Advertisement
Front, Kernel, Security, Distributions, Development. See your byline here on LWN.net.
LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for February 24, 2005How would you shrink Fedora?The Fedora hackers have a small problem: the current Fedora Core 4 distribution, as it sits in rawhide, is about 300MB too big to fit onto four CDs. For various reasons, the project is not interested in adding a fifth disk at this time. So that means that something has to come out and, presumably, be relegated to the "extras" repository. The project has taken the somewhat unusual step of coming out and asking its users: what would you remove?The leading candidate, at the moment, would appear to be Java support, especially Eclipse. The Java packages are huge; getting rid of them would solve the space problems easily. They are also relatively easy to remove because they were not shipped in prior versions of Fedora. The distribution's users, one assumes, will complain less about losing something they didn't have in the first place. People are complaining, however. Many developers feel that, if Linux is to have a hope of long-term success in large enterprises, it has to offer top-quality Java support. But, if the distributors do not support free Java implementations now, work on free Java stands a good chance of dying from neglect. Few people want to see a future where Linux is, at best, a platform for proprietary Java implementations. To avoid that future, the distributors should support free Java now. Other possibilities raised include:
Various other ideas have gone around as well, but none of them are pleasing to everybody. It appears that the Fedora Project, which has to come up with an answer to this question in the near future, is almost certain to upset somebody, at least in the short term. For future Fedora Core releases, there are plans to make the installer smarter so that it can transparently grab packages from multiple repositories. With a bit more infrastructure work, perhaps Fedora could take a cue from Ubuntu, and drop back to a single installation CD. In the end, it really should not be necessary to download every possible package (in ISO form) just to get a base system installed. For now, however, the project seems stuck with the need to remove packages that some of its users truly want. Update: a list of removed packages has been posted. Victims include abiword, balsa, exim, gnumeric, koffice, octave, sylpheed, xemacs, and xfce. The Java packages appear to have survived. Second update: it seems that Fedora Core 4 will also be a five-CD distribution; that's how they kept the Java packages.
LWN goes to LinuxWorldYour editor returned to the LinuxWorld Conference & Expo last week for the first time in five years. LinuxWorld has been an important conference since it began; there may be no better place to see what is going on on the business side of Linux. But the development-oriented conferences are much more fun. Still, LinuxWorld proved to be an interesting experience.Attendance at the Boston LinuxWorld was on the order of 7,000 people. The east-coast version of the event is clearly quite a bit smaller than the San Francisco edition, but that is still a significant crowd. Attendees were heard to say that the show felt smaller than last year's event in New York. The organizers seem happy with the turnout, however, and plan to move to a larger conference center (still in Boston) next year. There were some 140 exhibitors on the busy trade show floor. Of these, 24 were in the .Org area. By a conservative count, close to one third of the exhibitors were pushing some sort of proprietary software for Linux; backup software, configuration management, and databases all seem to be highly active areas. Security too, as could be seen by all of the attendees who were willing to accept - and wear - "virus free" stickers from one of the more in-your-face booths. The design of the conference center caused the exhibit floor to be divided into two rooms. The conference organizers made use of that division to great effect: they separated the two communities in attendance at LinuxWorld. The larger room was dedicated to commerce; that's where all the large booths from the usual suspects (Red Hat, Novell, IBM, Sun, etc.) were to be found. The displays were flashy, the speakers charismatic, and "solutions" were flying by at high speed. But the community which creates the software that makes all this possible was nowhere in evidence. In early LinuxWorld conferences, it was common to find developers hanging out in their employers' booths. In 2005, those developers have found somewhere else to be.
The interesting thing is that a fair number of developers could, indeed, be found at LinuxWorld. They tended to prefer the other room, however, where the ".Org pavilion" was located. That side of the hall was far less flashy, but much more fun. The people who create Linux do still wander by LinuxWorld; you just have to know where to find them. The early LinuxWorld conferences included a reasonable program of talks along with the exhibit floor. At the first LinuxWorld, your editor complained that talks by Jon 'maddog' Hall, Larry Wall, Jeremy Allison, and Miguel de Icaza had all been scheduled simultaneously. There are few such problems in 2005. Though the conference did offer some interesting speakers (among others: Jeremy Allison, Matt Domsch, Chris Wright, Jay Beale, and, inevitably, maddog), the conference program was fit into a mere three slots per day. The talks are clearly not the main attraction at LinuxWorld. Your editor got a chance to try out booth duty, giving a talk from the O'Reilly booth. For the morbidly curious, O'Reilly's Greg Corrin has posted a picture of the event.
Bruce also touched on Sun's situation (from which the company has "no good exit"), the SCO suit (interesting things may come from the turmoil at Canopy), and the need to emphasize the "free" part of free software. A focus on freedom will help the community to occupy a moral high ground which will help when trying to obtain friendly legislation. Bruce has posted his speaking notes for those who are interested. One notable absence this time around was any mention of BSD. The BSD branch of Unix was well represented at early LinuxWorld shows; the booth staff tended to stand out in the crowd of Linux folks. BSD remains an important part of the free software world, but its distance from Linux appears, sometimes, to be growing. LinuxWorld reflects the commercial side of Linux; that side is an important part of the greater Linux ecosystem. This conference is also where new users tend to start. So it is an important event. It's important that the community be there; we can help guide users toward the heart of the free software movement.
Cutting back license proliferationThe number of open source licenses in use today would be a good example of "too much of a good thing." Taken individually, each open source license represents the freedom to use, modify and redistribute code. However, many of the licenses are incompatible, and present a hurdle for open source projects that may want to incorporate code from other projects.At LinuxWorld last week the Open Source Initiative (OSI) board made it known that they are looking at ways to reduce the number of open source licenses in use. We invited Russ Nelson, president of OSI to respond to questions about reducing the number of open source licenses in use. LWN: What's so bad about license proliferation?
Two problems:
LWN: Realistically, what can be done about the problem? How can OSI "trim" the number of licenses, or influence companies and developers that use one-off licenses or less popular licenses that are incompatible with the "main" open source licenses such as the GPL or BSD license?
Say "no" more often. But it's not enough for us to say "no". We have to
have community support for saying "no", so that the community won't use
software that isn't OSI Certified.
LWN: OSI has approved quite a few licenses - how many of those licenses are one-offs or used by a handful of projects?
The vast majority. Before we can address license proliferation, we need to
understand the problem better. How many companies think they need to study
a license before they can use open source? How many before they make
internal modifications? How many before they publish modifications? We
need to understand how many licenses are actually being used, and how
widely. Lots of study needed before we take action.
LWN: Is there any consideration being given to changing the Open Source Definition - for example, to disallow licenses that are specifically tailored not to be compatible with the GPL?
We would have to discern intent to do that. But yes, we've changed the OSD
in the past; we may do it again.
LWN: It's been well-publicized that version 3 of the GPL is in the works. (Well, has been for some time, but much noise has been made about it being ready this year.) What needs to be in version 3?
Depends on what your goal is. If you went into a code tree to refactor it,
there's always changes you would make. If you want to add features, you
would make different changes. I expect that some community members would
like the GPL to be a contract rather than a copyright license. I expect
that others would like to see copyright provisions address "public
performance"; that is, web services.
LWN: In one story, Sam Greenblatt was quoted as saying "there should be three licenses: the GPL, a commercial version of the GPL and...the BSD." What would a "commercial version of the GPL" look like?
CDDL. Or more properly, the MPL, since it already has traction in the
community (clearly, since Sun wrote the CDDL based on the MPL). A lot of
licenses are derived from the MPL. If we can figure out why they derived
the MPL rather than using it, we can fix the problem in the MPL that caused
them to do that.
LWN: Thanks, Russ.
Security Secret answers as insecure passwordsHere at LWN security headquarters, we have received hundreds of messages from readers with one crucial security question on their minds: how was Paris Hilton's T-Mobile account cracked? Well...OK...maybe we haven't received quite that many messages. But we're sure people will want to know. Turns out that OSDir has the answer. Apparently T-Mobile's site has a "secret answer" mechanism for people who forget their passwords. Ms Hilton's "secret answer" was her dog's name. Bitten again.Wherever there is a potential security problem, there is inevitably a Bruce Schneier column warning about it. In this case, Bruce notes:
Passwords have reached the end of their useful life. Today, they
only work for low-security applications. The secret question is
just one manifestation of that fact.
Passwords may well be heading toward the end of their useful life, but "secret answers" are not necessarily a demonstration of that fact. Many web sites (or other interfaces requiring confirmation) go out of their way to prevent the use of insecure passwords. Some site developers put considerable effort into creating novel rules for passwords. Then they add a "secret answer" mechanism which bypasses all of that. The real issue here, perhaps, is that an authentication interface should actually control access to the resources it protects. Back doors are never good for the security of a system, and a "secret answer" scheme is really just a form of back door. If you provide a way around your password interface, you should not be surprised if attackers use it.
Brief items New IDN Homograph Spoofing Response: IDN Will Not Be Disabled (MozillaZine)MozillaZine reports that IDN support will not be disabled. The details of the new short term solution are available. "Darin Fisher, network supremo, has pulled it out of the bag and come up with a less drastic short-term solution to the IDN problem. It has just been checked in for all three upcoming releases. Read about it over in bug 282270, but basically IDN will still work, but all occurrences of IDN domains in the browser UI (URL bar, security info etc.) will be the punycode form. There is a pref to re-enable full IDN - set "network.IDN_show_punycode" to false. As with the previous plan, this preference will be set to true in all official builds." Meanwhile the search for a long term solution continues.
New vulnerabilities bidwatcher: format string vulnerability
cyrus-imapd: buffer overflows
gaim: client freezes
GProFTPD: gprostats format string vulnerability
gftp: missing input sanitizing
imap: buffer overflow in c-client
mc: multiple vulnerabilities
PuTTY: remote code execution
Squid: DNS response handling
xpdf: vulnerabilities on 64 bit platforms
Updated vulnerabilities a2ps: input validation error
alsa-lib: disabled stack execution protection
cdrecord: failure to drop privilege
ClamAV: multiple issues
cpio - file permissions error
cyrus-sasl: remote buffer overflow
dhcp: format string vulnerability
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
evolution: arbitrary code execution
f2c: insecure temp files
Foomatic: Arbitrary command execution in foomatic-rip
gtk2, gdk-pixbuf: buffer overflows
gettext: Insecure temporary file handling
ghostscript: symlink vulnerabilities
glibc: Information leak with LD_DEBUG
glibc: tempfile vulnerability in catchsegv script
gnome-vfs: backend script vulnerabilities
groff: insecure temporary directory
gtkhtml: malformed messages cause crash
htdig: cross site scripting
imagemagick: .psd image file decode vulnerability
imlib2: buffer overflows
kdeenu: buffer overflow in fliccd
kdelibs: unsanitzied input
kernel: i386 SMP page fault handler privilege escalation
libdbi-perl: insecure temporary file
libgd2: buffer overflows in PNG handling
libtiff: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lighttpd: script source disclosure
linux-source-2.6.8.1: multiple vulnerabilities
lvm10: creates insecure temporary directory
mailman: cross-site scripting
mailman: path traversal
mikmod: buffer overflow
mod_python: remote access vulnerability
mpg321: format string vulnerability
mysql: several vulnerabilities
mysql-dfsg: insecure temporary files
nasm: Buffer overflow vulnerability
ncpfs: multiple vulnerabilities
netkit-rwho: missing input validation
netkit-telnet: invalid free pointer
nfs-utils: denial of service
nfs-utils: arbitrary code execution
openssl: der_chop script temp file vulnerability
OpenSSL: denial of service vulnerabilities
Opera: multiple vulnerabilities
perl: setuid vulnerabilities
php: multiple vulnerabilities
php4: multiple vulnerabilities
postfix: error in IPv6 handling
postgresql: EXECUTE privilege vulnerability
python: illegal function internals access
qt3: BMP image parser heap overflow
rp-pppoe, pppoe: missing privilege dropping
ruby: infinite loop
samba: integer overflow vulnerability
sharutils: arbitrary code execution
sox: buffer overflow
SpamAssassin: Denial of Service vulnerability
squid: multiple vulnerabilities
SquirrelMail: multiple vulnerabilities
Subversion: Remote heap overflow
sudo: environment variable sanitizing
File overwrite vulnerability in tar and unzip
thunderbird: cookie handling bug
tiff: buffer overflows
typespeed: format string vulnerability
uw-imap: authentication bypass
vim: modeline problems
vim: symbolic link attack
vmware: untrusted library search path
wpa_supplicant: buffer overflow
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
xpdf: buffer overflow
xpdf: integer overflows
zlib: denial of service
Resources iDEFENSE Labs Website LaunchiDEFENSE Labs has announced the launch of a community site. This site serves as a repository for sharing research and development with the security community, including the release of free software tools.
Events RECON 2005The Call for Papers has been announced for the RECON conference. RECON is a security conference taking place in downtown Montreal June 17 - 19. Papers must be submitted by April 15, 2005.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch remains 2.6.11-rc4. The slow trickle of fixes into Linus's BitKeeper repository continues, with the final 2.6.11 release likely to happen before too long.The current -mm prepatch is 2.6.11-rc4-mm1. Recent changes to -mm include device mapper multipath support (see below), the cpushare "secure computing" patch, a SCSI changer driver, a new set of BIO support functions, some performance counter updates, and various fixes. The current 2.4 prepatch is 2.4.30-pre2, released by Marcelo on February 23. This prepatch adds a new set of fixes (mostly in the networking subsystem) and a few filesystem and driver updates.
Kernel development news Flushing the page cache from user spaceMartin Hicks recently posted a patch which adds a new degree of user-space control over memory management policy. In particular, it creates a new /proc entry:
/proc/sys/vm/toss_page_cache_nodes
If a suitably privileged process writes one or more NUMA node numbers to that file, all pages belonging to that node which are found in the page cache will be flushed out. Essentially, this operation causes a node to forget about all locally-cached pages from files in the filesystem. Clearing the page cache in this way would normally be bad for performance. The page cache exists to allow the filesystem to satisfy common filesystem requests without going to the disk; clearing the cache defeats that functionality and would normally be undesirable. There are exceptions to everything, however. This patch is aimed at large-scale high-performance computing tasks running in a cluster environment. Such jobs typically do best if they can start with a clean system; they have no real use for whatever may have been cached for the previous user. More to the point, a full page cache can cause memory allocations to be satisfied with non-local (slower) memory, resulting in significantly worse performance. By clearing the cache before starting a new job, a system administrator can ensure that local memory is available for that job. Not everybody likes the patch. Ingo Molnar thinks that this capability will create confusion and make the debugging of memory problems even harder.
How are we supposed to debug VM problems where one player
periodically flushes the whole pagecache? ... Providing APIs to
flush system caches, sysctl or syscall, is the road to VM madness.
Andrew Morton, instead, sees the value of the patch for some users, but doesn't like the implementation. He would like to see this capability made useful for other classes of users, such as kernel developers who want to put the system into a known state before running tests. He also doesn't like the /proc interface, and argues for a new system call instead. His suggestion was:
sys_free_node_memory(long node_id, long pages_to_make_free,
long what_to_free);
This form of the call would allow the clearing of something less than the entire page cache, making the tool a bit less crude. The what_to_free argument would be a bitmask specifying which types of memory to free; beyond the page cache, this call could cause the kernel to reclaim anonymous memory or slab caches. The system call approach would seem to make sense; there is one remaining glitch, however: SUSE already shipped the /proc interface in SLES9. That revelation drew a complaint from Andrew:
This is why you should target kernel.org kernels first. Now we
risk ending up with poor old suse carrying an obsolete interface
and application developers have to be able to cater for both
interfaces.
An explicit purpose behind the 2.6 development model is to get patches into the mainline quickly so that their form can be stabilized before distributors ship them. As the developers become used to this mode of operation, this sort of issue should become relatively rare.
Multipath support in the device mapperMultipath connectivity is a feature of high-end storage systems. A storage box packed with disks will be connected to multiple transport paths, any one of which can be used to submit I/O requests. A computer will be connected to more than one of these transport interconnects, and can choose among them when it has an I/O request for the storage server. This sort of arrangement is expensive, but it provides for higher reliability (things continue to work if an interconnect fails) and better performance.Support for multipath in Linux has traditionally been spotty, at best. Some low-level block drivers have included support for their specific devices, but support at that level leads to duplicated functionality and difficulties for administrators. Some thought has gone into how multipath is best supported: does that logic belong at the driver layer, the SCSI mid-layer, the block layer, or somewhere else? The conclusion that was reached at last year's Kernel Summit was that the device mapper was the best place for multipath support. That support has now been coded up and posted for review; it was added to the 2.6.11-rc4-mm1 kernel. When used with the user-space multipath tools distribution, the device mapper can now provide proper multipath support - for some hardware, at least. Internally, the multipath code creates a data structure, attached to a device mapper target, which looks like this:
![[Cheezy multipath diagram]](/images/ns/kernel/multipath.png)
When time comes to transfer blocks to or from a device mapper target representing a multipath device, the code goes to the first priority group in the list. Each group represents a set of paths to the device, each of which is considered equal to the others; the preferred paths (being the fastest and/or most reliable) should be contained in the first group in the list. Priority groups include a path selector - a function which determines which path should be used for each I/O request. The current patches include a round-robin selector which simply rotates through the paths to balance the load across them. Should situations arise which require more complicated policies, it should not be tremendously difficult to create an appropriate path selector. If a given path starts to generate errors, it is marked as failed and the path selector will pass over it. Should all paths in a priority group fail, the next group in the list (if it exists) will be used. The multipath tools include a management daemon which is informed of failed paths; its job is to scream for help and retry the failed paths. If a path starts to work again, the daemon will inform the device mapper, which will resume using that path. There may be times when no paths are available; this can happen, for example, when a new priority group has been selected and is in the process of initializing itself. In this situation, the multipath target will maintain a queue of pending BIO structures. Once a path becomes available, a special worker thread works through the pending I/O list and sees to it that all requests are executed. At the lower level, the multipath code includes a set of hardware hooks for dealing with hardware-specific events. These hooks include a status function, an initialization function, and an error handler. The patch set includes a hardware handler for EMC CLARiiON devices. Comments on the patches have been relatively few, and have dealt mostly with trivial issues. The multipath patches are unintrusive; they add new functionality, but do not make significant changes to existing code. So chances are good that they could find their way into the 2.6.12 kernel.
FUTEX + rwsem = SNAFUThe FUTEX code implements lightweight mutual exclusion primitives for user space. It is intended to be used in situations - such as multi-threaded programs - where mutual exclusion is needed, but where the implementation must be fast. Olof Johansson recently stumbled across a case where the FUTEX code can deadlock the system (thus failing the "fast" test) which shows how hard it can be to get concurrency issues right.One of the many locking primitives provided by the kernel is the reader-writer semaphore, or "rwsem". An rwsem can be obtained for either read or write access. Any number of readers will be allowed to hold the semaphore concurrently. Any thread which must change the protected data structures must, however, obtain the semaphore for write access. Only one writer is allowed at any given time, and no readers may be in the critical section while the writer is at work. If a thread tries to obtain an rwsem for write access, and that semaphore is currently held (by somebody else) for read access, the writer will be put to sleep. Once the writer gets in line, however, no more readers will be allowed in. Once the existing readers have gotten out of the way, the writer will be allowed to proceed. The queued readers will only wake up after the writer is done. This implementation makes rwsems fair, in that readers cannot starve writers indefinitely. It also makes certain types of subtle faults possible, however. If a process might have to wait on a FUTEX, the kernel must obtain that process's memory map semaphore (mmap_sem). This semaphore, which is an rwsem, controls access to the internal FUTEX data structures; it is taken for read access. The kernel must also query the value of the FUTEX itself, which is done through a call to get_user(). Should that access generate a page fault, the fault handler will obtain mmap_sem for read access a second time. This double access works just fine; the second down_read() call simply looks like another reader, which can run concurrently with the first. Life gets complicated, however, when other processes share the same address space. Since the FUTEX mechanism is aimed at threads, this is a situation which comes about frequently. Consider the following series of events:
When the second process calls mmap(), it must obtain mmap_sem for write access. Since the first process is already a reader, the down_write() call is queued and the process is put to sleep. When the first process makes its get_user() call, it tries to obtain the rwsem for read access for the second time. Since there is now a writer waiting, however, the first process also is put to sleep. Since the first process is the one holding the initial read lock, this situation will never resolve itself; it is a deadlock. This particular type of deadlock is nasty in that it requires a race condition to become visible; things usually just work. Several possible solutions have been proposed. The rwsem "lock depth" could be explicitly tracked so that a second attempt to obtain read access simply implements a counter and does not sleep. Processes holding mmap_sem could be marked with a special PF_MMAP_SEM flag; the page fault code would see that flag, realize that the semaphore is already held, and not take it again. Olof's initial report included a patch which tries to explicitly fault in the page before taking the semaphore so that the get_user() call would not generate a fault. The solution which will eventually be adopted will likely take a different approach, however. Conventional wisdom has long said that functions like get_user() cannot be called in atomic context (in an interrupt handler or when a spinlock is held), since they might sleep. In fact, if the user-space access functions generate a page fault in atomic context, the fault handler simply refuses to bring in the page and the function returns an error code. So the solution, first suggested by Linus, is to put the process into an atomic mode (by calling inc_preempt_count()) just before the get_user() call. If get_user() fails, the page must be faulted in. So the mmap_sem is dropped, the page is explicitly faulted, and the whole process starts over again. As often happens, the full solution turned out to be a bit more complicated than initially thought. So Olof put together a patch implementing a new user-space access function:
int get_user_inatomic(value, user_pointer);
This function is atomic; it may succeed or fail, but it will always return without sleeping. Like get_user(), it is implemented as a macro which tries to do the right thing regardless of the data type of the value to be fetched. That implementation drew a complaint from one developer, who would rather see new interfaces done in a more strongly-typed manner. So the details of the patch that eventually gets merged (presumably after 2.6.11) may change, but it will likely follow this approach.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Debian vs. FreeBSD as a Web Serving Platform, Part 1When it comes to hosting a company or a personal web site, there are more choices than ever. Not only is there a plethora of web hosting providers all lining up for our business, we also have a choice of many excellent operating systems, most of which are free - in both senses of the word. In fact, after having spent some time investigating the possibilities, this author concluded that the majority of hosting companies in operation today seem to have standardized on offering Fedora Core, Debian GNU/Linux and FreeBSD as their preferred operating systems. This is hardly surprising; all three of them are not only free of cost, but also well-established and trusted as web serving platforms. For the purpose of this two-part article we will look and compare the features and security aspects of Debian GNU/Linux with those of FreeBSD, both of which the author had the pleasure to use and administer in recent years.Despite some crucial differences with respect to their kernels and base system, the two operating systems, as considered from the point of view of included applications, are rather similar. Both Debian and FreeBSD provide the Apache web server, several scripting languages (PHP, Perl, Python, Ruby or any other tool one might employ for the purpose of developing interactive web pages), integration with MySQL and PostgreSQL databases, SSL features and anything else that we've come to expect from a system designed for web serving. All commonly used UNIX tools, such as man pages and shells, are also provided. But under the surface, there are more profound differences, especially in the design and philosophy of the two operating systems. FreeBSD has a much faster release cycle - production-ready releases are made roughly every 6 months, whereas the Debian developers only make a new stable release "when ready", which can take years. In fact, the current stable release - Debian Woody is now 31 months old. This means that those administrators and web developers who would like to make use of new features in any of the applications they deploy will probably be better off with FreeBSD. As an example, during the time when this author administered a Debian server he found himself in need of upgrading PHP to take advantage of some newly introduced functions, as well as Postfix and SpamAssassin, the new versions of which offered much improved spam-fighting techniques. But with Debian's slow release cycle, the only way to upgrade the above mentioned packages (other than compiling them from source) was to get them from Backports.org. Although very good and highly up-to-date, Backports.org is a third-party repository, not officially sanctioned by the Debian Project and not supported by the Debian Security Team. This is in sharp contrast with FreeBSD where only the base system, often referred to as kernel and userland, is kept in a constant state (with the only exception being security updates), while the included applications, or ports in FreeBSD's language, are continuously updated. This being so, a system administrator can choose to keep upgrading all important ports to their current stable versions and take advantage of any new features in them. This is a very pleasant aspect of FreeBSD - instead of an endless wait one might endure before a new stable Debian release, the administrator running FreeBSD can upgrade all installed ports to their latest versions at any time, independently on the base system. While most system administrators would deploy Debian as a binary distribution, i.e. they would install and use its pre-compiled binary packages, FreeBSD's ports are mostly meant to be compiled directly from source on the user's system. As always, the proponents of each approach could engage in endless debates about their respective merits; here we'll just say that both ways of doing things have their advantages and disadvantages. As an example, compiling Apache with a worker.c module (for a busy web server) under FreeBSD is as simple as modifying a parameter in a Makefile, then running "make install". On a Debian system, achieving the same would entail downloading the source code, looking through the source files to find the relevant place, modifying it, then creating a new Debian package with "apt-build" - not a particularly tedious task, but not as elegant as on FreeBSD. On the other hand, compiling ports directly from source code always brings in a risk of a port failing to compile, which can be frustrating. The ability to upgrade the operating system painlessly to a newer version is one area where Debian enjoys a considerable advantage. Since its early days, Debian has always provided a simple and elegant upgrade path between two stable releases, which is probably a feature that has attracted Debian many supporters. Unfortunately, FreeBSD does not have the same policy. While upgrading FreeBSD to a new minor version (e.g. from 4.10 to 4.11) is relatively easy and mostly trouble-free, the same cannot be said of upgrading between major versions (e.g from 4.10 to 5.3). In fact, the FreeBSD project does not recommend upgrading from 4.x to 5.x at all; not only is this path untested, it would also mean loss of functionality due to incompatible file systems in the two major FreeBSD versions. This could be an important consideration for those users who do not have physical access to the server - while upgrading Debian to a newer version is as simple as executing a couple of commands, with FreeBSD, one would need direct assistance of somebody at the web hosting company. There is one interesting feature of FreeBSD that does not exist in Debian (at least not in its default configuration) - a set of reports entitled "Daily Run" and a "Security Run", which are emailed to the system administrator on a daily basis. They represent a collection of routine tasks as performed by several cron jobs. The "Daily Run" output provides information about the state of the system, uptime, mail in the mail queue, state of the disk partitions and network interfaces. It also backs up and outputs changes (if any) in the /etc/passwd and /etc/group files. The "Security Run" is even more useful, with information about setuid files and devices, passwordless user accounts, SSH login failures, and refused connections. It even informs the administrator about current vulnerabilities in any of the installed ports (provided that a certain port is installed on the system, but we'll get to that in the second part of this article). There is perhaps one other FreeBSD advantage worth mentioning - it boots much faster than Debian. True, this is not a terribly exciting characteristic of an operating system that is meant to be running 24 hours a day, but it is still good to know that if the system needs to be rebooted (perhaps after a security-related kernel upgrade), it won't be down for more than a minute on any reasonably recent hardware. Booting Debian takes at least twice as long. In part 2 of the article, coming up next week, we will compare the ways security updates are handled by the two operating systems, and briefly consider some migration issues.
Distribution News Turbolinux releases preview of 64-bit OSTurbolinux, Inc. has announced the availability of a technical preview version of "Turbolinux 10 for AMD64/EM64T".
Slackware for S/390Slack/390, the Slackware port for s/390, has announced the release of Slack/390 10.0. The company Sine Nomine Associates has announced a commercial support package for Slack/390.
Ubuntu Hoary Array CD 5Ubuntu Linux has released the fifth in a series of milestone CD images on the path to a stable Hoary Hedgehog. Array CD 5 is available for download. Click below to see what's changed since Array CD 4.
Debian GNU/LinuxThe Debian Project will be at several conferences worldwide during late February and March. These include CONSOL 2005 in Mexico City, Mexico, FOSDEM in Brussels, Belgium, 5th Asia Open Source Software Symposium in Beijing, China, 7th Chemnitzer Linux-Tage in Chemnitz, Germany, CeBIT in Hannover, Germany, and IT/Linux Days in Lörrach, Germany.Here's an update from the Debian Project Secretary on the Debian Project Leader Elections. The campaigning period begins February 28, 2005. Here's a release update covering the debian-installer, upload targets, kernels, and infrastructure. Matthew Garrett has posted a writeup demystifying the roles and responsibilities of the FTPmaster team. (Found on DebianPlanet) Also found on DebianPlanet, Roberto C. Sanchez has written an Automatic Debian Package Repository HOWTO.
Fedora Core 4 Test 1 slipsFor those of you waiting for the first Fedora Core 4 test release: the expected date has been pushed back to March 14. The main reason for the delay is to fit better with the GCC schedule; the current hope is that it will be possible to include GCC 4 in Fedora Core 4. Click below for the details.
New Distributions T2T2 is a flexible System Development Environment or Distribution Build Kit. T2 allows the creation of custom distributions with bleeding edge technology. Currently the Linux kernel is normally used, but there are plans to expand to Hurd, OpenDarwin and OpenBSD, and more. T2 started as a community driven fork from the ROCK Linux Project with the aim of creating a decentralized development and clean a framework for spin-off projects and customized distributions. T2 2.1.0-beta3 "serpentine" was released February 18, 2005.
Xorcom RapidXorcom Rapid is a Debian/Asterisk distribution program that features an auto-install for Debian Linux and pre-configured Asterisk. It quickly and effortlessly converts any PC to a functioning Asterisk PBX. Version 1.0 is currently available for download.
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for February 22, 2005 is out. This issue covers Debian Project Leader elections, the LSB has been submitted to the ISO/IEEE to achieve international standards recognition, an update on translations, Moria may be back, the roles and responsibilities of the FTPmaster Team, broken dependencies in unstable, and more.
Gentoo Weekly NewsletterHere's the Gentoo Weekly Newsletter for the week of February 21, 2005. This issue has an Après-Show report from Boston Linux World Expo, a last call for FOSDEM 2005, sponsorships for the Gentoo UK conference, Gentoo RSS feeds, a Gentooified Kuro-Box, and other topics.
DistroWatch Weekly, Issue 88The DistroWatch Weekly for February 21, 2005 is out. "Welcome to this year's 8th issue of DistroWatch Weekly! In it, we take a brief look at two popular distributions, new versions of which were released over the weekend: PCLinuxOS and VectorLinux. We also reveal our brand new distribution database, which, while far from complete, should make it easier to search for a desired distribution based on various criteria. And if you have much time on your hands, we introduce you to no fewer than 7 new Linux distributions that were added to the waiting list last week. Happy reading!"
Minor distribution updates Lineox Releases Lineox Enterprise Linux 4.0 RC1Lineox has released the first release candidate of Lineox Enterprise Linux 4.0, built from the source packages for Red Hat Enterprise Linux 4.0. Click below for additional information.
VectorLinuxVectorLinux has announced the release of v5.0 SOHO, based on Slackware 10.1. "Some of the bundled applications are: KDE 3.3.2 and iceWM 1.2.13 as window managers. For a complete web experience you will find Firefox 1.0 with pre-configured Mplayer, Flash, and Java plugins, plus Gaim 1.1.2, gFtp, Kasablanca, and Sylpheed."
XwoafXwoaf (X Windows On A Floppy) has moved to a new web site, and now has new release. The X applications available in version 0.1.4a are: edx text editor, retawq text only web browser, txplor dual-pane tree/filelist filemanager, OXElmo email client, bcalc 4 function calculator and a popup calendar with day/date/time. Also includes jwm window manager and all modules for NICs, block devices and file systems.
Package updates Fedora Core updatesFedora Core 3 updates: selinux-policy-targeted-1.17.30-2.80 (bug fixes), policycoreutils-1.18.1-2.9 (fix restorecon segfault on unlabeled file systems), gamin-0.0.24-1.FC3 (many annoying bugs have been fixed), pcmcia-cs-3.2.7-2.2 (fix double fclose in parse_cis()), openssh-3.9p1-8.0.1 (change default ssh client configuration so the trusted X11 forwarding is enabled).
Mandrakelinux updates KDEMandrakelinux has new KDE packages that fix various bugs. Click below for details.
Trustix Secure Linux updatesTrustix has bug fixes available for cyrus-imapd, kernel, kudzu, php, postfix, and squid. There are some additional packaging fixes for postfix.
Newsletters and articles of interest FreeBSD Tips and Tricks for 2005 (O'ReillyNet)Dru Lavigne presents a few tips and tricks for FreeBSD on O'ReillyNet. "At least once a year, I like to comb through the files on my FreeBSD system to see if there are any new docs, scripts, or manpages that I've missed. I started my search in /usr/share/examples, and the first thing that caught my eye was a subdirectory called BSD_daemon:"
SUSE Linux wins Common Criteria certification (GCN.com)Government Computer News reports that Novell's SUSE Linux Enterprise Server 9 running on IBM eServers has been awarded Level 4 Common Criteria certification. "The certification should put Novell and IBM "on top of the list when it comes to projects the government wants to do," said Novell CEO Jack Messman at the LinuxWorld Conference and Expo, held this week in Boston."
Distribution reviews My workstation OS: Arch Linux (NewsForge)Here's a brief look at Arch Linux, on NewsForge. "The philosophy of Arch is to let people have as much control over their system as possible. Nothing is on unless you turn it on. This means that a base install of Arch is very fast. On top of that the boot scripts are very simple, making them easy to edit. The philosophy is evident in Arch's hardware detection tool, hwd. The tool gives information that lets users set up their computers manually, but does not change the system configuration."
Review: Red Hat Enterprise Linux 4 (Information Week)Information Week has a quick review of Red Hat Enterprise Linux 4. "RHEL 4 uses the Ext3 file system and has added enhancements surrounding file access and synchronization. Also included in this release is LVM2 (Logical Volume Manager 2), which lets you manipulate files systems. I tested this feature using the CLI (command-line interface) and found it effective and easy to use. For example, I used lvreduce within LVM2 to decrease the size of LogVol01 from 1.94 GB to 1.84 GB with a single command. Next, I used lvextend to bring it back to its original size."
Vidalinux 1.1 Review (Linux Times.Net)Linux Times.Net reviews Vidalinux version 1.1. "Vidalinux is a Gentoo based desktop OS from our friends in Puerto Rico In this article, I will review Vidalinux 1.1 with a special comparison to Gentoo. Vidalinux isn't all that old: version 1.0 was released in August 2004. This original release was followed up by 1.1 late 2004 (Christmas Day actually). I spoke with Vidalinux developers and they were more than happy to provide me with a copy of the Premium Edition."
Page editor: Rebecca Sobol Development The OpenCroquet ProjectLate 19th century paintings of croquet-playing ladies are a somewhat unusual visual advertisement for a multi-user software design environment. But if we were to express OpenCroquet's qualities in a few words, it would be "a true collaborative internet-enabled three dimensional design environment". And the collaboration should be as smooth and unhurried as a game of, well, croquet.
Although OpenCroquet is billed as an extension of the more mature Squeak environment - Squeak reached version 3.7 in December - OpenCroquet is far more than a plug-in or a software module. The currently downloadable version has the rather dispiriting version number 0.1; for the moment it relies on Squeak 3.6, not 3.7 and the OpenCroquet installation installs its own Squeak environment. Also known as the "Jasmine" release, it is accompanied by the usual health warnings, but anyone with a smattering of Smalltalk or Slang and a broadband connection would find it easy to muck around with the code and run most of the environment without too many problems. Squeak is a fully object-oriented programming and authoring environment, and anyone familiar with it will find many of the graphical primitives and some of the GUI features available under OpenCroquet. Squeak permits both scripted and purely GUI-led creation of new objects. Changes to the runtime environment during object creation will not interrupt the underlying Squeak virtual machine. This is mostly due to the storage allocation algorithm and the realtime garbage collector working within the VM. OpenCroquet does not only take advantage of Squeak, it is the result of a comprehensive re-architecting of the very idea of internet-enabled collaborative environments. Web interfaces and classic IP-based protocols allow for some collaboration, but collaborative interfaces are usually document-based, or rely too much on analogues to phone messaging. OpenCroquet is emphatically 3-dimensional, and it employees peer-to-peer networking that is not compromised by the existence of a central server to simplify the updating of object hierarchies. It is also uncompromisingly object-oriented, taking messages between objects as the main communication and update mechanism. Smalltalk and some operating systems have taken this approach very seriously, but in a 3-D environment where the very interface is just another objects whose behaviours can be changed by programmers at any time, the very size and content of messages broadcast from object to object carry substantial implications. All objects are accessible to other users and all users participating in a particular shared space can modify all objects present in that shared space. All objects are replicated across the shared space, thereby making it simple for all users to work in the same interactive 3-D space. Objects are always versioned, something that is achieved by embedding a timebase in the communication protocol used by OpenCroquet.
TeaTimeThe central ideas behind OpenCroquet object communication are contained within its multi-user communication architecture, also known as TeaTime. What is important here is the fact that it isn't just data that aren't replicated across the OpenCroquet system, but also computations.This is why synchronization protocols are extremely important. OpenCroquet needs to complete all visible (and audible) I/O-based effects before all messages are communicated to all collaborating objects within the shared space. For instance, all screens show identical interfaces, even though the perspectives might be different. How the computations are executed is entirely the responsibility of the individual object. How the computations propagate to every instance is due to the protocol being used. But it isn't usually a problem to propagate the messages to replicated objects, since they are likely to encounter an object state identical to the one the previous object was in before the computation was initiated. But the object state update happens in two stages, not one. First, the behaviors of all of objects participating in an event or action are computed and all objects have to wait for the computations to end by a certain deadline. Then all behaviors are committed atomically. This point is re-iterated in the excellent documentation available the OpenCroquet website and it should be taken into account when new OpenCroquet applications are coded. If the object behaviors (or methods, to stay in OO terminology) do not meet the deadline, all calculations executed by objects resident in the shared space are stopped and discarded. There is another benefit to the historical data kept by the object. Distributed 3D environments suffer from risks caused by possible network disruptions or unpredictable user behavior. This might lead to objects or users being cut off from the shared space. The historical data are supposed to enable individual objects to recover from disruptions to the environment. This can be due to a number of factors; given that software and hardware underlying any OpenCroquet shared space is likely to be heterogeneous and that networks can be volatile, distributed object protocols have to have recovery mechanisms built in. Any 3D distributed programming environment has to be easily intelligible to non-graphics programmers. 3D designers using tools like Blender should be comfortable creating collaborative objects for, say, electronic learning environments. OpenCroquet components are collected in the so-called Teapot suite; they provide access to the OpenGL rendering engine, event handlers and simulation objects that are part of the TeaTime architecture. The graphics methods provide the user interface elements; since we are talking about a 3D environment, all rendering behavior that is included in a rendering frame has to include far more information than other user interfaces would usually require, including the user's and the object's position within the shared 3D space. The so-called Tframe class gives complete access to the OpenGL library. Events are communicated by something that is analogous to a user camera ("TuserCamera"), while objects are tracked via a 3D analogue of mousepointer. Keystrokes can be mapped onto both 3D objects and embedded 2D objects. The graphics engine has been implemented in Squeak, which is somewhat surprising given the typical graphics programmer's predilection for C and C++. Its speed is not impaired by this choice in any way. Simulations manage fairly complex behaviors, and are coded separately to avoid imposing too much rendering overhead. The outcome of methods would be calculated continuously; once an individual calculation is completed, a message is sent to be received by the object at some time in the future. This may sound like time travel, but is just good policy to avoid the constant rendering overhead enforced by recalculating present object state by referring to past object history. 3D collaborative environments tend to have fairly straightforward applications from collaborative engineering projects to multi-user learning environments that go beyond grading and the use of spreadsheets. Of course, previous 2D interfaces are not completely ignored; Mozilla runs quite happily inside OpenCroquet. But as soon as object libraries and networking bandwidth is available, a wide variety of new uses can be implemented.
System Applications Audio Projects Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include new versions of Audacity, amSynth, and XMMS Jack.
Database Software knoda 0.7.3-test2 releasedVersion 0.7.3-test2 of the knoda database frontend is available, here is the change information: "The scripting API improved a lot. Handling the tab-order in forms works also for subforms, a runtime version of knoda (knoda-rt) has been added, the performance is better and many bugs are fixed."
New MaxDB 7.6 beta releasedVersion 7.6 beta of the MaxDB database has been announced. "This release is a beta version, preparing for the production version release, which will take place in Q2 2005."
PostgreSQL Weekly NewsThe February 19, 2005 edition of the PostgreSQL Weekly News is out with the week's PostgreSQL database news and resources.
New PostgreSQL SoftwareThe PostgreSQL database developers have announced phpPgAdmin 3.5.2 with bug fixes (mostly for the Windows version) and PGCluster-1.3.0, "a Synchronous Multi-Master replication system for PostgreSQL 8".
Interoperability Samba Roadmap SlidesA set of Samba Roadmap Slides are available from samba.org in pdf format. "Samba Team member and 3.0.x release manager Gerald "Jerry" Carter gave a talk on "The State of Samba" at LinuxWorld Boston this week. The talk serves as an overview of recent activity on Samba, as well as an overview of where Samba is headed. The slides from the talk are available online and serve as an excellent guide to the planned roadmaps for both Samba 3.0 and Samba4."
Networking Tools xprobe2 v0.2.2 releasedVersion 0.2.2 of xprobe2 is out with several new features. "probe2 is a remote active operating system fingerprinting tool which uses advanced techniques, some which where first to be introduced with Xprobe2, such as the usage of statistical analysis ('fuzzy logic') to match between probe response(s) to its signature database and others, in order to provide with accurate results regarding the underlying operating system of a probed element(s)."
Package Management Pre-Patched Kickstart Installs (O'Reilly)Ethan McCallum automates Linux package management on O'Reilly. "My two previous articles explained how to use Kickstart to automate OS installs and upgrades. This article demonstrates some techniques for the third piece of the system maintenance cycle: keeping your machines up to date."
Printing ESP Ghostscript 8.15rc2Version 8.15 rc 2 of ESP Ghostscript has been announced. "ESP Ghostscript 8.15rc2 is the second release candidate based on GPL Ghostscript 8.15 and includes an enhanced configure script, the CUPS raster driver, many GPL drivers, support for dynamically loaded drivers (currently implemented for the X11 driver), and several GPL Ghostscript bug fixes. The new release also fixes all of the reported STRs from ESP Ghostscript 7.07.x."
Web Site Development Leonardo 0.5.0 ReleasedVersion 0.5.0 of Leonardo, a Python-based blog/wiki/CMS package, has been announced. Bug fixes and new features are included.
mnoGoSearch 3.2.31 releasedVersion 3.2.31 of mnoGoSearch, a web site search engine, is out with bug fixes. See the change history document for details.
phpBB 2.0.12 releasedVersion 2.0.12 of phpBB, a cross-platform open-source bulletin board system, is out. "This release addresses a couple of potential exploits and fixes a number of issues involving path disclosures, etc. It also introduces a new ACP based version check (language package maintainers please note the additional localisation required for this)."
Infrae releases Silva 1.2Version 1.2 of the Silva content management system has been released. "This release contains three major new features: expanded version management for XML documents, subscription functionality for all versioned content, and an internationalized Silva user interface, including Dutch and German translations. Infrae is actively seeking volunteers to translate Silva into other languages."
UnCommon Web 0.3.6 releasedVersion 0.3.6 of UnCommon Web, a web application development framework written in Common Lisp, is out. "This version adds an HTML FORM component collection, a new component dependency protocol, new components, improved documentation, improved support for the Allegroserve and mod_lisp backends, a new Araneida backend, and more."
Miscellaneous Notice of development and future release of Ganymede 2.0Version 2.0 of the Ganymede metadirectory system is in progress. "We don't have a release date yet, but right now we believe that we've hit most of the technical goals we are targeting with the 2.0 release, and we're primarily lagging in documentation and some external support code infrastructure that will be required to make the most of some of the new features. I just wanted to let folks know that the project is alive, that we are working on it, and that we are very excited about the changes we have in store for the next release."
Desktop Applications Audio Applications Ardour 0.9 beta 25 releasedVersion 0.9 beta 25 of Ardour, a multi-track audio recorder, is out. The project status page lists the changes: "Major changes to crossfades and disk buffer handling (among other fixes) require another unplanned beta."
Desktop Environments GNOME 2.8.3 is releasedThe latest stable release of the GNOME Desktop and developer platform, version 2.8.3 is now available. This is the third and last maintenance release of the stable 2.8.x series of GNOME and it contains a huge amount of bugfixes and other improvements. Click below for a detailed list of changes.
Improving the User Experience for Desktop Sysadmins - Sabayon (GnomeDesktop)GnomeDesktop mentions a new blog entry from Seth Nickell on the Sabayon project. "So what about sysadmins? Sabayon is GNOME's first major design targeted at improving the user experience for people who administer GNOME systems, and hopefully the start of an initiative toward designing for this important group of users.."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE CVS-Digest (KDE.News)The February 18, 2005 edition of the KDE CVS-Digest is online, here's the content summary: "In this week's KDE CVS-Digest (all on one page): Kttsd adds support for Italian Festival voices. Umbrello improves import from ArtisanSW, Visio, ArgoUML, Fujaba and NSUML. KSpread has a new insert calendar plugin. Konqueror loses its Cut/Copy/Paste buttons. KDE begins move to Subversion and discusses future roadmap."
KDE Bug Tracker Hits Report 100,000 (KDE.News)Philip Rodrigues writes about the KDE bug reporting system. "With bug number 100,000 reported, the hard-working KDE bug tracking system reached a milestone today. However, not everyone knows what goes on behind the scenes and how to help. In this article, I take a short look at using the bug reporting system, and how you can help KDE improve."
Electronics gEDA NewsThe latest releases from the gEDA project include new versions of Confluence, a language for synchronous reactive system design, and Icarus Verilog, an electronic simulation language compiler.
gerbv 1.0.1 releasedVersion 1.0.1 of gerbv, a utility for viewing Gerber files used for printed circuit CAD images, is out. The announcement on the Open Collector site says: "This time it is just a bunch of minor bugfixes. They include: * Allocating 1 too little strings caused very strange effects. Found and solved by Mario and primorec. * Had forgot to initialize some GCs when drawing some aperture macro primitives."
Financial Applications SQL-Ledger 2.4.9 is outVersion 2.4.9 of SQL-Ledger, a double entry accounting system, is available. The changes include a price matrix rounding change, updated translations, and a fixed reconciliation summary.
Graphics KToon: 2D Animation Toolkit (KDE.News)KDE.News looks at the KToon project. "KToon, is a new 2D animation toolkit created by Toonka Films and now made available as a free GPL'ed option to the 2D animation industry."
Medical Applications New HCFA Edit and Print Capabilities for OpenEMR (LinuxMedNews)LinuxMedNews covers the latest release of OpenEMR, an open-source medical billing system. "The latest development is an object oriented application developed using Java. The new billing feature includes several enhancements over the existing HCFA entry and printing capabilities. The new software includes both the tools to create the forms, and a web interface to edit and override the system generated information."
Music Applications libDSP 5.0.1 releasedVersion 5.0.1 of libDSP, a C++ library of digital signal processing functions, is available with new optimizations, code cleanup, and bug fixes.
Video Applications Dirac 0.5.1 releasedVersion 0.5.1 of Dirac, a cross-platform video codec, has been announced. " This is a minor release with several algoritmic improvements and bug fixes."
Web Browsers Minutes of the mozilla.org Staff Meeting (MozillaZine)MozillaZine has announced the availability of the minutes for the February 14, 2005 mozilla.org staff meeting. "Issues discussed include Mozilla 1.8 Beta, Mozilla Firefox 1.0.1, update.mozilla.org, the international domain name Punycode spoofing issue, the Personal Security Manager and emphasising security."
Word Processors AbiWord v2.2.4 Released (GnomeDesktop)Version 2.2.4 of the AbiWord word processor has been announced. "This release is mostly a bugfix release, with some additional features."
Miscellaneous Internationalization, Part 1 (O'ReillyNet)O'Reilly has published part one in an excerpt series on internationalization. "Writing software that is truly multilingual is not an easy task. In this excerpt from Chapter 8 of Java Examples in a Nutshell, 3rd Edition, author David Flanagan offers programming examples for the three steps to internationalization in Java: using Unicode character encoding, handling local customs, and localizing user-visible messages."
Languages and Tools Caml Caml Weekly NewsThe February 15-22, 2005 edition of the Caml Weekly News is out with coverage of the latest Caml language developments.
New Caml SoftwareThe Caml Hump site lists a number of new Caml language applications including OCaml-Packrat, OCaml-CGI, Camlusb, OCaml-event, GikiWiki, Felix, Iom, and ocaml-ssl.
Java Designing a Fully Scalable Application (O'ReillyNet)Amir Shevat covers scalability issues and MantaRay on O'Reilly. "It's difficult, maybe impossible, to know up front how much or in what ways your application will need to scale. But by decoupling parts of the application, you can at least ensure that the scaling process can be kept modular. Amir Shevat shows how some sharable pieces of the MantaRay messaging system can allow your app to grow beyond one box."
xavax 1.0 released (SourceForge)Version 1.0 of xavax has been announced. "xavax is a XML / Java Framework to develop J2EE business applications rapidly and easily. It is based in business components defined with XML. Feature rich and flexible since is used for years to create real business applications."
JDMK and Legacy IT Management (O'ReillyNet)Stephen B. Morris works with the Java Dynamic Management Kit to manage legacy SNMP-based equipment. "Java Dynamic Management Kit (JDMK) is a framework for the creation of Java-based management software and legacy SNMP-based systems. It extends Java Management Extensions (JMX), which allows instrumented applications to remotely monitor resources throughout the network."
Semantic Cache for Java (LinuxMedNews)LinuxMedNews covers a new open-source semantic cache for Java. "University Health Network has released a beta version of "chisel", an open-source semantic cache for Java. It was developed to cache HL7 query results in a semi-virtual EHR, but will run against any Java method that encapsulates a conjunctive query."
Anatomy of a flawed microbenchmark (IBM developerWorks)Brian Goetz discusses benchmark shortcomings on IBM developerWorks. "Software engineers are notoriously obsessed, sometimes excessively, with performance. While sometimes performance is the most important requirement in a software project, as it might be when developing protocol routing software for a high-speed switch, most of the time performance needs to be balanced against other requirements, such as functionality, reliability, maintainability, extensibility, time to market, and other business and engineering considerations. In this month's Java theory and practice, columnist Brian Goetz explores why it is so much harder to measure the performance of Java language constructs than it looks."
Perl Building a 3D Engine in Perl, Part 3 (O'Reilly)Geoff Broadwell continues his O'Reilly series on Perl for 3D visualization with part three. "Later in this article, I'll discuss movement of the view position, continue the refactoring work by cleaning up draw_view, and begin to improve the look of our scene using OpenGL lighting and materials. Before I cover that, your feedback to the previous articles has included a couple of common requests: screenshots and help with porting issues."
Ruby Ruby Weekly NewsThe February 20, 2005 edition of the Ruby Weekly News is available with the latest news and discussion from the ruby-talk mailing list.
Scheme Schemer's Gazette 4Issue #4 of the Schemer's Gazette is online with the latest Scheme language development news.
Tcl/Tk Dr. Dobb's Tcl-URL!The February 21, 2005 edition of Dr. Dobb's Tcl-URL! is online with the latest Tcl/Tk news and resources.
XML What Next, XML? (O'Reilly)Micah Dubinko considers the issues involved in defining XML 2.0 on O'Reilly. "How much of a clean break would a transit to XML 2.0 need? What parts should stay, and what parts should go? According to xml-dev participants, the two hot-button issues are DTDs and human readability."
Implement implicit and explicit SOAP headers (IBM developerWorks)Andre Tost works with web services and SOAP headers on IBM developerWorks. "You can define SOAP headers in a WSDL definition using what are commonly called explicit and implicit headers. Learn the difference between these two styles and how these differences might impact you when developing with JAX-RPC."
REST Reporting (O'Reilly)Eric Gropp works with REST and web services to produce paper output from XML in an O'Reilly article. "Producing paper reports is a fundamental requirement of many applications. As more systems are exposed as services, REST, XSLT, and the mighty URI can create a reporting approach that has a number of advantages over traditional, database-direct reporting engines."
Editors Yzis Milestone 3 Released (KDE.News)KDE.News looks at the latest release of Yzis. "The Yzis team is glad to announce the Milestone 3 release of Yzis, the fast moving vi-compatible editor from the authors of KVim. A lot has happened since the M2 release in August 2004: many new features have been added and bugs fixed, getting us closer to the full Vim feature set."
IDEs DrPython 3.10.8Version 3.10.8 of DrPython, and IDE for the Python language, is out. The change log lists bug fixes and other improvements.
Version Control StatCVS offers a view into CVS repository activity (IBM developerWorks)Tom Copeland analyzes and graphs CVS statistics on IBM developerWorks. "StatCVS is a handy utility for creating charts of a Concurrent Versions System (CVS) repository's activity. In this article, developer Tom Copeland explains how to install and run StatCVS, gives an overview of the reports generated, then explores generating reports for multiple repositories, StatCVS internals and limitations, and more."
Miscellaneous bzip2 1.0.3 is availableVersion 1.0.3 of bzip2, a file compression utility, is out. "1.0.3 fixes some minor issues from the last version, but does not bring any new functionality."
Preserving Backward Compatibility (O'Reilly)Garrett Rooney discusses backward compatibility issues on O'Reilly. "In order to better prepare you, the average open source hacker, for dealing with this problem, I'd like to share some of the experiences we've had with backward compatibility in the Subversion project. With luck, you'll be able to apply some of the lessons we've learned to your own projects."
Page editor: Forrest Cook Linux in the news Recommended Reading Moglen plans 'general counsel's office for the entire movement' (NewsForge)NewsForge looks at Eben Moglen's plans for the Software Freedom Law Center. " Yet behind the facts of the news release is a larger story. In helping to create the organization, Center director Eben Moglen, the framer of the GNU General Public License, is not just looking for a way to defend the FOSS communities against legal threats. Yet he is also looking beyond this potential need. By 2010, he hopes to see the SFLC become the center of a web of associations that will link FOSS projects, tech-savvy lawyers, and corporations, to everyone's mutual benefit."
Trade Shows and Conferences LinuxWorld Boston 2005: An Overview and Day One Report (Linux Journal)Jeffrey Bianchine covers day one of LinuxWorld for Linux Journal. "The exhibition hall here at LinuxWorld has two discrete sides, one dominated by the big name players and the other populated by distribution and project communities bordering businesses--some of them well known--that invested in individual booths. After a morning spent listening to suits, I spent the afternoon working this side of the exhibition hall. It is a pleasure to report that the general buzz on this side of the exhibition hall is positive. It also is encouraging that so many of the business booths here are a mix of first-time exhibitors and new businesses."
LinuxWorld Expo Boston: Day Two (Linux Journal)Jeffrey Bianchine continues his LinuxJournal coverage of the LinuxWorld Expo with a look at the events from day two. "On Tuesday, Novell, IBM, Oracle and Red Hat--giants bestriding their markets--were the press area headliners. Yesterday, the press announcements were being made by considerably smaller companies, eager to make an impact. This is not a surprise, as the opening day of any event of this sort traditionally is when the major players make their big statements."
LinuxWorld Expo Boston: Final Day Wrapup (Linux Journal)Linux Journal wraps up its LinuxWorld coverage. "Given that LinuxWorld Expo has such an overwhelming business tradeshow ethos, where does that leave the communities and dot orgs that fostered Linux and open source in gaining the "moral high ground" Bruce Perens mentioned yesterday? At this show, it left them on the other side of a literal great wall."
Best of Linux World Coverage: The Redhat Mistake (OSDir)The lead editor of OSDir discusses the most significant event he saw at LinuxWorld. "Redhat's VP of open source affairs Michael Tiemann stepped up to the plate and said in not so few words, that the company messed up. It messed up big time, is sorry, and is trying to make amends. Where they messed up was abandoning their 'freebie' Redhat version two years ago to focus exclusively on their enterprise 'pay up big time' version."
NewsForge writer rises to LinuxWorld gaming challenge (NewsForge)This NewsForge article covers the Celebrity Challenge at LinuxWorld. "The game was not unfamiliar to me: Unreal Tournament 2004, which was released last spring and works wonderfully on GNU/Linux, Windows, and Mac OS X. Although I missed my home setup -- the 64-bit edition of UT2004 running over 64-bit Gentoo on my Athlon 64 system -- all the players were on a level playing field, as we were all equally disadvantaged. But the stakes were high and dozens of people were watching us prove that GNU/Linux is not just for servers and workstations."
SCALE 3X Wrapup Report (Linux Journal)Linux Journal covers the third Southern California Linux Exposition (SCALE 3X). "Track A was oriented to the experienced Linux user, covering the most technically sophisticated topics, including the kernel, embedded issues and remastering Knoppix. Tracks B and C were somewhat less technically oriented and included talks about application development and availability, a variety of implementation issues and relevant social issues. Track D was oriented to the Linux beginner and included tutorials on such topics as distributions, networking, content management and Samba. The VoIP panel discussion that closed the conference tracks was well attended and included a spirited Q & A session."
Red Hat: Fedora will engage customers (News.com)News.com reports from FUDCon. "The problem came in recent years when Red Hat threw its energies into a stable product called Red Hat Enterprise Linux. RHEL let the company grow from a small market of technically savvy customers to the large market of mainstream customers. But in the process, Red Hat left those "early adopters" behind, said Michael Tiemann, vice president of open-source affairs."
Linux For The Future (Information Week)Information Week reports from LinuxWorld. "As Linux matures, some key differences are emerging between the market's primary suppliers: Novell and Red Hat. As Novell chairman and CEO Jack Messman pointed out last week during a LinuxWorld press conference, his company's similarity to Red Hat begins and ends with the basic Linux kernel."
The SCO Problem Missing deadlines puts SCO on the spot (Salt Lake Tribune)The Salt Lake Tribune notes that the SCO Group is far behind on the filing of its annual report with the SEC. "And SCO's missed deadlines did not go unnoticed in Manhattan, where Nasdaq officials confirmed they likely will consider actions that could lead to delisting the company's stock."
IBM Files its Motion for Reconsideration of Wells' Discovery Order (Groklaw)Groklaw follows IBM's latest move in the SCO case, the company will provide the AIX and Dynix code. "Sometimes it's easier to comply with an order than to argue about it, if it's not essential. We now see, by the decision IBM made about what to make an issue of, that IBM doesn't believe that SCO will find a thing in that code, onerous as the task is for IBM to produce it."
Companies IBM to invest $100 million in Linux push (News.com)News.com reports that IBM will invest $100 million in support of Linux desktop applications. "IBM said the decision stemmed from the increasing popularity of Linux among its customers. According to the company, the number of customers opting for the Linux platform for applications such as WebSphere Portal, instant messaging and Web-based document sharing saw high double-digit growth in 2004."
Sun burns Solaris and Linux staffers (Register)The Register reports that Sun has laid off some of its operating system staff. "Sources have informed The Register that a larger number of staffers in Sun's operating platforms group have been shown the door. Many of these workers had been cranking away on new versions of Solaris and the Java Desktop System - Sun's version of Linux. With that work mostly completed, the staffers became expendable to Sun. This looks like the tail-end of a long round of layoffs, which started last year and claimed more than 3,000 jobs."
Legal Lexmark suffers second knock back in DMCA case (Register)The Register reports that Lexmark has lost its DMCA case against Static Control Components yet again. "Barring the intervention of the US Supreme Court, Lexmark's hopes of using the DMCA against Static Control Components have been dashed."
Court questions FCC's broadcast flag rules (News.com)News.com covers the broadcast flag hearing in U.S. Federal appeals court."'You're out there in the whole world, regulating. Are washing machines next?' asked Judge Harry Edwards." This issue is relevant because the broadcast flag will make it difficult to create free digital TV systems.
Interviews FOSDEM 2005: Python Bindings Interview (KDE.News)KDE.News has an interview with Simon Edwards, part of the FOSDEM 2005 series. "Simon Edwards will be talking about KDE application development using Python in the FOSDEM KDE Developer's Room. In the interview below he talks about the advantages of Python, how it compares to other languages and whether KDE should be rewritten in Python."
The final round of FOSDEM interviewsThe last set of interviews with speakers at the Free and Open Source Developers' European Meeting (Brussels, February 26 and 27) has been posted. These are: Stuart Winter (Slackware), Ethan Galstad (Nagios), Marius Mauch (Gentoo), Gerald Combs (Ethereal), Olle Mulmo (Globus), Jimmy Jimbo Wales (Wikipedia), and kernel hacker Alan Cox.
Audio Interview with Miguel de Icaza (LugRadio)LugRadio has a new interview with Miguel de Icaza in Ogg format. "The latest episode of LugRadio is Monobrow (season 2, episode 9)! Interview with Miguel de Icaza, letters, why your kernel needs compiling, and much, much more! LugRadio now fully supports podcasting! You too can now get LugRadio on the move!" (found on GnomeDesktop.)
The paradox of free/open source project management (NewsForge)NewsForge interviews several open-source project leaders to discuss project management issues. "Leaders from three separate but related -- and incredibly successful -- free/open source projects agree: If you want the project to move to the next level, let go and let the community take over. We asked Larry Wall, creator of Perl; Brian Behlendorf, the Apache Project leader; and Linus Torvalds, creator of Linux, for their thoughts on why this happens and how they and their projects have fared as a result."
Resources Linux Magazine: KWifiManager (KDE.News)KDE.News mentions a new article by Chris Howells on KWifiManager. "It introduces KWifiManager, tells you how to find and connect to wireless networks and how to use it for monitoring your wireless connection." The article is available as a pdf file.
OOo Off the Wall: Cross References and User-Defined Fields (Linux Journal)The Linux Journal OpenOffice.org article series continues with this look at cross referencing. "Frankly, cross-references are a disappointment in OpenOffice.org Writer. Several posters to the OpenOffice.org mailing lists have referred to them as glorified bookmarks, and they're not far off. Compared to other software designed for writing long documents, Writer's cross-referencing tools are lacking."
Reviews In hopping chips, will IBM hop Solaris and Windows too? (ZDNet)ZDNet takes a look at IBM's new Chiphopper. "Chiphopper -- a package of free technologies and services that IBM released at LinuxWorld -- is exactly what it says its. It takes the expertise that went into making Red Hat and SuSE's distributions of Linux portable to IBM's mainframe (z Series) and Unix servers (p Series) and bottles it up into a turnkey porting tool that commercial software developers can use to painlessly port their apps from the x86 version of Linux to IBM's big iron systems (thus "hopping chips")."
The Lightweight experience:A comparison of Window Managers (Linux Times.Net)Linux Times.Net takes a look at some of the lighter weight window managers. "One of the most popular window managers is the very simple Fluxbox, derived from the even more basic Blackbox. The developers of Fluxbox have added handy features such as window tabs, key bindings, KDE and partial Gnome support."
GnomeMeeting: It's not just for video conferencing (NewsForge)NewsForge has a review of GnomeMeeting. "GnomeMeeting is now at the 1.2 release, and is available in distribution-specific binaries for Debian, Fedora Core 2, Slackware, Mandrake, and SUSE. The source code is available as well, if your distro isn't included in that list."
KDE 3.4-b2 Preview (OS News)OS News reviews KDE 3.4 beta 2. "It seems that KDE is becoming much more concerned with look and feel of late, which I think is a very good thing. I believe KDE is a first-rate desktop environment, and to stay that way, it needs to be aesthetically appealing. Along those lines, some new eyecandy has been added."
amaroK First to Integrate Audioscrobbler (KDE.News)KDE.News looks at Amarok 1.2, a media player for KDE with new Audioscrobbler capabilities. "Audioscrobbler allows users to share music tastes with friends on the Internet, making use of automatically submitted song statistics. amaroK goes a step further than other media players and allows users to receive music recommendations from the site."
Translating With OmegaT (NewsForge)NewsForge introduces OmegaT, a free translation system. "Before you begin exploring OmegaT yourself, you should understand how it, or any CAT tool, works. OmegaT is a so-called translation memory application; that is, it doesn't translate texts for you. Instead, it stores pieces of text (called 'segments') and their corresponding translations in a file called 'translation memory.'"
Miscellaneous Year-long Italian programming tournament announces winners (NewsForge)NewsForge reports on the first Italian Open Source Contest. "Any software project could participate, as long as it was original (no localizations), available under an OSI certified license and counted, as of January 1, 2004, at least one Italian citizen in the development team. There were six categories, each with a first prize of €1,500. The first four were Most Innovative Software, Best User Interaction, Best Community, and Multimedia. Security, Networking, and Communication constituted another single class, while Business Software included database, office, and system integration tools."
How to Kill Linux (PC Magazine)Time for another strange Dvorak article in PC Magazine. This one concerns a sure-fire Microsoft plan to kill Linux. "That means tearing away the entire top of Linux from the driver layerand that would be MS-Linux. Users who needed to add the driver layers would be offered the standard Linux driver package, which would be attached with a utility program. The utility would sew the drivers back into Linux, resulting in an OS that would be more or less the same as everyone else's. Or the user could pay for the Windows drivers and attach those to MS-Linux, resulting in an OS that had the PnP benefits of Windows."
Page editor: Forrest Cook Announcements Non-Commercial announcements A call to action on OASIS patent policyA large group of prominent free software and related personalities (Perens, Stallman, Lessig, O'Reilly, Moglen, Kapor, van Rossum, Raymond, Behlendorf, etc.) has signed a letter calling for resistance to the patent-friendly policy adopted by OASIS, a consortium for electronic business standards. "We ask you to stand with us in opposition to the OASIS patent policy. Do not implement OASIS standards that aren't open. Demand that OASIS revise its policies. If you are an OASIS member, do not participate in any working group that allows encumbered standards that cannot be implemented in open source and free software." Click below for the full text.
German Bundestag supports software patent restartThe NoSoftwarePatents site reports that the German Bundestag has voted unanimously in favor of a restart of the patent directive process in Europe. An English translation of the resolution is available in PDF format.
The EFF guide to EULAsThe EFF has put out an advisory on some of the worst terms often found in software end user license agreements. "Many people treat EULAs with the same reverence they do the tags on mattresses that say, 'Do not remove this tag under penalty of law.' They scoff at the idea that anyone could enforce such a bizarre rule. Increasingly, however, we are seeing consumers and software developers threatened with lawsuits for engaging in the digital equivalent of ripping tags off a mattress."
New funding for free software in the UKThe UK Association for Free Software has announced the availability of new grants. "A new grants fund is available to free software projects in the UK from money raised by the UK Free Software Network (UKFSN), the free software Internet Service Provider set up by Jason Clifford in 2003, and donations to UK's Association for Free Software (AFFS), a national membership organisation for supporters of free software. The total amount available in the first round is 1,500 GBP."
Commercial announcements Arabella Supports Embedded Planets EP885 and EP8248 BoardsArabella Software has announced that it will offer Linux support and a free Linux reference design for the Embedded Planet EP885 and EP8248 processor boards.
Go Daddy to Issue SSL Certificates to Open Source Projects 'Free of Charge'The Go Daddy Group, Inc. has announced that it will issue its Turbo SSL Certificate to bona-fide open source software projects at no cost. "The Turbo SSL certificates which Go Daddy will issue to open source projects -- a $29.95 value -- are issued within minutes, have 99% browser recognition, and provide 128-bit Web server security -- the highest level of encryption available on the market today."
IBM Unveils New Development CentersIBM has announced the opening of new development centers. "IBM today announced it will open more than a dozen new development centers in China, Brazil and Russia in an effort to accelerate innovation around the adoption of open standards based solutions in emerging markets."
Mandrakesoft reports first quarter resultsMandrakesoft has announced their first quarter results for the period of October-December, 2004. Here are the numbers: "A consolidated revenue of 1.44MEUR (1.88MUSD), an operating income of 0.31MEUR (0.41MUSD) and a net income of 1.03MEUR (1.35MUSD)."
New Mexico Software partners with NextDay NetworkNew Mexico Software, Inc. has announced a partnership with NextDay Network. "Dick Govatski, CEO of New Mexico Software, said, "NextDay Network is a major national retailer of software products that makes innovative use of online Internet marketing and distribution tools. We are delighted that they will be selling our products.""
Storage Standard NFS Draws BackingSoftware developers at the University of Michigan have received backing from PolyServe, Inc. to help create an industry-standard implementation of Network File System Version 4 (NFSv4) for Linux.
Novell's first-quarter resultsNovell has announced its first quarter results. "During the first fiscal quarter 2005, Novell recognized revenue of $15 million associated with its SUSE LINUX business, including $7 million of recognized revenue from subscriptions to SUSE LINUX Enterprise Server. Sales of subscriptions to SUSE LINUX Enterprise Server totaled 21,000 units in the quarter."
SCO Group to be delistedThe SCO Group has put out a press release informing the world that it is being kicked out of the NASDAQ market for failure to comply with the reporting requirements. SCO is appealing the decision. "The Company has been unable to file its Form 10-K for the fiscal year ended October 31, 2004 because it continues to examine certain matters related to the issuance of shares of the Company's common stock pursuant to its equity compensation plans. The Company is working to resolve these matters as soon as possible and expects to file its Form 10-K upon completion of its analysis."
VA Linux Issues a Manifesto on its Stance with Open Source CommunityVA Linux Systems Japan K.K. has Issued a manifesto that clarifies the company's stance on open-source software and the relation to the community. "This manifesto, entitled "VA Linux: Statement of Our Commitments on Open Source Software", states how the company views Open Source and how it is going to take part in it."
LinuxWorld Announcements for February 17Here are the LinuxWorld announcements for Thursday, February 17, 2005:
Resources New Audio Libre article: 'Pluggin' away'A new article on LADSPA plugins is available on linuxaudio.org. "A new PDF article on the work of Steve Harris is now available, covering in particular LADSPA plugins and Jamin."
The LDP Weekly NewsThe February 23, 2005 edition of the Linux Documentation Project Weekly News is online with lots of new documentation releases.
Contests and Awards KDE-Look Announces the Winner of T-Shirt Contest (KDE.News)KDE.News has announced the winner of the KDE-Look T-Shirt Contest. "The community has spoken and the winner of the First Annual KDE-Look T-Shirt Contest with 24 out of 81 votes is Nenad Grujicic with his entry Green."
OpenOffice.org 2.0 splashscreen competition winner announcedLWN readers have, doubtless, been sitting on the edge of their chairs waiting to hear who would be the winner of the OOo splash screen competition. The envelope has been opened, and the victor is Brendan Whelan; his entry can be seen over here, along with an interview.
Upcoming Events Escape the Java Trap @ Fosdem 2005The Fosdem organization has offered the developers of various projects around GNU classpath the opportunity to meet face to face in their own developer room. Click below for a schedule.
Mozilla at FOSDEM 2005 (MozillaZine)MozillaZine announces the Mozilla project coverage at FOSDEM 2005. "Talks will cover topics such as Mozilla Europe, Mozilla 2.0, XulRunner, Bugzilla, Camino and localisation. Speakers include Axel Hecht, Gervase Markham, Hisham El-Emam, Robert Kaiser, Ludovic Hirlimann and Tristan Nitot."
GUADEC-es 2005 (GnomeDesktop)GnomeDesktop has the announcement for GUADEC-es 2005. "The second edition of the GUADEC-es (International conference for Spanish speaking GNOME users and developers) will be held this year in A Corunha (Galicia, north-west of Spain), on 19-21 May. The conference, organized by the Gnome Hispano association, was placed strategically close in time to the VI Guadec in Stuttgart, trying to make it easy for Spanish speaking people coming from outside Europe to attend to both events."
The Linux Professionals' Association AGMThe LPA has announced its next AGM gathering. "The Linux Professionals' Association (LPA) will be having its AGM on Friday 4 March 2005. The LPA is a South African organisation which has traditionally championed OSS, specifically in the business sphere. Formed in 1996 by what was then the majority of Linux/OSS based businesses in Johannesburg, the Association has come a long way."
March 10 is Python Meetup DayMarch 10 has been declared Python Meetup Day. "7:00pm on the second Thursday of each month is the default time for Python meetup groups all over the world. Thats March 10 for next month. I suppose its supposed to make you feel warm and fuzzy, knowing that there are little groups of true believers congregating at the same time, all over the world."
Events: February 24 - April 21, 2005
Web sites TuxScout - Job Site for Linux/Open Source ProfessionalsTuxScout is a new job site dedicated to the Linux and Open Source community. Besides a fully featured search engine for both job seekers and employers, the site offers a forum section to discuss job hunting issues, a resources section with articles on resume writing, interviewing, and more.
Page editor: Forrest Cook Letters to the editor Common sense takes a holiday: buying the Enderle FUD
Dear Mr McKenzie,
Page editor: Jonathan Corbet
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Jim Gettys]](/images/ns/lweb2005/jim-gettys-sm.jpg)
![[Bruce Perens]](/images/ns/lweb2005/perens-sm.jpg)
![[OpenCroquet]](/images/ns/opencroquet.jpg)
OpenCroquet is planned to become such an environment. Based on
