and except the same applies to the subversion hackers too.
Right now sourceforge supports CVS so that is what I use.
If you want a dacronian and unreasonable licence then "Numerical Recipies in
{C,FORTRAN}" is a strong candidate---you are not allowed to give other people
access to your code based on numerical recipies, and that apparently includes
system managers on supercomputers. Someone got sued for transfering his
non-commercial code to a supercomputer (and as a result very few people doing
numerical computing have numerical recipies).
If you want to go further try the commercial software called GAUSSIAN, which
few lwn readers will have heard about. The GUASSIAN marketing materials says
very little about the licence apparently. If you are developing another
implementation then using guassian to check the results is probihited. So is
posting gaussian benchamrk results without the guassian people's express
permission and using gaussian for any commercial purpose, for exaple
calculating the electron density surrounding a drug or drug target (think weeks
on hundreds of processors). I will not repeat what I have been told
unofficially about the scalability of guasssian in public (i.e. here).
If the BK licence started to sound like that I suspect all kernel developers
would move to something else immediately.
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."
Let your subscribers help prioritize your content
I'm so glad that LWN will continue; I'm a subscriber, and look forward to the articles-to-come. However, since the subscriptions won't (yet) pay for as many editors as in the past, you will obviously need to "cheapen" or cut back on some things. I think you should let your subscribers help guide what is most important. Subscribers will unsubscribe if they're really unhappy, but hopefully you can hear from them before that!! For example: I find the front page, security, and kernel areas of special interest to me. The "distributions" section is only of interest to me for important announcements about major distributions (Red Hat, Debian, SuSE, Mandrake, etc.) or of really important specialized ones; I don't really need a list of every distribution known to man, but I _do_ find it helpful to hear about major events in major distributions I don't normally use. The "Development" section is sometimes helpful, but often the "Commerce" and "Press" sections are not. This isn't a judgement on the writing; it's a judgement of what _I_ want to hear from LWN. There's no point in LWN recycling what I can hear from elsewhere; what I want is an identification of "what's REALLY important", and analysis of "what it means," and the big picture from a independent observer. Even if I don't agree with you, when you present your reasoning I'm sure to learn something. I want more "analysis of these new OSI licenses, with pros & cons" and don't need "here are the 50 new vendors running on Linux this week, cut from their press releases." Others may differ on their priorities, and that's fine. But with limited dollars, I suggest that you work hard at doing what you UNIQUELY offer that subscribers particularly like. --- David A. Wheeler
Page editor: Jonathan Corbet
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||