LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for May 26, 2005A toy and a promise from NokiaLet it not be said that free software projects can't keep secrets: it would seem that quite a few people in the GNOME community knew that Nokia was working on a Linux-powered, GNOME-based gadget, but they sure didn't let![[The 770]](/images/ns/nokia-770.jpg)
the rest of us in on the story. In any case, Nokia has now broken cover
and announced
the (third-quarter) availability of the Nokia 770 Internet
Tablet, a new toy with a great deal of promise. What seems even more
promising, however, is how Nokia is going about the development and
marketing of this device.
The 770 is a 230-gram device with an 800x480 color touchscreen display. It has an ARM processor, 64MB of memory, 128MB of flash for storage and a slot for a 64MB card, a wireless network interface, a Bluetooth interface, a USB connector, and an audio output. Despite being a Nokia product, one thing this device does not have is a cellular phone. It can access the net via its wireless interface, or via a GPRS link over Bluetooth. The software side includes a wide array of free software, starting with a core Linux distribution (said to be Debian-based) and adding in GStreamer, D-BUS, matchbox, GNOME, GTK+, Helix, and more. Interestingly, the 770 is said to contain a version of Webcore with GTK grafted on, and the Opera browser as well. So far, this looks like just another Linux-powered gadget. Nokia has gone beyond that, however, with its creation of maemo, a development environment for the 770 (and its successors). Maemo includes all the source and binary packages needed to create applications for the 770; there is even an apt repository. The development environment allows most work to be done on an x86 system, which should speed the process considerably - and help ensure that applications are available from the first day that the 770 begins shipping. Last week, LWN called for the creation of a truly open media gadget which could be hacked on by its users. We were a little surprised to get a response this quickly. The 770 is not exactly the device we were looking for, but it is a big step in the right direction. In particular, it does, indeed, appear to be a fully open device with full support from its manufacturer for improvements by its users. This openness, combined with (seemingly) nice hardware and rational pricing, could lead to the formation of an enthusiastic developer and user community for the 770. Expect to see a lot of these gadgets at Linux conferences in the near future - starting with GUADEC, where Nokia is expected to have a large delegation and some samples to give away. Meanwhile, some observers have wondered how Nokia is able to square its clear support for free software with its equally clear support for software patents in Europe. Nokia has given a partial answer in the form of this patent statement:
Nokia hereby commits not to assert any of its Patents (as defined
herein below) against any Linux Kernel (as defined herein below)
existing as of 25 May 2005. The aforesaid non-assertion shall
extend to any future Linux Kernel to the extent that Nokia does not
declare any new functionality embodied in such Linux Kernel to be
outside the scope of this Patent Statement.
This "non-assertion" pledge does not apply, however, to anybody who is pushing patent claims against the kernel, meaning that Nokia is leaving open the possibility of using its patents to defend the kernel against an attack from elsewhere. The patent grant falls far short of what the community would like: it applies only to the kernel, and, for future kernels, it only applies as long as Nokia feels like letting it apply. The wording of the statement would seem, even, to exclude most distributor kernels. But, as an overt recognition of the problem and a partial grant, it is at least a step in the right direction.
Dispatches from the software patent frontThe software patent battle in Europe is heating up again as the July 6 vote in the European Parliament approaches. There will be a demonstration in Brussels (and elsewhere) on June 2 as a way of pressuring the parliament on this issue. The day before that, the FFII and others will be hosting a conference on patent policy making, again in Brussels.Meanwhile, here's a Reuters article on the debate. "However, companies such as Microsoft and Apple Computer argue that they need broader patent protection to prevent open-source companies, which give away their software and make money through service, from effectively expropriating their development costs."
The launch of EnterpriseDBThe EnterpriseDB Corporation announced the public beta release of its EnterpriseDB 2005 on May 23. The company has been in "stealth mode" for some time, and is just now coming out to launch the EnterpriseDB product. EnterpriseDB is based on PostgreSQL 8.0.3, with modifications to make it more compatible with Oracle. The company's press release touts EnterpriseDB's open source roots, so we decided to get in touch with the company and find out what differentiates EnterpriseDB from PostgreSQL, what terms it is offered under and how EnterpriseDB works with the PostgreSQL project. In particular, we talked to the company's CEO Andy Astor. We also talked with PostgreSQL team member Josh Berkus about EnterpriseDB's involvement with the PostgreSQL project and the effect of increasing corporate attention on PostgreSQL in general. What does EnterpriseDB add to PostgreSQL to make it interesting? Compatibility with enterprise databases, specifically Oracle, and a GUI Studio application. The exact license for EnterpriseDB has yet to be determined. Note that the PostgreSQL project uses the BSD license and does not require that distributors make changes available. Astor confirmed that, despite the company's press release focusing on open source, EnterpriseDB itself will not be available under a license that would be OSI compatible. Pricing is also up in the air. Astor couldn't give us specific pricing, but said that it would be "in the single thousand dollars" for a license. He did say that it would be free to download for testing, development and "low-volume usage" but that when used in "large-scale" environments that it would require a license from EnterpriseDB. Astor told us that the company plans to contribute "everything we're building, after a fair amount of time... back to the open source community." Astor said that it's his belief that some development is best left to the open source community, in situations where there is "huge demand" and that "some things are best left to commercial interests." He also said that he expected that PostgreSQL would not adopt everything that the EnterpriseDB team offered. "I guarantee that the PostgreSQL community will not want to own all of what we've done." He did say that the final EnterpriseDB license would guarantee that users wouldn't be stranded if the company failed. "If the product we're selling is not supported by a commercial organization, it will be contributed to the community. That will be in every license that we sell." The EnterpriseDB application will be available in binary-only form, and Astor said it would support "every 32-bit and 64-bit Intel-style platform." Right now, downloads are available for Fedora Core 3, SUSE Linux Enterprise Server 9, SUSE Linux Professional 9.2, Red Hat Enterprise Linux 4.0 and Microsoft Windows. Astor said that it would probably be available on Solaris, Mac OS X and other platforms "on customer demand." The EnterpriseDB site does require registration before download, Since one of EnterpriseDB's selling points is Oracle compatibility, we asked Astor if it was fully Oracle compatible. Astor said that EnterpriseDB is not fully compatible, but "a large number of Oracle apps will run on us now, and that will increase as time goes by... not every aspect is supported, and we're looking for customer feedback." He declined to name specific applications written to use Oracle that were EnterpriseDB compatible, but said that "a lot of things we've been testing with run." Some are concerned that this may be a dreaded fork of the PostgreSQL project. We asked Astor about compatibility with PostgreSQL going forward. Astor pointed out that the EnterpriseDB beta release was based on the current PostgreSQL release (8.0.3), and that EnterpriseDB is "fully compatible" with PostgreSQL. He also noted that the company was adept at keeping in sync with the PostgreSQL tree, and that the company intends to maintain compatibility with PostgreSQL going forward. In addition, he said that EnterpriseDB would offer support for PostgreSQL itself "in the near future." We were curious how active EnterpriseDB had been with the PostgreSQL project so far. EnterpriseDB Co-founder and Chief Architect, Denis Lussier, is a member of three projects on the PgFoundry website. At this time, however, none of the projects are showing any real activity. Berkus said that EnterpriseDB had contacted him and other members of the PostgreSQL community. He said that he had "every reason to believe" that EnterpriseDB would be following through on the projects on PgFoundry, and that the company intends to contribute to PostgreSQL in general. "I think it's likely they will keep some things to themselves, where their money first end up coming from." He also noted that he had talked to Astor about contributions, though nothing concrete in terms of what would be contributed, or under what licensing terms. We also asked Berkus about corporate attention in general, and how that was affecting the project overall. He said that companies were bringing programmers and resources to PostgreSQL, and noted he was now working for Greenplum. "They're basically allowing me to work on postgresql almost full-time which is nice.." Along with the benefits, come some side effects as well. Berkus said that it requires more effort, citing the IBM patent problem as one of the side-effects. "If we didn't have 8 or 9 contributing companies using Postgres... we could have blown that off, no way IBM would have attacked us." However, companies that use PostgreSQL in their products did not have the luxury, requiring the project to spend time rewriting code to avoid patent encumbrances. We also asked Astor about patents, and where EnterpriseDB stood on the software patent issue. Astor said that the company is "fundamentally against [software] patents" and that he doesn't think they make sense. However, he also said that "in today's world, it makes no sense to swear that you'll never get one" and that the company may acquire "defensive" patents. "We would only have defensive plans for them, if we were to secure them for ourselves." Since EnterpriseDB is touting the open source aspects of EnterpriseDB so heavily, it will be interesting to see how the company interacts with the PostgreSQL project over the long term. Given the terms of its license, it will probably not catch on as widely as PostgreSQL itself, but it may serve the needs of companies who are looking to get away from higher-priced packages like Oracle.
Security Trackerless torrentsThe BitTorrent file sharing system is in the news this week for a couple of reasons. The first of those is that BitTorrent has announced a beta with "Trackerless" publishing, which allows users to share files without maintaining a centralized tracker. The protocol is also in the news, predictably, due to the release of "Star Wars III: Revenge of the Sith." The Motion Picture Association of America (MPAA) has used the publicity around the movie to launch another attack on BitTorrent. Predictably, "Sith" did end up being available via BitTorrent, and 20th Century FOX is already issuing takedown notices to ISPs.The trackerless technology is also getting attention as a tool to share illegal content, with no mention of the legitimate uses of BitTorrent. Given the coverage of "trackerless" BitTorrents so far, some might think that offering a "trackerless" BitTorrent would prevent detection by companies like BayTSP. However, "trackerless" is a far cry from anonymous. While a tracker site presents an obvious target for entertainment industry lawyers, there's nothing about so-called trackerless publishing that prevents detection. As one might have surmised already, trackerless is actually a misnomer. In fact, as the BitTorrent press release acknowledges, it's actually a "lightweight tracker." To share a "trackerless" file, a user generates a .torrent file in much the same way that one would generate a normal .torrent tracker. This file still need to be published via a website and public Internet connection. As the BitTorrent page says, "Anyone with a website and an Internet connection can host a BitTorrent download!" Individuals who share files using trackerless BitTorrent may have a better chance of flying under the radar, and once a file has been shared by the original owner there's no need for that user to maintain their tracker, but it's not anonymity. BitTorrent isn't the first to offer trackerless support. The Azureus project, for example, also offers an "embedded tracker" that allows users to share torrents directly. However, the two technologies seem to be incompatible at the moment. The trackerless system is more convenient for users who are looking to share content legally. Once a user has seeded the network with a file, there's no need for that user to continue hosting their tracker, though this also makes the trackerless system less reliable than having a centralized tracker. It should also be noted that users should think twice before sharing movies, music or other content illegally. The entertainment industry has traditionally gone after uploaders only, but BitTorrent users who share files are uploaders as well as downloaders. While LWN would not encourage sharing copyrighted material illegally, there are alternatives for users who want to remain anonymous for other reasons. For example, the Electronic Frontier Foundation has sponsored development of an anonymous system called Tor, which can be used for browsing, publishing, SSH and BitTorrent. We'll be looking at Tor on this page within the next couple of weeks.
New vulnerabilities cdrdao: local root vulnerability
cheetah: untrusted module search path
gdb: multiple vulnerabilities
libconvert-uulib-perl: arbitrary code execution
Net-SNMP: fixproc insecure temporary file creation
OpenSSL: information leak
pam: local vulnerability
ppxp: missing privilege release
Qpopper: multiple vulnerabilities
Updated vulnerabilities a2ps: input validation error
bzip2: race condition and infinite loop
cpio - file permissions error
cURL: buffer overflow
cvs: multiple vulnerabilities
cyrus-imapd: buffer overflows
dhcp: format string vulnerability
Dnsmasq: poisoning and DoS
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
Ethereal: numerous vulnerabilities
evolution: arbitrary code execution
evolution: message crash vulnerability
firefox: multiple vulnerabilities
Foomatic: Arbitrary command execution in foomatic-rip
FreeRADIUS: buffer overflow and SQL injection
gtk-pixbuf, gtk2: denial of service
gettext: Insecure temporary file handling
gftp: missing input sanitizing
ghostscript: symlink vulnerabilities
glibc: Information leak with LD_DEBUG
glibc: tempfile vulnerability in catchsegv script
gnupg: information leak
GnuTLS: Denial of Service vulnerability
grip: buffer overflow
groff: insecure temporary directory
gzip: race condition and directory traversal
htdig: cross site scripting
ImageMagick: heap corruption
imap: buffer overflow in c-client
imlib2: buffer overflows
infozip: privilege escalation, directory-traversal
junkbuster: heap corruption and settings modification
kdelibs: unsanitzied input
kernel: multiple vulnerabilities
kernel: ELF loader core dump vulnerability
kernel: extended attribute denial of service
kernel: multiple vulnerabilities
kimgio input validation errors
Kommander untrusted code execution
libdbi-perl: insecure temporary file
libgd2: buffer overflows in PNG handling
libnet-ssleay-perl: weakened cryptographic operations
libtiff: buffer overflow
libTIFF: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
lvm10: creates insecure temporary directory
mailman: path traversal
mc: buffer overflow
MediaWiki: multiple vulnerabilities
mikmod: buffer overflow
mod_python: remote access vulnerability
Mozilla Firefox, Mozilla Suite: multiple vulnerabilities
mozilla suite/ mozilla firefox: remote compromise
MPlayer: heap overflows
MySQL: input validation and temporary file vulnerabilities
nasm: buffer overflow in the ieee_putascii() function
ncpfs: multiple vulnerabilities
nfs-utils: arbitrary code execution
Oops!: Remote code execution
openssh: directory traversal
openssl: der_chop script temp file vulnerability
OpenSSL: denial of service vulnerabilities
Opera: multiple vulnerabilities
perl: setuid vulnerabilities
perl: symlink vulnerability
php4: integer overflow and denial of service
php4: denial of service vulnerabilities
phpBB: cross-site scripting
phpsysinfo: cross-site-scripting
postgresql: EXECUTE privilege vulnerability
postgresql: database initialization errors
Pound: buffer overflow
realplayer: arbitrary code execution
rp-pppoe, pppoe: missing privilege dropping
samba: integer overflow vulnerability
SpamAssassin: Denial of Service vulnerability
squid: DNS spoofing
SquirrelMail: multiple vulnerabilities
File overwrite vulnerability in tar and unzip
tcpdump: multiple DoS issues
telnet: buffer overflows
UnAce: buffer overflow and directory traversal
vixie-cron: crontab allows any user to read another users crontabs
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: two heap overflow vulnerabilities
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
XV: multiple vulnerabilities
zlib: denial of service
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current stable 2.6 release remains 2.6.11.10. The 2.6.11.11 process is underway, however, and that version (with a number of x86_64 patches and a few other fixes) may be out by the time you read this.The current 2.6 prepatch is 2.6.12-rc5, released (without an announcement) on May 25. It includes a few security patches, some architecture updates, and a number of fixes; see the long-format changelog for the details. The current -mm release is 2.6.12-rc5-mm1. Recent additions to -mm include the OCFS2 filesystem (see below), the dynamic scheduling domains patch (smarter scheduling on large SMP systems), the Red Hat distributed lock manager (covered here last week), a number of KProbes enhancements, a new try_to_del_timer_sync() function, the execute in place patches, Tensilica Xtensa architecture support, the voluntary preemption patch, and lots of fixes. The current 2.4 prepatch is 2.4.31-rc1, released by Marcelo on May 25. A couple dozen new patches have been merged; most of them are networking fixes and a new bcm5752 driver.
Kernel development news Quote of the week
As for different trees, I'm afraid you've written something that is
_too useful_ to be used in that manner.
Git has brought with it a _major_ increase in my productivity because I can now easily share ~50 branches with 50 different kernel hackers, without spending all day running rsync. Suddenly my kernel development is a whole lot more _open_ to the world, with a single "./push". And it's awesome. -- Jeff Garzik
The OCFS2 filesystemThe second version of Oracle's cluster filesystem has been in the works for some time. There has been a recent increase in cluster-related code proposed for inclusion into the mainline, so it was not entirely surprising to see an OCFS2 patch set join the crowd. These patches have found their way directly into the -mm tree for those wishing to try them out.As a cluster filesystem, OCFS2 carries rather more baggage than a single-node filesystem like ext3. It does have, at its core, an on-disk filesystem implementation which is heavily inspired by ext3. There are some differences, though: it is an extent-based filesystem, meaning that files are represented on-disk in large, contiguous chunks. Inode numbers are 64 bits. OCFS2 does use the Linux JBD layer for journaling, however, so it does not need to bring along much of its own journaling code. To actually function in a clustered mode, OCFS2 must have information about the cluster in which it is operating. To that end, it includes a simple node information layer which holds a description of the systems which make up the cluster. This data structure is managed from user space via configfs; the user-space tools, in turn, take the relevant information from a single configuration file (/etc/ocfs2/cluster.conf). It is not enough to know which nodes should be part of a cluster, however: these nodes can come and go, and the filesystem must be able to respond to these events. So OCFS2 also includes a simple heartbeat implementation for monitoring which nodes are actually alive. This code works by setting aside a special file; each node must write a block to that file (with an updated time stamp) every so often. If a particular block stops changing, its associated node is deemed to have left the cluster. Another important component is the distributed lock manager. OCFS2 includes a lock manager which, like the implementation covered last week, is called "dlm" and implements a VMS-like interface. Oracle's implementation is simpler, however (its core locking function only has eight parameters...), and it lacks many of the fancier lock types and functions of Red Hat's implementation. There is also a virtual filesystem interface ("dlmfs") making locking functionality available to user space. There is a simple, TCP-based messaging system which is used by OCFS2 to talk between nodes in a cluster. The remaining code is the filesystem implementation itself. It has all of the complications that one would expect of a high-performance filesystem implementation. OCFS2, however, is meant to operate with a disk which is, itself, shared across the cluster (perhaps via some sort of storage-area network or multipath scheme). So each node on the cluster manipulates the filesystem directly, but they must do so in a way which avoids creating chaos. The lock manager code handles much of this - nodes must take out locks on on-disk data structures before working with them. There is more to it than that, however. There is, for example, a separate "allocation area" set aside for each node in the cluster; when a node needs to add an extent to a file, it can take it directly from its own allocation area and avoid contending with the other nodes for a global lock. There are also certain operations (deleting and renaming files, for example) which cannot be done by a node in isolation. It would not do for one node to delete a file and recycle its blocks if that file remains open on another node. So there is a voting mechanism for operations of this type; a node wanting to delete a file first requests a vote. If another node vetoes the operation, the file will remain for the time being. Either way, all nodes in the cluster can note that the file is being deleted and adjust their local data structures accordingly. The code base as a whole was clearly written with an eye toward easing the path into the mainline kernel. It adheres to the kernel's coding standards and avoids the use of glue layers between the core filesystem code and the kernel. There are no changes to the kernel's VFS layer. Oracle's developers also appear to understand the current level of sensitivity about the merging of cluster support code (node and lock managers, heartbeat code) into the kernel. So they have kept their implementation of these functionalities small and separate from the filesystem itself. OCFS2 needs a lock manager now, for example, so it provides one. But, should a different implementation be chosen for merging at some future point, making the switch should not be too hard. One assumes that OCFS2 will be merged at some point; adding a filesystem is not usually controversial if it is implemented properly and does not drag along intrusive VFS-layer changes. It is only one of many cluster filesystems, however, so it is unlikely to be alone. The competition in the cluster area, it seems, is just beginning.
The Integrity Measurement ArchitectureOne of the many new features in the 2.6.11 kernel was a driver for "trusted platform module" (TPM) chips. This driver made the low-level capabilities of TPM chips available, but gave no indication of what sort of applications were envisioned for those capabilities. Reiner Sailer of IBM has now taken the next step with a set of patches implementing the "Integrity Measurement Architecture" (IMA) for Linux using TPM.IMA is a remote attestation mechanism, designed to be able to convince a remote party that a system is running (nothing but) a set of known and approved executables. It is set up as a security module, and works by hooking into the mmap() operation. Whenever a file is mapped in an executable mode (which is what happens when a program is run or a sharable library is mapped), the IMA hook will first perform and save an SHA1 hash of the file. On request, the IMA module can produce a list of all programs run and their corresponding hash values. This list can be examined by a (possibly remote) program to ensure that no unknown or known-vulnerable applications have been run. If a hostile application has managed to take over the system, however, it will be in a position to corrupt the list from the IMA module, rendering that list useless. This is where the TPM chip comes in. The TPM contains a set of "platform configuration registers" (PCRs) which are accessible to the the rest of the system only in very specific ways. The PCRs can be reset to zero only when the system hardware itself is reset. The host system can pass data to the TPM which is to be included in a given PCR; the TPM then computes a hash with the new information and stores the value in the PCR. A given set of values, if sent to a PCR in any order, will, at the end, yield the same final hash value. The TPM can provide that value on request; it can also be made to sign the hash value using a top-secret key hidden deeply within its tamper-proof packaging. The IMA module works by sending each hash it computes to a PCR on the TPM chip. When it provides the list of executables and hash values, it can also obtain and hand over a signed hash from the TPM. A remote party can then recompute the hash, compare it to what the TPM produced, and verify that the provided list is accurate. It is still possible for an intruder to corrupt the list, but it will then fail to match the hash from the TPM. It thus should be possible to remotely detect a compromised system. Of course, if an attacker can gain control of the kernel at boot time, before the IMA module has been initialized, the entire battle has been lost. The TPM designers have thought of this possibility, however; it is possible to set up hardware so that it will not boot a system in the first place unless the TPM approves of the code to be booted. There are numerous possible applications of this sort of capability. In a highly secured network, systems could refuse to talk to each other until each proves that it is running only approved software. Financial web sites could, if given access to this information, refuse access from systems running browsers with known security problems. The less flexible sort of Linux support provider could refuse to work on systems which have run programs which are not on The List Of Supported Applications. Corporate IT departments could get verifiable lists of which programs have run on each system. DRM-enabled software could refuse to unlock its valuable intellectual property if the system looks suspicious. And so on. In the short term, however, this code looks like it will need some work before it will be considered seriously for inclusion. James Morris has questioned the security module implementation, arguing that this functionality should be implemented directly in the kernel. Loading the IMA module also makes it impossible to use any other security module (such as SELinux), which may not enhance the overall security of the system. And Greg Kroah-Hartman was unimpressed with the quality of the code in general:
Wow, for such a small file, every single function was incorrect.
And you abused sysfs in a new and interesting way that I didn't
think was even possible. I think this is two new records you have
set here, congratulations.
The IMA authors have now gone off to rework things. At some point, however, it seems likely that this sort of functionality will be available in Linux. Whether it will then be used to increase or restrict the freedom of Linux users remains to be seen. (For more information, see the IBM tcgLinux and Trusted Computing Group pages).
A filesystem from Plan 9 spacePlan 9 started as Ken Thompson and Rob Pike's attempt to address a number of perceived shortcomings in the Unix model. Among other things, Plan 9 takes the "everything is a file" approach rather further than Unix does, and tries to do so in a distributed manner. Plan 9 never took off the way Unix did, but it remains an interesting project; it has been free software since 2003.One of the core components of Plan 9 is the 9P filesystem. 9P is a networked filesystem, somewhat equivalent to NFS or CIFS, but with its own particular approach. 9P is not as much a way of sharing files as a protocol definition aimed at the sharing of resources in a networked environment. There is a draft RFC available which describes this protocol in detail. The protocol is intentionally simple. It works in a connection-oriented, single-user mode, much like CIFS; each user on a Plan 9 system is expected to make one or more connections to the server(s) of interest. Plan 9 operates with per-user namespaces by design, so each user ends up with a unique view of the network. There is a small set of operations supported by 9P servers; a client can create file descriptors, use them to navigate around the filesystem, read and write files, create, rename and delete files, and close things down; that's about it. The protocol is intentionally independent of the underlying transport mechanism. Typically, a TCP connection is used, but that is not required. A 9P client can, with a proper implementation, communicate with a server over named pipes, zero-copy memory transports, RDMA, RFC1149 avian links, etc. The protocol also puts most of the intelligence on the server side; clients, for example, perform no caching of data. An implication of all these choices is that there is no real reason why 9P servers have to be exporting filesystems at all. A server can just as easily offer a virtual filesystem (along the lines of /proc or sysfs), transparent remote access to devices, connections to remote processes, or just about anything else. The 9P protocol is the implementation of the "everything really is a file" concept. It could thus be used in a similar way as the filesystems in user space (FUSE) mechanism currently being considered for merging. 9P also holds potential as a way of sharing resources between virtualized systems running on the same host. There is a 9P implementation for Linux, called "v9fs"; Eric Van Hensbergen has recently posted a v9fs patch set for review with an eye toward eventual inclusion. v9fs is a full 9P client implementation; there is also a user-space server available via the v9fs web site. Linux and Plan 9 have different ideas of how a filesystem should work, so a fair amount of impedance matching is required. Unix-like systems prefer filesystems to be mounted in a global namespace for all users, while Plan 9 filesystems are a per-user resource. A v9fs filesystem can be used in either mode, though the most natural way is to use Linux namespaces to allow each user to set up independently authenticated connections. The lack of client-side caching does not mix well with the Linux VFS, which wants to cache heavily. The current v9fs implementation disables all of this caching. In some areas, especially write performance, this lack of caching makes itself felt. In others, however, v9fs claims better performance than NFS as a result of its simpler protocol. Plan 9 also lacks certain Unix concepts - such as symbolic links. To ease interoperability with Unix systems, a set of protocol extensions has been provided; v9fs uses those extensions where indicated. The current release is described as "reasonably stable." The basic set of file operations has been implemented, with the exception of mmap(), which is hard to do in a way which does not pose the risk of system deadlocks. Future plans include "a more complete security model" and some thought toward implementing limited client-side caching, perhaps by using the CacheFS layer. See the patch introduction for pointers to more information, mailing lists, etc.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Damn Small Linux Reaches 1.0What is the best distribution for old computers? This question comes up surprisingly often on public forums and mailing lists, indicating that there is a fairly large market which has been completely abandoned by all major Linux companies. As always, the answer depends on too many factors, but if you are looking for a light-weight, graphical Linux-based operating system for a machine that originally came pre-installed with Windows 95, and which has at least 32 MB of RAM, then you can't go wrong with Damn Small Linux. A 50 MB download that can be run from a CD, USB storage device, or hard disk, this distribution started as a stripped-down edition of the popular KNOPPIX live CD. Since its humble beginnings over two years ago, Damn Small Linux has evolved into a highly respected project with over 5,000 members registered on its online forums. It reached its 1.0 milestone some two months ago.I installed and used Damn Small Linux extensively on an old notebook - an AcerNote Light, originally purchased in 1997. The machine came with 32 MB of RAM and a 1.3 GB hard disk, none of which were ever upgraded. It had a CD-ROM drive, but no modem, network card or floppy drive. The notebook had been gathering dust in a cupboard until early last year when, out of sheer curiosity, I decided to give Damn Small Linux a chance to bring it back to life. It turned out to be a good decision. Following a brief period of experimenting, the notebook was capable of performing many useful tasks - from monitoring a log file on a remote web server to light web browsing, and even some basic office work in a word processor and spreadsheet. Unfortunately, the notebook died of old age a couple of months ago when, all of a sudden, it refused to boot with an error message indicating that only a trip to an authorized Acer repair center could possibly resurrect it. It was a sad moment when I had to put it back into the dusty cupboard. By that time, I was already used to having the old laptop humming along quietly and I really missed it. Its most common task was to connect to a remote web server (luckily, the notebook had a slot for inserting a PCMCIA network card) for some system administration, file editing, or as I mentioned earlier, to monitor log files with 'tail -f'. To take advantage of the graphical part of the operating system (running on top of the highly configurable and theme-able Fluxbox window manager) I used it for web browsing with Dillo and Opera. Dillo is probably the lightest and fastest graphical browser available today, but it does not support Cascading Style Sheets (CSS), which meant that many web sites did not display as intended. Opera sounded like the next best choice, but even though it is considered a remarkably light browser, 32 MB of RAM proved too little for it to perform at an acceptable speed. Nowadays, Damn Small Linux ships with Dillo and Firefox. Other applications were a lot more responsive on this old laptop. There were no speed issues with Sylpheed, the only available graphical mail client, while office tasks were handled by two surprisingly full-featured, but still extremely resource-friendly applications - the flwriter word processor and Siag Office spreadsheet. Damn Small Linux also ships with useful software for viewing PDF files and MS Office documents. Printing is supported through apsfilter, which includes a wizard for setting up serial, parallel, and even remote printers through Samba. As expected, no heavy-duty graphics applications are present, but very basic graphic manipulation can be accomplished with the help of XPaint, and a simple graphical viewer is available too. XMMS is there to play media files, while Midnight Commander can be employed to handle any file management tasks. For distraction, a handful of simple games are also provided. If all these applications are not enough, it is very easy to download and install new ones on the fly. This is done through the DSL Download Extension Panel, a custom utility listing a fairly large number of packages built and tested to work with Damn Small Linux. Among them one would find anything from AbiWord to GIMP and even OpenOffice.org. If there is still something that you miss, then the full power of apt-get and Synaptic, together with a complete Debian repository is just a click away. It goes without saying, however, that installing a large number of Debian packages would surely turn a perfectly light distribution into a full-featured monster that would defy the original purpose of Damn Small Linux. But if you absolutely need one or two extra applications then it's good to know that they are available, and that it is very easy to install them. More surprises await the user who takes the time to investigate the menus. If the entire system has been loaded into RAM (as opposed to its running directly from the live CD), an option to create a custom Damn Small Linux live CD, complete with all customizations and user-specific data, is provided. This can be useful if you need to take your data and work with you while on the road. As for system administration, Damn Small Linux comes with a simple control panel with buttons to configure various services. These include networking (network card configuration, DHCP, dial-up, PPPOE, wireless networking with NdisWrapper), printing and keyboard layout. Activating the SSH, FTP or web (MonkeyWeb) server is also just a mouse click away. The entire system can be backed up to, and restored from, a hard disk partition. And while on the subject of special features, it is worth mentioning that Damn Small Linux is also available as a Windows executable file, which can be run from within Windows, courtesy of the QEMU processor emulator. Don't expect breathtaking speeds from such an awkward setup, but it will do if you happen to be working in Windows and need to complete a quick Linux task without having to reboot your system. Originally just a personal toy of John Andrews, the project's creator and lead developer, Damn Small Linux has evolved into a truly valuable Linux distribution. Despite its incredibly small size, the sheer number of available applications and features are nothing short of amazing. Whether you want to resurrect an old, forgotten notebook or carry a small, light-weight Linux live CD in your pocket for emergency needs, Damn Small Linux is a free, feature-full, and intelligently designed Linux distribution. Give it a try a be prepared to be pleasantly surprised.
New Releases OpenBSD 3.7 ReleasedVersion 3.7 of OpenBSD has been released. New features include ports to the Sharp Zaurus SL-C3000 and SGI O2 platforms, the addition of more 64 bit platforms, and lots more.
StartCom Enterprise Linux 4.0.0 (Barak) releasedStartCom has released StartCom Enterprise Linux 4.0.0 (Barak). "The inclusion of Security-Enhanced Linux of the US National Security Agency makes StartCom LInux now even more secure thanks to the MAC-based environment, application capabilities and privileges are set by predefined policies and enforced by the kernel. This prevents errant applications from compromising system security. Version 4.0.0 codenamed Barak (Lightening in Hebrew), features the new 2.6 kernel infrastructure with better and more drivers supported, multi-core and hyperthreaded CPUs support to mention only a few. The improved storage and file system capabilities uses now Logical Volume Management (LVM) as the default installation option. Also the desktop environment offers new enhancements providing a feature-rich, easy-to-use application pool, such as Firefox, Evolution and OpenOffice."
Update 5 for Lineox Enterprise Linux 3.0Always Current Lineox Enterprise Linux 3.092 has been released with a fifth update 5 to the 3.0 series. This update features better hardware support during installation, support for 2-TB partitions on block devices, support for new disk, network, and USB devices, support for clustered APIC mode on AMD64 NUMA systems, and more.
Trustix Secure Linux 3.0 Release Candidate 2Trustix has announced (click below) the second release candidate for Trustix Secure Linux 3.0. "Amongst the many enhancements to the new Trustix Installer "Viper" is PXE support. Instructions on how to install over the network using PXE is found in the file /pxeboot/README.txt on the installation CD."
Distribution News Debian GNU/Linux newsAnother Woody update is in the works. It should be out just before the Sarge release, and will most likely be the last Woody update.The 'volatile' archive is a place for things that change quickly, like spam filters and anti-virus software. This archive should be live with the Sarge release. Find out more in this post.
LQ Adds an Officially Recognized MEPIS ForumLinuxQuestions.org has announced a new forum for MEPIS Linux.
Ubuntu Hardened SPEC-20050503 and scheduleThe Ubuntu Hardened team has announced (click below) rewritten specifications, now publicly available in both LaTeX source and PDF formats, plus an updated schedule and other Hard news.
New Distributions Teenager Develops User Friendly SLYNUXSLYNUX is a user friendly GNU/Linux OS for beginners. It can be run completely from CD without installation. There is also an option to install to hard disk. Anyone who is familiar with Microsoft Windows can handle this operating system. The desktop is designed to be easy to use and friendly. SLYNUX also comes with a wide range of applications. SLYNUX is a Debian/Knoppix-based GNU/Linux system. CXOtoday has an article about SLYNUX and its developer.
Distribution Newsletters Debian Weekly NewsThe May 25 issue of the Debian Weekly News is out. Topics this week include running a Debian desktop with twelve watts of power, Debian GNU/Hurd, the final woody update, and more.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for May 23, 2005 is out. This edition covers the Gentoo Foundation's Trustees Election for 2005-2006, a new mailing list for Perl discussions, Gentoo at OSDL, Developer of the week Tom Martin, the Gentoo Foundation Website Redesign Contest, and several other topics.
Ubuntu community council meetingThe full log and a summary of the May 10, 2005 Ubuntu community council meeting are available.
DistroWatch Weekly, Issue 101The DistroWatch Weekly for May 23, 2005 is out. "Gentoo Linux continues to maintain its presence on these pages - we have a quick tip describing how to save time and prevent downtime while installing this popular source-based distribution. We'll continue with an update on the release of Debian Sarge and point you to a couple of fantastic Linux learning resources made available recently by Novell. The featured distribution of the week is the PHLAK live CD with its amazing array of security tools and extensive documentation, while Robert Storey reveals a great utility to really erase data from your hard disks."
Minor distribution updates Lunar-1.5.0 "Indium Phosphide" ISO releasedThe Lunar-Linux Team has announced the release of Lunar-1.5.0 "Indium Phosphide" ISO. "This ISO marks a radical change in the development of lunar install ISO's and should be far easier and faster to install for everyone. The 1.5.0 release is an i686 optimized iso."
Empower Technologies Releases LEOs for Texas Instruments OMAP5910Empower Technologies has announced the official release of the latest LEOs(TM) (LinuxDA Embedded O/S) development platform - LDK5910 optimized for Texas Instruments(TM) OMAP5910 dual core CPU.
Package updates Fedora Core updatesFedora Core 3 updates: gail-1.8.0-3.fc3 (fix the tamil translation), dmraid-1.0.0.rc8-FC3_2 (bug fixes), netpbm-10.27-3.FC3 (updates and bug fixes), sudo-1.6.7p5-30.2 (bug fixes), texinfo-4.8-2.1 (upgrade to 4.8, which fixes a segmentation fault problem).
Mandriva updatesMandriva Linux 10.2 (LE2005) updates: rpmdrake (bug fix with the mdkonline applet), qt3 (fix a problem in qmake), kdenetwork (change in MSN protocol fixed in kopete).
Trustix TSL-2005-0024Trustix has updates and bug fixes available for TSL 2.2 packages clamav, cups, mysql, and postfix.
Distribution reviews Review: OpenBSD 3.7 (NewsForge)NewsForge has this review of OpenBSD 3.7. "OpenBSD is a complete, relatively small-footprint, Unix-derived operating system. Originally forked from NetBSD in 1996, the project has suffered only one remote security flaw in the default installation in more than eight years. Obviously the development team can't guarantee the security of every one of the 3,000 ported applications, but there is a significant effort to ensure that there are no security flaws or other serious code-related problems in the Ports tree."
Sentry CD - A different firewall approach (NewsForge)NewsForge takes a look at the Sentry Firewall CD. "If you want to set up a Linux-based firewall, there's no need to run a bloated distribution that installs everything but the kitchen sink. If you are not afraid to get your hands dirty, and like having total control over your system, then Sentry Firewall CD (SFCD) is just what you need. It is a highly configurable, bootable CD that takes a minimalist approach to firewalling."
Page editor: Rebecca Sobol Development Introducing the XMMS2 Media Player"Developer Release 1" of XMMS2, the next generation of the X Multimedia System (XMMS), has been released. This article describes what is new in XMMS2.Why bother working on a next generation XMMS while there are various existing and possibly more advanced projects already in progress, some which are ready for production use? Because XMMS is just too damn popular to be allowed to die, of course! But seriously, while the field of 'audio playback' in general is something of an old beaten path, there is still much room for improvement. Constant progress is happening in the field of digital audio playback, including: new compression/encoding schemes, better and more flexible encapsulation and container formats, more efficient encoders and decoders, better ways of managing collections of music files, new ways of letting users interact with their music and so on. XMMS2 jumps into the mix with the goal of trying to provide an improved music listening experience for users. The XMMS2 project started in late 2002 as an idea to make a "kick-ass music player", and has eventually evolved into the next generation XMMS. The need for an XMMS replacement had been evident for years: the XMMS codebase and framework weren't exactly well-designed from the beginning. Lately, active development of XMMS has mostly stopped, this can be attributed to the lack of active developers, and a broken codebase. Adding new features to XMMS is difficult. Some of the most-wanted features would be nearly impossible to add. Some parts of XMMS are beyond patching, a re-design of the framework is needed. Developers of another fork of XMMS, BMP, the "Beep media player", comment on XMMS:
The XMMS code we inherited is old and messy.
In more specific terms, it is poorly structured, poorly documented
and littered with duplications. It is difficult to modify or
extend one component of XMMS without breaking another.
We spent most of our time fixing problems that were introduced
after seemingly innocent modifications.
The XMMS2 team is committed to producing a better music player, while diligently maintaining a robust and flexible design. The goal is to make the system easy for developers to maintain and integrate with. In terms of the listening experience, XMMS2 makes it possible for anyone to easily manage their music collection and to interact with it in a flexible manner.
A Client/Server ModelXMMS2 runs the core player and user interface(s) as separate processes. The core player acts as a server to which user interfaces can connect. The interprocess communication is carried out over a Unix socket or a tcp connection, but all of the details are hidden from the client in a high-level client library.The library also has bindings for Python and Ruby, simplifying the creation of clients. Putting the user interface in a separate process provides the opportunity to offer some very nice features. It allows any number of clients (user interfaces) to be connected simultaneously. When you are sitting on your sofa with your laptop, you can just ssh to your desktop where XMMS2 is playing, and use the text interface to change songs, much like using xmms-shell for XMMS, but XMMS2 is designed for this from the ground up, and all clients are first-class citizens having full access to all of the available features. Support for multiple clients also means that you don't have to keep a client connected - you may start the player, load a nice playlist and start playing it, and disconnect your client without killing the core player. This flexibility makes XMMS2 well suited for a headless system, and allows it to be controlled from a web browser. The client-server model allows XMMS2 to be completely desktop environment agnostic. It is possible for one user to run the core player with a client that integrates tightly with a KDE-desktop, while another user runs it a with client that just sits in his/her Gnome panel. At the moment, there are no finished and stable GUI clients, but the plan is to write a small skinnable client that isn't bound to either KDE or Gnome. This will be shipped with XMMS2 as the default GUI client. The XMMS2 team also hopes that third-party clients which are more tightly integrated with individual desktop environments will be independently developed. If you are familiar with XMMS, you know that its plugin system allows plugins of type "General", which are used to provide functions such as controlling the player using an IR remote control (xmms-lirc), running specific commands when a new song is played (song_change) and starting playback at a specific time (xmms-alarm). In XMMS2 all of these functions can be implemented as special clients. This increases the stability of the core player, as the core player will continue to work fine even if one of the clients crashes. This design also speeds the development of such functions up in two ways, the client doesn't need to be unloaded and loaded from the server to test each change, and the server will keep running even if the client has crashed. More importantly, the client functions can be written in a scripting language such as Python or Ruby. Visualization works exactly the same way - a visualization client requests visualization data, and processes it to produce fancy real-time visual graphics. Currently, only frequency information is available, wave data will probably be added in next release.
The MedialibDisplaying just the filename or URL of an audio stream in the playlist isn't very attractive, metadata such as the artist's name and the song title should also be shown. This media information is generally available inside the file (or stream) itself, like the ID3 tag in an mp3 file, and must be parsed. This parsing takes some time, and if it had to be done every time a song was added to the playlist, it would take a noticeable amount of time to add an album to the playlist. To solve this problem, the media info is cached in a database, named the 'medialib'. When a song is added to the playlist, the medialib is first queried, if the song has been seen before, the media info will instantly be available and the operation of adding songs to the playlist will be much faster.This also has a very nice side effect: all of the mediainfo from the songs seen by XMMS2 will be stored in a database. This makes it possible to perform queries to find songs that have certain properties. For example, finding all songs by a certain artist or of a particular genre. This is so useful that a command was added to import music metadata straight into the medialib. The medialib is implemented as a standard SQL database using SQLite. The medialib can be queried using SQL, and the possibilities are only limited by one's imagination. Examples are: "list all unique artists", "all artists with more than one hour total playtime", "10 random songs from artists beginning with 'a'", "100 random songs which are longer than 2 minutes and have the genre 'electronic'", and "select one song from each year between 1980 and 2003". If logging is enabled, which it is by default, an entry is written to a log-table in the database every time a song is played. By using this table, even more complex queries can be made: "10 random songs that weren't played last week", "20 hangover-songs (that have been played Saturdays 10:00-14:00)". The power of querying the medialib would be apparent when XMMS2 is coupled with a client that abstracts away the SQL queries in a simple, but effective manner. No such client exists today, but the potential is great.
Transport PluginsOne of the problems with XMMS is that each input plugin is responsible for reading data from files or streams. This means that every input plugin wanting to be able to load a file over HTTP must implement its own HTTP code.In XMMS2 the "input" plugins are split into "transport" and "decoder". Thus, if an HTTP transport plugin is installed, all supported file types can be loaded over HTTP. SummaryWhile it is far from being able to replace XMMS as the de-facto standard music player on linux desktops, "Developer Release 1" of XMMS2 shows that the potential is there. Hopefully, the development of interfaces will be accelerated now that a public release has been made. All developers are encouraged to take a look at it, and take a plunge into the code to help make it the music player.For more information have a look at the XMMS2 Wiki and join #xmms2 on freenode.
System Applications Database Software PostgreSQL Weekly NewsThe May 22, 2005 edition of the PostgreSQL Weekly News is out with the weeks' PostgreSQL database articles and resources.
DBD::Pg 1.42 releasedVersion 1.42 of DBD::Pg, a Perl database interface, has been announced. "DBD::Pg version 1.42 is mainly a bug fix for version 1.41." The code is available on CPAN.
Druid 3.6 releasedVersion 3.6 of Druid, a cross-platform GUI database manager, is out. "Druid is a GUI tool for database build and management. Users can add/change/delete DB objects (tables, fields, etc). Druid generates for you: SQL scripts, docs in XHTML, PDF, DocBook, etc; code in C, C++ & Java Beans even for JDO and support Castor & OJB".
Networking Tools LAT v0.5.3 releasedVersion 0.5.3 of LAT, the LDAP Administration Tool is available. "The tool allows you to browse LDAP-based directories and add/edit/delete entries contained within. It can store profiles for quick access to different servers. There are also different views available such as Users, Groups and Hosts which allow you to easily manage objects without having to deal with the intricacies of LDAP." Bug fixes and some new features are included in this release.
Build a RADIUS server on Linux (IBM developerWorks)Wei Zhang uses Linux as the base for a RADIUS server on IBM developerWorks. "As a network administrator, you need to keep administrative user information for each network device you need to manage. But network devices usually support only limited functions for user management. Learn how to use an external RADIUS server on Linux to authenticate users, particularly against an LDAP server, allowing you to centralize user information stored in the LDAP server and authenticated by the RADIUS server, thereby both reducing administrative overhead on user management and making the remote login process more secure."
Printing More New CUPS TutorialsThe Common UNIX Printing System (CUPS) site has several new tutorials online. Topics include: How Do I Fix The Error: "client-error-request-value-too-long" and How Do I Give My Windows Client Adminstrative Capabilities in CUPS?
Security Sussen v0.11 releasedVersion 0.11 of Sussena, a tool for testing the security posture of computers and network devices, is out. "Since the last release we have moved away from porting security tests to focusing on running existing ones. To that end we've been working on NASL and OVAL interpreters for Sussen."
Web Site Development Business Directory module for phpWebsite released (SourceForge)The phpwsBusinesses Business Directory module for phpWebsite has been announced. "phpwsBusinesses is a module for phpWebsite. It is intended to serve as a contact directory for businesses, and is suitable for websites such as a local Chamber of Commerce might have."
Documentation KnowledgeTree 2.0.4 released (SourceForge)Version 2.0.4 of KnowledgeTree has been announced. "KnowledgeTree is an Open Source Document Management System, and version 2.0.4 has focussed mostly on minor bugfixes, improvements in flexibility, and preliminary support for PHP5."
Desktop Applications Audio Applications Realtime Extension documentation for SND, and snd-ls V0.9.3.0Version 0.9.3.0 of snd-ls, a distribution of the sound editor Snd, is out with support for SND 7.13 and bug fixes. Also, new documentation for the SND Realtime Extension is available.
Business Applications Tina POS 0.0.7 released! (SourceForge)Version 0.0.7 of Tina POS, a cross-platform point of sales application that has been designed for touch screens, has been announced. Changes include new translations, a new ant build file, bug fixes, and other improvements.
Data Visualization wxMaxima 0.6.1 released (SourceForge)Version 0.6.1 of wxMaxima, a cross-platform graphical front-end for the Maxima computer algebra system, is available. "New in version 0.6.1: support for greek characters in console window; export console window to HTML; save selection to image (selection to clipboard as image on windows); toolbar; other small changes/enhancements and bug fixes."
Desktop Environments GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit Digest (KDE.News)The May 20, 2005 edition of the KDE Commit Digest is online, here's the content summary: "KNode rewrites article viewer. KViewShell adds basic printing support. Juk adds a cover manager. KDE4 porting continues apace."
Interoperability Wine 20050524 ReleasedRelease 20050524 of Wine has been announced. Changes include MSI improvements, new file manager features, better Winelib import library compatibilities, code cleanup, bug fixes, and more.
Music Applications LinuxSampler 0.3.1 announcedVersion 0.3.1 of LinuxSampler, a modular streaming-capable sampler, has been announced. "Focus of this first release was an adequate support of the Gigasampler format, including experimental support for the new Gigasampler v3 format."
Q-Faust project announcedAlbert Graef has announced his Q-Faust project. "I thought that some of you might be interested in a Faust interface I created for my functional programming language Q. The interface allows you to load and run Faust DSPs in Q. Those of you who attended Yann Olarey's Faust workshop and my talk about Q at LAC05 should have an idea of what I'm talking about. ;-) I think that Faust and Q really make a great combo, which allows you to do all your multimedia/DSP stuff using nothing but modern FP tools."
QSynth 0.2.3 releasedVersion 0.2.3 of QSynth, a Qt GUI front-end application to the fluidsynth soundfont2 engine, is available. "The fine print goes like there's no really big new features on this. After all its only a minor dot-realease."
Office Suites OO.o build 1.9.104 releasedVersion 1.9.104 of OO.o build is out. "This package contains Desktop integration work for OpenOffice.org, several back-ported features & speedups, and a much simplified build wrapper, making an OO.o build / install possible for the common man." Lots of bug fixes have been implemented.
Web Browsers Deer Park Alpha 1 Release Candidates Available (MozillaZine)MozillaZine has announced the availability of release candidate builds of Mozilla Firefox 1.1. "Asa Dotzler has announced that release candidate builds of Deer Park Alpha 1 are now available. Deer Park is the codename for Mozilla Firefox 1.1 and Deer Park Alpha 1 is a preview of 1.1 aimed at developers. The builds available today are Deer Park Alpha 1 release candidates. Deer Park Alpha 1 intentionally uses a codename rather than the Mozilla Firefox branding to dissuade end-users from downloading the preview (an end-user beta will be available closer to the final 1.1 release)."
Languages and Tools C GCC 3.4.4 releasedThe GNU project and the GCC developers have announced the release of GCC 3.4.4. This release is a bug-fix release, containing fixes for regressions in GCC 3.4.3 relative to previous releases of GCC.
Caml Caml Weekly NewsThe May 17-24, 2005 edition of the Caml Weekly News is online with the weekly roundup of Caml language news.
Groovy Stir some Groovy into your Java apps (IBM developerWorks)Andrew Glover mixes Groovy and Java on IBM developerWorks. "Ever thought about embedding Groovy's simple, easy-to-write scripts in your more complex Java programs? In this installment of Practically Groovy, Andrew Glover shows you the many ways to incorporate Groovy into your Java code and explains where and when it's appropriate to do so."
Lisp ECL 0.9f releasedVersion 0.9f of ECL, Embeddable Common-Lisp, is out. "This version adds two new contributed modules, improves ANSI compliance, and fixes several bugs."
Perl Parrot 0.2.0 'NLnet' Released! (use Perl)Version 0.2.0 of Parrot, a virtual machine for Perl 6 and other languages, has been announced. Changes include a change to the subversion RCS, Lisp support, a reworked Parrot Grammar Engine, bug fixes, and lots more.
Perl 5.8.7 RC1 is out (use Perl)Version 5.8.7 RC1 of Perl has been announced. "This is a regular maintenance release for perl 5.8.x, providing bug fixes and integrating module updates from CPAN."
This Week in Perl 6 (O'Reilly)O'Reilly's This Week in Perl 6 for May 3-17, 2005 is online with the latest Perl 6 news.
Python PyPy 0.6 releasedThe initial release of PyPy, a reimplementation of Python written in Python, has been announced. "The PyPy Development Team is happy to announce the first public release of PyPy after two years of spare-time and half a year of EU funded development. The 0.6 release is eminently a preview release.*"
Dr. Dobb's Python-URL!The May 24, 2005 edition of Dr. Dobb's Python-URL! is online with a new collection of Python language articles.
Tcl/Tk Dr. Dobb's Tcl-URL!The May 23, 2005 edition of Dr. Dobb's Tcl-URL! is online with the weekly roundup of Tcl/Tk articles.
XML Unicode Secrets (O'Reilly)Uche Ogbuji writes about the Unicode character set on O'Reilly. "Poor understanding of Unicode is probably the biggest obstacle users face when trying to learn how to process XML, and Python users are no exception. In my experience, Unicode matters are the most common component in users' cries for help with Python XML tools. In this article and the next I'll present a variety of tips, tricks, and best practices in order to help users minimize Unicode problems."
Emulators dosemu-devel 1.3.2 releasedAfter a long period of inactivity, a new development version of dosemu, a DOS emulator, is out. Changes include updates to the video library code, documentation updates, and more.
Miscellaneous OpenRelease 0.1.2 announcedVersion 0.1.2. of OpenRelease is available with bug fixes and other improvements. "OpenRelease is a Python module which automates the packaging, release, and announcement of open source software. The pack class creates packages, which are defined by packer classes, manages versioning, and brings up your notes and changelog in an editor. The release class uploads the package to SourceForge, releases it through QRS, announces it on freshmeat and (if appropriate) on pypi."
Page editor: Forrest Cook Linux in the news Recommended Reading What the Linux Desktop Needs (OS Views)OS Views is running Kurt Pfeifle's opinion of what the Linux desktop needs. "I have mentioned it before, and I will repeat it here again: any commercial software vendor pondering to sell his product or service on the Linux platform is horrified by the complications he has to deal with."
Minnesota court takes dim view of encryption (News.com)According to this News.com story, a Minnesota appeals court has ruled that the presence of PGP on a suspect's computer can be considered evidence of illegal intent. "[Judge] Randall favorably cited testimony given by retired police officer Brooke Schaub, who prepared a computer forensics report--called an EnCase Report--for the prosecution. Schaub testified that PGP 'can basically encrypt any file' and 'other than the National Security Agency,' nobody could break it."
Companies Sun Seizes Tarantella (IT-Director)IT-Director examines Sun Microsystems' recent agreement to acquire Tarantella Inc. "Tarantella is one of those companies that has been around for a long time and has managed to achieve a degree of brand recognition without really becoming entirely mainstream. At heart, the company's software is designed to enable organisations to access data and applications wherever they are hosted using just a Web browser. The connection between this technology and Sun's excellent thin client solution, Sun Ray, is very clear to see."
Linux Adoption Free CDs bring open source to India (News.com)News.com reports on an Indian governmental program to increase open source adoption. "The government has started distributing CDs containing Tamil-language versions of various open-source applications, including the Firefox browser, the OpenOffice.org productivity suite and the Columba e-mail client. It plans to freely distribute 3.5 million copies of the CD to Tamil speakers worldwide..."
Interviews Interview With KDE-PIM Hacker Till Adam (KDE.News)KDE.News features an interview with KDE-PIM developer Till Adam. "Till Adam only started hacking on the KDE mail client, KMail, because he wanted some features implemented from the command-line client Mutt. Now he is one of the main developers of the KDE-PIM project, which KMail is part of. KDE Dot News caught up with Till to talk about e-mail protocols, groupware and implementing them in KDE."
OpenBSD 3.7: The Wizard of OS (O'ReillyNet)O'ReillyNet interviews OpenBSD developers. "Today the OpenBSD project announced the new 3.7 release. This is the first release to support newer wireless chipsets, especially for 802.11g, thanks to a big activism campaign lead by project leader Theo de Raadt. It's now possible to create a portable access point with a tiny PDA using the Zaurus port, too. As usual, there are a lot of other big and small changes, such as the import of Xorg, the jump towards gcc3, and a feature to update your installed packages automagically. Discover the details behind the scenes in this interview that Federico Biancuzzi had with several OpenBSD developers."
Interview with Will Stephenson (KDE.News)KDE.News interviews Will Stephenson about his work on Kopete. "Will Stephenson is one of the attendees at the KDE PIM Event. 4 years ago he started with contributing to Kopete, the instant messaging client for KDE. His recent contributions made it possible to let Kopete communicate with Kontact. In this interview, he will tell you about Kopete and his exciting plans for the upcoming meeting."
Resources New Audio Libre ArticlesTwo new Audio Libre Articles (PDF) are available from linuxaudio.org. The new titles include: "Not only, but ALSA" and "Xiph.org - The foundation for free audio".
The Daemon, the GNU and the Penguin - Excursus: Hardware and Ch. 9 (Groklaw)Groklaw presents "Excursus: Hardware" and Chapter 9 from the online book "The Daemon, the GNU and the Penguin" by Dr. Peter H. Salus. First generation home computers and Minix are discussed.
Three tools to help you configure iptables (NewsForge)NewsForge takes a look at firewalling with FireHOL, GuardDog, and the Easy Firewall Generator for iptables. "Every user whose client connects to the Internet should configure his firewall immediately after installation. Some Linux distributions include firewall configuration as a part of installation, often offering a set of defaults configurations to choose from. However, to ensure that your machine presents the minimum "attack surface" (a measure of the number of vulnerable ports, user accounts, and sockets exposed to attack) to the predatory inhabitants of the Internet, you may need to do some manual configuration of your firewall. Here are three tools that can help."
Free Software Magazine #3The April issue of Free Software Magazine is now available on the net; it includes articles on licensing issues, XML document authoring, LDAP, disaster recovery, and more.
Open Source Fun With Inkscape and SVG (GlitchNYC.com)GlitchNYC.com presents a tutorial about vector drawing under Inkscape. "For those that don't know, Inkscape is a free and open source vector image editor, much like Corel Draw or Adobe Illustrator. Vector editors differ from photo editors in that your drawings always remain a bunch of parts that get rendered, rather than being saved as pixels. For example, if you draw a circle, the file will contain information about the position and radius of the circle, as well as its color and outline rather than thousands of little dots representing the image."
Book Excerpt: Linux Programming by Example (Linux Journal)Linux Journal covers the V7 Unix ls command in this two part excerpt from Linux Programming by Example. Here's part 1 and part 2.
Linux, outside the (x86) box (IBM developerWorks)Peter Seebach examines the popularity of Linux on non-x86 architecture hardware. "Some people tend to dismiss non-x86 Linux as an idle amusement (it isn't; it's actually a lot of fun). Linux development for other-than-x86 hardware has led to improvements in the quality of the Linux kernel, even for x86 users. Today, the main Linux kernel has code for 22 architectures, although not all of them are equally well supported or mature."
Postfix performance tuning (NewsForge)NewsForge is running an excerpt from "The Book of Postfix" by Ralf Hildebrandt and Patrick Koetter. "Postfix is fast out of the box, but like other packages, you can usually tune it to work even faster. Furthermore, there are situations where Postfix may not perform as well as you expected, whether because of hardware or software limitations on the server system or other adverse conditions, such as a big influx of spam or undeliverable mail. This article shows you how to find and analyze the most common performance problems."
Build a Wireless Gateway with Perl (O'Reilly)Alptekin Cakircali builds a wireless gateway machine on O'Reilly. "This article introduces an open source project called AWLP (Alptekin's Wireless Linux Project), which turns a PC with an appropriate wireless LAN card (Prism2/2.5/3) into a full-featured, web-managed wireless access gateway. That old Pentium 120 machine in your basement might march back up the stairs shortly."
Linux in Government: Optimizing Desktop Performance, Part II (Linux Journal)Linux Journal optimizes the Linux desktop by enabling Direct Memory Access (DMA). "Simply turning on using_dma enables a 16-bit mode, so I switched to 32-bit mode and found that my read time improved slightly. My buffered disk reads went from 46.50MB per second to 46.52MB, not much of an improvement. I also looked at turning on multiple sector I/O. This is a feature of modern IDE hard drives that permits the transfer of multiple sectors per I/O interrupt rather than the usual one sector per interrupt. When this feature is enabled, it typically reduces operating system overhead for disk I/O by 30-50%. On many systems, it also provides increased data throughput of anywhere from 5% to 50%."
Reviews A Whole New World with The G System (KDE.News)KDE.News takes a look at the G System. "The G System is a free and open source simulation framework and virtual reality, using Qt and KDE. The recent 0.5 release adds multi-user capability, an important milestone in the history of this project. Using the G System many users can now join in the same virtual universe."
Moodle: An open source learning management system (NewsForge)NewsForge covers Moodle. "Distance education is becoming more important in today's connected world. Universities and schools are supplementing traditional classroom-based learning with electronic learning management systems (LMS) -- software designed to deliver on-line education. You may know such software by other names, such as managed learning environments, virtual learning environments, or course management systems. Moodle is the definitive open source learning management system. Like most LMSes, it make extensive use of the Internet, with features such as discussion forums, chats, journals, automated testing and grading tools, and student tracking. Because it's open source, it's also broadly extensible by its large user community."
Outlook vs Evolution vs Kontact: an e-mail client comparison (opensourceversus)opensourceversus.com is running part two of a visual comparison of Outlook, Evolution, and Kontact. "We've put together a series of side-by-side screen shots of Outlook 2003, Evolution 2.2.1.1 and Kontact 1.1 as a visual comparison of these three groupware rivals. A couple of excellent open source Outlook alternatives are available which provide similar and additional features, such as Novell Evolution and KDE Kontact. If you're afraid you won't have Outlook to keep you organized in a Linux environment, you need not fear."
Picture Perfect and in Tune (PC World)PC World plays with muine and f-spot. "After installing F-Spot, I pointed it at my images folder and it took that whole mess, along with the smaller set of images somewhat-organized into subfolders, and displayed them all, thumbnail-style, along with a bar-graph/timeline sort of widget that is so darned useful, I can't understand why I haven't seen a similar treatment in other apps.... With one glance, I can see that I took more pictures in June 2004 than any other month since I started shooting digital. With a click on the timeline, I can zoom to the pictures I took that month. I can scroll backward and forward in time with ease. If I need a shot I took of my grandmother around Christmas in 2003, I know exactly how to get to it. All the guesswork is gone."
Miscellaneous A Setback For Linux (Forbes)We can't resist, sorry: Daniel Lyons just heard about the BitKeeper fiasco. "In 2003, BitKeeper detected a 'back door' that a hacker had tried to plant into the operating system. Without BitKeeper, Linux now may be more vulnerable to such breaches, [Larry] McVoy says. The loss of BitKeeper could even cause some developers to abandon Linux because their work will be harder to do, McVoy says."
Open Source: Paper Tiger, Hidden Problems? (TechNewsWorld)As licensing FUD goes, this TechNewsWorld article is at the bizarre end of the scale. "Accordingly, if a programmer simply clicks on a button to download even the smallest packet of code and thereby agrees to the GPL, then the GPL may require the entire software program, which incorporates the GPL-code, to be made available as open source under the GPL. This is true regardless of whether the programmer or employer ever intended others to be able to see, read, view and modify their software. Thus, a single click of the mouse may render otherwise proprietary software available to all."Update: this article appears to have been pulled.
Linux lab lays off programmers (News.com)News.com reports on the layoffs at OSDL. "The organization, which calls itself the 'center of gravity' of the Linux movement, made the cuts as part of a plan to rebalance its work force. New priorities include the establishment of a European office and an expansion of Asian operations into China and Korea from today's base in Japan, said Nelson Pratt, director of marketing."
Page editor: Forrest Cook Announcements Non-Commercial announcements OpenDocument approved as OASIS StandardIt's official: the OpenDocument 1.0 specification has been adopted as an OASIS standard. In the short term, OpenDocument will make it easier to move documents between free office applications, which are quickly adopting it as their native format. Eventually that large, legacy application may end up supporting OpenDocument as well.
GNOME Partners with the Open Source ConsortiumThe GNOME Foundation is partnering with the Open Source Consortium (OSC), the independent voice of the Open Source business community in Europe. GNOME will join OSC's Community Advisory Board, and work with the OSC to promote the Open Source desktop.
ClearHealth Demo Available (LinuxMedNews)LinuxMedNews has an announcement for ClearHealth 1.0. "ClearHealth now brings to the medical market the first open source package to include the big five features. Covering the five major area of practice operations including scheduling, billing, EMR, HIPAA Security and Medical Accounts Receivable it is suitable for running practices from end to end."
Public Domain Enhancement Act reintroducedThe Public Domain Enhancement Act has been reintroduced into the U.S. House of Representatives by Zoe Lofgren. This law would require that owners of copyrighted works file a registration form and pay a $1 fee to keep the copyright in force after the first 50 years. Works which, after 50 years, have been abandoned will enter the public domain.
Commercial announcements EnterpriseDB 2005 database public betaEnterpriseDB Corporation has released a public beta version of EnterpriseDB 2005 (EDB2005). "Built on the open source PostgreSQL database, EDB2005 is an enterprise-class relational database management system that supports update-intensive, high-volume applications. In addition, EDB2005 is compatible with many applications written for Oracle databases."
GenoLogics and the Institute for Systems Biology collaborate on open source toolsGenoLogics Life Sciences Software Inc. has announced that it has established a strategic partnership with the Institute for Systems Biology to collaborate on increasing the widespread utility of ISB's open source software tools within the life sciences community.
Open Source Community Embraces JetBrains Support InitiativeJetBrains, Inc. has announced that its Open Source Support Initiative has been accepted by the open source developer community. "In February, JetBrains began making free licenses for its acclaimed IntelliJ IDEA Java IDE available to qualifying open-source developers. Since then, developers from more than 150 open source projects have qualified to receive free renewable annual licenses for the preferred integrated development environment for top-level Java developers."
Worldwide Tour of MySQL 5.0 Training WorkshopsMySQL AB has announced a series of MySQL 5.0 Training Workshops in San Francisco, Washington DC, Toronto, Munich, London and Paris. "Being held in June across North America and Europe, these workshops will introduce experienced MySQL and database professionals to MySQL's implementation of advanced relational data management features such as stored procedures, triggers, views, cursors, XA and information schema."
Novell Drives Linux Into Academia With Training and TechnologyNovell, Inc. has announced a new Linux training course. "Novell (Nasdaq: NOVL) today launched a new introductory Linux training course designed for academic environments, giving educational institutions a powerful new tool to promote open source training and students a new option for learning Linux. Unique among Linux vendor offerings, Novell's new course maps directly to one of the most widely recognized vendor-neutral certifications in the Linux market, CompTIA(R) Linux+, newly updated for 2005. Novell also announced it will donate $1.5 million in SUSE LINUX software and training materials to educational institutions to help promote Linux adoption."
Search Cacher Joins OSDLOpen Source Development Labs has announced its latest member, Search Cacher, an Enterprise Search Provider. "Search Cacher will participate in OSDL's Data Center Linux (DCL) working group to increase the adoption of Linux across the distributed enterprise."
Simula Labs provides support to emerging open source companiesSimula Labs has announced its official formation. The company is backed by Mission Ventures and Redpoint Ventures, and aims to provide venture capital, entrepreneurial guidance and infrastructure to open source companies.
Trolltech Secures $6.7 MillionTrolltech has announced the completion of a $6.7 million Series B round of financing led by Index Ventures. Existing investors Teknoinvest and Northzone Ventures also participated in this round. Trolltech also announced that Neil Rimer, co-founder and general partner of Index Ventures, will be joining Trolltech's Board of Directors.
New Books Classic Shell Scripting - O'Reilly's Latest ReleaseO'Reilly has published the book Classic Shell Scripting by Arnold Robbins and Nelson H. F. Beebe.
Syngress Releases "InfoSec Career Hacking"Syngress has published the book InfoSec Career Hacking: Sell Your Skillz, Not Your Soul by Chris Hurley, James C. Foster, Drew Miller, and Christopher W. Klaus.
Assembling Panoramic Photos: A Designer's Notebook publishedO'Reilly has published the book Assembling Panoramic Photos: A Designer's Notebook by William Rodarmor.
Database in Depth: Relational Theory for Practitioners publishedO'Reilly has published the book Database in Depth: Relational Theory for Practitioners by C. J. Date.
SSH, The Secure Shell: The Definitive Guide, 2nd Edition (O'Reilly)O'Reilly has published the book Secure Shell: The Definitive Guide, 2nd Edition by Daniel J. Barrett, Richard E. Silverman, and Robert G. Byrnes.
Resources Gimp User Manual 0.8 released (GnomeDesktop)Version 0.8 of the Gimp User Manual has been announced. A new Hacking styleguide, translation work, and lots of bug corrections are included.
Contests and Awards UKUUG Award 2005The UKUUG Award 2005 has been given to Christopher Gutteridge for his work on the GNU EPrints open archive software.
Upcoming Events AUUG 2005 CFPA Call for Papers has gone out for the AUUG 2005 conference. The event will take place in Sydney, Australia from October 16-21, 2005. Proposals are due by May 27.
GOTO10 workshop at 0KN0 Belgium, July 2005A GOTO10 workshop will be held on July 11-14, 2005 in Brussels, Belgium. "The ASP Introduction workshop from goto10 and hosted by okno.be intends to introduce the students to the basics of Audio Signal Processing in the fields of realtime music production. The workshop is specifically made for people willing to develop their work in the digital sound field and for people curious about the processes involved behind audio software they already use. The workshop will also teach and demonstrate which free technologies are available for audio and video streaming."
GUADEC 6 Adds Exciting Speakers and a New TrackThe GNOME Foundation has published an update on events at the upcoming GUADEC conference. "The sixth annual GNOME User and Developer European Conference (GUADEC), announced additions to the already impressive slate for GUADEC, which will be held in Stuttgart, Germany May 29-31, 2005. The high-level conference has added a special multimedia track, on the latest in free media technology, including speakers from the BBC and Nokia. Keynote addresses by Mark Shuttleworth, founder of HBD Venture Capital and the Shuttleworth Foundation and Nathan Wilson, Project Lead, Software of Dreamworks Animation Studio have been added to the program. Keynotes by Miguel de Icaza, GNOME Founder and VP of Developer Platforms at Novell and Daniel M. Kusnetzky, Program VP, System Software, Enterprise Computing at IDC round out the program."
Ohio LinuxFest 2005 - Call for PresentationsA Call for Presentations has gone out for the Ohio LinuxFest 2005. "We are looking for talks from introductory lectures on Linux and Open Source applications through to more advanced discussions on software development, databases, server applications, networking, system administration, open source platforms and tools, community, and more. We also invite those using Linux and Linux applications to give talks about their experience and lessons learned." The event will be held in Columbus, Ohio on October 1, 2005.
OOoCon 2005 announcedThe Third International OpenOffice.org convention (OOoCon) will be held in Koper (Capodistria), Slovenia on September 28-30, 2005.
Registration Opens for O'Reilly OSCONRegistration is open for the 7th Annual O'Reilly Open Source Convention. The event will be held in Portland, Oregon from August 1-5, 2005.
SIGGRAPH 2005 Announces Computer Animation Festival ProgramSIGGRAPH 2005 has announced the program for the 2005 SIGGRAPH Computer Animation Festival. "The Computer Animation Festival jury chose 68 selections from 560 entries for exemplary use of computer-generated imagery and compelling storytelling. This year marks the first two-time winner (Baginski) in the SIGGRAPH Computer Animation Festival history. Additionally, there are 38 international selections, 11 scientific, and 26 student pieces in the Festival." The event will be held in Los Angeles, CA from July 31 - August 4.
Events: May 26 - July 21, 2005
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||