LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for March 17, 2005Mozilla is dead; long live SeaMonkeyBack in April, 2003, the Mozilla Project stirred things up by announcing a set of changes to its development model and roadmap. Rather than continue to develop one huge suite which did everything, the project would shift its efforts to the creation of smaller, standalone applications. In particular, future development would go into the browser then known as Phoenix, and the mail client called, at that time, Minotaur. The full Mozilla suite was expected to fade away.Over time, as the project continued to make new Mozilla releases, it seemed that the suite might stay around for some time after all. The project made several Mozilla 1.8 alpha releases, and one beta, leading some users to believe, reasonably, that there might just be a Mozilla 1.8 final release afterward. So the February 28 staff meeting summary surprised a number of people with this brief item:
*Mozilla 1.8 final*
- To be discussed tomorrow whether we do one The ensuing discussion was long and noisy. The suite still has a large and dedicated user base, even if it has been somewhat overshadowed by Firefox and Thunderbird. Some developers had been working on Mozilla 1.8 and now wonder why. It seems that, over the last couple of years, the big-picture plan had faded from view, and the Mozilla Foundation didn't go out of its way to remind people of where it was going. That ended on March 10, when the Foundation posted its transition plan for the Mozilla suite. According to that plan, the "alpha" and "beta" 1.8 releases were intended simply to test out the Mozilla backend code. There will be no final, stable, supported Mozilla 1.8 release. The Foundation does seem to recognize that not everybody will have expected this decision:
There is no doubt that the series of 1.8 alpha and beta releases
have caused some confusion about whether there would be a 1.8
product released by the Mozilla Foundation. In addition, a set of
people have done a non-trivial amount of work on 1.8 features,
thinking this would be part of an official Mozilla Foundation
release. This has been a major error on our part.
The confusion was also clearly to be found within the project itself, as can be seen by the fact that the question of whether a 1.8 release would happen or not was left as an open item for discussion at the February 28 staff meeting. In any case, the decision has now been made. And that decision is consistent with the project's stated long-term goals, even if people did have reason to believe that things would happen differently. The interesting question now is: what happens next? What's next, it seems, is that the Mozilla suite gets a new name (almost certainly "SeaMonkey," its longstanding name within the Mozilla Project) and is developed and maintained by a group of volunteers. That group is already organizing itself, and has posted a plan of sorts on the SeaMonkey home page. The first priority will be to get a real 1.8 release out, but the developers are already looking beyond that milestone. A commonly-mentioned longer-term goal is moving over to XULRunner; porting back some of the better Firefox and Thunderbird features is also on the list. The Mozilla Foundation claims to support this course of action. So SeaMonkey will be able to use the Mozilla support infrastructure - CVS, BugZilla, etc. It also appears that it will be able to use the SeaMonkey name, though it appears that there may be a significant debate within the new project about naming before this is all over. The Mozilla Foundation's primary concern, it seems, is that the SeaMonkey releases cannot appear to be an official Mozilla product. The Mozilla Foundation's motives in making this decision are easy to understand. The Foundation's resources are limited, so it wants to concentrate those resources on the standalone applications which are at the core of its stated plans - and which, it must be said, have been rather more successful (in terms of user adoption) than the full-blown Mozilla suite ever was. That suite is free software, however, so it can survive abandonment by its creator as long as there are developers with the time and interest to maintain it. The fact that the Foundation is providing the support infrastructure (and, of course, Gecko engine and the rest of the support code used by the Mozilla suite) is an added bonus. There is every reason to expect that both projects will thrive; in a year or two, this decision may be seen as a good thing by all parties involved.
A modest proposal from Debian's Release TeamThe big news from the Debian Project this week is a proposal from the Release Team and FTP masters that may result in several architectures being "dropped." The Debian release team and FTP masters are proposing some criteria to determine which architectures will receive stable releases after sarge:
The release team and the ftpmasters are mutually agreed that it is not
sustainable to continue making coordinated releases for as many
architectures as sarge currently contains, let alone for as many new
proposed architectures as are waiting in the wings.
The proposal would not affect the Sarge release, but would take effect for the next stable Debian release, dubbed "Etch." The architectures that are slated for release with Sarge will still go out the door, and will have security support throughout Sarge's release cycle, but would not be included in testing for the Etch release. The proposal would relegate a number of architectures to "second class citizen" (SCC) status, though even that does not come for free. At a minimum, the architecture must have a functioning Debian build system ("buildd") which can run 24 hours per day without crashing. It would also require five Debian developers that use or work on the port to send a signed request for its addition, binaries for the port would need to be built and signed by Debian developers, include "basic Unix functionality," and binaries would need to be built from unmodified Debian source. Finally, the architecture must be freely usable, and the port would require a sufficient user base, or 10% of downloads "over a sampled set of mirrors." To be part of the Etch release, an architecture would have to meet yet another set of criteria. The target systems must be available for purchase, they must be able to compile at least 98% of the distribution's packages, there must be a working installer, and there must be a machine under debian.org, available to developers, for testing. It would also be necessary for the security team, the system administration team, and the release team to sign off on accepting the architecture. We followed up on the proposal with Steve Langasek, one of the Debian Release Team members. Using this set of criteria, Langasek predicts that this would reduce the candidate architectures from 11 (for Sarge) to 4 for Etch -- x86, PowerPC, IA-64 and AMD64. The list of ports is not set in stone. Langasek told LWN that he hopes other ports will "strive for inclusion in the Etch release, and that their efforts will contribute to maintaining the high quality we have today even if they don't end up being released." We also asked Langasek how the Release Team had picked the criteria to be used for future releases.
One of the items in the agenda I had set for this meeting in Vancouver
(with input from the rest of the team) was to talk about setting
per-architecture criteria for etch to address some of the problems we've
seen during the sarge cycle, where we've been fighting fires involving one
architecture or another not being able to keep up -- and what we've noticed
is that it's not consistently any particular architecture, it's been spread
out across the board, so we really needed to tell people up front what we
needed from ports in order to get etch out on-schedule.
As it turns out, the ftpmasters ran with this idea in a late-night brainstorm session even before the meeting officially began, and had some preliminary criteria put together by Saturday morning. By Saturday evening, we'd hammered this into something we all agreed was a good idea, and spent the next couple of days tweaking, refining it as one thought or another popped into someone's head. The release team has invited comments on the plan, and it is undergoing quite a bit of discussion over on debian-devel. We asked Langasek if the proposal would be dropped if there was a strong reaction against it. Langasek said that the Release Team was open to ideas, and was "happy to tweak the specific criteria in use if there are reasons to do so." However, Langasek said that setting basic requirements "shouldn't be all that controversial, because the only alternative to holding our ports to a standard that reflects the demands of the release process really is a slow, unpredictable release." He also said there might be tweaks for ports not deemed release candidates.
It is pretty clear based on feedback that something more than the proposed
unstable snapshot mechanism is desired for those ports that aren't going to
be "release candidates". We don't know yet what form that will take, but
there's been a lot of good discussion about what the needs are that should
be met.
One criteria for release candidates that caught our eye was the requirement that the architecture must be "publicly available to buy new." We wondered if that would mean dropping support for 386 and 486 chips, something that other distributions have done for some time. According to Langasek, processors with the 486 instruction set are still in use.
The truth is that it's still possible to buy chips implementing a 486
instruction set, and a lot of people are still doing interesting things
with them in the embedded sphere -- and it doesn't really cost us anything,
release-wise, to maintain backwards-compatibility with those chips.
There have been a few ABI changes recently that have made current software dependent on an instruction set that's only available in 486 chips and higher; it's possible to emulate around this, but the only implementation currently available has security problems, so it may yet turn out that sarge is the first release of Debian's "i386" port that doesn't actually support true 80386 processors. We've also dropped support in sarge for the oldest of the 32-bit Sparc processors, for similar reasons. From where we're sitting, this looks like a reasonable proposal. It doesn't arbitrarily drop specific architectures, but allows for ports to be dropped from Etch's release candidates if they fail to keep up. This may not be the "magic bullet" needed to ensure more timely releases from the Debian Project, but it should contribute to faster releases overall.
Remembering the crypto warsOne of the quieter announcements to come out of last month's RSA conference was this release stating that Dorothy Denning had received the 2004 "Harold F. Tipton Award" in recognition of her career in information security. From the release:
"Over the past three decades, Dorothy Denning has been instrumental
in the battle to secure cyber infrastructure," said Tipton, who
will present the award to Dr. Denning. "She has an extensive
history of developing ways to protect highly sensitive information
for corporations and government agencies."
Ms Denning was certainly an early pioneer in this field. Her 1982 Cryptography and Data Security was, for some years, the book on encryption, access control, and security models. A copy of it remains on your editor's shelf. Dorothy Denning helped pave the way to where we are now. The release omits an important point in Ms Denning's career, however, which would be worthwhile for the free software community to remember. Those who were paying attention at the time will remember the encryption battles of the 1990's, when governments (and the U.S. government in particular) tried to control the spread of cryptographic technology. The breaking point in that debate was the "Clipper" initiative, first proposed under Bush I, then supported by the Clinton administration. Clipper would have required that all encryption used in the United States implement a key escrow mechanism which would enable the government to decrypt any communication which caught its interest. Of course, the government promised not to abuse this capability, honest, trust us. Strangely enough, people didn't trust them. Dorothy Denning was nearly unique in the cryptography community in that she was a strong clipper supporter. Her essay, The Future of Cryptography, remains available; it is worth reading for a scary view on how the net should work. Here's what she was worried about:
Crypto anarchy can be viewed as the proliferation of cryptography
that provides the benefits of confidentiality protection but does
nothing about its harms. It is government-proof encryption which
denies access to the government even under a court order or other
legal order. It has no safeguards to protect users and their
organizations from accidents and abuse. It is like an automobile
with no brakes, no seat belts, no pollution controls, no license
plate, and no way of getting in after you've locked your keys in
the car.
Crypto anarchy, it was claimed, would lead to social disorder and the end of life as we know it. But it could be prevented; all that was needed was key escrow, and the "Skipjack" encryption algorithm, which happened to be classified so nobody could see it. It was thought that key escrow might win on its own merits, but this outcome was not to be left to the whim of markets:
The manufacture, distribution, import, and export of unlicensed
encryption products would be illegal, but no particular method of
encryption would be mandated. Individuals would be allowed to
develop their own encryption systems for personal or educational
use without obtaining licenses, though they could not distribute
them to others.
It should be clear that this view of the world would not sit well with the free software community. We want to be able to develop - and distribute - software which satisfies our own sense of how much security we need. We have little patience for coding in back doors for government, or for anybody else. We do not believe in the security of government-mandated back doors or classified encryption algorithms. Clearly, the proponents of key escrow were not successful. There are two reasons for this failure; the first, and perhaps strongest, of those is economic. Somehow, the Powers That Be subscribed to the absurd notion that there would be a worldwide market for encryption products with an explicit back door for the U.S. government. People in the industry, however, eventually figured out that key escrow and crypto export regulations would destroy their business. They pushed for change, and got it. The other reason, however, is public opposition. The debate was loud, public, and effective. And a significant part of that debate came about as a result of the public release of PGP, which let the strong cryptography cat out of the bag in an irreversible way. Phillip Zimmermann's courageous act demonstrated the repressive power that was poised to swoop down on those who sought to protect their own data; it also made any attempt to control the spread of encryption technology moot. Without the release of that code, the software environment as we see it today might have been quite different. As we fight software patents, broadcast flags, or attempts to restrict peer-to-peer software, we should keep these lessons in mind. These battles can be won, even when strong interests are quite determined in their opposition. And releasing code onto the net can change the world. By developing and distributing our systems, which are designed with our interests in mind, we are helping to bring about a more free future.
Security Big Ideas for saving the InternetCIO magazine has run an article called How To Save The Internet. The core idea is that the Internet threatens to collapse under the load of spam, spyware, worms, etc., and that some sort of Big Ideas must be found to save the situation. A few of the suggested ideas merit a look...The first is "hire a czar." The idea would seem to be that the appointment of a high-level (U.S.) "cybersecurity" official would do something to make our systems more secure. It looks mostly like a bully-pulpit role:
We propose a high-profile surgeon general for information security,
who reports to the secretary of DHS. Imagine labels on software
like those on cigarettes--Infosecurity General's
Warning: The use of software and hardware that is not certified
secure can harm your system and other people's systems, and you may
be held liable for those damages.
Aside from the idea of how hardware and software would be "certified secure," one could imagine that people in the free software community could have a lot of fun creating warning labels. Another suggestion is giving vendors incentives to create more secure software. Essentially, it is the return of the product liability idea. This approach may still offer some promise, but it is hard to see how to make it fit with the "no warranties" nature of free software. Two related items are well described by the title applied to the first: "Treat End Users Like the Dummies They Are." The suggestion to have ISPs provide more filtering, detection, and response services to those who are willing to pay for them is fine. The other one, however, is more problematic:
Let's make all end user devices nonprogrammable.... No one can
connect to the Internet on a machine that creates code. If you want
a computer to do programming, you would have to be licensed. We
could license software companies to purchase programmable machines,
which would be completely traceable along with the code created on
them.
The idea of "traceable code" would appear to pose some technical challenges of its own. But the idea that you could "save the Internet" by restricting access to programmable devices is truly frightening. There are a few of us out there who see the net as a bit more than a clothing-optional shopping mall. We would not react well to the idea that we would have to be licensed before getting a machine we could hack on. There is an idea for the creation of reputation servers as an antidote to phishing problem (though, of course, it has to be expressed as "using XML and meta-data to tag websites with safety, reputation, past performance and other security ratings"). Something like that may yet be part of a solution to certain classes of problems. More likely, however, is that it would just become another variant of the (nearly useless) SSL certificate mechanism. Almost as an afterthought, the article presents a couple of relevant Big Ideas: make a bigger effort to write error-free software, and think carefully about what features any given program should have. Maybe an email client really should not be able to execute code received in messages. One wonders why nobody ever thought of that before. See the article for the full list of "Big Ideas." For the most part, this article can be dismissed as just another silly journalistic exercise. But the truth of the matter is that people are actually likely to try some of these ideas. Look for a "Code Traceability and Programmer Licensing" initiative in a legislature near you sometime soon.
New vulnerabilities Ethereal: Multiple vulnerabilities
gnupg: information leak
grip: buffer overflow
IPsec-Tools: denial of service
luxman: buffer overflow
MySQL: input validation and temporary file vulnerabilities
openslp: buffer overflows
Ringtone Tools: buffer overflow
sylpheed: buffer overflow
Updated vulnerabilities a2ps: input validation error
abuse: several vulnerabilities
cpio - file permissions error
cURL: buffer overflow
cyrus-imapd: buffer overflows
cyrus-sasl: remote buffer overflow
KDE dcopidlng: insecure temporary file creation
dhcp: format string vulnerability
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
evolution: arbitrary code execution
f2c: insecure temp files
Foomatic: Arbitrary command execution in foomatic-rip
gaim: DoS issue in parsing malformed HTML
gaim: client freezes
gettext: Insecure temporary file handling
gftp: missing input sanitizing
ghostscript: symlink vulnerabilities
glibc: Information leak with LD_DEBUG
glibc: tempfile vulnerability in catchsegv script
groff: insecure temporary directory
gtkhtml: malformed messages cause crash
hashcash: format string vulnerability
HelixPlayer: buffer overflows
htdig: cross site scripting
imagemagick: .psd image file decode vulnerability
imagemagick: format string vulnerability
imap: buffer overflow in c-client
imlib2: buffer overflows
kdelibs: unsanitzied input
kdenetwork: file descriptor leak
less: heap based buffer overflow
libdbi-perl: insecure temporary file
libexif: improper validation
libgd2: buffer overflows in PNG handling
libtiff: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
linux-source-2.6.8.1: multiple vulnerabilities
lvm10: creates insecure temporary directory
mailman: cross-site scripting
mailman: path traversal
MediaWiki: multiple vulnerabilities
mikmod: buffer overflow
mlterm: integer overflow
mod_python: remote access vulnerability
Mozilla and Mozilla Firefox: out of memory heap corruption
mpg321: format string vulnerability
mysql: several vulnerabilities
mysql-dfsg: insecure temporary files
nasm: Buffer overflow vulnerability
ncpfs: multiple vulnerabilities
netkit-telnet: invalid free pointer
nfs-utils: denial of service
nfs-utils: arbitrary code execution
openssl: der_chop script temp file vulnerability
OpenSSL: denial of service vulnerabilities
Opera: multiple vulnerabilities
perl: setuid vulnerabilities
perl: symlink vulnerability
php: multiple vulnerabilities
phpMyAdmin: multiple vulnerabilities
postfix: error in IPv6 handling
postgresql: EXECUTE privilege vulnerability
python: illegal function internals access
qt3: BMP image parser heap overflow
RealPlayer: buffer overflows
rp-pppoe, pppoe: missing privilege dropping
ruby: infinite loop
samba: integer overflow vulnerability
sharutils: arbitrary code execution
SpamAssassin: Denial of Service vulnerability
Squid: DNS response handling
squid: race condition
SquirrelMail: multiple vulnerabilities
sudo: environment variable sanitizing
File overwrite vulnerability in tar and unzip
tiff: buffer overflows
UnAce: buffer overflow and directory traversal
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
xpdf: buffer overflow
xpdf: vulnerabilities on 64 bit platforms
xv: filename handling vulnerability
zlib: denial of service
Resources March CRYPTO-GRAM newsletterBruce Schneier's CRYPTO-GRAM newsletter for March is out. Topics include the breaking of SHA-1, two-factor authentication, ChoicePoint, and Microsoft's "Ghostbuster" rootkit hunter. "This is too good an idea to abandon. Microsoft, if you're listening, you should release this tool to the world. Make it public domain. Make it open source, even. It's a great idea, and you deserve credit for coming up with it."
Events Security Masters DojoThe CanSecWest Security Masters Dojo is happening May 3 and 4 in Vancouver, BC, Canada. It is described as "Advanced and intermediate security training and technology enhancement for information security professionals." Click below for the course details.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current ultra-stable 2.6 kernel is 2.6.11.4, which was released on March 15; it contains two security fixes. Previously, 2.6.11.3 was released on March 12 with a larger set of fixes. The form of the 2.6.11.x patches has changed slightly: they now apply directly to the 2.6.11 root, rather than to the previous .x release.There still have been no 2.6.12 prepatches, though it looks like one should appear soon. When that prepatch shows up, it will include over 2000 patches currently sitting in Linus's BitKeeper repository. These include a driver for the "trusted computing" TPM chip (see the Trusted Computing Group site for more information on TPM), SuperHyway bus support, a new multi-level security implementation for SELinux, a user-mode Linux update, support for hot-pluggable parallel ports, the "cpuset" patch (see cpusets.txt for information on cpusets), a new nVidia framebuffer driver, the device mapper multipath patches, a big set of input driver patches, an ALSA update, an IPv6 update (including a patch removing the "experimental" designation for IPv6), a rearrangement of the net_device structure (which will break binary-only drivers), a 21,000-line DVB whitespace cleanup patch, a rework of the page table access functions (which is still causing some trouble on ia-64), a patch enabling an administrator to enable a subset of the "magic SysRq" functions, numerous driver updates, the address space randomization patches, a new packet classifier mechanism for the networking layer, a new workqueue API function, a Tiger digest algorithm implementation, the restoration of the Philips webcam driver, some software suspend improvements, some readahead improvements, a big block I/O barrier rewrite (which enables full barrier support on serial ATA drives), a set of patches to shrink the kernel for embedded use, a generic sort() function, high-resolution POSIX CPU clock support (not the full high-resolution timers patch), a USB API change (usb_control_msg() and usb_bulk_msg() now take a timeout in milliseconds rather than in jiffies), and lots of fixes. Also to be found in BitKeeper is an (almost) direct merge of the first three 2.6.11.x releases. The current -mm patch is 2.6.11-mm4. Recent changes to -mm include a big CFQ I/O scheduler update, a new and smaller relayfs patch, a set of sparse memory support patches, a performance counter API update, a reiser4 update, and various fixes. The current 2.4 prepatch remains 2.4.30-pre3; there have been no 2.4 prepatches since March 9.
Kernel development news Quote of the week
This patch causes a CONFIG_PREEMPT=y, CONFIG_PREEMPT_BKL=y,
CONFIG_DEBUG_PREEMPT=y kernel on a ppc64 G5 to hang immediately after
displaying the penguins, but apparently not before having set the hardware
clock backwards 101 years.
After having carefully reviewed the above description and having decided that these effects were not a part of the patch's design intent I have temporarily set it aside, thanks.
Linux Device Drivers, Third Edition now onlineLWN is happy to host an online version of Linux Device Drivers, Third Edition by Jonathan Corbet, Alessandro Rubini, and Greg Kroah-Hartman. As of this writing, only the PDF version of the book is available; it will eventually be released in HTML and DocBook form as well. The book has been released under the Creative Commons Attribution-ShareAlike license, but you're going to want to run out and buy a copy or three anyway.
HALs considered harmfulIt is a nice thing when hardware vendors provide Linux drivers for their products. Since these drivers are written by the vendor, there is usually no trouble getting information on how the hardware is controlled. With luck, that hardware will "just work" for Linux users, and all will be as it should be. In the real world, however, things are not always that simple. Hardware companies often take interesting approaches to coding drivers, and the people involved are not always well tied into the Linux kernel development community. The result can be conflicts between the vendors, who simply want to get things done, and the kernel developers, who are increasingly unwilling to accept code which does not meet their standards.For a current example, consider the proposed new Neterion/S2io 10GbE network driver. This driver has been rewritten from the beginning; it supports many of the hardware's advanced features and provides high performance. It looks like just the thing for high-end Linux-based networking uses. The problem is that the driver does not deal directly with the Linux kernel API. It is, instead, based on a "hardware abstraction layer" (HAL) which glues the driver to the kernel. So, for example, the driver builds lists with a structure like:
typedef struct xge_list_t {
struct xge_list_t* prev;
struct xge_list_t* next;
} xge_list_t;
Such lists are accessed with functions like xge_list_insert() and even xge_list_for_each(). Similarly, the driver uses xge_os_spin_lock() to acquire a lock, xge_os_malloc() to allocate memory, and xge_os_pio_mem_read8() to read a byte from I/O memory. This approach helps Neterion support a variety of systems with the same core driver code, but it does not sit well with the kernel hackers. Networking maintainer David Miller responded this way:
I totally reject this driver, HAL is unacceptable for in-tree
drivers. We've been over this a thousand times.
One problem with the HAL approach is that there can be a performance cost. A 10G network adaptor can handle thousands of packets per second; at that sort of load, even the minimal overhead of a simple wrapper function can make a significant difference. The extra memory taken by the glue code, parallel linked list implementation, etc. also hurts. A developer community which is dedicated to obtaining the best possible performance from the hardware will be unwilling to swallow even a small cost in the name of portability. The bigger issue, however, is in the maintainability of the driver. A driver written for a HAL layer has its own idioms and conventions; it works with a completely different API. It simply does not look like a Linux driver; Linux developers will have a harder time understanding and modifying it. One might think that this is not a big issue, since Neterion has said that it plans to maintain the driver, but there are a couple of problems that come up:
Additionally, the vendor may resist patches which affect the HAL layer itself, making it harder for the community to work on the driver. Overall, the Linux kernel developers plan to maintain the kernel for many years into the future; they tend to be concerned about taking on code which will make that maintenance task harder in the future. So the kernel hackers have some solid reasons for resisting HAL-based drivers. The vendors also have good reasons for wanting to write such drivers. To them, the resistance to HAL looks like a "Linux is the only important system" attitude, and it forces them in incur extra costs when writing their code. In this case, Neterion has reluctantly said that it will produce a non-HAL driver if that is the only way to get into the tree; other vendors may not bother.
Handling interrupts in user spacePeter Chubb has long been working on a project to move device drivers into user space. Getting drivers out of the kernel, he points out, would have a number of benefits. Faults in drivers (the source of a large percentage of kernel bugs) would be less likely to destabilize the entire system. Drivers could be easily restarted and upgraded. And a user-space implementation would make it possible to provide a relatively stable driver API, which would appeal to many vendors.Much of the support needed for user-space drivers is already in place. A process can communicate with hardware by mapping the relevant I/O memory directly into its address space, for example; that is how the X server works with video adaptors. One piece, however, is missing: user-space drivers cannot handle device interrupts. In many cases, a proper driver cannot be written without using interrupts, so a user-space implementation is not possible. Peter has now posted his user-space interrupts patch for review and possible inclusion. The mechanism that he ended up with is simple and easy to work with, but it suffers from an important limitation. The mechanism is this: a process wishing to respond to interrupts opens a new /proc file; for IRQ 10, the file would be /proc/irq/10/irq. A read on that file will yield the number of interrupts which have occurred since the last read. If no interrupts have occurred, the read() call will block until the next interrupt happens. The select() and poll() system calls are properly supported, so it is possible to include interrupt handling as just another thing to do in an event loop. On the kernel side, the real interrupt handler looks like this:
static irqreturn_t irq_proc_irq_handler(int irq, void *vidp,
struct pt_regs *regs)
{
struct irq_proc *idp = (struct irq_proc *)vidp;
BUG_ON(idp->irq != irq);
disable_irq_nosync(irq);
atomic_inc(&idp->count);
wake_up(&idp->q);
return IRQ_HANDLED;
}
In other words, all it does is count the interrupt and wake up any process that might be waiting to handle it. The handler also disables the interrupt before returning. There is an important reason for this action: since the handler knows nothing of the device which is actually interrupting, it is unable to acknowledge or turn off the interrupt. So, when the handler returns, the device will still be signalling an interrupt. If the interrupt were not disabled in the processor (or the APIC), the processor would be interrupted (and the handler called) all over again, repeatedly - at least, when level-triggered interrupts are in use. Disabling the interrupt allows life to go on until the user-space process gets scheduled and is able to tend to the interrupting device. There is a problem here, however: interrupt lines are often shared between devices. Disabling a shared interrupt shuts it off for all devices using that line, not just the one being handled by a user-space driver. It is entirely possible that masking that interrupt will block a device which is needed by the user-space handler - a disk controller, perhaps. In that case, the system may well deadlock. For this reason, the patch does not allow user-space drivers to work with shared interrupts. This restriction avoids problems, but it also reduces the utility of the whole thing. One possible solution was posted by Alan Cox. He would require user-space processes to pass a small structure into the kernel describing the hardware's IRQ interface. It would be just enough for the kernel to tell if a particular device is interrupting, acknowledge that interrupt, and tell the device to shut up. With that in place, the kernel could let user space deal with what the device really needs while leaving the interrupt enabled. It has been pointed out that this simple scheme would not work with some of the more complicated hardware, but it would be a step in the right direction regardless. Meanwhile, Michael Raymond described a different user-space interrupt implementation (called "User Level Interrupt" or ULI) done at SGI. This patch is significantly more complicated. In this scheme, a user-space driver would register an interrupt handler function directly with the kernel. When an interrupt happens, the ULI code performs some assembly-code black magic so that its "return from interrupt" instruction jumps directly into the user-space handler, in user mode. Once that handler returns, the ULI library writes a code to a magic device which causes the kernel stack and related data structures to be restored to their pre-interrupt state. The implementation is more complex, and it currently only works on the ia-64 architecture, but it could conceivably offer better performance than the /proc method.
Some more 2.6.12 API changesA few more changes to the 2.6 internal kernel API have been merged since last week's summary.The driver model API has seen a couple of small changes. kref_put() no longer returns void:
int kref_put(struct kref *kref, void (*release)(struct kref *kref));
The (new) return value is normally zero, but will be nonzero if the kref was actually removed. Note that a zero return does not imply that the kref is still valid; somebody else may have done the last kref_put() call in the mean time. The kset type now has its own internal spinlock. That means that a kset is no longer required to be part of a subsystem. Greg Kroah-Hartman has proposed a rather wider set of changes to the driver model class code. Essentially, he is pushing all users over to a form of the "class_simple" interface, and getting away from the original class implementation, which was hard to use correctly. These changes have not yet been merged, however. The kernel has long held a variety of special-purpose sorting functions. These have now been replaced by a generic heap sort utility written by Matt Mackall. It's interface is:
void sort(void *base, size_t num, size_t size,
int (*compare)(const void *a, const void *b),
void (*swap)(void *a, void *b, int size));
Here, base is the array of items to sort; it contains num items of size bytes. The compare() function returns the integer equivalent of a-b; sort() will sort the array in ascending order as dictated by compare(). The swap() function is optional; it can be provided if the caller knows a faster way to exchange two elements in the array.
Patches and updates Kernel trees
Core kernel code
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Fedora Core 4 Test1: Features Over StabilityFollowing the release of Red Hat Enterprise Linux (RHEL) 4 last month, the developers of the world's most prominent Linux distribution have been freed of the immense responsibility that goes into producing a quality enterprise-class operating system and were once again able to experiment with cutting edge software releases. That's because, for the Red Hat engineers, Fedora Core 4 is the start of a new release cycle on the road to RHEL 5. The distribution will go through the usual testing phases and stability checks, before several interim releases (speaking from the RHEL's point of view). Then about a year and three releases later, Fedora Core will likely be declared a well-tested and solid base on which to build the Red Hat's flagship product. This gives us an exciting opportunity to peek at the innovations that will be part of our every-day computing lives in the not too distant future. Your writer was unable to resist the temptation and decided to check out the hot-off-the-presses Fedora Core 4 Test1 (FC4T1).Fedora Core 4 Test1 couldn't possibly be any more bleeding edge. Although it is based on a stable Linux kernel 2.6 11, it includes beta or RC releases of GNOME 2.10, KDE 3.4 and OpenOffice.org 2.0, as well as several experimental releases of important packages, such as LVM2, RPM and yum. On top of it, all packages have been compiled with the yet-to-be-released GCC 4.0. Other "firsts" include Java packages for developers, the Eclipse IDE (also a development version), and support for the PPC and PPC64 architectures. All this should give much entertainment to even the most hardcore beta testers out there. We downloaded the DVD ISO image for the x86_64 architecture and installed it on a computer built on top of an AMD64 3500+ processor (2.2GHz), K8N Neo2 (Socket939) MSI mainboard, and 2 GB of DDR SDRAM. If we still had any doubts about just how experimental this test release was, they were quickly gone as soon as we completed the installation and rebooted the system. First, we noticed a high number of Python-related errors during the boot. Then, instead of the usual configuration dialog ("firstboot"), we were dropped straight into a GDM login screen (at 800x600 pixel resolution), with the only available account being the root account created earlier. Those Python errors came to haunt us soon afterward, as we were unable to launch many applications (included most of Red Hat's configuration dialogs) and could not connect to Red Hat Networks to check for updates. Evolution crashed during account configuration and OpenOffice.org wouldn't start at all. To add insult to injury, opening Firefox greeted us with: "There ought to be release notes for Fedora Core 3.90 here, but there aren't. In the meantime, we bring you this ASCII art hat." To sum it up, the x86_64 edition of Fedora Core 4 Test1 is broken. It is not completely unusable, because the GNOME desktop came up nicely and Nautilus also worked (and, as one of the testers on the Fedora Test mailing list remarked, "the console was very fast"). But surely, there is more to personal computing than file management! In a desperate attempt to improve the experience and to find something positive to write about, we tried a few things, such as "yum update" (which failed too, reporting several unmet dependencies), and visited the mailing list to see whether other testers have fared better. But apart from further bug reports about grub-install, which insists on installing GRUB into the Master Boot Record, and the usual failed media check during installation, we were unable to find a panacea for the half-broken operating system. Nevertheless, some of the individual yum updates turned out to be improvements. The Python problem was solved by 'yum update gnome-python2', which meant that the Red Hat utilities, including Red Hat Networks, were working again. A new version of Nautilus was also available - this one was slightly better because we were able to complete the initial account setup, although it still crashed shortly afterward. But no amount of package updates were able to bring OpenOffice.org to life; it stubbornly refused to start without giving away any clues as to the reason for its behavior. Of course, the rawhide tree is undergoing a large amount of updates daily, so a fix might be available by the time you read this. But it became rather clear during our brief experimenting that, as development releases go, FC4T1 is more like a very early alpha, with many broken or non-functional packages and unusually sluggish desktops, both GNOME and KDE. One group of people who are likely to be excited about the new features in FC4 are Java developers. Included in this release are the Ant "make" facility (version 1.6.2), GCJ GNU compiler for Java, Tomcat (5.0.30), the Apache Struts Web Application Framework (1.1) and even the Eclipse Integrated Development Environment (version 3.1.0) with a several popular plugins. This comes at the expense of a number of long-standing open source applications that were "relegated" to Fedora Extras and will no longer be part of the core system. AbiWord, Gnumeric, KOffice, Exim, Sylpheed, Tuxracer and XEmacs are among the affected packages, so users who need them will need to get them from the "extras" repository from now on. Fedora Core 4 is undoubtedly the most ambitious Fedora release to date. The developers are going through similar pains as they experienced during the first test release of Fedora Core 2 over a year ago, which introduced kernel 2.6 and SELinux functionality into the distribution. That release was also barely usable and even the final product wasn't the most bug-free distribution in the world. It took another 8 months of solid debugging before a much improved and stable Fedora Core 3 was released. I suspect that we will see a similar pattern here. If you are a tinkerer who takes pleasure in navigating Bugzillas, and who routinely builds RPM packages from CVS sources, then you will likely enjoy this release. As for the rest of you, save your blank CDs and DVDs for FC4 Test2, or for another distribution.
New Releases The Ubuntu 5.04 preview is availableThe folks at Ubuntu have made available a preview version of the "Hoary Hedgehog" release. There is no end of good stuff in this release; click below for the details.
Accessible Ubuntu LiveCD announced (GnomeDesktop)GnomeDesktop takes a look at the release of an accessibility-focused version of the Ubuntu LiveCD. This is the second testing/proof of concept release of an accessible derivative of the Hoary Live CD, based on the recently released Ubuntu preview. This CD aims to give blind/vision impaired Linux users a chance to use the Gnopernicus screen reader, and explore the many features and applications of the GNOME and Ubuntu desktop.
Announcing Fedora Core 4 test1The first test release in the Fedora Core 4 development cycle is now available for i386, x86_64, and PPC/PPC64. This release has gcc 4.0, GNOME 2.10.0 Beta 2, and more. Click below for more information.
Terra Soft Releases Y-HPC for YDL v4.0.1Terra Soft Solutions has announced the release of Y-HPC for Yellow Dog Linux v4.0.1, featuring a rebuild against the 2.6.10 kernel. "Y-HPC is Terra Soft's 64-bit PowerPC Linux operating system and cluster construction/management suite. In use by the Department of Energy, Department of Defense, University labs, and corporations nation-wide, Y-HPC offers a full 64-bit code development foundation and an advanced, rapid cluster construction and management suite."
Novell Ships Open Enterprise ServerNovell, Inc. has announced that Novell(R) Open Enterprise Server is now available to customers worldwide. Open Enterprise Server combines NetWare(R) and SUSE(R) LINUX Enterprise Server.
Distribution News Ubuntu: Next Release Codename + Mascot CompetitionA codename has been chosen for Ubuntu 5.10, the Breezy Badger. Work will begin on the Breezy Badger in April, once the Hoary Hedgehog reaches a final, stable release. A stable Breezy Badger is expected in October 2005.Also found in this announcement (click below) is the Breezy Badger Mascot Competition. "The Breezy Badger is an extremely rare South American breed, not a friend of colder climates. ;-) Obviously, submissions should depict a badger!" The competition closes on April 25, 2005.
SUSE Linux Professional 9.3 comingSUSE has sent out a press release announcing the April availability of SUSE Linux Professional 9.3. "SUSE LINUX Professional includes a stable and reliable Linux operating system plus a complete set of desktop applications -- office suite, Web browser, e-mail and instant messaging clients, multimedia viewers, photo organizers, and other popular open source applications. It also features the latest tools for setting up a secure home network, running a Web server, developing applications and more. SUSE LINUX 9.3 also provides a sneak peak into upcoming server-based Linux, including the XEN virtualization environment and intuitive search engines."
Debian proposes dropping most architecturesThe Debian Project release team has proposed that most architectures (all but i386, amd64, PowerPC, and ia-64) be dropped from the main distribution after the sarge release. "The release team and the ftpmasters are mutually agreed that it is not sustainable to continue making coordinated releases for as many architectures as sarge currently contains, let alone for as many new proposed architectures as are waiting in the wings." Debian ports to the dropped architectures would remain (via a new "second class citizen" mechanism) as long as people continue to maintain them, but they would not be part of the core Debian distribution. Click below for the full announcement.
Final announcement of 2005 DPL election debateFinding a time to get all six candidates for Debian Project Leader together for a debate was not an easy task. Now a date and time has been set. The 2005 DPL IRC Debate will be held on Wednesday March 16, at 06:00 UTC. Click below for details.
Additional Debian BitsBits from the CD team (2005-03-16): "We're increasing the amount of space available for CD and DVD ISO images on cdimage.debian.org so we can host full images for both woody and sarge for a period after the release. A newly donated RAID array is on the way from HP (thanks!) to accommodate this. This should hopefully be in place and serving images within the next week."
Bits from the Testing Security team:
More bits from SPI: covers a SPI board meeting held March 15, 2005. Topics include date and time of the next meeting, tax filing, accounting update, purcel, old resolutions, and more.
LinuxQuestions.org adds Officially Recognized Ubuntu ForumLinuxQuestions.org has added a forum for Ubuntu Linux. ""We are very excited to have an Ubuntu section at LinuxQuestions, it will be a great additional resource for current and new Ubuntu users", said Ryan Troy, Admin of ubuntuforums.org."
New Distributions XlineXline is a European distribution of Linux, an advanced operating system based on the GNU/Linux core with many additional packages. It is compatible with the architectures x86 (including Pentium and Athlon), amd64 (including Opteron, Athlon 64 and EM64T), Alpha/AXP, IA-64, PC-98, UltraSPARC and PowerPC. Development is open to everyone; developers, testers, translators, etc. GNOME is the default desktop, at least in the initial development of Xline.
Foresight Desktop LinuxForesight Desktop Linux is a distribution which showcases some of the latest and greatest from GNOME. Some of the things that may not be mature enough for some of the other distros. It's got Mono, beagle, f-spot, howl, the latest hal, Conary for package management, and more. (Found on GnomeDesktop)
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for March 15, 2005 is available. This issue covers an upload of the first version of the dbconfig-common package which implements a general database maintenance interface, the DebConf 5 Call for Papers is closed, the Debian logo license, automatic integration of USB storage, a license for documentation, key management on a USB stick, proper etiquette for election discussions, Sarge release status, post-Sarge release plans, and more.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of March 14, 2005 is out, with a look at the launch of Planet Gentoo, the Gentoo UK Conference, and several other topics.
DistroWatch Weekly, Issue 91The DistroWatch Weekly for March 14, 2005 is out. "It is "CeBIT" time again, which means lots of interesting news and announcements. It seems that the CeBIT edition of KNOPPIX 3.8 is a runaway success and there is a lot to look forward to next month when SUSE LINUX 9.3 starts shipping. Plenty of excitement on the desktop front too, with the brand new GNOME 2.10 freshly out of the oven and KDE 3.4 following shortly. Also, don't miss our much improved distribution search engine with several new features added within the last few days! Enjoy!"
Minor distribution updates dyne:bolic 1.4.1 codename LUMUMBADyne:bolic GNU/Linux version 1.4.1 has been released. This is release implements important stability fixes concluding the development of the 1.x series of dyne:bolic.
Lineox Releases Lineox Enterprise Linux 4.0 x86_64Lineox has released Lineox Enterprise Linux 4.0 for x86_64. Lineox has also released two Always Current x86_64 versions of Lineox Enterprise Linux 4.0 to syncronize it with x86 version.
Linspire Five-0 releasedLinspire has announced the availability of the latest version of its distribution which, perhaps in honor of bad 1970's TV, is called "Linspire Five-0". "Highlights include a completely revised and streamlined graphical interface, improved laptop and hardware support, significant Internet optimization, and dozens of enhanced software applications to provide a complete user experience." Book it, Danno!
Announcing the availability of White Box Enterprise Linux 3.0 Respin 2White Box Enterprise Linux 3.0 Respin 2 is now available. This release is purely a maintenance release to pick up the accumulated errata since Respin 1 in June '04. "It includes all errata issued from upstream through the end of Feb 05, with the exception of the kernel. The kernel is the older one issued with Red Hat, Inc.'s Update 4 so that binary driver discs made available by 3rd party hardware vendors should be compatible with this rebuild release."
Announcing YES Linux 2.2 Build 1The YES Linux Release Team has announced the immediate availability of YES Linux 2.2 Build 1. This is the second build of YES Linux 2.2, with lots of updated packages, and a few new ones. This release features updates to bind-utils, php, openssh, sudo, and mod_security (IDS).
Package updates Fedora Core updatesUpdates for Fedora Core 3: hwbrowser-0.20-0.fc3.1 (fix deprecation warnings), bind-9.2.5-1 (upgrade to ISC BIND 9.2.5 final), openoffice.org-1.1.3-9.5.0.fc3 (bug fixes), NetworkManager-0.3.4-1.1.0.fc3 (many bug fixes), at-3.1.8-68_FC3 (bug fixes), koffice-1.3.5-0.FC3.2 (bug fixes), qt-3.3.4-0.fc3.0 (upgrade to v3.3.4), ImageMagick-6.0.7.1-5.fc3 (bug fixes), system-config-samba-1.2.28-0.fc3.1 (bug fixes), kdenetwork-3.3.1-3 (CVS backport with bug fixes), udev-039-10.FC3.7 (some start_udev fixes).Updates for Fedora Core 2: openoffice.org-1.1.3-9.4.0.fc2 (updates and bug fixes).
Mandrakelinux update to lvm2A bug in the lvm2 packages (in Mandrakelinux v10.1) caused it to recurse symlinked directories indefinitely which caused lvm commands to be really slow or timeout. A patch has been applied to correct this problem.
Newsletters and articles of interest amaroK Teams Up with CC/Wired CD to Create amaroK Live (KDE.News)KDE.News takes a look at a new KDE-centric live CD that comes with a fully functional amaroK music player. "The KDE-centric PCLinuxOS LiveCD distro was used as a base to create this really cool Live CD. amaroK Live is not so much a Live CD distro as it is a demonstration of a really cool music player. It is a stripped down Live CD (only 289MB including the music) with a fully functional amaroK music player bundled with the tracks commissioned last year by Wired Magazine, which are distributed under the Creative Commons Sampling Licenses. It includes - among other major artists - tracks by the Beastie Boys and David Byrne."
Two floppy-based firewalls (NewsForge)NewsForge turns old hardware into a firewall using floppyfw and Coyote Linux.
Floppfw takes a minimalist approach that requires you to understand
iptables in order to customize it. Its lack of remote administration could
be seen as an advantage for both resource-constrained and
security-conscious users. Running SSH or a Web server takes up memory and
processor resources that could be used to support more users. It is also
one less source of potential vulnerabilities. Those familiar with Linux and
command-line administration will feel right at home with floppyfw.
Coyote Linux shines when it comes to ease of use. The disk creation program is easy to install on both Linux and Windows. The Web-based administration interface makes changing firewall settings a breeze. Add-on packages are also easy to install; in most cases, you just copy the file to the diskette and reboot. If you do not have much Linux experience, or if you just prefer graphical administration, Coyote Linux makes more sense for you.
Fedora makes rapid progress (Netcraft)Netcraft reports that Fedora is the fastest growing Linux distribution in the web server survey. "Based on distribution names contained in the server banner, Fedora has outpaced all its rivals over the last six months, growing fastest both in absolute numbers and in relative terms."
Distribution reviews Red Hat Enterprise Linux 4 (eWeek)eWeek reviews Red Hat Enterprise Linux 4. "Red Hat's enterprise-targeted Linux distribution delivers an open-source platform that's up-to-date, well-tested and ready to serve a diverse set of IT services. Version 4 marks the debut of the Linux 2.6 kernel in RHEL, allowing the operating system to scale much better than previous versions on multiprocessor systems. Sporting the latest productivity applications for Linux, RHEL fits well on corporate desktops as well."
My Workstation OS: Linspire 4.5 (NewsForge)NewsForge has a mini review of Linspire. "Built on a Debian Linux core, Linspire is designed for simplicity of use, and it delivers this in spades. Linspire eliminates the need for me to be technically proficient in the nuances of Linux to successfully operate and enjoy the OS. This includes loading software, staying updated, and never seeing a command-line interface. It makes it very easy to just get on with what I have to do and not worry about the technicalities of using a Linux-based system."
Page editor: Rebecca Sobol Development SSL-Explorer: an open-source VPNSSL-Explorer is a cross-platform open-source SSL-based (Secure Sockets Layer) VPN (Virtual Private Network) solution that has been released by 3SP. SSL-Explorer is mainly aimed at organizations that are running a Windows environment, some Linux-specific support is also included. The product description states:
SSL-Explorer is the world's first open-source SSL VPN solution of its kind. This unique remote access solution provides users and businesses alike with a means of securely accessing network resources from outside the network perimeter using only a standard web browser.
SSL-based VPNs have become a hot topic in recent years. The benefits to productivity and the low maintenance overhead that comes with browser-based VPN solutions are something that cannot be overlooked by most businesses, though implementation costs can often be prohibitive.
The 3SP Product Vision document clarifies the company's stance on making money:
Like all corporate open source ventures, driving forward the development of SSL-Explorer there is a full-time development team assigned to the production and delivery of the features outlined in these pages. Of course, we require capital to invest into the continued development of SSL-Explorer.
In order for us to continue to provide cutting edge solutions to the open source community, a range of enterprise features will be marketed that will extend further upon the foundation provided by the GPL product. The GPL SSL-Explorer product is aimed at smaller businesses and the more tech-savvy personal users, while the enterprise modules will cater for larger companies that will require dedicated support, full endpoint security and other advanced features.
Features of SSL-Explorer include:
Version 0.18 of SSL-Explorer was announced this week. "This release includes many new features, most importantly the support for role based access control and the proxying of Outlook Web Access over the VPN. Several new improvements have also been made to the secure application deployment feature. The 0.1.8 release also contains a number of important security enhancements, general bugfixes and performance enhancements." The project roadmap shows where the design of the system is headed, a long list of new features is planned. Those of you who work in cross-platform environments should find SSL-Explorer to be a tool that is worth examination, the software is available for download here.
System Applications Clusters and Grids An eagle-eye view of the Condor project (IBM developerWorks)Jeff Mausolf reviews Condor on IBM developerWorks. "Condor is an open source tool that can manage a cluster of dedicated compute nodes and effectively harness otherwise wasted cycles from idle desktop workstations. This article will provide a high-level overview of Condor and introduce some of its unique features."
Database Software MySQL 4.0.24 has been releasedStable version 4.0.24 of the MySQL database has been released. "This is a bugfix release for the recent production version. It also includes fixes for recently reported potential security vulnerabilites in the creation of temporary table file names and the handling of User Defined Functions (UDFs)."
MySQL 4.1.10a has been releasedVersion 4.1.10a of the MySQL database has been released. "This MySQL 4.1.10a release just includes the additional patches for recently reported potential security vulnerabilites in the creation of temporary table file names and the handling of User Defined Functions (UDFs)."
PostgreSQL Weekly NewsThe March 13, 2005 edition of the PostgreSQL Weekly News is online with the week's PostgreSQL database information.
Embedding Perl in database tables (IBM developerWorks)Teodor Zlatanov embeds Perl in a database table on IBM developerWorks. "In this installment, Ted looks at Perl and databases. Specifically, he works with the Class::DBI CPAN module and MySQL to introduce you to embedding Perl in database tables."
Interoperability Samba 3.0.12rc1 Available for DownloadRelease Candidate 1 for Samba 3.0.12 is out. "This is a release candidate of the Samba 3.0.12 code base and is provided for testing only. While close to the final stable release, this snapshot is *not* intended for production servers. If all goes well, this this version (or something very similar) will become the final 3.0.12 stable release."
Web Site Development Quixote 2.0a5 releasedVersion 2.0a5 of Quixote, a Python-based web development platform, is out. See the Changes document for details.
Miscellaneous A moment of Xen: Virtualize Linux to test your apps (IBM developerWorks)Bryan Clark works with Xen on IBM developerWorks. "Xen is a paravirtualization technology available for the Linux kernel that lets you enclose and test new upgrades as if running them in the existing environment but without the worries of disturbing the original system. This article shows you how to install a Xen system that will give administrators a valuable sandbox for testing system upgrades (as well as a playground for running multiple virtual machines on the same Linux box). Take a look at virtualization on Linux and see the benefits that come from using Xen in that space."
Desktop Applications Audio Applications Ardour 0.9beta28 releasedVersion 0.9 beta 28 of Ardour, a multi-track audio recording application, is out. Changes include numerous bug fixes and more.
Ecasound 2.4.0 releasedVersion 2.4.0 of Ecasound, a multi-track audio processing application, has been released. The changes include: "An annoying bug with handling filenames with whitespace has been fixed. Integration with libsamplerate and other resamplers has received a lot of attention and many bugs have been fixed. Error reporting has been improved when loading invalid chainsetups. A new sum-mixdown mode has been added to the engine. Some minor cosmetic changes have been made to the output produced by the console ecasound interface. A log message history mechanism has been added to the engine to help ECI app and script development."
Business Applications OpenWFE 1.5.0 released (SourceForge)Version 1.5.0 of OpenWFE, an open source java workflow engine, is out. "OpenWFE 1.5.0 is a major step in this open source workflow engine development : the workflow instantiation mechanism has been completely revised, making the OpenWFE process definition language even more expressive and powerful. Along with this change, functions in the process definition language have been heavily enhanced."
Calendar Software The SchoolBell calendaring serverThe first independent release of SchoolBell, a calendaring server for groups and organizations, has been announced. "For this release, we have managed to move most, but not all, of SchoolBell functionality to the Zope3 framework. It is now a Zope 3 component that can be instantiated via the ZMI, a stand alone calendaring server and a bunch of useful libraries for anyone interested in developing calendars in Zope 3."
Desktop Environments KDE 3.4 releasedKDE 3.4 has been released. There's a lot of new stuff in this release; highlights include much improved accessibility (especially built-in text-to-speech capability), DBUS/HAL support, a new RSS aggregator, KHTML improvements, and much more; click below for the details.
The GNOME Journal, March EditionThe March edition of The GNOME Journal is out. This month's articles look at the 2.10 release, art.gnome.org, CD burning, Evolution 2.2, and Ubuntu Hoary package management.
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE CVS-Digest for March 11, 2005 (KDE.News)The March 11, 2005 edition of the KDE CVS-Digest is online with the following content summary: "Kttsd adds support for Kiswahili, Zulu, and Ibibio Festival languages. Digikam adds undo/redo operation for the image editor. KCharts now can flip row and column data. Kexi scripting can now pass signals, slots and Q_PROPERTY's between C++ and scripting languages. Kalzium (periodic table) adds family view."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Electronics QOscC 0.2.1 releasedVersion 0.2.1 of QOscC, a software oscilloscope application with spectrum analysis capabilities, is out. Changes include support for Serial Multimeters, datafile export, and improved documentation.
XCircuit 3.3.11 releasedVersion 3.3.11 of XCircuit, an electronic schematic drawing package, has been released. Changes include a fix for a bug that can cause a crash.
Financial Applications SQL-Ledger 2.4.10 is outVersion 2.4.10 of SQL-Ledger, a web-based accounting system, is available. Changes include inventory movement in the transaction report, a new UTF-8 option to bypass text formatting, and more.
Interoperability Wine release 20050310Release 20050310 of Wine has been announced. Changes include an initial implementation of a true Richedit control, a shell extension for browsing Unix directories, MSI work, PBuffer support in OpenGL, and bug fixes.
Mail Clients Mozilla Thunderbird 1.0.1 Release Candidate (MozillaZine)Release Candidate build 1.0.1 of Mozilla Thunderbird has been announced. "Like last month's Mozilla Firefox 1.0.1, this new version will just fix a few security and stability bugs; it's not a major update."
Office Applications Gnumeric 1.4.3 Released (GnomeDesktop)Version 1.4.3 of Gnumeric, a spreadsheet application, is available. "This is a bug fix release for 1.4.x with various minor patches. The main point of interest is that Ivan Wong has fixed Gtk+'s large window handing on Win32 and the 1.4.3 package for that platform is now considered ready for general usage. There are still missing pieces (printing and registry connections) but the core application can display smoothly now."
Office Suites OpenOffice.org build 1.9.79.2Build 1.9.79.2 of the OpenOffice.org office suite is available with numerous bug fixes, documentation work, and a NovellTeam easter egg.
Web Browsers Announcement of Future of Mozilla Application Suite Expected Soon (MozillaZine)MozillaZine covers an ongoing debate over the Mozilla Application Suite. "The Mozilla Foundation is expected to make a formal announcement on the future of the Mozilla Application Suite soon. Debate about the future of the suite, often known as Mozilla 1.x or by its SeaMonkey codename, has raged over the last few days following Saturday's publication of the minutes of the mozilla.org staff meeting held on Monday 28th February 2005. In reference to Mozilla 1.8 final, the minutes state that it was "To be discussed tomorrow [Tuesday 1st March] whether we do one". This led to dozens of replies about the fate of the suite from a wide variety of contributors and onlookers."
Future of the Mozilla Application Suite (MozillaZine)MozillaZine has the news: there will be no Mozilla 1.8 release. The plan, instead, calls for a shift to the standalone Firefox and Thunderbird clients. "However, the Mozilla Foundation will offer infrastructure support to a community effort to continue development of the Mozilla Application Suite, probably under a different name." See the article for various links to more information.
Minutes of the mozilla.org Staff Meeting (MozillaZine)MozillaZine has announced the availability of the minutes from the March 7, 2005 mozilla.org staff meeting. "Issues discussed include Mozilla Firefox 1.0.1 rollout, Mozilla Thunderbird 1.0.1, Mozilla 1.7.6, Mozilla 1.8b2, Mozilla Firefox 1.1, Mozilla Thunderbird 1.1 and update.mozilla.org load."
Mozilla for GroupWise Beta Released (MozillaZine)Version 0.1b of Mozilla for GroupWise has been announced. "MozNGW, as it's known, is a cross-platform client for the Novell GroupWise corporate communication and collaboration solution. MozNGW installs as a Mozilla Firefox extension and completely replaces the standard GroupWise client. The software is compatible with GroupWise 6.02 and above, though it will "probably" work with version 5.5 Enhancement Pack."
First Community SeaMonkey Project Meeting Held (MozillaZine)MozillaZine reports on the first meeting of the new community-driven SeaMonkey project. "Chaired by Alex "WeirdAl" Vincent, the hour-long meeting took place in #seamonkey on irc.mozilla.org and focussed on various project management issues, with several volunteers appointed to leadership roles."
Languages and Tools Caml Caml Weekly NewsThe March 8-15, 2005 edition of the Caml Weekly News is out. Take a look for the latest Caml Language information.
Groovy Go server-side up, with Groovy (IBM developerWorks)Andrew Glover explores Groovy frameworks on IBM developerWorks. "The Groovlet and GroovyServer Pages (GSP) frameworks are built on the shoulders of the Java Servlet API. Unlike Struts and JSF, however, Groovy's server-side implementation isn't meant for all occasions. Rather, it's a simplified alternative for developing server-side applications quickly and easily. Follow along with Groovy advocate Andrew Glover as he introduces these frameworks and demonstrates their use."
Java A Look at Commons Chain, Part 2 (O'ReillyNet)Bill Siggelkow explores chains under Jakarta Struts in part two of an O'Reilly series. "In part one of this two-part series, Bill Siggelkow showed Java programmers how certain design patterns help Commons Chain to define and execute sequential sets of steps. In part two, Bill shows how Struts uses Chain to add custom behavior to request processing."
Perl This Fortnight in Perl 6 (O'Reilly)The Feb. 23 - March 7, 2005 edition of This Fortnight in Perl 6 is online with the latest Perl 6 development news.
Python Python 2.4.1, release candidate 1Release Candidate 1 of Python 2.4.1 has been announced. "According to the release notes, several dozen bugs have been fixed, including a fix for the SimpleXMLRPCServer security issue (PSF-2005-001)."
Ruby Ruby Weekly NewsThe March 13, 2005 edition of the Ruby Weekly News is available with the latest news and discussion from the ruby-talk mailing list.
Tcl/Tk Dr. Dobb's Tcl-URL!The March 15, 2005 edition of Dr. Dobb's Tcl-URL! is online with the week's Tcl/Tk articles and resources.
XML State of the art in XML modeling (IBM developerWorks)Uche Ogbuji discusses semantic transparency and XML on IBM developerWorks. "The running theme of the column has been semantic transparency: the ability to correctly interpret the contents of XML documents. Semantic transparency might be the most important aspect of XML modeling. This is first in a series of articles that review the many different approaches to semantic transparency and discuss what they mean to developers using XML."
Comparing XSLT and XQuery (O'Reilly)J. David Eisenberg compares XSLT and XQuery on O'Reilly. "XSLT has been the main XML technology for transformations for some time now, but its not the only player in the game. Although XQuery is designed for retrieving and interpreting information, it is also, according to the specification, flexible enough to query a broad spectrum of XML information sources, including both databases and documents."
Models with Character (O'Reilly)Micah Dubinko writes about Unicode and XML on O'Reilly. "Yet, one topic is sacrosanct: that one of the smartest and best design decisions underlying XML was to define it on the foundation of characters, specifically the Universal Character Set and Unicode. As such, a working knowledge of Unicode is not optional. Practitioners of XML need to be, at a minimum, conversant in the basics of Unicode as described in the first few sections of Mike J. Brown's excellent write-up."
Editors Nvu 0.90 Released (MozillaZine)Version 0.90 of Nvu, an HTML editor, has been announced. "This latest version of the standalone Linspire-backed Mozilla-based Web page editor includes an improved Link dialogue, a new default theme and printing fixes. There's also performance improvements (switching between the HTML Source view and Normal Edit Mode should now be much faster), better support for PHP code and HTML comments and several minor bug fixes."
IDEs FLDev 0.5.2 releasedVersion 0.5.2 of FLDev has been announced. "FLDev is an IDE designed for older systems and small C/C++ Applications and is based on the Editor described in the FLTK Manual."
Miscellaneous GNU Tar 1.15.1 released.Version 1.15.1 of GNU Tar has been announced. "This version fixes an important flaw introduced with the previous version. The bug caused tar to refuse unpacking archives piped from standard input." (Thanks to Dan Stromberg.)
Page editor: Forrest Cook Linux in the news Recommended Reading Second sight (Guardian)The Guardian reports on the software patent fight. "But this time, things may be different. The European Commission has gone out of its way to thwart the European parliament, disregarding the wishes of various elected bodies by its insistence that bureaucracy trumps democracy, and that fiats beat votes. A time was bound to come when there would be a power struggle over who really runs Europe: the commission or parliament. Maybe an apparently obscure battle over software patents will not only go down in computing history, but also be counted as a decisive moment in shaping the 21st century's political landscape, too."
Gates up to old tricks over intellectual property rights (NZ Herald)The New Zealand Herald looks at software patents. "Patent 525484, accepted by the [New Zealand Intellectual Property] office and now open for objections until the end of May, says Microsoft invented and owns the process whereby a word-processing document stored in a single XML file may be manipulated by applications that understand XML."
Trade Shows and Conferences Conference discusses why 'everybody needs an open source strategy' (NewsForge)NewsForge covers some business aspects of open-source software at the InnoTech conference. "PORTLAND, Ore. -- Far away from the usual open source software industry focus on code, freedom, and evangelism, the InnoTech conference and expo held here this week centered on the business of open source for business' sake. Sure there was talk about the advantages of Linux and open source technology, the ability to impact operating system-level functionality, and fighting unwarranted fears of a different model, but the heart of the conference was the beat of business -- cutting costs, driving value, and saving time and grief."
Welcome to a New World: JBoss World 2005 (O'ReillyNet)Chris Adamson covers the recent JBoss World 2005 conference on O'Reilly. ""Welcome to a new world." This was the theme of the JBoss World 2005 conference, held from March 1-2 at the CNN Center in Atlanta. This new world centers around "professional open source:" open source software backed up by paid support and consulting. In other words, the company provides the "professional," and the software delivers on the "open source" promise."
The SCO Problem Settlement leaves SCO board intact (News.com)News.com reports that the Canopy wars have been resolved. "Under the terms of the settlement, [Ralph] Yarro will receive all of Canopy's SCO shares, SCO said. In addition, Canopy paid Yarro, Mott and another former Canopy employee, Brent Christensen, an undisclosed amount of money. Yarro, Mott and Christensen have resigned from all roles at Canopy or companies Canopy invested in." In other words, the Canopy Group, under its new management, has shoved SCO out the door and left Mr. Yarro to deal with his own mess.
New Summary Page for SCO v. IBM (Groklaw)A new SCO case summary page has been announced on Groklaw. "I have just quickly put together a permanent page called Summary in the list of links on the left of the page, summarizing the SCO v. IBM litigation to date."
Interviews Interview: Nelson Pratt, OSDL Marketing Director (Techworld)Techworld has a strange interview with Nelson Pratt, the "marketing director" for OSDL. "We see Linux going further into the enterprise but one of the big inhibitors is licensing. We know from talking open source customers that licensing on a large scale is too labour-intensive. The typical open source licensing granting process was set up with the view of protecting developer/hacker."
KDE Technologies: Get Hot New Stuff (KDE.News)KDE.News interviews Josef Spillner about KDE's Get Hot New Stuff framework. "The GHNS concept describes a way to let users share their digital creations. For example, user A is using a spreadsheet application and modifies a template which comes with it. This template can then be uploaded to a server, and eventually be downloaded by user B by checking the contents of the "Get Hot New Stuff" download dialogue. In the context of companies, documents can be distributed to all employees, and in the context of the internet, a community sharing framework is built on top of all this."
Interview with Philipp von Weitershausen (Nuxeo Blogs)Nuxeo Blogs features an interview with Philipp von Weitershausen, author of the book Web Component Development with Zope 3. "Zope X3.0 is out there. It's stable, it's used in production, it can be used by you today! Don't be scared by the X. It originally suggested something like eXperimental which in no way means that X3.0 is experimental software. Thanks to heavy automatic testing, X3.0 is from a quality assurance point of view probably better tested than Zope 2 ever will be. Nowadays, you can see the X as a reminder that Zope X3.0 is not just a new version of Zope 2, but actually a completely redesigned product that was rewritten from scratch."
Resources Grub From the Ground Up (Troubleshooters.com)Troubleshooters.com takes a look at Grub. "Grub is a world-class boot loader with insufficient documentation. In many ways it blows the doors of LILO. For instance, it's MUCH easier to use Knoppix to rebuild a grub boot loader than to rebuild a LILO boot loader. However, until you're comfortable with grub, it might seem just the opposite. All too often grub dumps you at a grub> prompt with no hint of what you should do. You might have heard that a successful reboot is just three commands away, but which commands? The state of grub's documentation is such that you can't figure it out unless you already know grub."
OOo Off the Wall: Fielding Questions, Part 3 (Linux Journal)Linux Journal covers the use of fields for editing and content management in OpenOffice.org. "Many of the fields on the Functions tab can take time to set up. For a document that is printed once, they probably are not worth bothering about. It is when you are building templates that many of these fields come into their own. With a bit of planning, you can have your templates serve multiple purposes, making them even more useful than they already are."
Reviews AmaroK is a step up for Linux audio players (NewsForge)NewsForge reviews amaroK 1.2. "The keystone of any audio player is the database it keeps of your collection. AmaroK allows you to create file trees using artist, album, year, or genre in any order. So to find, say, all the albums that were released in a particular year, sort by year first and then by album, and a file tree opens that lists all the years in the first level, and all the albums in the second. There's also a simple search filter to find something particular. I have four different versions of The Left Banke's "Walk Away Renee," and I can quickly find them all by typing that song title in the search box. The ability to structure the file tree in a number of different ways and to search it easily is amaroK's single most important usability feature."
Asterisk a star of the future? (Register)The Register looks at the Asterisk phone system. "However, cost isnt the only reason why a company might wish to switch to Asterisk, [creator Mark Spencer] says. Its an open source system, so anyone has access to the code and can do what they want with it. 'If you bought a PBX from a major vendor, and you wanted the features to behave differently, you dont have the ability to make that change,' says Spencer."
Filesystem data visualization using JPGraph (NewsForge)NewsForge looks at JPGraph. "JPGraph is a set of programs written in PHP that plots data into a wide range of graphs and formats the results. Licensed under the Trolltech QPL License, JPGraph is now at Version 1.17. Whatever your data, JPGraph can help you to view it graphically, letting you to see relations in more clearly."
At the Sounding Edge: Introducing KeyKit (Linux Journal)Dave Phillips reviews KeyKit on Linux Journal. "KeyKit is a powerful MIDI composition and processing environment that includes an abundance of features and tools designed for conventional MIDI music-making--for example, MIDI sequencers and virtual drum machines--as well as for unconventional MIDI music-making. Indeed, for the Linux musician who wants to explore some exotic and unusual ways of composing with MIDI, KeyKit is required software."
Linux-powered robot streams video to Bluetooth-enabled phones (Linux Devices)Linux Devices covers a camera from Sony Ericsson that can be controlled via Bluetooth. "The ROB-1 is powered by a 200MHz Freescale Dragonball processor with an ARM9 core. It has a user memory size of 2MB, according to Sony-Ericsson, and runs a Linux operating system. According to Sony-Ericsson, the ROB-1 is compatible with "any phone that has a Java platform with Bluetooth API JSR-82," including most Sony-Ericsson Bluetooth phones. Such phones can maneuver the ROB-1 using a joystick interface. "
Review: SmoothWall Express 2.0 (NewsForge)NewsForge reviews SmoothWall Express 2.0. "In these days of always-on Internet connections, a firewall that protects your network from unauthorized access is indispensable. Though most home routers have some sort of basic firewall capabilities, their rules for incoming and outgoing traffic are often basic and arbitrary. An alternative is to run a Linux-based firewall on old hardware, but configuring this sort of setup is generally not easy. An exception is SmoothWall, a free application you can install on any old machine to convert it to a dedicated hardware firewall. SmoothWall has a friendly interface and more configuration options than standard hardware firewalls."
Linux in Government: Linux Desktop Reviews, Part I (Linux Journal)Linux Journal begins a new series focusing on the best desktop candidates with a look at Xandros Business Edition. "You also may consider the Xandros desktop to be suitable for use by people wanting a modern and trouble-free Linux system. Xandros uses KDE as its windowing environment instead of GNOME. Fortunately, applications such as Evolution and the GNOME infrastructure are available as updates to the system, as are traditional GTK applications, such as FireFox and The GIMP."
Miscellaneous To Evil! March '05 Edition (OSdir)Danny O'Brien's March "To Evil!" column is up on OSDir. "Old school packet driver hacker Russ Nelson replaced Eric S. Raymond as President-In-Charge-Of-Controversialism at the Open Source Initiative on Febuary 1st. The presidency of the OSI is one of the highest positions one can hold in the open source world. Unfortunately, that doesn't count for much. I think it means you're allowed to refer to everyone else as 'your tribe', and have editorials run on Newsforge whenever you want. Twenty-two days later, Nelson resigned, it seems as a result of public pressure over a blog posting he made on February 7th, titled 'Blacks Are Lazy'."
Page editor: Forrest Cook Announcements Non-Commercial announcements FFII: What happened on March 7th regarding Software Patents?The FFII has posted a set of hard questions for the European Council on the March 7 software patent vote. "Q13: (a) If the Presidency alone cannot deny a B item request, how did a majority of the Council vote against removing the item from the agenda? (b) Article 8(1)(b) states that the outcome of voting must be 'indicated by visual means', but no such indication was seen on the public video. Did we miss it, or was no vote called?" It will be interesting to see if they get any answers.
A new way for you to contribute to Gnome (GnomeDesktop)GnomeDesktop.org is looking for new project talent. "With the release of Gnome 2.10, now is a perfect time to get involved with Gnome. You can meet new friends, learn new skills, and make Gnome rock even harder. There are many ways to get involved including several tasks that do not require coding skills. For aspiring coders, though, a new report has been created to list bugs in bugzilla that have been marked as tasks appropriate for new developers."
Thirteen companies warned of GPL non-compliance at CeBITThe gpl-violations.org project is handing out an open warning letter to thirteen vendors of commercial software and appliance products present at CeBIT who are alleged of misusing GPL licensed software. ""While the Free and Open Source community is very happy to see more and more vendors adopt Linux and other GPL-licensed software, it is of great importance that those vendors comply with the respective license conditions, just like with any other software" states Mr. [Harald] Welte. "The warning notice gives them a chance to fix their products, before someone might get them into legal troubles", he continues."
Commercial announcements EMS PostgreSQL Data Pump, DB Comparer and Extract releasedA number of new database applications for PostgreSQL have been announced. "We are pleased to announce new versions of EMS PostgreSQL Data Pump, DB Comparer and Extract. You can download the newest versions from our web-site: http://www.sqlmanager.net/. Today all of these utilities support PostgreSQL 8. They became more stable and good-looking."
Open source e-mail gateway package launchesFortress Systems Ltd. has launched an open-source email gateway package. "Earlier this month, Fortress Systems Ltd. (www.fsl.com) released SMGateway, an open source e-mail/security application. SMGateway has all of the functionality provided by MailScanner and SpamAssassin plus extensions and enhancements to provide a simple web based interface for users and administrators."
Free Software Magazine drops its pricesThe publication Free Software Magazine is now available at the reduced price of $4.95 per month.
IBM releases Linux 2005 Software Evaluation KitIBM has announced the release of their 2005 Software Evaluation Kit. "This is the easiest way to get all of the fresh releases of IBM middleware for Linux."
Infrae and Nuxeo join forces and cooperate on Zope 3 technologiesInfrae and Nuxeo are partnering to work on application technologies for the Zope 3 web content management system. "Through this cooperation, with our expertise in content management, internet communication, semantic web, user interfaces, content repositories, and XML technologies, we intend to advance the state of the art for our software and our customers, as well as the broader development community."
Novell ZENWorks 7 Linux ManagementAnother of Novell's CeBIT announcements is the introduction of Novell ZENworks 7 Linux Management, an integrated management system for centralized control of Linux desktops and servers. The management capabilities of ZENworks 7 Linux Management are integrated with Novell Linux Desktop and SUSE LINUX Enterprise Server 9 (part of Novell Open Enterprise Server).
Novell and IBM Team to Accelerate Application Development on LinuxNovell and IBM have announced an initiative to help ISVs accelerate the development and certification of new applications for Novell's SUSE LINUX on IBM eServer and middleware platforms.
Red Hat Announces Fourth Quarter and FY2005 Conference CallRed Hat, Inc. has announced that it will be holding its Fourth Quarter and FY2005 Earnings Conference Call on March 31, 2005.
SugarCRM Launches SugarForge.orgSugarCRM Inc. has announced the new SugarForge.org site. "SugarCRM Inc. is proud to announce the establishment of SugarForge.org, the premiere destination for community collaboration on Sugar Suite extensions, modules, language packs and themes."
Wing IDE 2.0.2 releasedVersion 2.0.2 of Wing IDE, a commercial interactive development environment for Python, is available. "This release adds easier-to-use Zope/Plone integration, extension of the IDE with Python scripts, CVS integration, code templates / snippets, expanded text encoding support, speed optimizations, and more than 70 other improvements."
New Books Lessig's "Code" as a collaborative update projectJotSpot ("the first application wiki company") has announced that it will be hosting a collaborative project to update Lawrence Lessig's classic Code and Other Laws of Cyberspace. The book has been posted on a wiki-like system, and updates are being solicited from the community; the result will be published as a printed edition later this year.
'Firefox and Thunderbird Garage' Hits Book Stores in April (MozillaZine)MozillaZine has an announcement for a new book by Marcia Knous. "The 304 page book, titled Firefox and Thunderbird Garage, will be published by Prentice Hall PTR on Friday 15th April. As well as acting as a manual for the Firefox browser and Thunderbird mail and newsgroups client, the thirteen chapter book will also introduce the concept of open source development."
"IPv6 Network Administration" Released by O'ReillyO'Reilly has published the book IPv6 Network Administration by Niall Richard Murphy and David Malone.
Resources Acrobat Reader 7.0 for LinuxVersion 7.0 of Adobe Acrobat Reader, a pdf file viewer, was announced in January. The software is now available in tar and rpm formats here. Thanks to Jens Stavnstrup.
Contests and Awards IBM Launches 2nd Open Source Devel ContestIBM has announced the Linux on POWER Open Source Developer Contest starting March 15, 2005 with entries due by July 15, 2005.
Upcoming Events Desktop Developer's Conference, July 17-19, OttawaProposals may be submitted for the next desktop developer's conference meeting in Ottawa. The event will be held on July 17-19, 2005.
FOSE 2005, Washington D.C.PostNewsweek Tech Media has announced the FOSE 2005 exposition. The event will be held from April 5-7 at the Washington D.C. Convention Center. "The Linux Solutions Government program at FOSE 2005 will consist of a dedicated demonstration area, the Linux Pavilion & Theater on the tradeshow floor; a robust one-day Linux Solutions Government Conference in the Linux Pavilion Theater; and as a pre-cursor to FOSE, the Linux Solutions Government Guide in the April issue of Linux Magazine."
GUADEC 6 Announces Speakers for Stuttgart (GnomeDesktop)The sixth annual GNOME User and Developer European Conference (GUADEC) has been announced. The event will take place in Stuttgart, Germany on May 29-31, 2005. "The high-level conference has lined up a roster of industry-leading analysts, developers and thought leaders, as well as top government and business IT officials. The conference is a unique forum for highlighting the capabilities and direction of GNOME, the user environment for desktops, networked servers and portable Internet devices. GUADEC will also feature meaningful discussions of the future direction of open source projects, including the Open Office suite."
PyCon 2005 - Keynote Speech from Google InsiderPyCon 2005 will be held in Washington DC on March 23-25, 2005. "The organizers of PyCon 2005 have announced that Greg Stein, an engineering manager at Google working with the Blogger team, will be giving a keynote presentation on Google's use of Python for internal projects."
O'Reilly Launches the 2005 O'Reilly Where 2.0 ConferenceThe 2005 O'Reilly Where 2.0 Conference will be held on June 29 and 30, 2005 in San Francisco, California. "Location-aware technologies like GPS, RFID, WLAN, cellular networks and networked sensors are enabling an ever-growing array of capabilities, from local search, mapping, and business analytics to enterprise integration, commercial applications, and software infrastructure. The first O'Reilly Where 2.0 Conference has been created to explore the emerging consumer and enterprise ecosystems around location technologies--ecosystems that can radically change the way we work and play."
UKUUG Linux 2005 - Swansea - Call for PapersA Call for Papers has gone out for the UKUUG Linux 2005 event. "This summer's UKUUG Linux conference will be held in Swansea with tutorials all day Thursday 4th August and the conference all day Friday 5th and ending lunchtime on Sunday 7th." Abstracts are due by March 25.
Events: March 17 - May 12, 2005
Miscellaneous Linux Medical News Stuff (LinuxMedNews)LinuxMedNews is offering various items with their logo attached. "You can FINALLY buy cheesy Linux Medical News stuff (shirts, hats, buttons, mugs, etc.) at the Linux Medical News FOSS store!"
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||