LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for October 24, 2002Proprietary kernel modules - the boundary shifts?The GNU General Public License places strong requirements on anybody who distributes code derived from GPL-licensed source: the derived code, too, must be released under the GPL. The Linux kernel's license states explicitly that programs running in user mode and making use of kernel system calls are not derived works, and may thus be proprietary. The situation with loadable kernel modules has always been a little more fuzzy, however. The legal status of proprietary Linux kernel modules may heading toward a long-term resolution, however; the news may not be good for vendors of such modules.User-space programs run in a separate address space, in a different processor mode, and communicate with the kernel via special instructions. There is a clear boundary between the two. Loadable modules, however, are linked into the kernel itself; they run in kernel mode, access the kernel address space, and require (GPL-licensed) header files to build. For all practical purposes, they look like part of the kernel itself, and thus should perhaps be seen as derived works. Linus Torvalds's longstanding policy - never actually written down anywhere - has been that binary-only kernel modules were permissible as long as they restricted themselves to the (never really defined) kernel API. That has been interpreted to mean that modules which use only explicitly exported symbols can be proprietary, and numerous such modules have been shipped over the years. Linus is not the only copyright holder on the Linux kernel, however, and quite a few other kernel developers have been known to mumble that they had never agreed that their code could be linked to proprietary modules. This situation has thus always been a little unstable. It came up again in recent times when Christoph Hellwig posted a patch which explicitly made the Linux Security Module functionality available only to modules licensed under the GPL. People were, says Christoph, using the LSM hooks to change the behavior of system calls, and that went further than he thought was appropriate. In a separate posting, Christoph stated:
My argument is that I want this flag as a hint for authors of
proprietary security modules that I'm going to sue them if they use
hooks called from code I have copyright on. This includes such
central parts as vfs_read/vfs_write.
This is, of course, an explicit shot across the bow of anybody who distributes proprietary kernel modules. Linus, then, sent out his current view on binary-only modules:
There is NOTHING in the kernel license that allows modules to be
non-GPL'd. The _only_ thing that allows for non-GPL modules is
copyright law, and in particular the "derived work" issue. A vendor
who distributes non-GPL modules is _not_ protected by the module
interface per se, and should feel very confident that they can show
in a court of law that the code is not derived.
This is a more restrictive view than has been seen in the past. Linus would likely argue that his position has not changed, but he has not been quite so clear before. One possible reason for a change in attitude can be seen in another quote from the same posting:
The original binary-only modules were for things that were
pre-existing works of code, ie drivers and filesystems ported from
other operating systems, which thus could clearly be argued to not
be derived works, and the original limited export table also acted
somewhat as a barrier to show a level of distance.
What's different now? Certainly one relevant point is that far more kernel functionality is exported to loadable modules. Proprietary modules, once, didn't have the access to kernel internals that they have now. But there may be a more important message here: years ago, binary-only modules were useful for bringing in capabilities that nobody had, yet, been able to write as free software. As the kernel has developed, the role of this sort of imported code has diminished. In other words, we may be seeing a harder line against proprietary kernel modules for the simple, pragmatic reason that we don't need them anymore. Linux has evolved from a small, struggling system into one of the most capable systems available. Proprietary module vendors now have little to offer the kernel. Over the coming years, it would not be surprising to see the policy on binary-only modules harden further, until one day they are explicitly forbidden.
The Open Source Application FoundationOne might be forgiven for a certain sense of déja vù: a group of longtime industry people, with names like Andy Hertzfeld, gets together with a pile of money to redefine the desktop experience. The story is a little different this time, so a quick look at the Open Source Application Foundation (OSAF) is worthwhile.The OSAF has actually been operating since the summer of 2001, but it has only recently made its existence known to the rest of the world. The Foundation has been funded by Mitch Kapor, the founder of Lotus and a co-founder of the Electronic Frontier Foundation; its mission is to "Create and gain wide adoption of Open Source application software of uncompromising quality." The Foundation differs from the venture-funded exercises of the past few years, however. It is a non-profit organization, funded by donations. Thus far, it appears to be working mainly from a big donation from Mr. Kapor; there is a donations page for those who would like to add their support as well. The OSAF thus looks more like the Free Software Foundation than a company like Eazel, but there is no confusing the two. There appears to be no political agenda to the OSAF's activities beyond the production of high-quality free software. The Foundation also foresees ways of revenue generation ("fee-based license for proprietary developers who do not redistribute source code, the fees fund our core development") that the FSF would not approve of. The first project is ambitious, the creation of an "interpersonal information manager" which will handle email, calendars, contacts, etc. It will be built on top of a number of established free software technologies: Python, wxWindows, the Zope Object Database, Jabber, Mozilla, etc. The calendar component, it is hoped, will be released by the end of the year. The project is seen by many as an alternative to Outlook, though its backers see it as something entirely new. Rather than try to clone Outlook, the OSAF people want to try some different approaches. From a design description posted by Mr. Kapor:
Recent open source groupware products & projects (Evolution,
Kroupware) use Outlook as the baseline for design and
functionality, an approach which benefits users by being familiar,
but doesn't take design risks which could have big pay-offs for
users in power and simplicity. We're trying to re-think the PIM in
fundamental ways and expect to be judged in terms of our success in
achieving that goal.
It is, frankly, a relief to see that the project is trying to do something new, rather than chasing the taillights of proprietary application vendors. As they say, we will have to see what they come up with to see if they succeed, but the goal is right. The days of high-flying companies using venture capital to take over the world with a great new free software platform are done; the likes of Eazel or Zelerate will not be seen again anytime soon. Much of the excess of the dotcom boom will not be missed, but it would be nice if we could retain some of the focused (and funded!) development that those companies created. With luck, the OSAF will do that, at least for one piece of the application space.
LWN updateAs of this writing, the LWN.net subscriber count has just passed 2100. That's a far cry from our (near-term) goal of 4000, but the trend is in the right direction. Many thanks to all of you who have subscribed, you have gone a long way toward putting LWN on a solid financial foundation. For the rest of you, will you consider subscribing now?For those of you who took out monthly subscriptions: we are now one month into the subscription experiment, so the first round of automatic billing is beginning to happen. We have recently added a transaction list to the "My Account" area; if you have bought a subscription from LWN you can see a summary of all charges there. It is also possible to generate a printable receipt should you need one. We are continuing work on the site code to better support the subscription features and our readers. Near-term plans include a gift certificate capability and the integration of the text ad system into the main LWN server. There have been a few requests for a stable (constant) link to the most recent, freely available Weekly Edition; we will be hacking that one up shortly. (Remember also that there is a mailing list available for those who want to know when content becomes free; you can sign up in the "My Account" area). Oh, yes, we haven't forgotten the search engine problem either. Before too long, however, we want to start putting less effort into site code hacking and more into providing the best content we can. For those of you wishing to pay with American Express: we have an AX merchant account now, but the process of getting it connected up to our credit card gateway is taking a little longer than we had hoped. With luck, that will get sorted out soon. That is where things stand for this week. Thanks to all of you for your support.
Security Brief items Linux and email-based exploitsThis article on Linuxguru.net is worth a look. It describes the travails of a Linux user who found that WINE can, perhaps, emulate Windows a little too well. By way of KMail's MIME processing code and an integrated desktop, this user fell victim to the KLEZ worm.This is, of course, the sort of problem that Linux users are more inclined to be smug about than worry about. After all, our mail readers aren't vulnerable to all those bits of email-based malware that create such trouble for users of that other, proprietary operating system. As this example shows, however, life is not quite that easy. Linux users may not be as invulnerable as they think; maybe we've just been lucky so far. The problem here, of course, has nothing to do with WINE. Mail readers can be configured to do all sorts of things with different kinds of attachments. It is nice to be able to view those family pictures your brother sent, or hear that audio clip, or, perhaps, even view that closed-format document. But when we set up a mail reader to do that sort of processing, we are trusting not only an external application, but also the interaction between that application and the mail reader. Any sort of vulnerability in an external application used by mail readers, and any kind of misunderstanding between the mail reader and the application, can become an open door for all kinds of nasty stuff. Sooner or later, Linux users are going to get burned by this sort of vulnerability. Our security may be better, but it's far from perfect; eventually our luck will run out, somebody will code up an exploit, and a number of Linux users will lose that smug smile. Meanwhile, be careful with those email attachments.
New vulnerabilities kernel: several security issues fixed
mod_ssl: cross site scripting problem
PAM: password validation error
ypserv: NIS information leak
Updated vulnerabilities Apache shared memory scoreboard vulnerabilities
Heap corruption vulnerability in at
bind buffer overflow vulnerability in DNS resolver libraries
Potential unauthorized root access vulnerability in dietlibc
dvips: command execution vulnerability
Ethereal buffer overflow, infinite loop and memory management vulnerabilities
Filename disclosure vulnerability in fam
Another set of fetchmail buffer overflows
GNU fileutils race condition
Potential remote root exploit in glibc
Buffer overflow in groff
Buffer overflow in gv
heartbeat: remotely exploitable buffer overflow
Buffer overflows in heimdal
UW imapd remotely exploitable buffer overflow
Cross-site scripting vulnerability in Konqueror for KDE 3.0.3
Kerberos 5 unauthorized root access to KDC host vulnerability
LPRng accepts jobs from any host.
Cross-site scripting vulnerability in mhonarc
PHP Remote Compromise/DOS Vulnerability
Mozilla XMLHttpRequest file disclosure vulnerability
Buffer overflow in nss_ldap
String format bug in pam_ldap logging
Remotely exploitable vulnerability in pine
Buffer overflow vulnerabilities in PostgreSQL
PXE server denial of service vulnerability
Local arbitrary code execution vulnerability in Python
Multiple-use vulnerability in Safe.pm
sendmail smrsh bypass vulnerability
Sharutils potential privilege escalation using uudecode
Multiple vulnerabilities fixed in Squid-2.4.STABLE7
squirrelmail: cross-site scripting vulnerability
syslog-ng: buffer overflow vulnerability
File overwrite vulnerability in tar and unzip
Multiple vendor telnetd vulnerability
Tomcat 4.x JSP source code exposure vulnerability
Local root vulnerability in chfn
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
Multiple vulnerabilities in wordtrans
Problems with libgtop_daemon
Wwwoffle remote privilege escalation vulnerability
Local privilege escalation vulnerability in XFree86
Denial of service vulnerability in xinetd
Resources Linux Security WeekThe October 21 Linux Security Week newsletter from LinuxSecurity.com is available.
LinuxSecurity Brasil Magazine OnlineThe second edition of the LinuxSecurity Brasil Magazine is now available online; click below for the details.
Server clinic: Practical Linux security (IBM developerWorks)Cameron Laird looks at security on a Linux server in this IBM developerWorks article. "It's certainly possible to rely on /etc/passwd. It's been patched and tweaked enough to handle surprising workloads. It shouldn't have to, though. If you move user accounts into a dedicated datastore, such as an LDAP (lightweight directory access protocol) or even an RDBMS (relational database management system) datastore, you gain advantages in scalability, security, and maintenance. Restrict /etc/passwd to the few developers and administrators who truly need logins."
Page editor: Jonathan Corbet Kernel development Brief items Kernel development newsThe current development kernel is 2.5.44, which was released by Linus on October 18. This one contains more read-copy-update work, lots of filesystem and block driver patches from Alexander Viro, a PowerPC64 update, the x86 BIOS enhanced disk drive patch, some SCSI work, a lot of device model patches, and many other fixes and updates. See the long-format changelog for all the details.After releasing 2.5.44, Linus headed off to cruise in the Caribbean; thus, there are no new changes in his BitKeeper tree, and there will be no more official development kernel releases until after the 27th. The current development kernel prepatch from Alan Cox is 2.5.44-ac2. This one makes some more wide-ranging changes, including the incorporation of interrupt stack support, an updated LVM2, and numerous other fixes and updates. The current 2.5 Kernel Status Summary from Guillaume Boissiere is dated October 23. The current stable kernel is 2.4.19; no 2.4.20 prepatches have been released in the last week.
Kernel development news The last-minute merge wishlistLinus is spending the week cruising through the Caribbean; when he returns, just a few days will remain before the Halloween feature freeze date. There has been a lively discussion of the patches which will be waiting for him when he gets back. Rob Landley has compiled a list of 2.5 merge candidates based on those discussions. The list is a good summary of what's still waiting in the wings, but it assumes the reader understands what the various patches are. So here's an annotated version:
That, of course, is a rather lengthy list. Much of this stuff is clearly not going to get in to the 2.5 kernel - at least, not if the feature freeze holds as intended. At this point, it's mostly a matter of waiting until Linus returns and seeing what he decides to do.
Creating Linux virtual filesystems
The 2.6 kernel, as of the 2.5.7 release, contains a set of routines called "libfs" which is designed to make the task of writing virtual filesystems easier. libfs handles many of the mundane tasks of implementing the Linux filesystem API, allowing non-filesystem developers to concentrate (mostly) on the specific functionality they want to provide. What it lacks, however, is documentation. Your author decided to take a little time away from subscription management code to play a bit with libfs; the following describes the basics of how to use this facility. The task I undertook was not particularly ambitious: export a simple filesystem (of type "lwnfs") full of counter files. Reading one of these files yields the current value of the counter, which is then incremented. This leads to the following sort of exciting interaction:
# cat /lwnfs/counter
0
# cat /lwnfs/counter
1
# ...
Your author was able to amuse himself well into the thousands this way; some users may tire of this game sooner, however. The impatient can get to higher values more quickly by writing to the counter file:
# echo 1000 > /lwnfs/counter
# cat /lwnfs/counter
1000
#
OK, so it's not going to be at the top of the list of things for Linus to merge once he returns, tanned, rested, and ready, from his Caribbean cruise, but it's OK as a way of showing the simplest possible filesystem. Numerous code samples will be shown below; the full module is also available on this page.
Initialization and superblock setupSo let's get started. A loadable module which implements a filesystem must, at load time, register that filesystem with the VFS layer. The lwnfs module initialization code is simple:
static int __init lfs_init(void)
{
return register_filesystem(&lfs_type);
}
module_init(lfs_init);
The lfs_type argument is a structure which is set up as follows:
static struct file_system_type lfs_type = {
.owner = THIS_MODULE,
.name = "lwnfs",
.get_sb = lfs_get_super,
.kill_sb = kill_litter_super,
};
This is the basic data structure which describes a filesystem time to the kernel; it is declared in <linux/fs.h>. The owner field is used to manage the module's reference count, preventing unloading of the module while the filesystem code is in use. The name is what eventually ends up on a mount command line in user space. Then there are two functions for managing the filesystem's superblock - the root of the filesystem data structure. kill_litter_super() is a generic function provided by the VFS; it simply cleans up all of the in-core structures when the filesystem is unmounted; authors of simple virtual filesystems need not worry about this aspect of things. (It is necessary to unregister the filesystem at unload time, of course; see the source for the lwnfs exit function). The creation of the superblock must be done by the filesystem programmer. The task has gotten simpler, but still involves a bit of boilerplate code. In this case, lfs_get_super() hands off the task as follows:
static struct super_block *lfs_get_super(struct file_system_type *fst,
int flags, const char *devname, void *data)
{
return get_sb_single(fst, flags, data, lfs_fill_super);
}
Once again, get_sb_single() is generic code which handles much of the superblock creation task. But it will call lfs_fill_super(), which performs setup specific to our particular little filesystem. It's prototype is:
static int lfs_fill_super (struct super_block *sb, void *data, int silent); The in-construction superblock is passed in, along with a couple of other arguments that we can ignore. We do have to fill in some of the superblock fields, though. The code starts out like this:
sb->s_blocksize = PAGE_CACHE_SIZE; sb->s_blocksize_bits = PAGE_CACHE_SHIFT; sb->s_magic = LFS_MAGIC; sb->s_op = &lfs_s_ops; All virtual filesystem implementations have something that looks like this; it's just setting up the block size of the filesystem, a "magic number" to recognize superblocks by, and the superblock operations. These operations need not be written for a simple virtual filesystem - libfs has the stuff that is needed. So lfs_s_ops is defined (at the top file level) as:
static struct super_operations lfs_s_ops = {
.statfs = simple_statfs,
.drop_inode = generic_delete_inode,
};
Creating the root directoryGetting back into lfs_fill_super(), our big remaining task is to create and populate the root directory for our new filesystem. The first step is to create the inode for the directory:
root = lfs_make_inode(sb, S_IFDIR | 0755); if (! root) goto out; root->i_op = &simple_dir_inode_operations; root->i_fop = &simple_dir_operations; lfs_make_inode() is a boilerplate function that we will look at eventually; for now, just assume that it returns a new, initialized inode that we can use. It needs the superblock and a mode argument, which is just like the mode value returned by the stat() system call. Since we passed S_IFDIR, the returned inode will describe a directory. The file and directory operations that we assign to this inode are, again, taken from libfs. This directory inode must be put into the directory cache (by way of a "dentry" structure) so that the VFS can find it; that is done as follows:
root_dentry = d_alloc_root(root); if (! root_dentry) goto out_iput; sb->s_root = root_dentry;
Creating filesThe superblock now has a fully initialized root directory. All of the actual directory operations will be handled by libfs and the VFS layer, so life is easy. What libfs cannot do, however, is actually put anything of interest into that root directory – that's our job. So the final thing that lfs_fill_super() does before returning is to call:
lfs_create_files(sb, root_dentry); In our sample module, lfs_create_files() creates one counter file in the root directory of the filesystem, and another in a subdirectory. We'll look mostly at the root-level file. The counters are implemented as atomic_t variables; our top-level counter (called, with great imagination, "counter") is set up as follows:
static atomic_t counter;
static void lfs_create_files (struct super_block *sb, struct dentry *root)
{
/* ... */
atomic_set(&counter, 0);
lfs_create_file(sb, root, "counter", &counter);
/* ... */
}
lfs_create_file does the real work of making a file in a directory. It has been made about as simple as possible, but there are still a few steps to be performed. The function starts out as:
static struct dentry *lfs_create_file (struct super_block *sb,
struct dentry *dir, const char *name,
atomic_t *counter)
{
struct dentry *dentry;
struct inode *inode;
struct qstr qname;
Arguments include the usual superblock structure, and dir, the dentry for the directory that will contain this file. In this case, dir will be the root directory we created before, but it could be any directory within the filesystem. Our first task is to create a directory entry for the new file:
qname.name = name; qname.len = strlen (name); qname.hash = full_name_hash(name, qname.len); dentry = d_alloc(dir, &qname); The setting up of qname just hashes the filename so that it can be found quickly in the dentry cache. Once that's done, we create the entry within our parent dir. The file also needs an inode, which we create as follows:
inode = lfs_make_inode(sb, S_IFREG | 0644); if (! inode) goto out_dput; inode->i_fop = &lfs_file_ops; inode->u.generic_ip = counter; Once again, we call lfs_make_inode (which we will look at shortly, honest), but this time we use it to create a regular file. The key to the creation of special-purpose files in virtual filesystems is to be found in the other two assignments:
In other words, i_fop defines the behavior of this particular file, and u.generic_ip is the file-specific data. All virtual filesystems of interest will make use of these two fields to set up the required behavior. The last step in creating a file is to add it to the dentry cache:
d_add(dentry, inode); return dentry; Putting the inode into the dentry cache allows the VFS to find the file without having to consult our filesystem's directory operations. And that, in turn, means our filesystem does not need to have any directory operations of interest. The entire structure of our virtual filesystem lives in the kernel's cache structure, so our module need not remember the structure of the filesystem it has set up, and it need not implement a lookup operation. Needless to say, that makes life easier.
Inode creationBefore we get into the actual implementation of the counters, it's time to look at lfs_make_inode(). The function is pure boilerplate; it looks like:
static struct inode *lfs_make_inode(struct super_block *sb, int mode)
{
struct inode *ret = new_inode(sb);
if (ret) {
ret->i_mode = mode;
ret->i_uid = ret->i_gid = 0;
ret->i_blksize = PAGE_CACHE_SIZE;
ret->i_blocks = 0;
ret->i_atime = ret->i_mtime = ret->i_ctime = CURRENT_TIME;
}
return ret;
}
It simply allocates a new inode structure, and fills it in with values that make sense for a virtual file. The assignment of mode is of interest; the resulting inode will be a regular file or a directory (or something else) depending on how mode was passed in.
Implementing file operationsUp to this point, we have seen very little that actually makes the counter files work; it's all been VFS boilerplate so that we have a little filesystem to put those counters into. Now the time has come to see how the real work gets done.The operations on the counters themselves are to be found in the file_operations structure that we associate with the counter file inodes:
static struct file_operations lfs_file_ops = {
.open = lfs_open,
.read = lfs_read_file,
.write = lfs_write_file,
};
A pointer to this structure, remember, was stored in the inode by lfs_create_file(). The simplest operation is open:
static int lfs_open(struct inode *inode, struct file *filp)
{
filp->private_data = inode->u.generic_ip;
return 0;
}
The only thing this function need do is move the pointer to the atomic_t pointer over into the file structure, which makes it a bit easier to get at. The interesting work is done by the read function, which must increment the counter and return its value to the user space program. It has the usual read operation prototype:
static ssize_t lfs_read_file(struct file *filp, char *buf, size_t count, loff_t *offset) It starts by reading and incrementing the counter:
atomic_t *counter = (atomic_t *) filp->private_data; int v = atomic_read(counter); atomic_inc(counter); This code has been simplified a bit; see the module source for a couple of grungy, irrelevant details. Some readers will also notice a race condition here: two processes could read the counter before either increments it; the result would be the same counter value returned twice, with certain dire results. A serious module would probably serialize access to the counter with a spinlock. But this is supposed to be a simple demonstration. So anyway, once we have the value of the counter, we have to return it to user space. That means encoding it into character form, and figuring out where and how it fits into the user-space buffer. After all, a user-space program can seek around in our virtual file.
len = snprintf(tmp, TMPSIZE, "%d\n", v); if (*offset > len) return 0; if (count > len - *offset) count = len - *offset; Once we've figured out how much data we can copy back, we just do it, adjust the file offset, and we're done.
if (copy_to_user(buf, tmp + *offset, count)) return -EFAULT; *offset += count; return count; Then, there is lfs_write_file(), which allows a user to set the value of one of our counters:
static ssize_t lfs_write_file(struct file *filp, const char *buf,
size_t count, loff_t *offset)
{
atomic_t *counter = (atomic_t *) filp->private_data;
char tmp[TMPSIZE];
if (*offset != 0)
return -EINVAL;
if (count >= TMPSIZE)
return -EINVAL;
memset(tmp, 0, TMPSIZE);
if (copy_from_user(tmp, buf, count))
return -EFAULT;
atomic_set(counter, simple_strtol(tmp, NULL, 10));
return count;
}
That is just about it. The module also defines lfs_create_dir, which creates a directory in the filesystem; see the full source for how that works.
ConclusionThe libfs code, as demonstrated here, is sufficient for a wide variety of driver-specific virtual filesystems. Further examples can be found in the 2.5 kernel source in a few places:
...and in a few other spots – grep is your friend. Keep in mind, that the 2.5 driver model code makes it easy for drivers to export information within its own virtual filesystem; for many applications, that will be the preferred way of making information available to user space. For cases where only a custom filesystem will do, however, libfs makes the task (relatively) easy.
sys_security removedThe Linux Security Module patches have been having a rough time of it recently. The latest indignity came along when Christoph Hellwig noticed the sys_security() system call and promptly sent out a patch to remove it.sys_security() is defined as:
int sys_security(unsigned int id, unsigned call,
unsigned long *args);
Its purpose is to allow security modules to provide specific services without the need to register their own system calls. In the case of SELinux, sys_security() replaces what would otherwise be 52 different system calls. So why remove sys_security()? There are two reasons, both relating to a dislike of ioctl()-style calls. This style of call uses an integer parameter (call, in this case) to choose between several different operations; the arguments passed in are different for every operation and have no well-defined type or meaning. This type of system call argument creates problems for certain architectures, especially those which have a 64-bit kernel space and a 32-bit user space (such as the Sparc). On such systems, system call parameters must be converted between the two views of the world, and there is no way to reliably do that conversion if the types of the arguments are not known. But even without that issue sys_security() would be in trouble. This sort of "multiplexor" system call allows modules to add almost any sort of functionality imaginable, without any sort of review. That freedom leads to inconsistent messes, as is the case with many ioctl() calls, or to the addition of functionality that perhaps should not be there. The word from the kernel developers seems to be that each security module which needs system calls should register them separately. That way each system call can be judged on its own merits. This approach partially defeats the purpose of the LSM patch, which was intended to make security regimes interchangeable. But the kernel developers, many of whom do not much like the LSM patch to begin with, seem willing to pay that price.
OSDL Data Center Linux first releaseThe OSDL Data Center Linux Project has set out to:
Develop and evangelize the roadmap for a Linux platform software
that supports commercial software products and corporate IT
requirements, enabling developers to create Linux based solutions
for the data center market segment.
If that does not contain enough marketing-speak for you, there are white papers available on the project web site. For the rest of us, what may be of more interest is the first DCL kernel release, 2.5.44-dcl1. In addition to a few fixes, this patch includes the Linux Kernel Crash Dump patch, EVMS, an enhanced NUMA scheduler, and a few other tweaks. The project plans to add the shared page table and high-resolution timers patches before too long. The -dcl patches will show up in the "kernel trees" part of the patches section at the bottom of this page.
Patches and updates Kernel trees
Build system
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Xandros Desktop OSXandros has announced the availability of "Xandros Desktop OS". Although this is the first release for Xandros, this distribution has a long history.Xandros acquired the Corel Linux Business Division's software development team in 2001. Corel Linux, many will remember, was Debian 2.2 (potato) based. The distribution relied heavily on Wine to run Microsoft applications, including other Corel software products. ZDNet wrote about the launch of Corel Linux in November 1999: "Corel Linux is file-compatible with Windows. With its graphical file manager, users can wander a Windows 9x like file manager that enables users to access floppy drives, CD-ROMs, Simple Message Block (SMB), Network File System (NFS), file transfer protocol (ftp) sites and normal local Unix file systems as easily as Windows users can wander about their network neighborhood. In particular, new Linux users will never need to know the pain of having to mount floppy and CD-ROMs before using them." It wasn't long, however, before Corel realized that making a Linux distribution wasn't all that profitable. Over the next couple of years the distribution languished. Regular updates and prompt security patches went from rare to none at all. By 2001 Linux advocate and Corel CEO Michael Copeland was out, along with the entire Linux division. For nearly a year Xandros has been updating and improving Corel's distribution, to create a Linux desktop to tempt the diehard Windows user. A partnership with CodeWeavers created "CrossOver for Xandros", to run Microsoft applications on this Desktop OS. CodeWeavers CrossOver technology is not open-source. It does utilize Wine, and while CodeWeavers is a stanch supporter of the Wine Project, free software purists will find this a major drawback to Xandros. eWeek notes that LindowsOS also uses CrossOver technology, but says the Xandros version is better. "While this is not the first time Windows compatibility technologies from CodeWeavers have found their way into Linux -- they were included last year in the Lindows operating system from Lindows.com Inc. [CodeWeavers CEO Jeremy] White said the CrossOver technologies integrated in Xandros Linux are more advanced and robust and work better than those built for Lindows.com." Xandros plans to release a server version. Says Xandros VP for software development Ming Poon in this Consulting Times interview, "We will do a server version, and we will develop enterprise management tools to help large corporations to deploy the desktop installation." Will Xandros live up to all the hype? Can it compete with big names like Red Hat, SuSE and Mandrake, or even with small names like Lycoris? Time will tell.
Distribution News Debian GNU/LinuxThe Debian Weekly News for October 22, 2002 has items by Matt Black, Andre Lehovich and Tollef Fog Heen. Also the NASA's FlightLinux project which uses a real-time variation of the Linux Kernel for onboard spacecraft use; a geek ski-trip; and much more.The Debian Desktop subproject is a group of volunteers who want to create the best possible operating system for home and corporate workstation use. Our motto is "Software which Just Works". In short, our goal is to bring Debian, GNU, and Linux to the mainstream world. A new Debian installer is in the works, but Progeny has one available now. The i386 Debian 3.0 (woody) installer image is based on PGI, the Progeny Graphical Installer. LinuxOrbit.com looks at how to use GRUB on a Debian system. "Why use GRUB instead of LILO? Well, if you're reading this HOWTO, you're likely to already have your reasons for switching. But to give a couple quick reasons, you only install GRUB in your MBR once, it doesn't need to be reinstalled each kernel change like LILO, and you can also edit the boot entries, etc. from GRUB itself without having to boot first and change the config file. These are just some of my reasons, you can find more for yourself - but how do you set it up the Debian way?"
Mandrake LinuxThe Mandrake Linux Community Newsletter for October 17, 2002 highlights some of the benefits of Mandrake Club. The business case of the week looks at Mandrake Linux as a conference server; and much more.MandrakeSoft has released new devfsd packages fixing a problem in how ida devices are handled. The harddrake program does not display unknown hardware in the tree list and the Danish translation for the drakxtools is broken. This update for drakxtools corrects both problems.
Red Hat LinuxRed Hat has updated kernel packages to fix DB2 and IBM JDK problems.
Slackware LinuxThere have plenty of changes on the Slackware current tree. See the change log for full details.
SuSE LinuxSuSE Linux announced that SuSE Linux 8.1 is now available in the US and Canada. Check your favorite stores for the SuSE 8.1 Pro-Office CD with StarOffice 6.0..
Trustix Secure LinuxTrustix has issued a bug fix advisory for freeswan. Trustix recommends an upgrade for versions prior to 1.98b.Gerald Dachs found a problem in the /etc/pam.d configuration file, and his fix has been implemented in the TSL 1.5 ppp package.
Minor distribution updates GENDIST (the Linux Distribution Generator)GENDIST has released v1.4.6 with minor feature enhancements.
KNOPPIXKNOPPIX has released v3.1-16-10-2002 with minor bugfixes. Version 3.1-22-10-2002 was released shortly after. This releases fixes typos, removes the apt-available database (due to a space problem), adds tuxpaint, bonnie++, and smartsuite, removes gpc, and adds g++, gcc, and gcj 3.0. XFree has been updated to version 4.2.1-3.
LonixLonix has released v1.0rc4 with major feature enhancements. "Changes: sendmail, procmail, fetchmail, and mutt were added. Two new compilers were added. Partition managing aplications like partimage were added. Problems in pppsetup and lonixconfig were fixed."
MoviXMoviX has released v0.6pre3 with major feature enhancements. "Changes: MPlayer has been recompiled with smarter flags and using gcc 3.2 to speed it up. Support for Dxr3/H+ cards and for the "aa" (ASCII art) driver has been added. The kernel config has been modified to make vmlinuz as small as possible. This is to make it possible to produce a MoviX floppy boot disk (FB support is now available as a module). A bug in mkmovixcd concerning isolinux.bin has been fixed. A patch for the Rage128 has been applied to mplayer, so maybe now it will display movies again in full color. Finally, the movix.pl script has been updated to take care of all the new stuff."
PXES Linux Thin ClientPXES Linux Thin Client has released v0.5.1-4 with minor feature enhancements. "Changes: Hardware autodetection has been improved and is now supported for network cards and sound. You're now allowed to build a common image for a set of supported thin clients, independently of the hardware details. This has been achieved with a patched version of pciutils (the patch has been sent to the pciutils maintainer)."
uClinuxuClinux has released v2.5.44uc0 with major feature enhancements. "Updated the kernel, merged in nommu and mm, and made lots of cleanups."
Distribution reviews Review: Mandrake Linux 9.0 (ExtremeTech)ExtremeTech reviews Mandrake Linux 9.0. "Mandrake is particularly appealing because a person who is unfamiliar with Linux software can learn a little at a time with this distribution, yet Mandrake still offers features that the experienced user and administrator will also appreciate. Mandrake offers a complete graphical interface through which the user will learn to manipulate and use the system while learning more and more, much like Windows would be to someone newly initiated to the PC."
Red Hat Linux 8.0 Tops Desktop Class (eWeek)eWeek reviews Red Hat Linux 8.0. "eWeek Labs' tests of Version 8.0 of Red Hat Inc.'s eponymous Linux distribution, which shipped late last month, showed this operating system raises the bar for design polish among desktop Linux options without sacrificing Linux's valuable flexibility."
Review: SuSE 8.1 (ExtremeTech)ExtremeTech reviews SuSE 8.1, the lastest release from SuSE Linux. "The new YaST (Yet another Setup Tool) excels both in the graphical environment as well as on the command line. Improved hardware detection, the latest SuSE kernel, tested versions of important system components, the automated installation of external software, and the YaST Online Update (YOU) enable you to keep your system up to date."
Xandros Linux: "It just works," even with Windows stuff (NewsForge)NewsForge reviews the Xandros Desktop. "Xandros seems to be what Lindows could have been if it had stayed true to its Linux roots, both product-wise and philosophically. I like Xandros; I like the ease of use combined with common-sense security options and configurability; I like that it reaches out to Windows users without alienating the Linux community; it may just end up becoming the main distribution in my house."
Page editor: Rebecca Sobol Development HylaFAX 4.1.5 ReleasedVersion 4.1.5 of the HylaFAX fax modem software package has been released. New features include:
System Applications Audio Projects ALSA 0.9.0 release candidate #4 availableRelease candidate #4 of the ALSA sound driver development release is available for testing.
Education Linux in Education ReportIssue #81 of the Linux in Education Report is out. Topics include the Linux Education Generic User Programs (LEG-UP) CD, the ByteBack Curriculum Project, a new question bank server, a school admin package, Linux for a computer arts program, concept mapping software, and many new applications.
Electronics gEDA NewsThe gEDA News site lists new versions of GTKWave and Icarus Verilog.
Embedded Systems BusyBox 0.60.4 releasedVersion 0.60.4 of BusyBox, a condensed pack of Unix utilities for embedded systems, has been released. "This is primarily a bugfix release for the stable series to address all the problems that have turned up since the last release. This will be the last release for the 0.60.x series."
Printing AFPL Ghostscript 7.31 beta releaseAFPL Ghostscript version 7.31 beta has been announced. "The major new feature is DeviceN color spaces, supporting mixes of spot colors and process colors up to 8 colorants total. Many other bugfixes and performance enhancements have been added, especially in pdfwrite."
LinuxPrinting.org developmentsThe LinuxPrinting.org site has announcements for a new version of the Foomatic printer support database (version 2.0.2), and version 4.2.3 of GIMP-Print, which now features support for custom paper sizes.
Science Open source in the lab (IBM developerWorks)Cameron Laird introduces several useful open-source graphic and scientific packages on IBM's developerWorks, and promotes the benefits of non-commercial software. "Science and engineering laboratories have long depended on proprietary products for daily data analysis chores. Now, many labs are turning to open source products and development languages for specific technical benefits the conventional products don't give them."
Web Site Development Midgard Weekly SummaryThe October 17, 2002 Midgard Weekly News is out, the table of contents topics include Editors Notes, IRC back online, a Mailinglist Summary, and a Bugtracker Summary.
Zope 2.6.0 ReleasedZope version 2.6.0 has been released. Some of the new features include gzip content compression when serving pages, a ZCTextIndex plug-in index, Signal Handling and Log Rotation, Addition of a new default view setting ability, New profiling abilities, an Improved daemon mode, Enhanced text indexing, Improved object cache control, Automatic browser ID string embedding in URLs, Major improvments to the BTree and Catalog code, i18n translation support for TAL, lots of bug fixes, and more.
Zope Members NewsThe most recent headlines on the Zope Members News include: Python Version 2.2.2, the New York Zope Users Group, CMFPortlets 0.5, the Zope 3 mini-newsletter, the release of Zope 2.6.0, Plone1.0 beta2, and CMF Relation Product.
Web Services XML Web Services TutorialRoger Costello has published an online tutorial that illustrates the building of XML-based Web Services.
Miscellaneous Twisted 1.0 Developer PlatformVersion 1.0 of the Twisted Developer Platform is out. "With the 1.0.0 release, Twisted is finalizing several core interfaces important to server and client developers. While some areas of Twisted are still under active development, the event loop and all associated APIs are now stable and ready for third-party developers to use."
Top Five Open Source Packages for System Administrators (O'Reilly)Æleen Frisch writes about LDAP, the Light weight Directory Access Protocol, on O'Reilly. "LDAP has been a hot new topic in system administration for several years now. LDAP provides a directory service which can be used for storing and querying information about the individuals in an organization (e.g., employees). The range of information that can be made available in this way is quite broad: traditional telephone or other institutional directory data (office location, phone numbers, and the like), Unix user account data, more personal data such as home telephone numbers and photographs, along with any other site-specific data that may be appropriate. In this installment, we'll look at the services that LDAP can provide."
Desktop Applications Audio Applications Sweep 0.5.9 releasedVersion 0.5.9 of the Sweep audio editor/playback tool has been released. "This release also includes improved handling of the main volume and pitch controls, contributed by Zenaan Harkness." Sweep 0.5.8 was also released earlier this week, with more changes.
Desktop Environments GNOME SummaryThe October 13-19, 2002 GNOME Summary is out. Topics include: Sodipodi to the people, GNOME Print joins the fontconfig family, GNOME Media start getting GStreamer love, GnuCash releases first alpha towards 1.8.0 release, Network Neighbourhood anyone?, Interview with Havoc Pennington and Owen Taylor, Batch of GStreamer news, New Gnomemeeting on the way, Translated GNOME summaries, Hacker Activity, Gnome Bug Hunting Activity, and New and Updated Software.
FootNotesTopics on the GNOME desktop FootNotes site include: the Debian Desktop Project, Dropline GNOME 1.2 and Mozilla with Xft, together at last!, The Captains of Nautilus, Don't do this at home: Xft2 + GTK+ 1.x, the 2002 Helen Keller Achievement Award, Gaim v0.59.5 released, Mozilla 1.2beta with GTK theme support and more.
Kernel Cousin KDEIssue #44 of Kernel Cousin KDE is out, with the latest KDE development news. Topics include a KMail Roadmap, a New GPG frontend, KDE 3.0.4, Kopete rework, Qt GStreamer bindings, and a Developer Newsflash.
The Captains of Nautilus (Linux Orbit)Christian Schaller interviews Nautilus maintainers Alexander Larsson and Dave Camp on Linux Orbit. "The official GNOME filemanager Nautilus was originally developed by Eazel as part of their plan to bring usability and beauty to the Unix desktop. Today Nautilus is maintained by veteran GNOME hackers Alexander Larsson and Dave Camp. Being such a core application in the GNOME desktop it is the topic of many discussions in and around GNOME. In a recent survey on gnomedesktop.org an interview about Nautilus was at the top of the wishlist. So to let everyone get the inside scope on what is happening with Nautilus currently I got hold of Alexander and Dave for a small interview."
GUI Packages FLTK 1.1.1 releasedVersion 1.1.1 of FLTK, the Fast, Light ToolKit is available. Change documentation is in the source code.
Interoperability Samba 2.2.6 and beyond!Samba 2.2.6 has been released with lots of bug fixes, particularly in printing and winbind.
Kernel Cousin WineIssue #140 of Kernel Cousin Wine is out. Topics include Xandros & CodeWeavers, a Listview Update, a Windows Code Migration Guide, Adding -DSTRICT Capability, Using wineconsole, Threading In Winelib Apps, and Large Screen Buffers for the Debugger.
Office Applications AbiWord Weekly NewsIssue #114 of the AbiWord Weekly News is out with the latest AbiWord word processor development news, and even includes a yo mama joke, gratis.
Bluefish GTK+-2 port is nearing completion!The GTK+-2 port of the Bluefish graphical HTML editor tool is nearing completion. Testers are needed.
Web Browsers Mozilla 1.2b releasedVersion 1.2b of Mozilla has been released. Improvements include type ahead find, GTK theme pickups, link prefetching, filter after the fact capabilities for Mozilla Mail, the ability to show toolbars as text, icons, and both, launching with multiple tabs defined, XFT support, and more.
mozillaZineThe latest mozillaZine topics include an article on XML-Based GUIs, the upcoming Phoenix 0.4 Release, finding Phoenix bugs, Xft Antialiased Font Support for Linux, Bugzilla Search Defaults Changing, Mozilla 1.2 Beta News Articles, the growing Phoenix Community, and more.
Mozilla Status UpdateThe October 17, 2002 edition of the Mozilla Status Update is out. Topics include Phoenix 0.3, Minotaur, prefetching issues, the release of Mozilla 1.2b, Xft/fontconfig, Palm sync, a tree lockdown for the 1.2 release, Independent project status updates, and more.
Languages and Tools Caml Caml Weekly NewsTopics on this week's Caml Weekly News include IFAD-1.0.2, MLdonkey 2.00, Operator overloading, a OCaml-SOAP library bug fix, and the ICFP 2002 Programming Contest Write-up.
The Caml HumpThis week, the new software on The Caml Hump includes GlSurf, a program that draws surfaces from their implicit equations.
Java XML to PDF? Oh, FOP It.Vikram Goyal illustrates FOP on O'Reilly. "Formatting Objects Processor (FOP) is an open source Java API that can convert your XML data into reports in PDF format, as well as such other relevant formats as TXT, SVG, AWT, MIF, and PS. The software is developed under the Apache XML project and is free to use. This article shows your how to get started with FOP. The primary advantage of FOP is its ability to convert XML data into reports in the PDF format, using a formatting tree. Most of the examples we'll cover will concentrate on this particular conversion, but we will also cover converting XML data to the Java AWT format."
Guidelines for using the Java 2 reference classes (IBM developerWorks)IBM developerWorks has an article on Java 2 reference classes. "The Java 2 platform introduced the java.lang.ref package, which contains classes that allow you to refer to objects without pinning them in memory. The classes also provide a limited degree of interaction with the garbage collector. In this article, Peter Haggar examines the functionality and behavior of the SoftReference, WeakReference, and PhantomReference classes and recommends programming idioms for their use."
Perl This Week on perl5-porters (use Perl)The October 14-20, 2002 edition of This Week on perl5-porters includes a charnames patch follow-up, a discussion on how to leak scalars with threads, and lots of bug fix reports.
This week on Perl 6 (O'Reilly)The O'Reilly This week on Perl 6 for October 7-14 is out. Topics include The Pumpking Is Dead, Long Live the Pumpking!, Variables Have Three Parts, Line Number Metadata, a New Array Base, Parrot_sprintf, Nuke dem opcodes, a Getting Started Guide, Larry Explains All, the Perl6 OO Cookbook, and more.
PHP PHP Weekly SummaryTopics on this week's PHP Weekly Summary include 4.3.0 pre2, a new PHP for Netware, a Ming and Streams incompatibility bug, removing apidoc.txt, a ZIP extension fix, PHP XML flexibility, a fix for parse_url() problems, removing short tags, $_GET, $_POST, $_COOKIE, $_FILES == $_REQUEST?, and an Oracle extension talk.
Python Dr. Dobb's Python-URL! - October 21, 2002Here's the latest Python-URL with all your weekly Python news and links.
The Daily Python-URLThis week's Daily Python-URL looks at articles on the Relationship Manager pattern class, how ActiveState manages to work in both the proprietary and Open Source worlds, Beginning Python for bioinformatics, Streamlining DOM XML processing with Python, XIST 2.0, A Tour of 4Suite, TextIndexNG Extensions 1.05, and more.
Ruby The Ruby Weekly NewsTopics on this week's Ruby Weekly News include an experimental FAQ facility, Ruby and the Linux kernel, and a collaborative Ruby book. New Ruby software includes FXRuby-1.0.14, MIME::Types 1.003 for Ruby, RDE0.9.8.0, Text::Format 1.003 for Ruby, and Rimport 0.0.1.13.
Scheme Scheme Weekly NewsThe Scheme Weekly News for October, 21, 2002 is out. The topic list includes: Paper added to ReadScheme library, Quack 0.14, SISC 1.6.1 beta, dotLisp, Implementation of MD5, Gauche 0.6.4, and Serveez 0.1.4.
Tcl/Tk Dr. Dobb's Tcl-URL!The October 21, 2002 Dr. Dobb's Tcl-URL! is out with lots of Tcl development news.
XML A Tour of 4Suite (O'Reilly)Uche Ogbuji writes about the 4Suite project on O'Reilly. "Mike Olson and I began the 4Suite project in 1998 with the release of 4DOM, and it quickly picked up an XPath and XSLT implementation. It has grown to include Python implementations of many other XML technologies, and it now provides a large library of Python APIs for XML as well as an XML server and repository system. In this article and the next, I'll introduce just the basic Python library portion of 4Suite, which includes facilities for XML parsing (complementing PyXML), RELAX NG, XPath, XPatterns, XSLT, RDF, XUpdate and more."
XML and Web Services (Dr. Dobb's)Dr. Dobb's Journal has an online list of XML and Web Services resources with pointers to lots of interesting articles.
Beep BEEP! (O'Reilly)Rich Salz writes about BEEP on O'Reilly. "This article is the last in a series examining how one might go about sending binary data as part of a SOAP message. This month we look at BEEP, the Blocks Extensible Exchange Protocol."
Use recursion effectively in XSL (IBM developerWorks)Jared Jackson talks about XSL recursion on IBM developerWorks. "Using XSL transformations effectively and efficiently requires understanding how to use XSL as a functional language, and this means understanding recursion. This article introduces the key concepts of recursion and its particular use in XSL. Techniques for optimizing XML translations and avoiding errors while using recursion are also explained. Each concept and technique is accompanied with example code for the reader's reference."
What is XQuery? (O'Reilly)Per Bothner writes about XQuery on O'Reilly. "The W3C is finalizing the XQuery specification, aiming for a final release in late 2002. XQuery is a powerful and convenient language designed for processing XML data. That means not only files in XML format, but also other data including databases whose structure -- nested, named trees with attributes -- is similar to XML. XQuery is an interesting language with some unusual ideas. This article provides a high level view of XQuery, introducing the main ideas you should understand before you go deeper or actually try to use it."
Page editor: Forrest Cook Linux in the news Recommended Reading Xbox hackers break new security measures (Register)The Register says Xbox security measures have been broken by Linux hackers. "The complex new security system, which was thought to disable the operation of all previously existing mod chips, was broken in under a week of work by a UK-based group of enthusiasts keen to get the Linux operating system running on Xbox hardware."
Five reasons why LPIC outpaces Red Hat's RHCE (ZDNet)This ZDNet article about certification is written by an author who used to recommend Red Hat's RHCE, but who now thinks that Linux Professional Institute has a better product. "The open source movement emphasises community participation. The concept of ownership by a single vendor goes against the Linux grain, and several distributions vie for attention. It's natural, then, that a vendor-independent Linux certification will appeal to members of the open source community. A vendor-independent exam is a natural fit."
Open source projects a challenge (ZDNet)ZDNet has discovered that managing free software projects can be difficult. "What some managers don't realize is that by taking on a project, you must essentially remove yourself from the developer's chair whenever the community needs your attention. Responsibility has to be delegated and information shared, or the bustling Bazaar will become a headless mob that could kill the project."
Lessons from the Internet Bookmobile (O'Reilly)Richard Koman covers the tour of the Internet Bookmobile on O'Reilly. "Cruising in a high-tech-equipped bus, Richard Koman joined Brewster Kahle on a cross-country crusade in the Internet Bookmobile to provide lessons to school kids in the applications of the public domain. Read their experiences as they stopped at various schools--taking ASCII text versions of public domain works available online and letting the kids turn them into books."
Companies IBM says net income flat (News.com)News.com looks at IBM's quarterly results. "...sales of new computing capacity increased 7 percent, 45 percent of that driven by customers using the Linux operating system, IBM said."
IBM now sponsoring Samba.orgIBM is now providing web hosting for the samba.org site.
Linux company plans German lab (News.com)News.com covers a partnership between Linux NetworX and Fraunhofer Institute. "Under the partnership announced Thursday, Linux NetworX and the institute will jointly research technologies for linking Linux systems into a supercomputer "cluster." In addition, the center will help the company support European customers such as the Netherlands branch of Shell Oil or the Boehringer Ingelheim pharmaceutical company in Germany."
Ballmer baulks at Oz Xbox chippers charter (Register)The Register reports on Microsoft president Steve Ballmer's recent trip to Australia, and what he thinks of Xbox hackers. "Linux? No, no matter how heroic the team from the Xbox Linux Project is, Microsoft is not going to lose huge swathes of revenue because all the purchasers run Linux instead and don't buy any games. Its Xbox software licensing regime will be disrupted (as is the case already for many players in the entertainment business) if it becomes less possible or impossible to divvy up licences by territory and police it via regionalisation, but one does wonder why the law should have to shore up something as daft and artificial as regionalisation."
Novell to Include MySQL in NetWare 6 (eWeek)eWeek covers a Novell announcement that MySQL will be included in future releases of NetWare. "Some Novell customers agree. Deutsche Lufthansa AG approached Novell some time ago and suggested it provide Apache, MySQL and PHP on NetWare."There is strong demand from companies, like Lufhansa, who want to run these applications on a platform that can provide strong support while offering time-tested reliability and performance," said Antonio Mastrolorito, who works for Lufthansa Systems Infratec, the airline's IT infrastructure solutions group." See also this press release. (Thanks to Lenz Grimmer)
Prometric / Linux Professional Institute announce joint testing promotionPrometric and the Linux Professional Institute (LPI) have joined forces to offer a US$20. discount for those who take LPI's Level One and Level Two exams at any Prometric North American test center.
Red Hat buy may mean speedy services (News.com)News.com reports on Red Hat's acquisition of NOCpulse, a start-up whose server-monitoring software is expected to bolster the services offered through the Red Hat Network. "The move helps advance Red Hat in a popular area of the computing industry: letting customers administer large groups of computers en masse instead of one-by-one as a way to cut administrative costs. This vision includes automated policies that ensure performance, move jobs from one computer to another to accommodate changing demands, or shut down malfunctioning equipment--features that all require monitoring software such as that provided by NOCpulse."
Sun Microsystems to Lay Off 4,400 Workers, Posts $111 Million Loss (San Jose Mercury News)The San Jose Mercury News reports on losses and layoffs at Sun Microsystems. "The Santa Clara computer maker announced the layoffs as it reported a net loss of $111 million, or 4 cents a share, for the first fiscal quarter ended Sept. 29, compared with a $180 million loss, or 6 cents a share, for the same period a year earlier. Revenue was $2.75 billion, down 4 percent from $2.86 billion a year earlier and down 20 percent from the previous quarter."
SuSE, Turbolinux pool Linux efforts (News.com)News.com reports that SuSE and Turbolinux announced a strategic agreement to jointly develop Linux operating system products, based on SuSE's Enterprise Server software, for IBM's higher-end servers. "UnitedLinux also put SuSE's software at the core, but that partnership only involved Intel processor-based servers. The new alliance covers IBM's mainframe zSeries systems, its Unix pSeries systems and its mid-range iSeries systems."
Business Commentary: Linux's foot in the door (News.com)Here's another analyst pronouncement on News.com; this one is from Forrester Research, and it is highly positive. "Long thought of as a fledgling operating system, Linux is now ready for prime time. CIOs have many new reasons to be confident that they'll get quality Linux support from their largest application vendors and systems integrators."
Wall Street Leans Toward Linux (Computerworld)Here is a Computerworld article about the growing use of Linux on Wall Street. "With a handful of key Wall Street Brokerage firms acting as icebreakers, Linux is quickly gaining ground on Unix and Windows as a mission-critical operating system within the securities industry. The attractions: its flexibility across systems and the savings it yields through the use of comodity hardware."
Crash test penguin? Chrysler meets Linux (News.com)News.com reports on the DaimlerChrysler purchase of 108 dual-processor Linux workstations from IBM to run car-crash simulations. "DaimlerChrysler has been using computers to simulate crashes since the early 1990s, first with single supercomputers, then with clusters of systems running Unix. Now the company is switching to less-expensive systems with Intel processors running Red Hat's version of the Linux operating system, DaimlerChrysler said." (See also this press release).
Indian Government's Reported Move Makes News, Then Fuels Skepticism (Linux Journal)Linux Journal looks into India's commitment to Linux. "Is India serious about Linux in education, or just setting the stage to ask Microsoft founder Bill Gates for a handout when he visits in November? Economic Times, India's most influential business newspaper, has dropped hints of government plans to push a "countrywide drive" to promote GNU/Linux as the "platform of choice". But Indian enthusiasts of Free/Libre Software and open source are treating the promises with skepticism, if not downright suspicion."
Legal Visa tangle delays DMCA case (News.com)The ElcomSoft trial has been delayed according to this News.com article. "The trial, the first criminal test of the Digital Millennium Copyright Act, was originally scheduled to start Monday in San Jose, Calif. It is now slated to begin Dec. 2, to give lawyers time to get permission from immigration authorities for ElcomSoft programmer Dmitry Sklyarov and CEO Alex Katalov to enter the United States."
Interviews What Makes Xandros Tick? (Consulting Times)The Consulting Times interviews Ming Poon, the Xandros VP for software development. "We're trying to key up to a desktop where people can just install and start doing work, as opposed to the competition where you install it and half of the things on the desktop may not work or they are very hard to use.Corporations also want us to provide them with end-to-end solutions. They call one phone number to get all their support from one place. They ask, 'Do you have a server solution too'? We will do a server version, and we will develop enterprise management tools to help large corporations to deploy the desktop installation."
Consulting Times interviews Jeremy WhiteConsulting Times has an interview with Jeremy White, CEO of CodeWeavers. "Xandros is incorporating customized versions of CodeWeavers CrossOver Office and CrossOver Plugin solutions into its long-awaited Linux distribution, slated for release around the end of October. This CrossOver for Xandros package allows users to easily install and use critical office programs -- most notably Microsoft Office -- directly under Linux, without the need to purchase a Microsoft Windows license. To get a take on what this alliance means for the future of the Linux desktop, ConsultingTimes contacted Jeremy White, CodeWeavers founder and CEO. What resulted was a fascinating and wide-ranging discussion on a number of questions, including What will Microsoft do to retaliate?" Thanks to Steve Harris.
Resources Embedded Linux NewsletterThe October 17, 2002 LinuxDevices Embedded Linux Newsletter is out with the week's embedded Linux news.
GRUB in Debian HOWTO, Version 1.0 (Linux Orbit)LinuxOrbit.com looks at how to use GRUB on a Debian system. "Why use GRUB instead of LILO? Well, if you're reading this HOWTO, you're likely to already have your reasons for switching. But to give a couple quick reasons, you only install GRUB in your MBR once, it doesn't need to be reinstalled each kernel change like LILO, and you can also edit the boot entries, etc. from GRUB itself without having to boot first and change the config file. These are just some of my reasons, you can find more for yourself - but how do you set it up the Debian way?"
'Dogs' of the Linux Shell (Linux Journal)Linux Journal asks the question, "Could the command-line tools you've forgotten or never knew save time and some frustration?"
Reviews New KDE desktop: Tricks and treats (ZDNet)ZDNet reviews KDE 3.1. "KDE 3.1 is due at the beginning of November, and the visual difference from its predecessor--version 3.0--will be immediately obvious, the group hopes. The software will ship with an icon set called Crystal and a new theme called Keramik, both of which have hints of Apple's Aqua interface in Mac OS X and Microsoft's Windows XP styling. It will use a new theme manager and windows will have drop-shadows to give the desktop a three-dimensional look."
OpenPKG reviewed (Sys Admin Magazine)Sys Admin Magazine reviews OpenPKG. " In this article, we will explore OpenPKG, a software development and packaging project initiated by Cable & Wireless, an international Internet Service Provider. The OpenPKG project began in November 2000 and has grown into a collaborative software development effort managed and maintained by many. The project aims to create a modular and flexible UNIX subsystem for cross-platform software packaging and installation." Thanks to Ralf S. Engelschall.
SuSE Linux Delivers Bundled OS, E-mail, Groupware (TechWeb)TechWeb reviews SuSE's Linux Openexchange Server product. "Linux software vendor SuSE Linux on Wednesday introduced the SuSE Linux Openexchange Server, an open-source e-mail/collaboration platform it's pitching as a cheap alternative to Microsoft and Lotus programs. It's designed to serve organizations with 10 to 500 users, the company said."
Sysmar Personal Computer reviewThe Philadelphia Inquirer gives a fairly mixed review of Wall Mart's under-$200 Sysmar Linux PC. "As admirable as this operating system is, it is virtually inaccessible to anyone who does not understand coding and programming. Looking at its list of directories, files and utilities is like gazing upon the inscriptions on an Egyptian tomb."
ViaVoice and XVoice: Providing Voice Recognition (Linux Journal)Linux Journal reviews two Linux voice recognition systems, IBM's commercial ViaVoice and the GPL licensed XVoice. "Conversing with a computer has long been a staple of science fiction. Such conversations are still largely in the realm of fiction, but voice recognition technology has improved significantly over the last decade. A number of voice recognition and control products are available on various platforms. Many people don't realize, however, that it is possible to control the Linux desktop by voice, and it has been possible for some time."
Miscellaneous MS Palladium boss to debate TCPA with Anderson, Cox (Register)The Register covers what they say will be the "trusted computing face-off of the year", a debate between John Manferdelli, Ross Anderson and Alan Cox. "It is of course possible that they'll all agree, although if so it's not immediately obvious about what. John Manferdelli is general manager of Microsoft's Palladium business unit, and you can get an idea of where he's coming from here, while some of Ross Anderson of Cambridge Computer Labs' fears and doubts about TCPA/Palladium are expressed here. Lead Linux kernel developer Alan Cox you probably know about too, and he'll be dealing with the issue as regards open source."
Scottish Power disconnects Linux users (Register)The Register reports that Linux and Opera users are barred from Scottish Power's online services. "OK so then he tried using a Mozilla browser, with cookies enabled, only to be told he couldn't use a Linux machine either. So then he tried Opera on a Windows PC. Still no good."
Page editor: Forrest Cook Announcements Commercial announcements Dell cluster deployed at the University of UtahDell has sent out a press release on its latest Linux cluster deployment: a 128-node system at the University of Utah dedicated to modeling the handling of hazardous materials. The company also cites a new IDC study stating that Dell is now the largest vendor of Linux clusters, with 40% of the market.
HP Supercomputer to be Deployed at Ohio Supercomputing Center for Advanced ResearchHP has announced that the Ohio Supercomputer Center (OSC) will deploy an HP supercomputer based on a cluster of more than 150 Intel(R)Itanium(R) 2-based HP Workstation zx6000 systems. The HP cluster will use Myricom's Myrinet high-speed interconnect and run the Red Hat Linux Advanced Workstation, a 64-bit Linux operating system.
Lycoris and Transgaming say: Suddenly, Gamers don't need WindowsLycoris and Transgaming have announced a partnership "to bring unprecedented cross-platform gaming into the hands of Desktop/LX users."
MySQL Database Sales Hit Record HighMySQL AB announced that its quarterly sales period ending September 30, 2002, was the most profitable in the company's history.
Former Great Bridge Exec starts manufacturing software company based on open sourceOpenMFG, LLC announced the launch of its first product, a fully integrated manufacturing, distribution and finance software suite aimed directly at small entrepreneurial manufacturers (SEMs). The product is built with the Linux operating system, the PostgreSQL database and the "Qt" toolkit for C++.
Arrow Electronics' Support Net Division Opens Resellers' Eyes to New E-OpportunitiesThe Support Net Division of Arrow Electronics, Inc. has announced a cooperative marketing agreement with IBM and eOne Group, a vertically focused ISV. "In the YKK implementation, IBM's eServer iSeries offering on a Linux platform was selected because of Linux's growing popularity in online retail POS environments and its expanding credibility for web-serving applications. Additionally, an open source code like that of Linux offers the customer flexibility, along with a low-cost solution."
LynuxWorks to Integrate OSDL Carrier-Grade Linux Specifications to Upcoming Versions of BlueCat LinuxLynuxWorks has announced support for the specifications of the Open Source Development Lab's Carrier-Grade Linux specification (CGL) v1.0. LynuxWorks also announced plans to integrate the feature set of CGL v1.0 into next-generation versions of LynuxWorks' embedded Linux operating system, BlueCat(R) Linux, in early 2003.
Mandrakesoft: Fiscal Year 2001/2002 Revenues Up 28%MandrakeSoft consolidated revenues for fiscal year 2001-2002 increased by 28% to 4.6 MEuro. This performance, during a time of particularly difficult market conditions throughout the software industry, is the result of successful new product lines.
Danish Board of Technology: Public administration can save billions using Open Source softwareThe Danish Board of Technology released a report about the economic potential in using Open Source software in the public administration which showed a potential at 3.7 billions Danish Kroners (500 million EUR) over four years.
Resources IBM Linux ResourcesIBM editors have selected these Linux resources from developerWorks and IBM product sites. "This collection includes Web-based tutorials, on-demand Webcasts, classes in your area, offers for developerWorks CDs with Linux tools, as well information and links where you can download IBM tools and middleware direct from WebSphere, DB2, and Lotus. All of these resources are available free of charge."
Linux PDA Guide updateLinuxDevices has posted an updated version of its Linux PDAs Quick Reference Guide. "LinuxDevices.com is pleased to announce a major update to our highly popular Linux PDAs Quick Reference Guide. The guide provides a comprehensive survey of Linux-based handheld computers and PDAs for both general purpose and specialized mobile computing applications, that are either newly released or in various stages of development."
New ecasound documentation online!The Ecasound audio tool online documentation has been updated. "Latest versions of Ecasound User's Guide, Ecasound Programmer's Guide and Ecasound Control Interface Guide are now online in both PDF and HTML formats. The online source-code documentation is also updated."
500 jobs at jobs.perl.org (use Perl)For the unemployed Perl hackers, usePerl mentions that there are many Perl jobs available now. "Ask writes "jobs.perl.org had job 500 submitted today. That's a bit more than one per day in the time we have had the site.""
Upcoming Events Lightweight Languages 2002 CFPA call for participation has been issued for the Lightweight Languages Worshop 2002 (LL2), to be held on November 9, 2002 at MIT in Cambridge, MA.
Lilax MySQL sessionLilax will be holding a special meeting featuring Zak Greant, on October 26, 2002 in Torrance, CA. "Lilax is pleased to annouce an additional special session! Zak Greant from MySQL puts on a full day seminar covering this popular open source database. The sessions will also include introductory and advanced topics in PHP, Apache, MySQL development and much more."
PostgreSQL class in AtlantaBruce Momjian will be teaching a class on the PostgreSQL database in Atlanta, GA. on January 20-24, 2003.
The Solutions Show in Toledo, OhioAn event known as The Solutions Show, the third midwest Linux regional expo and conference, will be held in Toledo, Ohio, on October 30-31, 2002.
Linux Kernel Network Programming CourseA Linux Kernel Network Programming course will be offered by Axian, Inc. and the Oregon Graduate Institute Center for Professional Development. The course will be held in December, 2002 and Februrary, 2003.
Linux InstallfestsA Linux install-fest has been scheduled for November 23, 2002 in Victoria (Australia).Also, check out the coverage of a recent installfest that took place in LaPaz, Bolivia at 11,000 feet, possibly a new altitude record for group Linux installation.
Events: October 24 - December 19, 2002
Web sites New LinuxFr.orgLinuxFr.org has changed its website. It is now xhtml 1.0 valid, and it features a new template system (Templeet) which made the load much smaller. It has taken months of developement. LinuxFR is still completly independant and a good source of Linux news in the French language.
mnoGoSearch site usageUsers of the mnoGoSearch web site search engine may want to register their sites with the mnoGoSearch users mapping project.
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Miscellaneous GNU/FSF email outage notice (2002-10-16 to 2002-10-18)The Free Software Foundation temporarily lost its T1 connection in its main offices due to a flood. They are back up now, but they are asking for help to insure that this won't happen again.
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
