LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for April 14, 2005Fedora leaves a vast legacyThe announcement of the second Fedora Core 4 test release heralded a somewhat less-publicized event: support for Fedora Core 2 has been transferred to the Fedora Legacy Project. This is only the second time such a transition has occurred, so there are still a number of interesting questions being raised about just how this transition is supposed to work.One such question is: what should be done about unresolved bugs in Fedora Core 2? There are quite a few of those; about 600 for the kernel alone. Is the Fedora Legacy group expected to take on all of those bugs? In most cases, the answer is "no"; Fedora Legacy exists to provide ongoing security support, and not random bug fixes. So most of those bugs could simply be closed. As project member Matthew Miller noted, however, that is not the case for all of them:
Um, because some of them are security bugs that they never got
around to fixing. That's kind of annoying (Fedora security process
definitely seems to be disturbingly low priority -- see the
perl-suid buffer overflow trivial root exploit, for example) but I
don't really care whose responsibility it ought to be, since there
are people who are depending on us to make available patches to
secure their systems.
(The mentioned Perl vulnerability has been fixed by several distributors, including Red Hat, but not Fedora). So somebody needs to go through all of the open bugs, figure out which ones are security-related, and close all of the bugs which Fedora Legacy will not even attempt to fix. Not a small job. As it turns out, there does not appear to be consensus even on that approach, however. Many of the bugs reported for Fedora Core 2 still exist in subsequent Fedora releases. What really needs to be done with those bugs is to redirect them to Fedora Core 3 and hope they get more attention there. Other bugs may have security implications which have not yet become evident. In any case, a wholesale closing of Fedora Core 2 bugs may not be the right thing to do. When LWN last looked at Fedora Legacy (in January), the project appeared to have stalled. One might well ask how the project will cope with a new distribution and a massive pile of bugs when it has not been able to keep up with the responsibilities it already had. The good news is that, in February, the Fedora Legacy process got moving again, and the flow of updates has resumed. Fedora Legacy is back in the business of providing support for older Fedora Core releases - and Red Hat Linux 7.3 and 9 as well. One should note, however, that no advisories have come out, as of this writing, since March 24. Fedora Legacy is a small, volunteer-driven project. It remains to be seen whether it can take on another large distribution now - followed by Fedora Core 3 sometime around September. At some point, something will have to give. At the FUDCon meeting in February, Red Hat said that it wanted to beef up the Fedora Project to gain back some of the "early adopters" it had alienated. Perhaps providing longer-term, stable support to the Fedora releases would be a good step in that direction.
The Monotone version control systemVersion Control Systems (VCS) have always been of great interest to the Linux and open source community, but the the topic has gained new life in recent weeks thanks to the BitMover announcement that it's ending development of its free (as in beer) tool. Since Subversion has already been ruled out, that leaves the door open for one of the many other open source VCS. One of the alternatives which has been considered by Linus Torvalds for kernel development is Monotone.Monotone is a distributed version control system that supports 3-way merges, peer-to-peer synchronization and runs on several platforms -- Linux, Windows, Solaris, Mac OS X and other Unix-like systems. The project is available under the GPL and just a bit over two years old. The first release was created by Graydon Hoare and pushed out on April 6, 2003. The most recent release, 0.18, was announced on April 11. Monotone has much to recommend it, feature-wise. It supports atomic commits, allows versioned file and directory renames (as opposed to CVS, where moving a file or directory causes loss of the file history) and uses SHA1 checksums to identify files, directories and revisions. Information about a source tree is kept in a SQLite database, which is synchronized against remote databases or the local working copy. The command set is relatively easy to pick up, and the documentation is very clear as well. Torvalds does have a few gripes about Monotone, for example, he complains that it's "much harder than it should be to have throw-away trees due to the fact that they seem to be working on the assumption of 'one database per developer' rather than 'one database per tree'" though it is not necessary to follow the "one database per developer" model. Torvalds has also complained about the performance of Monotone; this issue, by itself, appears to have been sufficient to make him look elsewhere. There was a brief discussion on the mailing list about the opportunity to boost awareness of Monotone, and it seems that the team is working on improvements. One user on the Monotone-devel mailing list complained that it took more than two hours to pull the source, using 0.17. According to the release notes for 0.18, the new release improves "most operations sped up by a factor of 2 or better; many sped up by several orders of magnitude." Torvalds also gets a special "thank you" in the notes. LWN readers interested in examining the various open source VCS might find the Version Control System Comparison useful, as well as this essay on systems. The Monotone webpage also provides a list of other version control systems, should Monotone fail to meet your needs. In the long run, BitMover's exit from kernel development version control may be a boon for the open source community. While the kernel team will have to deal with some short-term pain in finding a replacement, it may provide a helpful boost to open source VCS to reach parity or even, eventually, move ahead of BitKeeper's feature set.
On polite Linux advocacyBack in September, 1998, the LWN front page carried an article asking our readers to take a calm and respectful approach to those who criticize Linux. There were some magazine writers - long since disappeared from the scene - who had great fun with the inflammatory and childish responses they got from a few people when they ran critical articles. LWN pointed out that going on the attack against Linux critics rarely changed their mind, and, more often, just gave them material to use in portraying the Linux community as a group of unruly fanatics.The better part of seven years later, little has changed. Laura DiDio is now having a field day talking about the Linux "nut jobs" who send her threatening mail and call her at home. This kind of press does not help us. Since the beginning, Linux has had its opponents in the press and the "analyst" industry. Sometimes their criticisms have been fair and well founded; other times they have been silly or overtly biased. Linux was just a toy, you could lose your job by using it, it is not as secure, its total cost of ownership is higher, it has intellectual property problems, it's too complicated for mere mortals to use, it's going to fragment into a thousand incompatible pieces, etc. All of these hostile articles and analyst studies have one thing in common: not a single one of them has slowed the development or uptake of Linux in any significant way. Even the more accurate and justified criticisms have served mostly as "to do" lists for near-term development; the rest has simply vanished without a trace. When a writer or "analyst" comes out with something silly, by all means send in a polite, well-written correction. Then get on with life. These people are not worth getting worked up over, and they certainly are not worth flaming or harassing. The current crop of nay-sayers is unlikely to have any more real effect than its predecessors. But we'll still be here; let's try to behave in a way that we'll be proud of in the future.
Security An OpenOffice.org vulnerabilityMany OpenOffice.org users have felt secure in using OpenOffice.org to open Microsoft Office files, assuming that the malware that attacks Microsoft Office would not affect the OpenOffice.org suite. That may well be true, but it looks like the OpenOffice.org suite has a problem of its own. The OpenOffice.org suite has a vulnerability in its handling of .doc files. The flaw was discovered at the end of March, and was reported to the full-disclosure mailing list on Monday. The vulnerability affects the 1.1.4 and 2.0 series of the OpenOffice.org suite. It's unclear whether the vulnerability affects StarOffice, but it seems likely that it would.
According to the Secunia
advisory the problem is a boundary error in the
" We touched base with OpenOffice.org community manager Louis Suarez-Potts about the bug. According to Suarez-Potts, work "began immediately" when the vulnerability was discovered, and the project is testing the patch on all platforms and languages supported by the OpenOffice.org suite. At this time, Suarez-Potts says that the project is not aware of any real-world exploits of this vulnerability. The vulnerability exists on all platforms, but he said that he has "no idea" if it would be possible to craft a document to do something harmful on all platforms, or if it would only be possible to target one platform with a malformed .doc file. It does seem likely that the OpenOffice.org project will be targeted more frequently by malware authors as it gains in popularity, though Suarez-Potts says that OpenOffice.org is "not as fun a target as MSFT." This should serve as a cautionary tale for users of the OpenOffice.org suite. While this particular vulnerability was discovered before any exploits appeared in the wild, it's possible that exploits for future vulnerabilities could appear before the first report. Even though OpenOffice.org has a much better track record than Microsoft Office, users should exercise caution when opening any document from an untrusted source. The LWN vulnerability database entry for this bug will track updates as they become available.
New vulnerabilities Axel: vulnerability in HTTP redirection handling
gld: multiple vulnerabilities
junkbuster: heap corruption and settings modification
kernel: arbitrary code execution, DoS
OpenOffice.org: .doc parser buffer overflow
phpMyAdmin: cross-site scripting
rsnapshot: symlink vulnerability
Updated vulnerabilities a2ps: input validation error
cdrecord: insecure temp file
cpio - file permissions error
cURL: buffer overflow
cyrus-imapd: buffer overflows
dhcp: format string vulnerability
Dnsmasq: poisoning and DoS
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
evolution: arbitrary code execution
evolution: message crash vulnerability
f2c: insecure temp files
Foomatic: Arbitrary command execution in foomatic-rip
gaim: client freezes
gaim: buffer overflow, DoS
gtk-pixbuf, gtk2: denial of service
gettext: Insecure temporary file handling
gftp: missing input sanitizing
ghostscript: symlink vulnerabilities
glibc: Information leak with LD_DEBUG
glibc: tempfile vulnerability in catchsegv script
gnupg: information leak
grip: buffer overflow
groff: insecure temporary directory
gtkhtml: malformed messages cause crash
htdig: cross site scripting
imap: buffer overflow in c-client
imlib2: buffer overflows
kdelibs: unsanitzied input
kdelibs: dcopserver vulnerability
kernel: multiple vulnerabilities
kernel: multiple vulnerabilities
libdbi-perl: insecure temporary file
libexif: improper validation
libgd2: buffer overflows in PNG handling
libtiff: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
limewire: input validation errors
lvm10: creates insecure temporary directory
mailman: path traversal
mc: buffer overflow
MediaWiki: multiple vulnerabilities
mikmod: buffer overflow
mod_python: remote access vulnerability
mysql: several vulnerabilities
MySQL: input validation and temporary file vulnerabilities
nasm: Buffer overflow vulnerability
ncpfs: multiple vulnerabilities
nfs-utils: denial of service
nfs-utils: arbitrary code execution
openssl: der_chop script temp file vulnerability
OpenSSL: denial of service vulnerabilities
Opera: multiple vulnerabilities
perl: setuid vulnerabilities
perl: symlink vulnerability
php4: denial of service vulnerabilities
postgresql: EXECUTE privilege vulnerability
python: illegal function internals access
qt3: BMP image parser heap overflow
remstats: tempfile, missing input sanitizing
rp-pppoe, pppoe: missing privilege dropping
ruby: infinite loop
samba: integer overflow vulnerability
sharutils: arbitrary code execution
sharutils: insecure temporary files
smarty: remote code execution
SpamAssassin: Denial of Service vulnerability
SquirrelMail: multiple vulnerabilities
sudo: environment variable sanitizing
sylpheed: buffer overflow
sylpheed: buffer overflow on message
File overwrite vulnerability in tar and unzip
telnet: buffer overflows
tiff: buffer overflows
UnAce: buffer overflow and directory traversal
wu-ftpd: missing input sanitizing
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xloadimage: missing input sanitizing, integer overflow
xorg-x11: integer overflows
xpdf: buffer overflow
zlib: denial of service
Resources Linux wins on security in survey of 6,000+ software developersHere's a press release about the first annual Security Issues Survey, to be presented at the Software Security Summit conference in La Jolla, California. BZ Research polled 6,344 software development managers about the security of different popular enterprise operating environments and Linux and open source consistently topped Microsoft Windows, according to respondents.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current stable 2.6 release is 2.6.11.7, released on April 7. It contains several fixes, including the BIC collision window fix discussed last week's Kernel Page.The current 2.6 prepatch remains 2.6.12-rc2. Kernel development has slowed significantly while the source code management issues are being worked out - see below. The current -mm tree is 2.6.12-rc2-mm3. Recent changes to -mm include a big x86-64 update, an NFSv4 update, some scheduler tweaks, the removal of the last user of the deprecated inter_module functions, and lots of fixes. The current 2.4 kernel remains 2.4.30; no 2.4.31 prepatches have been released.
Kernel development news Quotes of the week
My second plan is to make somebody else so fired up about the
problem that I can just sit back and take patches. That's really
what I'm best at. Sitting here, in the (rain) on the patio,
drinking a foofy tropical drink, and pressing the "apply"
button. Then I take all the credit for my incredible work.
-- Linus Torvalds
There are a number of very good Linux kernel developers, but they
tend to get outshouted by a large crowd of arrogant fools. Trying
to communicate user requirements to these people is a waste of
time. They are much too "intelligent" to listen to lesser mortals.
-- Jack O'Quin
The guts of gitNow that BitKeeper is no more, how will the kernel development process function? In the short term, the answer is "painfully." The rest of the 2.6.12 process looks like the good old days: patches emailed to Linus, who will apply them (hopefully) and occasionally release a snapshot tree. That mode might work for the short term, since only bug fixes should be merged before 2.6.12 comes out, but nobody wants to try to run the process that way for any period of time. The kernel team needs much better patch and workflow support if it is going to sustain a reasonable development pace. So a replacement for BitKeeper will have to come from somewhere.For a while, the leading contender appeared to be monotone, which supports the distributed development model used with the kernel. There are some issues with monotone, however, with performance being at the top of the list: monotone simply does not scale to a project as large as the kernel. So Linus has, in classic form, gone off to create something of his own. The first version of the tool called "git" was announced on April 7. Since then, the tool has progressed rapidly. It is, however, a little difficult to understand from the documentation which is available at this point. Here's an attempt to clarify things. Git is not a source code management (SCM) system. It is, instead, a set of low-level utilities (Linus compares it to a special-purpose filesystem) which can be used to construct an SCM system. Much of the higher-level work is yet to be done, so the interface that most developers will work with remains unclear. At the lower levels, Git implements two data structures: an object database, and a directory cache. The object database can contain three types of objects:
The object database relies heavily on SHA hashes to function. When an object is to be added to the database, it is hashed, and the resulting checksum (in its ASCII representation) is used as its name in the database (almost - the first two bytes of the checksum are used to spread the files across a set of directories for efficiency). Some developers have expressed concerns about hash collisions, but that possibility does not seem to worry the majority. The object itself is compressed before being checksummed and stored. It's worth repeating that git stores every revision of an object separately in the database, addressed by the SHA checksum of its contents. There is no obvious connection between two versions of a file; that connection is made by following the commit objects and looking at what objects were contained in the relevant trees. Git might thus be expected to consume a fair amount of disk space; unlike many source code management systems, it stores whole files, rather than the differences between revisions. It is, however, quite fast, and disk space is considered to be cheap. The directory cache is a single, binary file containing a tree object; it captures the state of the directory tree at a given time. The state as seen by the cache might not match the actual directory's contents; it could differ as a result of local changes, or of a "pull" of a repository from elsewhere. If a developer wishes to create a repository from scratch, the first step is to run init-db in the top level of the source tree. People running PostgreSQL want to be sure not to omit the hyphen, or they may not get the results they were hoping for. init-db will create the directory cache file (.dircache/index); it will also, by default, create the object database in .dircache/objects. It is possible for the object database to be elsewhere, however, and possibly shared among users. The object database will initially be empty. Source files can be added with the update-cache program. update-cache --add will add blobs to the object database for new files and create new blobs (leaving the old ones in place) for any files which have changed. This command will also update the directory cache with entries associating the current files' blobs with their current names, locations, and permissions. What update-cache will not do is capture the state of the tree in any permanent way. That task is done by write-tree, which will generate a new tree object from the current directory cache and enter that object into the database. write-tree writes the SHA checksum associated with the new tree object to its standard output; the user is well-advised to capture that checksum, or the newly-created tree will be hard to access in the future. The usual thing to do with a new tree object will be to bind it into a commit object; that is done with the commit-tree command. commit-tree takes a tree ID (the output from write-tree) and a set of parent commits, combines them with the changelog entry, and stores the whole thing as a commit object. That object, in essence, becomes the head of the current version of the source tree. Since each commit points to its parents, the entire commit history of the tree can be traversed by starting at the head. Just don't lose the SHA checksum for the last commit. Since each commit contains a tree object, the state of the source tree at commit time can be reconstructed at any point. The directory cache can be set to a given version of the tree by using read-tree; this operation reads a tree object from the object database and stores it in the directory cache, but does not actually change any files outside of the cache. From there, checkout-cache can be used make the actual source tree look like the cached tree object. The show-diff tool prints the differences between the directory cache and what's actually in the directory tree currently. There is also a diff-tree tool which can generate the differences between any two trees. An early example of what can be done with these tools can be had by playing with the git-pasky distribution by Petr Baudis. Petr has layered a set of scripts over the git tools to create something resembling a source management system. The git-pasky distribution itself is available as a network repository; running "git pull" will update to the current version. A "pull" operation, as implemented in git-pasky, performs these steps:
Petr's version of git adds a number of other features as well. It is a far cry from a full-blown source code management system, since it lacks little details like release tagging, merging, graphical interfaces, etc. A beginning structure is beginning to emerge, however. When this work was begun, it was seen as a sort of insurance policy to be used until a real source management system could be found. There is a good chance, however, that git will evolve into something with staying power. It provides the needed low-level functionality in a reasonably simple way, and it is blindingly fast. Linus places a premium on speed:
If it takes half a minute to apply a patch and remember the
changeset boundary etc (and quite frankly, that's _fast_ for most
SCM's around for a project the size of Linux), then a series of 250
emails (which is not unheard of at all when I sync with Andrew, for
example) takes two hours.
As if on cue, Andrew announced a set of 198 patches to be merged for 2.6.12:
This is the first live test of Linus's git-importing ability. I'm
about to disappear for 1.5 weeks - hope we'll still have a kernel
left when I get back.
If this test (and the ones that come after) goes well, and the resulting system evolves to where it meets Linus's needs, he may be unlikely to switch to yet another system in the future. So git is worth watching; it could develop into a powerful system in a hurry.
Some git updatesSince LWN's look at git was published, development has continued at a rapid pace. A number of features and capabilities have been added to the system. Look for an updated article at some future point when things stabilize somewhat.A mailing list has been set up to take discussion of git off linux-kernel. The list is called "git," and it is hosted on vger.kernel.org; sending a message containing "subscribe git" to majordomo@vger.kernel.org will get you onto the list. As of this writing, the traffic is not small. A couple of quotes from that list, that didn't quite make the "quotes of the week":
Trust me, not needing locking is a huge boon. I don't think people realize
just how much thought I've put into my database selection and what the
implications are.
-- Linus Torvalds
It's perfect, I tell you.
Sooner or later we'll find a flaw in it. Really! I mean, you've started
this OS thing 10+ years ago and we are still busy fixing it! ;)
-- Ingo Molnar
Linus has an experimental kernel repository on kernel.org, and has committed Andrew Morton's initial 200-patch bomb to it. It's in:
pub/linux/kernel/people/torvalds/kernel-test.git
for those who are interested. Commits to this repository are also being broadcast to the same "commits" list that tracked the BitKeeper repository. Here's an example patch for those interested in what a git commit looks like, or in the ioread/iowrite API change that your editor has not yet managed to cover on this page.
Extending netlinkThe netlink mechanism implements a special sort of datagram socket for communication between the kernel and user space. Most of the users of netlink are currently in the networking subsystem itself - netlink protocols exist, for example, for the management of routing table entries and firewall rules. Netlink is also used by SELinux and the kernel event notification mechanism.Use of netlink is relatively straightforward - for kernel developers who have some familiarity with the networking subsystem. To be able to communicate via netlink, a kernel subsystem must first create an in-kernel socket:
struct sock *netlink_kernel_create(int unit,
void (*input)(struct sock *sk, int len));
Here, unit is the netlink protocol number (as defined in <linux/netlink.h>), and input() is a function to be called when data arrives on the given socket. The naming of unit dates back to an early netlink implementation, which worked with virtual devices; unit was the minor number of the relevant device. The input() callback can be NULL, in which case user space will not be able to write to the socket. If there is an input() callback, it will be called whenever data arrives. That data will be represented in one or more sk_buff structures (SKBs) queued to the socket itself. So the core of a typical input() function will look something like:
struct sk_buff *skb;
while ((skb = skb_dequeue(sk->sk_receive_queue)) != NULL) {
deal_with_incoming_data(skb);
kfree_skb(skb);
}
Sending data to user space involves allocating an SKB, filling it with the data, and writing it to the netlink socket. Here is how the kernel events mechanism does it:
static int send_uevent(const char *signal, const char *obj,
char **envp, int gfp_mask)
{
struct sk_buff *skb;
char *pos;
int len;
len = strlen(signal) + 1;
len += strlen(obj) + 1;
/* allocate buffer with the maximum possible message size */
skb = alloc_skb(len + BUFFER_SIZE, gfp_mask);
pos = skb_put(skb, len);
sprintf(pos, "%s@%s", signal, obj);
/* copy the environment key by key to our continuous buffer */
if (envp) {
int i;
for (i = 2; envp[i]; i++) {
len = strlen(envp[i]) + 1;
pos = skb_put(skb, len);
strcpy(pos, envp[i]);
}
}
return netlink_broadcast(uevent_sock, skb, 0, 1, gfp_mask);
}
(Some error handling has been removed for brevity; see lib/kernel_uevent.c for the full version). The call to netlink_broadcast() sends the data in the SKB to every user-space process which is currently connected to the netlink socket. There is also netlink_unicast(), which takes a process ID and sends only to that process. Netlink writes can be restricted to specific "groups," allowing user-space processes to sign up for an interesting subset of the data written to a given socket. There is more to the netlink interface than has been presented here; see <linux/netlink.h> for the rest. Evgeniy Polyakov thinks that the netlink protocol is too complicated; it should not be necessary to understand the networking layer just to communicate with user space. His response is connector, a layer on top of netlink which is designed to make things simpler. The connector code multiplexes all possible message types over a single netlink socket number. Individual messages are distinguished by way of a cb_id structure:
struct cb_id
{
__u32 idx;
__u32 val;
};
idx can be thought of as a protocol type, and val as a message type within the given protocol. A kernel subsystem which is prepared to receive messages of a given type set up a callback with:
int cn_add_callback(struct cb_id *id, char *name,
void (*callback)(void *msg));
That callback will be invoked every time a message with the given id is received from user space. The msg parameter to the callback function, despite its void * type, is always a pointer to a structure of this type:
struct cn_msg
{
struct cb_id id;
__u32 len; /* Length of the following data */
__u8 data[0];
/* Some fields omitted */
};
The callback can process the given message data and return. Writing to a socket via connector is done with:
void cn_netlink_send(struct cn_msg *msg, u32 __groups, int gfp_mask);
The msg contains the cb_id structure describing the message; __groups can be used to restrict the list of recipients, and gfp_mask controls how memory allocation is done. This call can fail (netlink is an unreliable service), but it returns no indication of whether it succeeded or not. For kernel code which needs to send significant amounts of data to user space, perhaps from hot paths, there is also a "CBUS" layer over the connector. That layer exports one function:
int cbus_insert(struct cn_msg *msg, int gfp_flags);
This function does not send the message immediately; it simply adds it to a per-CPU queue. A separate worker thread will eventually come along, find the message, and send it on to user space. The code seems to work, though some concerns have been raised about the implementation. Not everybody feels that the connector solution is necessary, however. The core netlink API is not all that hard to use, so it is not clear that another layer needs to be wrapped around it. Those who do think that netlink could be made easier do not agree on how it should be done; some developers would like to see the netlink API itself changed rather than having another layer put on top of it. Various user-space needs (auditing, accounting, desktop functionality, etc.) are all creating pressure for more communication channels with the kernel. Some way of making that communication easier on the kernel side may well get added, eventually, but it is far from clear what form that code will take.
FUSE hits a snagThe filesystems in user space (FUSE - covered here in January, 2004) provides a kernel interface and library which makes it easy to implement filesystems with a user-space process. With FUSE, a user can mount a filesystem contained with a tar archive, implemented via an FTP session, or "tunneled" from a remote system via ssh. It is a powerful tool with many users, and its authors have been pushing for inclusion into the mainline kernel for some time now. That merge has been delayed pending a review of the patch by a few interested developers.That review has happened, and it has turned up a problem; it seems that FUSE, in some situations, implements some rather strange filesystem semantics. Consider the case of a filesystem hosted in a tar archive. FUSE will present files within the archive with the owners and permission modes specified inside that archive. The owner and permissions of the files, in other words, do not necessarily have anything to do with the owner of the archive or the user who mounted it as a filesystem. To allow that user to actually work with files in the archive, the "tarfs" FUSE module disables ordinary permissions checking. A file may, according to a tool like ls, be owned by another user and inaccessible, but the user who mounted the filesystem has full access anyway. FUSE also ensures that no other user has any access to the mounted filesystem - not even root. This twisting of filesystem semantics does not sit well with some kernel developers, who tend to think that Linux systems should behave like Linux. The FUSE semantics have the potential to confuse programs which think that the advertised file permissions actually mean something (though, evidently, that tends not to be a problem in real use) and it makes it impossible to mount a filesystem for use by more than one user. So these developers have asked that the FUSE semantics be removed, and that a FUSE filesystem behave more like the VFAT-style systems; the user mounting the filesystem should own the files, and reasonable permissions should be applied. In fact, FUSE does provide an option ("allow_others") which causes it to behave in this way. But that approach goes against what FUSE is trying to provide, and raises some security issues of its own. FUSE hacker Miklos Szeredi sees the issue this way:
I want the tar filesystem to be analogous to running tar. When I
run tar, other users are not notified of the output, it's only for
me. If they want to run tar, they can too. The same can be true
for tarfs. I mount it for my purpose, others can mount it for
theirs. Since the daemon providing the filesystem always runs with
the same capabilities as the user who did the mount, I and others
will always get the permissions that we have on the actual tar
file.
In this view, a FUSE filesystem is very much a single-user thing. In some cases, it really should be that way; consider a remote filesystem implemented via an ssh connection. The user mounting the filesystem presumably has the right to access the remote system, on the remote system's terms. The local FUSE filesystem should not be trying to figure out what the permissions on remote files should be. Other users on the local system - even the root user - may have no right to access the remote system, and should not be able to use the FUSE filesystem to do so. It's not clear where this discussion will go. There are some clear reasons behind the behavior implemented by FUSE, and it may remain available, though, perhaps, not as a default, and possibly implemented in a different way. The little-used Linux namespace capability has been mentioned as a way of hiding single-user FUSE filesystems, though there may be some practical difficulties in making namespaces actually work with FUSE. Until the core filesystem hackers are happy, however, FUSE is likely to have a rough path into the mainline.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Distribution list updateEvery now and then I like to provide a update on the LWN.net Distributions List. Our last update was nine months ago (see the Distributions page for July 15, 2004) at which time there were 355 active distributions. Fifty distributions have been added since then bringing the total to 405. That averages out to between 5 and 6 new distributions per month.Each week at least a dozen entries are updated. Most updates are minor and go unmentioned, but alert readers may notice these weekly changes, but there's no change log. This week the entries for Fedora, Fedora Legacy, SUSE, Ubuntu, Beyond Linux From Scratch, BLAG Linux and GNU, Buffalo Linux, Specifix Linux, tinysofa, YES Linux, Plamo Linux, Pingwinek GNU/Linux, Caixa Mágica, Trustix Secure Linux, A/DeMuDi, Overclockix, Puppy Linux, ADIOS, Damn Small Linux, Gibraltar, KANOTIX, KNOPPIX, Linux LiveCD Router and SLAX have all been updated. A family of live CDs from Sweden has joined, and of course the entries for Mandrakelinux and Conectiva have been replaced with an entry for Mandrivalinux. Possible distributions such as the Ichthux project will not be added until they have more ware and less vapor. Live CDs remain the high growth category as more and people create CDs to scratch a particular itch. The "enterprise" entries seem to be slowing down slightly, just over half a dozen have been added since the last update, less than one per month. The following distributions have been removed from the list over the past nine months: innominate Bootable Business Card, Linuxcare Bootable Business Card, HAL91, Relax Linux, JBLinux, Eagle Linux, LGIS GNU/Linux, LRs-Linux, Haydar Linux, Definite Linux, DLX, Finnix, JAMD-Linux, Leka Rescue Floppy, Netserva Dlite, Stampede Linux and Ares Desktop. We still plan to move the list to a searchable database, some day. For now it remains a flat file, limited to one category per entry. However, if you think we have something in the wrong category or have other corrections, dead link reports, additions, or comments let us know with a comment to this article or mail to lwn@lwn.net.
New Releases Ubuntu 5.04 releasedUbuntu 5.04, the "Hoary Hedgehog release," is available; see the announcement for details. It includes GNOME 2.10.1, Firefox 1.0.2, X.org 6.8.2, etc. It's a single-CD download, or, if you ask, they will mail a CD to you.The Kubuntu 5.04 distribution, which provides a KDE-based version of Ubuntu, is also available.
Mandriva Limited Edition 2005 releasedMandriva (the company formerly known as Mandrakesoft) has announced the availability of "Mandriva Limited Edition 2005," the promised transitional release of the (formerly) Mandrakelinux distribution. There's a number of new features, Xbox support, and more. There is also the claim that "Limited Edition 2005 is the only Linux system to allow the seamless installation and running of 32-bit applications on 64-bit platforms," which is perhaps overreaching a bit. Click below for the full announcement.
Fedora Core 4 Test 2 availableThe second Fedora Core 4 test release is now available. Numerous bugs have been fixed, and the current releases of GNOME and KDE have been integrated; click below for details and mirror locations.Also worth noting: the Fedora Project is dropping support for Fedora Core 2; that release is now the responsibility of the Fedora Legacy Project.
Distribution News Branden Robinson is the 2005 Debian Project leaderThe results are in: Branden Robinson has won the election for Debian Project leader; click below for the details.
Fedora Docs Steering Committee formedThe Fedora Project has formed a new Documentation Steering Committee, with an accompanying wiki site. Red Hat's Karsten Wade explains: "My objective, in chairing the committee and running the project, is to get relevant Fedora documentation written. My emphasis is on quality over quantity. You will see the FDSC active on the list, working out processes, and working within and without process to get stuff done."
SPI Special Meeting Notice: April 26Software in the Public Interest, Inc., Debian's parent organization, will have a special meeting to be held Tuesday, April 26, 2005, at 19:00 UTC on irc.oftc.net #spi. "The agenda for this special meeting consists solely of our upcoming tax filing. The meeting is being called so that we can ensure we are on track for an on-time, correct, filing, and to do whatever is necessary to make it happen. Our filing deadline is May 15."
New Distributions ExTiX and other Swedish live CDsExTiX (currently at v1.4) is a live CD supporting English and Swedish, created by Arne Exton. Arne has created several other Swedish localized live Linux CDs: KNOPPIX-EXTON v3.7, KNOPPIX-EXTON Gnome Version, PCLinuxOS-EXTON p8.1a, Adios-EXTON v4.10 and EXTON-Slack v10.1.
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for April 12, 2005 covers Debian Project Leader election results, PHP3 support, the Creative Commons License committee, the Acenic Firmware rewrite, automatic testing of Debian packages, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of April 11, 2005 is out. Topics this week include a web site face lift, forum staff changes, Jochen Maes aka SeJo is the developer of the week and much more.
Mandrivalinux Cooker Weekly NewsThe Mandrivalinux Cooker Weekly News for April 12, 2005 reports that the final version of 10.2 should be ready for final testing and the cooker will be completely frozen. Plus a look at some ways for users to get feature requests to the developers, perl policy, and much more.
DistroWatch Weekly, Issue 95The DistroWatch Weekly for April 11, 2005 takes a look at the end of BitKeeper in Linux kernel development, Ubuntu (Hoary Hedgehog) reviews, some FAQs about CUPS, a mini-review of FreeBSD 5.4-RC1 and more.
Minor distribution updates tinysofa classic servertinysofa has released version 2.0 (Ceara) of the tinysofa classic server. ""Ceara" features: The Linux 2.6.11 kernel, grsecurity support, APT for advanced package management, the next generation PHP 5 environment (5.0.3), high availability features such as DRBD (0.7.10) and UCARP (1.1), the latest development tools and languages (gcc 3.4.3, Python 2.4), and much more."
Announcing YES Linux 2.2 Build 2 available now!YES Linux Release Team has announced (click below) the immediate availability of YES Linux 2.2 Build 2. This release of YES Linux features many updates and adds several features including User Management and Autonomous Backup Applications.
Package updates Fedora Core 3 updatesUpdates for Fedora Core 3: wireless-tools-27-1.2.0.fc3 (update to final wireless-tools-27), glibc-2.3.5-0.fc3.1 (update to glibc 2.3.5 release), selinux-policy-targeted-1.17.30-2.94 (prepare policy for kernel rebase), selinux-policy-targeted-1.17.30-2.96 (allow snmpd to communicate with self:fifo_file, add execmod/execmem privs), autofs-4.1.3-114 (bug fixes), gcc-3.4.3-22.fc3 (bug fixes), gcc4-4.0.0-0.41.fc3 (update from CVS), libtool-1.5.6-4.FC3.2 (rebuild to get the libtool script to correctly use the gcc 3.4.3 update).
Mandriva updates shorewall packagesUpdated Shorewall packages are available for Mandrivalinux 10.1 that provide minor fixes.
Newsletters and articles of interest My first 48 hours enduring Ubuntu 5.04Here's a detailed weblog entry by Matthew Thomas listing a long set of usability problems (from his point of view) encountered in Ubuntu 5.04. "Create two new folders. Open the first one, then open the second one. The worst possible size and position the file manager could choose for the second folder window would be putting it exactly on top of the first one. Sure enough, that is what it does."
My Workstation OS: Fedora Core 3 (NewsForge)NewsForge presents one view of Fedora Core 3. "Fedora is a bleeding-edge distribution that contains the best of the open source world within its four installation CD-ROMs and DVD. I use KDE 3.3 for my desktop, Zsnes for my gaming, Rhythmbox for music, Firefox for Web browsing, and Evolution for email. Fedora includes them all in its default installation, and runs them all well. (Although KDE is my favorite desktop environment, Fedora is by defauilt a GNOME distribution that includes the very latest GNOME version at the time of each release.)"
Distribution reviews Ubuntu 5.04 Hoary Hedgehog Review (Forever Geek)Forever Geek reviews Ubuntu's Hoary Hedgehog. "Overall, Ubuntu: Hoary Hedgehog is a rock solid distro, and is a great choice for a user with any level of Linux experience (it's also a great distro for beginners or people completely new to Linux.) The install process and initial system use should be fairly straightforward for beginners, and Ubuntu has very decent hardware detection. In fact, the only major complaint I have about Ubuntu is the release name (I mean, come ON, "Hoary Hedgehog?") Ubuntu may or may not be as great a distro for advanced users, as it is slightly less customizable than, say, Gentoo (you don't get to compile your own kernel, etc.) However, Ubuntu isn't meant to be highly customizable. It is meant to install and work simply, elegantly, and well. It definitely achieves this goal, and I give it two thumbs up."
Linux in Government: Linux Desktop Reviews, Part IV - Linspire (Linux Journal)Linux Journal continues reviewing Linux desktops with a look at Linspire. "Linspire helps further the relative advantage of Linux. Linspire provides an ease of use that people see as so necessary for adoption. Linspire is willing to license technologies to make it easy for people to use Linux. That might not fit the totally free mentality of open source, but it furthers its adoption."
Distribution review: Linare Professional (NewsForge)NewsForge takes a look at Linare Professional. "Linare Professional is a commercial GNU/Linux distribution based on Fedora Core. It is themed to look and feel like Windows XP and aims to be a full-featured well-integrated desktop OS. Sadly, I've found it offers little more value than Fedora Core, and that value comes at a cost."
Page editor: Rebecca Sobol Development The Xaraya Web Application FrameworkXaraya (pronounced Zah-rai-ah) is a cross-platform web application framework that is available under a GPL license.The top level project description states:
Xaraya is an extensible, Open Source web application framework written in PHP and licensed under the GNU General Public License. Xaraya delivers the requisite infrastructure and tools to create custom web applications that include fully dynamic multi-platform Content Mangement Solutions (CMS).
In the simplest terms, Xaraya reduces web site development costs by introducing sophisticated administration tools & services which separate form, function, content, and design. With Xaraya, you work in a simple, structured environment to rapidly develop your website with diverse content, including out of the box, but customizable publications types and functionality.
The Xaraya system requirements include one of a number of different operating system platforms, a web server that supports PHP 4.1.2, and either the MySQL or PostgreSQL database. To set up the system, one must first go through the Preparation and installation steps. Following the basic installation, the Xaraya project tour explains the process of setting up and customizing Xaraya for your site's specific needs. The site configuration process is all performed using web-based configuration menus. Here is a quick summary of Xaraya capabilities:
Version 0.9.13 of Xaraya was released recently. "This release is a maintenance release and supplies key bug fixes to the core code since the last release. There has been much activity in Xaraya core development scenarios in recent months. Xaraya 0.9.13 provides us with an opportunity for a final bug fix release prior to the merging of these exciting development scenarios." The Xaraya design appears to be clean, professionally done, and easy to use. People who need to set up new web sites should give it a try. The code is available for download here.
System Applications Audio Projects Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include new versions of Ecasound, ZynAddSubFX, Rtirq, Jack, Qamix, and Beast.
Database Software PostgreSQL 8.0.2 released with patent fixPostgreSQL 8.0.2 is out. The main change is a significant one: the core cache management algorithm has been replaced. It seems that the old one, despite having been published at a USENIX conference, is patented by IBM, so the PostgreSQL hackers ripped it out and put in an unencumbered one. Click below for the announcement, or see this page for a good summary of the story behind this change.
PostgreSQL Weekly NewsThe April 10, 2005 edition of the PostgreSQL Weekly News is online with links to new PostgreSQL database articles.
Going Native: Making the Case for XML Databases (O'Reilly)Ronald Bourret promotes XML Databases on O'Reilly. "So what are the use cases for native XML databases? As John Merrells, one of the developers of Sleepycat Software's Berkeley DB XML, waggishly put it, there is only one use case, and that is simply, "Got XML?" In other words, if you have more than a handful of XML documents that you need to store, you should store them in a native XML database. The reasons are the same as for storing data in any other database; ease of management, enhanced query performance, concurrent access, transactional safety, security, and so on."
Filesystem Utilities Monitor Linux file system events with inotify (IBM developerWorks)Eli M. Dow uses inotify for file system monitoring on IBM developerWorks. "Inotify is a file system event-monitoring mechanism slated for inclusion in upcoming Linux kernels that is designed to serve as an effective replacement for dnotify, which was the de facto file-monitoring mechanism supported in older kernels. Inotify is a powerful, fine-grained, asynchronous mechanism ideally suited for a variety of file-monitoring needs including, but not limited to, security and performance. Learn how to install inotify and how to build a sample user-space application to respond to file system events."
Interoperability Samba 3.0.14 and 3.0.15pre1 ReleasedStable version 3.0.14 and testing version 3.0.15 pre 1 of Samba have been announced. The stable version features bug fixes, the testing version adds some new capabilities.
Libraries Oggz 0.9.1 ReleasedVersion 0.9.1 of Oggz, a C library for reading and writing Ogg format compressed audio files and streams, is out. Changes include the addition of the new oggzinfo and oggz-validate tools, bug fixes, and more.
Web Site Development Midgard 1.7 alpha 1 is availableVersion 1.7 alpha 1 of the Midgard web content management framework is out. Changes include a new site wizard, multi-language support, PAM and NTLM support, and more.
Mod_spambot 0.44 releasedVersion 0.44 of Mod_spambot, an Apache module that prevents spambots from harvesting email addresses from web sites, is out with numerous improvements.
Quixote 2.0 releasedVersion 2.0 of the Quixote web content management system is out. "In comparison to Quixote-1.2, I think the most notable change is the changed path traversal pattern. In Quixote 2, the Publisher delegates path traversal to an application-specific instance of the Directory class."
Desktop Applications Audio Applications Ecasound 2.4.1 releasedVersion 2.4.1 of Ecasound, a command line audio recording utility, is available. Here are the changes: "aRts-plugin was added back to the distribution package and code for mp3 header parsing was rewritten. A new playlist mode was added to ecaplay. Many updates have been made to user and programmer documentation."
Data Visualization matplotlib 0.80 announcedVersion 0.80 of mathplotlib, a Python-based data plotting utility, has been announced. Changes include new plot limit capabilities, polygon editor improvements, and bug fixes.
Desktop Environments GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
System Tools Backends have been moved to FreeDesktopCarlos Garnacho has announced the move of the System Tools Backends project. "The system-tools-backends module, recently splitted from the GNOME system tools, have been moved to FreeDesktop. IMO, being a project that can be quite handy and has no GNOME dependencies, that's the correct place for it, so that it can be used for other environments."
Qt 4.0 Beta 2 Released (KDE.News)The final beta release of Qt 4.0 has been announced. "In addition to improvements to the five key technologies presented in beta 1 - Arthur, Scribe, Interview, Tulip and Mainwindow - the second beta version incorporates nearly all new features, tools and resources that will appear in the Qt 4 final release."
Xfce Weekly NewsThe April 8, 2005 edition of the Xfce Weekly News is available with the latest Xfce desktop news.
Games Wavy Navy 1.00 announcedVersion 1.00 of Wavy Navy, a Pygame shoot 'em up game, is out. "Created from scratch in about 3 weeks of my spare time using Python and Pygame as a test project for Pygame (which was easily up to the task). My art and sound skills are weak, so if you'd like to create better art and sound effects the game is nearly fully skinnable and I welcome contributions!"
Graphics GIMP 2.2.6 Released (GnomeDesktop)Version 2.2.6 of the GIMP has been announced. "This is a bug-fix release in the stable 2.2 series. A large number of problems have been fixed; users are encouraged to update. The source code is available from the usual places, binary packages will appear soon."
Instant Messaging ChatZilla 0.9.68 Released (MozillaZine)Version 0.9.68 of the ChatZilla IRC client has been announced. "This version fixed lots of bugs as well as adding a confirmation on quit if you are connected, the /notice command, /disconnect-all, /reconnect and /reconnect-all, and the ability to save the current view. Changing character encoding now updates the topic, and there is a drop-down on the nickname label to set yourself away and change nick."
Interoperability Wine TrafficThe April 8, 2005 edition of Wine Traffic has been published. Take a look for the latest Wine project news.
Music Applications BEAST/BSE v0.6.5 announcedVersion 0.6.5 of BEAST/BSE, a music composition and modular synthesis application, is out. "This development series of BEAST has a lot of the internals redone, many new GUI features and a sound generation back-end separated from all GUI activities. Outstanding new features include support for skins, many sample file formats, MIDI file import abilities, an improved piano roll widget, the track editor which allows for easy selection of synthesisers or samples as track sources, loop support in songs, mixer support, unlimited Undo/Redo capabilities and MIDI automation."
orDrumbox 0.5.06 released (SourceForge)Version 0.5.06 of orDrumbox, a cross-platform drum machine written in Java, is available. "New in this release: works with JRE/JDK 1.5"
Science Febrl 0.3 releasedVersion 0.3 of Febrl is available, it features support for Python 2.4. "The ANU Data Mining Group is pleased to announce the release of Febrl 0.3, a prototype open source record linkage, deduplication and geocoding system intended to make probabilistic record linkage easier, faster and more accurate for biomedical and other researchers."
Web Browsers More Mozilla Firefox 1.0.3 Release Candidates (MozillaZine)Several Mozilla Firefox 1.0.3 release candidates have been released this week, here's the announcement for the latest one. "These builds should allow extensions and other features to operate as they did in Firefox 1.0.2 while still including the security improvements wanted by the Mozilla Foundation."
Minutes of the mozilla.org Staff Meeting (MozillaZine)The minutes from the April 4, 2005 mozilla.org staff meeting have been announced. "Issues discussed include Mozilla Firefox 1.0.3, Mozilla 1.7.7, the lack of Mozilla Thunderbird 1.0.3, Mozilla Firefox 1.1, Mozilla Thunderbird 1.1, the SeaMonkey transition, new newsgroups, the visit to Oregon State University and Spread Firefox."
Independent Status Reports (11 April, 2005) (MozillaZine)MozillaZine has announced the publication of the April 11th, 2005 Mozilla Independent Status Reports, here's the content summary: "The latest set of independent status reports includes updates from MozManual, Googlebar, Petname Tool, InFormEnter, PasswordMaker, Caminol10n, Calendar Help, Russ Key, InfoRSS, Bayes Junk Tool and Flashblock."
Languages and Tools Caml Caml Weekly NewsThe April 12, 2005 edition of the Caml Weekly News is online with the week's Caml language articles.
Groovy Practically Groovy: Mark it up with Groovy Builders (IBM developerWorks)Andrew Glover explores Groovy Builders on IBM developerWorks. "Groovy Builders let you mimic markup languages like XML, HTML, Ant tasks, and even GUIs with frameworks like Swing.They're especially useful for rapid prototyping and, as Practically Groovy columnist Andrew Glover shows you this month, they're a handy alternative to data binding frameworks when you need consumable markup in a snap!"
Lisp Closer to MOPThe initial release of Closer to MOP has been announced. "The system, which is part of the Closer Project, is "a compatibility layer for a number of Common Lisp / CLOS implementations that bring their MOPs closer to the AMOP [The Art of the Meta-Object Protocol] specification"."
Perl This Fortnight in Perl 6 (O'Reilly)The March 22 - April 3, 2005 edition of This Fortnight in Perl 6 has been published. Take a look for the latest Perl 6 discussions.
Perl Code Kata: Mocking Objects (O'Reilly)Stevan Little explores Perl's DBD::Mock on O'Reilly. "Mock objects are exactly what they sound like: "mocked" or "fake" objects. Through the power of polymorphism, it's easy to swap one object for another object which implements the same interface. Mock objects take advantage of this fact, allowing you to substitute the most minimally mocked implementation of an object possible for the real one during testing. This allows a greater degree of isolation within your tests, which is just an all around good thing."
Complex layered configurations with AppConfig (IBM developerWorks)Teodor Zlatanov shows how to use Perl's AppConfig on IBM developerWorks. "AppConfig shines as a way of configuring applications in Perl in the simple cases, but occasionally you need more power in command-line processing and configuration-file parsing. Instead of using data formats such as XML or YAML, you can apply a little extra effort and alter AppConfig so it can process complex command-line switches to create multi-level hashes."
PHP phpThumb() 1.5.1 releasedVersion 1.5.1 of phpThumb() has been announced. "phpThumb() uses the GD library to create thumbnails from images (JPEG, PNG, GIF, BMP, etc) on the fly. The output size is configurable (can be larger or smaller than the source), and the source may be the entire image or only a portion of the original image."
Python Dr. Dobb's Python-URL!The April 11, 2005 edition of Dr. Dobb's Python-URL! is online with the week's new Python language articles.
Ruby Ruby Weekly NewsThe April 10th, 2005 edition of the Ruby Weekly News has been posted. It summarizes the latest news and discussion from the ruby-talk mailing list.
XML Schema standardization for top-down semantic transparency (IBM developerWorks)Uche Ogbuji discusses XML schema standardization on IBM developerWorks. "This installment continues the review of the many different approaches to semantic transparency, discussing what they mean to the developer using XML. One way to save resources on a long journey is to hitchhike. In XML, you can take advantage of countless open schema initiatives that, in effect, use schema standardization for top-down semantic transparency. But it's not all a free ride. In this article, Uche Ogbuji looks at the advantages and disadvantages of third-party schema reuse."
Using Stylesheet Schemas (O'Reilly)Bob DuCharme covers XML Stylesheet Schemas on O'Reilly. "This month I'll talk about the use of schemas with XSLT, but not schemas for the documents you're processing. Schemas for the stylesheets themselves, when those available are a good fit for your tools, can add a lot to your XSLT development."
Managing XML data: A look ahead (IBM developerWorks)Elliotte Harold manages XML data on IBM developerWorks. "Much has been written about how to process XML documents, including how to search them with XPath, transform them with XSLT, style them with CSS, and create them with DOM. But as XML becomes increasingly popular and begins to pervade your systems (whether you want it to or not), a larger problem arises: How do you manage collections of XML documents? When you've got thousands, tens of thousands, or even millions of XML documents to hunt through, how do you find what you're looking for? How do you organize, index, search, store, serve, cross-reference, update, and otherwise manage medium-to-large collections of XML data?"
Version Control monotone 0.18 announcedVersion 0.18 of monotone, a version control system, is available. "This release adds a number of new features, usability improvements, bug fixes, and performance improvements".
Subversion project says don't bug LinusThe Subversion (source control management) project has posted a letter on the parting of BitKeeper and the kernel; it asks that Subversion supporters not push Linus to adopt their system. "Subversion was primarily designed as a replacement for CVS. It is a centralized version control system. It does not support distributed repositories, nor foreign branching, nor tracking of dependencies between changesets. Given the way Linus and the kernel team work, using patch swapping and decentralized development, Subversion would simply not be much help. While Subversion has been well-received by many open source projects, that doesn't mean it's right for every project."
Page editor: Forrest Cook Linux in the news Recommended Reading The two-edged sword: Legal computer forensics and open source (NewsForge)Bruce Byfield writes about Ryan Purita of Totally Connected Security, a computer forensic expert. "Although open source tools are not the only ones available for computer forensics, they are among the most widely used. A GNU/Linux enthusiast, Purita often prefers the open source tools. However, he frequently uses proprietary ones as well. The proprietary tools, he explains, are "pretty," with better developed GUIs that are easier for clients to understand. Moreover, the precedence for accepting their evidence in court is well established although, increasingly, their open source equivalents are not far behind."
Groklaw Reports on UK Patent WorkshopGroklaw has a couple of reports on the recent UK Patent Workshop. Simon G. Best writes: "My mention of Open Source prompted a familiar, though disappointing, response: Open Source is a problem. He said that it was a problem in the company where he worked, and mentioned the problem of "contamination", referring to the GPL in the process. His company was using Open-Source (more specifically, GPLed) software as parts of the software it was developing, which it wanted to distribute under its own terms as proprietary software. But, as we know, the use of GPLed software in this way meant that the company would have to make the source of it's own, derived work available under the same terms, too. This it did not want to do. It was a "problem"." Here's another report written by Groklaw reader Cinly.
Companies IBM calls for patent reform (ZDNet)ZDNet Australia reports that IBM would like to see the software patent mess fixed up - sort of. "'There are others who believe that no software patents are valid,' [Jim Stallings] added. 'We certainly don't believe in that, because we have many thousands of software patents and customers trust us to be the true owners of those, so we believe it is somewhere in the middle that is appropriate for laws to govern behaviour around patents.'"
Start-up wants to improve on Firefox (News.com)News.com reports on the corporate launch of Round Two, formerly known as MozSource. ""When we launch our own services, in about a month or so, we'll be looking to offer the must-have companion to Firefox," said Bart Decrem, Round Two CEO and a former staffer at the Mozilla Foundation. "We see tremendous room for innovating on top of the Mozilla and Firefox platform, and we see ourselves as the first company outside of the nonprofit Mozilla Foundation that's fully dedicated to serving Firefox users."" MozillaZine offers additional links and information.
Linux Adoption Open-source approach finds financial backing (Denver Post)The Denver Post covers the growth of open source along the Front Range of Colorado. ""You're starting to see a local ecosystem built up around open source," said Brad Feld, managing director of the Mobius Venture Capital fund in Superior. Mobius is one of several venture funds investing in local companies that use open-source software as a key part of their business strategy." (Thanks to Brock Frazier)
U.K.-funded initiative to push open source (News.com)News.com looks at the Open Source Academy, a government sponsored open-source initiative in the UK. "The academy will include various projects, including a platform based on open-source technologies that will allow local authorities to collaborate on software projects. This project, which will be run by Shepway District Council, will be similar to Sourceforge.net, a Web site that catalogs thousands of open-source applications. "It will be a Sourceforge for councils," Taylor said."
Linux at Work Barcelona Boasts EU's Top Supercomputer (AP)Associated Press takes a look at a Linux-powered supercomputer in Barcelona. "Europe's fastest supercomputer -- an IBM that can make 40 trillion calculations per second -- booted up for the first time Tuesday at a research center in Barcelona. The so-called MareNostrum computer boasts 40 teraflops of speed, which in layman's terms means it can make more calculations than a human pecking at a calculator could make in 10 million years." (Thanks to Philip Webb)
Legal Some Notes on Capitol Records, Inc. v Naxos of America Inc. - by Brendan Scott (Groklaw)Groklaw is carrying a report on a strange New York appeals court decision which essentially concludes that the public domain does not exist. "Well, the main thing is, if you're looking for some music to include in your computer programs, don't even think about mining the public domain of pre-1972 sound recordings. Apparently, that public domain does not exist and, indeed, won't exist until 2067. Unless, of course, you're in the UK (or another of those handful of jurisdictions around the world which don't recognise New York common law), in which case, go for your life! Remember though, that the suckers in New York won't be able to use your software."
Interviews Interview with Ladislav Bodnar - distrowatch.com (Linuxsoft.cz)Linuxsoft.cz interviews DistroWatch founder Ladislav Bodnar. "FH: What distribution, programs you use? LB: The primary operating system on my main workstation (an AMD64 box with 2 GB of RAM) is Debian Sid. My second computer is for testing and, naturally, it has about 20 different distributions installed on it at any time. As for the desktop environment, I use KDE with KMail and Kate always opened. I browse the web with Firefox and Opera, and use Konsole for command line tasks, Liferea for aggregating RSS feeds, gFTP for uploading files to the web server, and GIMP for editing graphics."
The Bacula Philosophy (O'ReillyNet)O'ReillyNet has an interview with Kern Sibbald, lead developer of Bacula. "An often overlooked but essential ingredient of any smooth-running IT environment is reliable data backup and restore capabilities. Thankfully, the free software/open source community has provided several centralized over-the-network backup and restore solutions. Dan Langille covered the technical details of one such solution, Bacula, in Bacula: Cross-Platform Client-Server Backups. Those just discovering Bacula will find that its features are very competitive with those of other proprietary and FLOSS backup solutions. Bacula is particularly capable in multiple-platform environments where flexibility and custom scripting are essential."
'Tridge' on joining OSDL, Samba4, patents, and bad predictions (NewsForge)NewsForge interviews Andrew Tridgell. "From my point of view, the biggest [Samba4] improvement is in the code structure. Over half the code in Samba4 is now auto-generated using a new compiler we wrote for the task. That change alone would be worth the effort for me. The code that isn't auto-generated is structured in a modular and very efficient manner. That point of view isn't what users care about, of course, but it does lead to lots and lots of user-visible improvements due to the ease of programming with the new structure." The interview does not include any discussion of source code management systems.
Guido van Rossum Interview (Nuxeo Blogs)Nuxeo Blogs has published an interview of Python creator Guido van Rossum. "Q: Which python open source projects are the most do you think are the most interesting at this time ? A: Twisted, Zope. I'm probably missing the really important ones because I'm not using much 3rd party Python code myself (I live in my own self-contained "Not Invented Here world")."
Resources Ten Mysteries of about:config (Linux Journal)Linux Journal tweaks Firefox with about:config. "The Firefox Web browser, built by the Mozilla Foundation and friends is a complicated piece of technology-if you care to look under the hood. It's not obvious where the hood catch is, because the surface of Firefox (its user interface) is polished up to appeal to ordinary, nontechnical end users. This article gives you a glimpse of the engine. It explains how the Mozilla about:config URL opens up a world of obscure preferences that can be used to tweak the default setup. They're an improbable collection and therein lies the beauty of Firefox if you're a grease monkey or otherwise technical. At the end you'll know a little more about Firefox, but only enough to be dangerous."
djbdns: An alternative to BIND (NewsForge)NewsForge presents a book excerpt that covers djbdns. "Those who have been concerned with the number of security vulnerabilities found in the BIND server through the years, or who prefer an easier DNS solution, may wish to investigate an alternative, djbdns. This software, written from scratch by D.J. Bernstein, provides a much more robust, simplified and secure framework for DNS. djbdns is easy to install and configure, and is much less complex than BIND, essentially the same functionality."
The Daemon, the GNU and the Penguin - by Peter H. Salus - Part 1 (Groklaw)Groklaw has published the first chapter of an online book by Peter Salus. Some history from 1969: "In August, humans landed on the moon. Summer saw the invention of UNIX. In the autumn, those first four nodes of the ARPAnet went up. And, in December, Linus Torvalds was born. Had anyone asked, I would have thought the first of these events was the most important. Outside of his immediate family, I seriously doubt whether anyone even knew about the last of these. As of the outset of the Twenty-First Century, the moon landing has taken us nowhere. The other items in this list though are the stuff of revolution."
OOo Off the Wall: Fielding Questions, Part 4 - Mail Merges (Linux Journal)The Linux Journal explores mail merging with OpenOffice.org 2.0. "In the version 2.0 beta, merges theoretically became simpler with the addition of the Mail Merge Wizard to the Tools menu. In practice, however, the wizard's usefulness is limited. It's designed specifically for merges that address letters or, assuming that you have Java Mail installed on your system, e-mails. Other merges still have to be done manually or with the older wizards for faxes, labels or business cards."
Small-business forms using Scribus and PDF (NewsForge)NewsForge looks at Scribus for use in small business desktop publishing. "PDF is one of the few document formats where Linux stands on completely equal footing with Mac OS X and Windows. I have cut through a lot of the document exchange traps by relying on the PDF format's universality. It is an open, documented format that is completely platform-neutral -- even my mobile phone comes with a PDF reader."Linux may be moving a bit closer to the all data can be executable model that has made other systems vulnerable to virus infection: "That's right, PDFs are scriptable. In fact, Adobe seems to be making a play for the presentation software market with its newest suite of Acrobat tools. I'm not sure how successful that will be, but it has put a lot of effort into adding JavaScript support to PDF." See this article for more information about that topic.
Adventures in Migrating to New Linux Distributions (O'ReillyNet)O'ReillyNet takes a look at installing Linux from the perspective of someone who lacks *nix experience. "If you run Linux on hardware that is your own, or over which you have administrative responsibilities, it is inevitable that at some point you will need to migrate or upgrade your operating system. While my migration involved Red Hat and Debian, the lessons presented here apply generally, because you'll need to address most of the problem areas encountered in my migration regardless of which Linux system you are migrating to or installing."
Build a minimal embedded Web interface (developerWorks)developerWorks shows how to create a simple embedded Web interface on PowerPC. "In this episode of "Migrating from x86 to PowerPC," you develop a very simple embedded Web interface, which you'll build on in the next couple of articles once you start communicating real-world data from the Kuro Box. If you've been following along with this series, by this stage you already have a Kuro Box with a completely functioning GCC build environment. However, if you're just browsing these articles rather than carrying out all the steps, please note that you don't actually need any special hardware components to test out most of the code discussed in this article. All you really need is a functional C compiler and linker, and some kind of machine running a CGI-compliant Web server."
Reviews instinctive-blender: A tasty 3D fork (NewsForge)NewsForge reviews instinctive-blender. "instinctive-blender drops the concept of panels, and instead uses a simple buttons window. To accommodate all the new buttons for the new functionality since 2.3, the tabs have been replaced with switchable contexts, which users can choose by clicking on the names in the upper part of the buttons window. While this is a slightly hackish solution, it wastes less space and is less visually cluttered than official Blender's tabs approach."
"Linux Desktop Hacks": One Hundred Ways to Customize Your OS (eBCVG)eBCVG reviews Linux Desktop Hacks by Nicholas Petreley and Jono Bacon. "Linux Desktop Hacks shows readers how they can customize and configure Linux to make it easier, more powerful, and more fun to use. The authors include hacks to spiff up the boot experience with graphical startup screens, creative ways to log, and various ways for multiple users to access the same machine at the same time, each one using the graphical desktop they like best. They also show how to extend the capabilities of the graphical desktop and offer tips for those who prefer to do most of their work at the text-mode console."
Miscellaneous Yankee Group slams 'Linux extremists' (ZDNet)ZDNet covers the fallout from a recent Yankee Group survey that compared Microsoft Windows Server 2003 to Linux. "Laura DiDio, an analyst at the Yankee Group who has been at the receiving end of much of the criticism from Linux advocates, claimed the radical elements of the community could damage the reputation of open source software. "There's an extremist fringe of Linux loonies who hang out on forums and are disrespectful and threatening because you disagree with them," DiDio told ZDNet UK on Wednesday. "That can hurt the Linux community.""
Protect Your Source Code: Obfuscation 101 (O'ReillyNet)For those who aren't into open source: O'Reilly gives an introduction to code obfuscation. "Generic variable names, some annoying loops, and a couple of conditionals sure can make a difference! For the cost of determining what this simple piece of code does, are you even willing to paste it in and run it? Would you be willing to pull out a calculator and do the arithmetic? What if you could only use your brain and no additional tools? Somewhere along the line, you'd reach a point where the benefit wouldn't be worth the reward anymore and give up."
Gartner: Linux Process, Not Tech, Biggest Hurdle (Internet.com)Internet.com covers a Gartner Group pronouncement stating that all will be well with Linux if it can overcome a few little issues. "They include: the potential for multiple source code distribution to cause fragmentation; higher support costs that increase total cost of ownership (TCO) with demanding workloads; OSS licenses that could proliferate beyond users' abilities to manage them; frequent open source software releases that create potential compatibility dependency issues, and potential patent and copyright issue exposure that could raise risk management concerns."
Page editor: Forrest Cook Announcements Non-Commercial announcements Fluendo's investments in GStreamer lead to increased adoptionFluendo has announced increased adoption of the GStreamer streaming media framework by major Linux vendors. "GNU/Linux and UNIX multimedia specialist Fluendo announced today that its investments in improving the GStreamer multimedia framework have paid off in the form of widespread market adoption. The GNOME development team officially included the Totem media player for their recent 2.10 release based on the GStreamer multimedia framework. This in turn has led to major Linux distribution vendors such as Red Hat, Novell, Sun and Ubuntu including GStreamer and Totem in their current or upcoming release."
SourceForge.net update (SourceForge)The April 11, 2005 edition of the SourceForge.net update has been published, topics include SF.net Site Improvements, April Project of the Month (POTM): Net-SNMP, and SourceForge.net Subscriptions - Free T-shirt.
Commercial announcements ActiveGrid Releases Open Source Grid Application ServerActiveGrid, Inc. has announced an early-access release of its enterprise application platform. The ActiveGrid Application Builder and Grid Application Server are now available for download under the Apache Software License 2.0.
Clam AntiVirus backs Open Source Anti-Virus MarketClam AntiVirus has announced a partnership with Sensory Networks. "Clam AntiVirus, the leading Open Source anti-virus toolkit, and Sensory Networks, the leading provider of hardware acceleration for network security applications, announced a partnership to provide hardware acceleration support for the Clam AntiVirus suite. Support for Sensory Networks' NodalCore acceleration in ClamAV will be available in version 0.90 of the software suite in Q3 2005."
FreeMED National, Inc. opened in NYC (LinuxMedNews)LinuxMedNews has an announcement for the new FreeMED Software Foundation, Inc. "It is my pleasure to announce an initative by the FreeMED Software Foundation, Inc. to continue to expand the supply of support and service for the FreeMED community software end-users. The new offices of FreeMED National, Inc. will be opened for business on April 17th. This office is strategically placed to provide nation wide 800 Help Desk service. Beginning June 1st this office will deploy the first national ASP service using FreeMED Foundation Software."
Linux Itanium Community Joins GCC Developers to Target Itanium PerformanceA group of international compiler experts on Intel Itanium processors, including representatives from HP, Intel Corporation, the Gelato Federation and the GCC community, recently came together to consider Itanium processor-specific improvements to the GNU Compiler Collection (GCC) a multi-platform set of compilers for C, C++, Fortran, Objective-C, and the Java programming language as well as others.
Mandrakesoft announces name changeThe Linux distribution company Mandrakesoft has officially announced its new name, Mandriva. This follows the company's recent acquisition of Conectiva. "Why Mandriva? This new name, simple and efficient, is the synthesis of Mandrakesoft and Conectiva. This will further a smooth transition and will build on our existing brand recognition in the IT world."
Netline Introduces Collaboration ServerNetline Internet Service has announced Open-Xchange Server 5, an open-source collaboration platform. "Open-Xchange enables easy migration and integration to an open source environment -- allowing IT administrators to create and implement killer-apps without changing existing infrastructure components, i.e. databases, directory services, message transfer agents, e-mail servers or web-servers. End users can keep their favorite mail and groupware client -- most often Outlook, but also open source clients such as Kontact."
Novell Expands Linux Solution for Retailers, Inks Wincor Nixdorf AgreementNovell has introduced a new offering for the retail industry, Novell Linux Point of Service 9.On a related note, Novell has also announced a global agreement with Wincor Nixdorf to deploy Novell Linux Point of Service in Wincor Nixdorf's products and solutions, including electronic point-of-sale (ePOS) systems.
Italian Bank Deploys Red Hat Enterprise LinuxRed Hat has announced a conversion from Sun/Solaris to Red Hat Enterprise Linux systems by Italy's BPU Banca. "Red Hat, Inc., the world's leading provider of open source to the enterprise, today announced that BPU Banca, the operational parent bank of the group Banche Popolari Unite, Italy's seventh largest banking group and first co-operative credit banking group, has chosen to implement Red Hat Enterprise Linux across its desktops and servers. The bank is migrating all of its 8,000 UNIX workstation clients to Red Hat Desktop. In this project BPU Banca will replace Sun hardware with Intel-based PCs to achieve combined hardware and software cost savings of about 50%."
SGI & and the Frontiers of SpaceSGI has issued a couple of press releases about the use of SGI technology in the exploration of space. (Click below for both)
VIA Releases Linux Driver Source PackagesVIA Technologies has released the source code for some specific VIA hardware drivers. "Of particular interest to the growing number of Linux enthusiasts and customers utilizing VIA EPIA mainboards, is the source for the S3 Graphics UniChrome family display driver for version 2.6.x kernels. The UniChrome family display driver supports the VIA CLE266 and the new VIA CN400 Digital Media chipsets featured on the popular VIA EPIA M series and VIA EPIA SP series mainboards respectively, and will provide developers with the flexibility to autonomously incorporate support for latest applications based on VIA hardware."
New Books "Learning the bash Shell, Third Edition" Released by O'ReillyO'Reilly has published the book Learning the bash Shell, Third Edition by Cameron Newham and Bill Rosenblatt.
"Linux Desktop Hacks" Released by O'ReillyO'Reilly has published the book Linux Desktop Hacks by Nicholas Petreley and Jono Bacon.
"The Linux Enterprise Cluster" from No Starch PressNo Starch Press has published the book The Linux Enterprise Cluster by Karl Kopper.
Sample Chapters of New Mozilla Books (MozillaZine)MozillaZine mentions the online availability of chapters from several books. "Three new books about Mozilla Firefox and Mozilla Thunderbird are hitting the shelves about now: Firefox Hacks by Nigel McFarlane (O'Reilly, out now), Don't Click on the Blue E! by Scott Granneman (O'Reilly, released this month if we're lucky) and Firefox and Thunderbird Garage by Chris Hofmann, Marcia Knous and John Hedtke (Prentice Hall Professional Technical Reference, released on April 15th)."
"Python Cookbook, Second Edition" Released by O'ReillyO'Reilly has published the book Python Cookbook, Second Edition by Alex Martelli, Anna Martelli Ravenscroft, and David Ascher.
Syngress Releases "Sockets, Shellcode, Porting, and Coding"Syngress has published the book Sockets, Shellcode, Porting, and Coding by James C. Foster and Stuart McClure.
Resources New Audio Musings from Dave PhillipsDave Phillips has updated his Linux audio Musings column for March/April 2005. "I'm back, late as usual. Well, at least I can claim that I'm late because I've actually been using Linux audio software to make music. I've been writing a series of pieces for accomplished mid-level classical guitarists, I'll post them soon to my Music Made With Ardour site. I'm also testing the latest releases of Csound5 and Common Music, as well as learning a boatload of new material for my band, teaching a full schedule of music students, and writing monthly articles for the Linux Journal (see my latest installment Introducing KeyKit). What would this column be without mentioning Ardour ?"
FSF Europe NewsletterThe April 7, 2005 edition of the FSF Europe Newsletter is online with the latest Free Software Foundation Europe news.
The LDP Weekly NewsThe April 13, 2005 edition of the LDP Weekly News is online with the latest new documentation releases. Among other things, there is a new project which aims to package the LDP documentation as a Fedora extras package.
Toronto Perl Mongers Audio Archives (use Perl)use Perl has announced the availability of audio archives from the Toronto Perl Mongers group meetings. "We are providing them: to share our wealth with the rest of the world, for the benefit of all mankind. in the hope that more people will come out to our meetings, encourage other groups to record and share their wealth too."
Surveys FLOSS participant surveyThe University of Cambridge is running a second survey of Free/Libre/Open Source Software participants. "In this two-part survey, once again supported by the European Union, we would like to find out, first, how learning is organised and perceived within the FLOSS community - by which we mean the universe of all those who participate in FLOSS-related activities, regardless of their beliefs or degree of activity. We also want to understand better the role/situation of women within this broad community."
Upcoming Events aKademy 2005: Website and Logo (KDE.News)KDE.News has an announcement for the new KDE Developers and Users Conference 2005 web site. The aKademy conference will be held from August 26 - September 4, 2005 in Málaga Spain.
Linux Installfest workshops in DavisThe Linux Users' Group of Davis has announced another Linux Installfest. The event will be held on April 17 in Davis, CA.
Second Italian Perl Workshop (use Perl)The second Italian Perl Workshop has been announced, it will be held at the University of Pisa on June 23-24, 2005.
Events: April 14 - June 9, 2005
Web sites Open Source Training Course DatabaseOpensourcexperts.com has announced a new online training database. "Open Source Training Course Database has over 110 course dates listed in our database."
Page editor: Forrest Cook Letters to the editor Total Cost of Ownership and Laura's fallout
This Letter to the Editor was addressed to what appears to be a write-only
VIA Releases Linux Driver Source Packages
This is in response to your recent article http://lwn.net/Articles/131777 from the unichrome project. VIA Technologies has made an announcement that it is releasing the source code for its Unichrome video drivers as Open Source: link This is a welcome move in some respects, it certainly shows that VIA now considers the Linux user as a valuable customer base that must be supported. However, there is already a thriving open source driver for this platform: link providing code that was based on a version of VIA's code that they released to a limited set of open source developers a few years ago. It is also worth noting that the "VIA Open Source" package still relies on a proprietary binary library to provide MPEG acceleration on their hardware. This library provides a completely non-standard API that applications must work to implement MPEG support. This contrasts with the Unichrome project's solution, who provide full source code for their MPEG implementation and have implemented the multi-vendor established standard XvMC interface for their driver. The Unichrome project has also been responsible for implementing support for this MPEG assistance in Xine, MPlayer and MythTV, again this contrasts with VIA's solution to application support which has resulted in them producing forked VIA specific versions of Xine (VeXP) and MPlayer (VeMP) without involving the donor projects or contributing back to them. It is, therfore, a shame that VIA decided to make this grandiose eye catching announcement, rather than simply getting involved in the existing open source communities and simply helping and contributing to the Unichrome, Xine, MPlayer and MythTV projects. That might have been less eye catching or press release friendly, but it would certainly be a better way to win friends in the Linux community. The unichrome project can be found at: unichrome.sf.net
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Xaraya]](/images/ns/xaraya.png){kind=small}
The