LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for June 16, 2005A few notes on the OpenSolaris releaseSun has followed through on its promises, and placed the bulk of its Solaris source on OpenSolaris.org. Regardless of whether you intend to do anything with this code, or with Solaris in general, this release is a significant event. Observers have noted for years that Linux was likely to bring about the end of proprietary Unix systems. With the opening of Solaris, that prediction has come to pass. While some proprietary Unix offerings still exist, Solaris was the largest and most significant of them. With Solaris in the open, the proprietary Unix era is done.OpenSolaris is not a small download. Anybody not already running Solaris will have to bootstrap themselves with a binary distribution. Then there's the core source tarball, compiler, and "closed binaries" packages. Throw in the BFU package to get the latest stuff: "BFU" is said to stand for "blindingly fast upgrade," but other interpretations of the acronym are certainly possible. Sun's site requires registration before it will allow you to download files; interestingly, however, it also makes torrents and a (no-registration) third-party site available. Note that, if you simply want to wander around in the source code, it is not necessary to download the whole thing. Sun has provided a web-based source browser which makes digging through the code easy. The "closed binary" package is said to be a temporary thing. It comes with a relatively reasonable "free beer" license, though it does require that you only run the binaries on an OpenSolaris system. The list of binary-only programs is somewhat strange: it includes od, patch, rdist, sed, ssh, telnet, and kernel drivers for hardware like the Intel e1000 network adaptor - stuff which, seemingly, should be free. The Sun compilers come with a rather more restrictive license; users are required to be "a participant of the OpenSolaris community," may not publish benchmark results, and cannot modify the "java technology" included with the software. Also:
Software may contain programs that perform automated collection of
system data and/or automated software updating services. System
data collected through such programs may be used by Sun, its
subcontractors, and its service delivery partners for the purpose
of providing you with remote system services and/or improving Sun's
software and systems
So it is, perhaps, not surprising that even developers within Sun are interested in using free compilers with OpenSolaris. An effort to Build OpenSolaris with GCC is apparently well advanced, so the need for the proprietary Sun compilers should go away soon. Interesting, according to one developer, much of the pain of porting to gcc was caused by gcc's insistence on putting constant data into read-only memory. OpenSolaris, it seems, did a lot of writing to "constant" strings. One of the more significant omissions from OpenSolaris currently is an X server. Two servers actually run on Solaris: X.org and the venerable Xsun server. The plan is, apparently, to move toward releasing a version of the X.org server, but that has not happened yet. Much has been said about Sun's choice of the CDDL as the license for the Solaris source code; there is not much to add at this time. It is worth noting, though, that if you choose to contribute code to OpenSolaris, you not only have to contribute it under the CDDL, but you must sign Sun's contributor agreement [PDF] as well. That agreement has some obvious things, like patent licensing. It also, however, requires you to give Sun an ownership stake in your code:
You hereby assign to Sun joint ownership in all worldwide common
law and statutory rights associated with the copyrights, copyright
applications and copyright registrations in Your Contribution, to
the extent allowable under applicable local laws and copyright
conventions, and agree never to assert against Sun any "moral
rights" therein. You understand that (i) this Agreement may be
submitted by Sun to register a copyright in Your Contribution, and
(ii) Sun may exercise all rights as a copyright owner of Your
Contribution.
Sun, in other words, can take your code and make it into a proprietary product, or release it under any other license that it sees fit. It doesn't seem to have occurred to Sun that terms like this might reduce the size of the "vibrant developer community" that it wishes to create. The CDDL license will prevent any code in the Solaris kernel from finding its way into Linux - we can only hope that nobody tries to sneak some in anyway. It is amusing to note, however, that the first OpenSolaris-inspired kernel patch has already been posted; it is a small optimization to how SYSV semaphores work. With luck, good ideas will flow from the OpenSolaris kernel to Linux (and vice versa), even if the code itself cannot. Large dumps of corporate code are always a little hard for the community to digest. So it may be some time before OpenSolaris grows into a true free software project with active user and developer communities. It will probably get there: the code is good enough, and there are enough established Solaris users now, to give OpenSolaris some momentum. Whether OpenSolaris can develop into a truly successful project over the long term remains to be seen, however. There is some good stuff there, but it may turn out to be too little, too late from a company which is still struggling to understand what free software is about.
What is firefox prefetching?One reason many of us insist on using free software is its relative lack of surprises. Free programs rarely contain features which cause them to behave in a way which is contrary to the interests of their users. Unlike many proprietary programs, free applications tend not to phone home without permission, unnecessarily restrict what their users can do, or perform unexpected operations behind users' backs. As Lauren Weinstein recently discovered, however, the Firefox browser can be made to behave in a way which is surprising indeed - and Google, in the name of faster browsing, is taking advantage of that behavior.In particular, Firefox will, at times, "prefetch" the contents of a web page which it thinks you might want to see soon. If a page is marked as being the "next" page in a series, Firefox, by default, will prefetch that page's contents. (And, yes, for those who have asked for "next" tags for the LWN Weekly Edition, it will happen when we get a chance). When the user hits the link for the next page, it will already be resident in the Firefox cache, and will display more quickly. The interesting thing is that Firefox can be told explicitly to prefetch pages; all it takes is a tag like:
<link rel="prefetch" href="URL">
Google will, if it decides that you should be feeling lucky, add such a tag
to the first in a series of search results, causing that first result to be
prefetched. Among other things, this prefetch can cause cookies to be set
in the browser even though the person ostensibly in control of the browser
Prefetching in this way can lead to a number of undesirable consequences: unwanted cookies, bandwidth use, etc. More seriously, it could lead to accesses to truly unwanted sites: stumbling into non-work-safe sites is already too easy, without one's browser deciding to fetch additional pages from arbitrary servers with no user participation. Should an unpleasant Firefox security hole be discovered, prefetching could, for the right sort of vulnerability, be exploited to compromise systems. That would be an unwelcome sort of surprise. Google's use of prefetching in this way is unfortunate; it seems certain to lead to trouble for somebody, somewhere down the line. The real problem, however, is with Firefox, which is shipped with prefetching turned on. There is no indication, anywhere in the preference screens, that an option controlling prefetching even exists. Anybody wanting to disable prefetching will have to edit their prefs.js file, or tweak the network.prefetch-next option on the about:config screen. Turning off prefetch in this way will slow down some page loads, but, for many users, the extra delay will be worth it. [As a postscript, your editor can't help but poke at a bit of poor user interface design in Firefox. An attempt to pull up a long page yielded this dialog, asking: "A script on this page is causing mozilla to run slowly... Do you want to abort the script?" The two buttons are marked "Cancel" and "OK". It is nice that Firefox does not entirely lose control in such situations. But does "Cancel" kill the script, or let it run?]
A foundation for ZopeBack in 1998, LWN got one of its first scoops by reporting that a company called Digital Creations was planning to release its well-respected Principia product under an open source license. Even more interestingly, this release had been advocated by the company's venture capital backers. Over the years, both the software and the company were renamed "Zope," and the Zope platform has been used for many applications, including the popular Plone framework.Zope Corporation has, throughout, retained copyrights for - and control over - the Zope platform. Recently, however, the company announced that a foundation would be created for Zope. This foundation will be given the copyrights to the code and the right to the Zope trademark; its task will be to ensure the future success of Zope independently from Zope Corporation. We talked briefly with Zope Corp. head Rob Page about this change. Why have you decided to make this move at this time?
The global potential for Zope 3 is huge. The design
principles in Zope 3 make it the perfect platform for
"Web 3.0" development. By way of example, we (Zope
Corporation) are developing a large document management
project for the US Department of Defense on Zope 3, and
Mark Shuttleworth is working to bring
SchoolTool/SchoolBell to the world -- all on top of
Zope 3.
Everyone with a vested interest in Zope benefits from its widespread adoption and deployment. Users benefit from the support network and commercial organizations benefit from more platform-based opportunity. We believe the explicit vendor neutrality of a Foundation will accelerate the adoption of Zope (version 2 *and* version 3). Bottom line: We want to remove any objections to adopting Zope, and we see the Zope Foundation as the last step. Were there any particular problems or pressures which led to the creation of the foundation?
No. A confluence of events -- the availability of Zope
3.1 (whose release is imminent), the release of
SchoolTool, our imminent completion of our large DoD
project and the community's launch of a Zope 3 ECM
(Enterprise Content Management) project made this an
excellent time to launch the Foundation.
How many engineers do you have working on Zope now?
Do you expect that to change as Zope moves over to
the foundation?
That said, members in the Zope community have been discussing a Foundation for more than a year and we take it at face value that a Foundation would help them sell more Zope-based products and services to their prospective and current customers.
From November 2001 through November 2004 our Chief
Technology Officer, Jim Fulton worked on little other
than Zope 3. Typically, at least 2 additional Zope
Corporation engineers spent 80% of their time
throughout that period working on Zope 3 work as well.
He was assisted by the incredible efforts of some really smart people. At the risk of insult by omission, it's appropriate to specifically mention and appreciate the efforts of Steven Alexander, Stephan Richter, and Philipp von Weitershausen. Since October of 2004 we have had more than 4 full-time engineers working on the above-mentioned Zope 3 based Document Management project. We have already contributed large amounts of code into Zope 3 (XPDL support is one specific example). We intend to release additional significant contributions into both Zope 3 and the upcoming Zope 3 Enterprise Content Management project. Of course, everyone here works on Zope. :^) Most developers are working on the delivery of our products into specific customer environments. This involves installation, custom development, configuration and transition to internal operations. We don't expect that to change. What sort of governance structure do you see for the foundation?
The governance structure of the foundation will be developed
by taking the best ideas from the likes of the Apache
Software Foundation, Eclipse Foundation and others. Since
it's early we haven't drawn any specific conclusions. We
intend to work these issues out during the summer and launch
the foundation by October 2005.
Will Zope Corp. retain any sort of veto power over changes it doesn't like?
Zope Corporation won't have a veto per se. Some changes
(e.g., changing Zope's license) will require a unanimous
vote of the Board of Directors.
How will you ensure that the development of Zope continues to meet your business needs?
In an open source world we can't ensure_ anything. :^)
How will the foundation be funded?
What we can do is continue to demonstrate productive leadership and contribute great software and ideas. The Zope community is distinguished by having gathered some really smart people so we're extremely optimistic about the Foundation's success.
We will be recruiting a few start-up partners to fund the
initial formation and operation of the Foundation.
What's the status of Zope 3? There does not appear
to have been a Zope X3 release since last November;
has development stalled?
The Foundation will have a dues structure that will support ongoing operations.
There hasn't been a tagged release of Zope 3 since last
November, though by the time I send this (or the time it's
published) Zope 3.1 will be out.
Development has done anything but stall. The last seven months have been spent fixing bugs, refactoring implementations and polishing interfaces. We have a large customer to thank for providing the real-world application to thoroughly exercise Zope 3. A lot of community work has gone into Zope 2.8 and a project called "Five" (Zope 2 + Zope 3 = Five ;-) - these are Zope 2 focused projects which aim to bridge the gap between Zope 2 and Zope 3 architectures. Zope 2.8, which now includes Five in the distribution, was released officially on June 11th, 2005. How's business? Is the services model working for you?
Depends on what you mean by services.. :^)
Since 2001 we have been de-emphasizing our professional services capacity in favor of a more productized delivery model. Our product business -- specifically the delivery of our products through managed hosting (aka ASP/Software as a Service) has been extremely successful. We recently announced the addition of CNHI as a managed hosting customer. CNHI will be launching 133 newspapers on our Zope4Media product. Our managed hosting offering provides our customers with a managed/guaranteed environment in which they can assemble composite applications (i.e., applications built from Zope, Squid, LAMP, etc.), without assuming the operational responsibilities. We thank Mr. Page for taking the time to answer our questions.
Security MD5 collisionsIt may be time to retire MD5. The MD5 Message-Digest Algorithm RFC says that "It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given prespecified target message digest." At the time, this may have been true -- the RFC was written in 1992 -- but a number of researchers are finding that MD5 hashes aren't as unique as one might like. Within the last year several researchers have come forward with results that show it's possible to create meaningful collisions of MD5 hashes. Dan Kaminsky published "MD5 to be considered harmful someday" (PDF) in December 2004; this paper describes the creation of two executables with the same MD5 hash using a tool called Stripwire (available here). Kaminsky writes that this would be an "excellent vector for malicious developers to get unsafe code past a group of auditors, perhaps to acquire a required third party signature."
Alternatively, build tools themselves could be compromised to embed safe
versions of dangerous payloads in each build. At some later point, the
embedded payload could be safely "activated", without the MD5
changing. This has implications for Tripwire, DRM, and several package
management architectures.
Kaminksy isn't the only one to find ways around MD5. Vlastimil Klima published Finding MD5 Collisions - a Toy For a Notebook in March of this year, where he describes finding MD5 collisions in 8 hours on a notebook PC with a 1.6 GHz Pentium. Arjen Lenstra, Xiaoyun Wang and Benne de Weger published "a method for constructing pairs of X.509 certificates where the "to be signed" parts of the certificates form a collision for MD5. Xiaoyun Wang and Hongbo Yu published a paper this year on how to break MD5 (PDF) and other hash functions. Now Stefan Lucks and Magnus Daum have come up with a method for creating two documents with the same digital signature. Lucks and Daum describe creating two postscript documents, using Wang and Yu's attack, that have meaningful content and the same MD5 hash. They describe a scenario between "Alice and her boss" where Alice creates two postscript documents with the same MD5 hash. One, which is presented for a digital signature, is a letter of recommendation - the other is a document granting "Alice" access to confidential information. The files are available for download from the Institute for Cryptology and IT-Security website. If one opens the files with a text editor, the content for both the letter of recommendation and the order are present, but manipulated so that only one letter is displayed in a normal postscript viewer. Lucks and Daum demonstrate that the MD5 hash collision attacks are not just hypothetical attacks with no practical applications. Given the number of practical attacks on MD5, it may be time to move to a Federal Information Processing Standards (FIPS) approved hash algorithm, such as SHA-256, or SHA-512. Note that vulnerabilities have recently been found in SHA-1, however, and NIST is already planning to phase it out by 2010.
New vulnerabilities ettercap: format string vulnerability
gaim: remote DoS
gaim: denial of service
gedit: format string vulnerability
lutelwall: insecure temp file
mozilla firefox: javascript vulnerabilities
shtool: insecure temp file
sysreport: information disclosure
tcpdump: denial of service
telnet: information disclosure vulnerability
wget: file overwrites and arbitrary code execution
Updated vulnerabilities a2ps: input validation error
bzip2: race condition and infinite loop
cpio - file permissions error
cURL: buffer overflow
cvs: multiple vulnerabilities
cyrus-imapd: buffer overflows
dbus: information disclosure
dhcp: format string vulnerability
Dnsmasq: poisoning and DoS
Dzip: directory traversal
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
evolution: message crash vulnerability
Foomatic: Arbitrary command execution in foomatic-rip
FreeRADIUS: buffer overflow and SQL injection
gdb: multiple vulnerabilities
gtk-pixbuf, gtk2: denial of service
gettext: Insecure temporary file handling
gftp: missing input sanitizing
ghostscript: symlink vulnerabilities
glibc: tempfile vulnerability in catchsegv script
gnupg: information leak
grip: buffer overflow
groff: insecure temporary directory
gxine: format string vulnerability
gzip: race condition and directory traversal
htdig: cross site scripting
ImageMagick: xwd coder denial of service
imap: buffer overflow in c-client
imlib2: buffer overflows
infozip: privilege escalation, directory-traversal
junkbuster: heap corruption and settings modification
kdbg: command injection vulnerability
kdelibs: unsanitzied input
kernel: multiple vulnerabilities
kernel: ELF loader core dump vulnerability
kernel: local denial of service, possible compromise
kernel: multiple vulnerabilities
kimgio input validation errors
libconvert-uulib-perl: arbitrary code execution
libdbi-perl: insecure temporary file
libgd2: buffer overflows in PNG handling
libnet-ssleay-perl: weakened cryptographic operations
libTIFF: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
lvm10: creates insecure temporary directory
mailman: path traversal
Mailutils: SQL injection
mc: buffer overflow
MediaWiki: multiple vulnerabilities
mikmod: buffer overflow
mod_python: remote access vulnerability
Mozilla Firefox, Mozilla Suite: multiple vulnerabilities
MPlayer: heap overflows
MySQL: input validation and temporary file vulnerabilities
ncpfs: multiple vulnerabilities
Net-SNMP: fixproc insecure temporary file creation
nfs-utils: arbitrary code execution
openssh: directory traversal
openssl: der_chop script temp file vulnerability
OpenSSL: information leak
OpenSSL: denial of service vulnerabilities
Opera: multiple vulnerabilities
perl: setuid vulnerabilities
perl: symlink vulnerability
php4: integer overflow and denial of service
phpsysinfo: cross-site-scripting
postgresql: EXECUTE privilege vulnerability
postgresql: database initialization errors
Pound: buffer overflow
ppxp: missing privilege release
realplayer: arbitrary code execution
rp-pppoe, pppoe: missing privilege dropping
samba: integer overflow vulnerability
SpamAssassin: Denial of Service vulnerability
squid: DNS spoofing
SquirrelMail: multiple vulnerabilities
File overwrite vulnerability in tar and unzip
tcpdump: multiple DoS issues
telnet: buffer overflows
UnAce: buffer overflow and directory traversal
vixie-cron: crontab allows any user to read another users crontabs
Wordpress: multiple vulnerabilities
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
XV: multiple vulnerabilities
zlib: denial of service
Resources June CRYPTO-GRAM NewsletterBruce Schneier's CRYPTO-GRAM newsletter for June is out. There's not much here that will be new to readers of Bruce's weblog, but it remains a good collection of his writing and includes interesting links to articles elsewhere.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch remains 2.6.12-rc6. The trickle of patches into Linus's git repository has slowed recently, and the official 2.6.12 release may well have happened by the time you read this.No -mm kernels have been released over the last week. The current stable 2.6 kernel is 2.6.11.12, released on June 11.
Kernel development news Quote of the week
Me caveman
Me plug in wireless router Me watch pretty lights Me turn on computer Me up interface Computer work Me no care other cavemen use wireless link -- David Miller
A new home for netdevIf it seems like the networking hackers are especially quiet as of late, it may be that you failed to note the netdev mailing list's move. This list, long hosted on oss.sgi.com, is now one of the many (majordomo-managed) kernel lists on vger.kernel.org. The move has not been broadly advertised, and the subscriber list does not appear to have been transferred from the old list to the new one. If your netdev mail has stopped, chances are you need to subscribe to the new list.
The Developer's Certificate of Origin, v1.1When 2.6.12 is released, it will include a new version of the "developer's certificate of origin," the statement which must be made by anybody submitting a patch for merging into the mainline. Version 1.1 of the DCO includes a new phrase:
I understand and agree that this project and the contribution are
public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
The full text of the DCO can be found in SubmittingPatches file in the Documentation directory. This change was motivated by the actions of one kernel subsystem maintainer who feels that the UK Data Protection Act requires that he strip email addresses from patches which pass through him. The new version of the DCO will, in theory, turn a "Signed-off-by:" header into an active granting of permission to redistribute the contact information which comes with the patch.
The end of the devfs storyAlmost one year ago, the kernel developers decided to formally recognize the new development model, where large changes were welcome in the stable 2.6 series. At that time, Greg Kroah-Hartman decided to test out the new model by posting a patch to remove devfs. The devfs filesystem, a virtual filesystem which provides a dynamic /dev directory, had been unpopular with many kernel developers since long before it was merged in 2.3.46. It was never enabled by most distributions, and, in more recent times, had seen little maintenance. Meanwhile, the user-space udev utility had developed to the point where it could fill in for devfs. Since there was no 2.7 on the horizon, and 2.6 was officially open to user-visible changes, it seemed like a good time to close the devfs chapter forevermore.Except that, as it turns out, the developers were not quite ready to eliminate a user-visible feature on such short notice. After some discussion, it was decided that changes of this kind should happen after a one-year warning period. As a result, a file was created in the Documentation directory (here's the almost-2.6.12 version) which listed features scheduled for removal and the target date. Devfs went into the file, with July, 2005 as the time for its ultimate demise. July is nearly here, and Greg has not forgotten. He has returned with a 22-part patch which removes every trace of devfs from a surprisingly large portion of the kernel. It would seem that devfs had gotten its fingers into just about everything. In the absence of some sort of surprise, this patch seems certain to be merged for 2.6.13. If there are any devfs users out there, they have gotten their last warning.
Realtime and interrupt latencyThe realtime Linux patches, covered at length (too much length, according to some) on these pages, have been aimed primarily at reducing scheduling latency: the amount of time it takes to switch control to a high-priority process in response to an event which makes it runnable. Scheduling latency is important, but the harder end of the realtime spectrum also places a premium on interrupt latency: how long the system takes to respond to a hardware interrupt. In many realtime situations, the processor must answer quickly when the hardware asks for attention; excessive latency can lead to lost data and failure to respond quickly enough to external events. A Linux-based, realtime beer monitoring system may only have a few milliseconds to deal with a "refrigerator door opened" interrupt before one's roommate has swiped a bottle and left the scene. In this sort of high-stakes deployment, interrupt latency is everything.One of the biggest sources of interrupt latency is periods when the processor has simply disabled interrupt delivery. Device drivers often disable interrupts - on the local processor at least - to avoid creating race conditions with themselves. Even (or especially) when spinlocks are used to control concurrency with interrupt handlers, interrupts must be disabled. Imagine a driver which duly acquires a spinlock before working with its data structures. One of that driver's devices raises an interrupt while the lock is held, and the interrupt handler runs on the same CPU. That interrupt handler will try to acquire the same spinlock, and, finding it busy, will proceed to spin until the lock becomes free. But, since the interrupt handler has preempted the only thread which can ever release the lock, it will spin forever. That is a different sort of interrupt latency altogether, and one which even general-purpose kernels try to avoid. The usual technique is simply to disable interrupts while holding a spinlock which might be acquired by an interrupt handler. Disabling interrupts solves the immediate problem, but it can lead to increased interrupt latency. Ingo Molnar's realtime preemption patches improve the situation by moving interrupt handlers into their own processes. Since interrupt handlers are scheduled with everything else, and since "spinlocks" no longer spin with this patch set, the sort of deadlock described in the previous paragraph can not happen. So there is no longer any need to disable interrupts when acquiring spinlocks. Changing the locking primitives eliminated the major part of the code in the kernel which runs with interrupts disabled. Daniel Walker recently noticed that one could do a little better - and followed up with a patch showing how. Fixing the locking primitives got rid of most of the driver code which runs with interrupts turned off, but it did nothing for all of the places where drivers explicitly disable interrupts themselves with a call to local_irq_disable(). In most of these cases, the driver is simply trying to avoid racing with its interrupt handler. But when interrupt handlers run in their own threads, all that is really needed to avoid concurrency problems is to disable preemption. So Daniel's patch reworks local_irq_disable() to turn off preemption while leaving the interrupt configuration alone. For the few cases where it is truly necessary to disable interrupts at the hardware level, hard_local_irq_disable() (later renamed to raw_local_irq_disable()) has been provided. One might argue that disabling preemption is counterproductive, given that any code which runs with preemption disabled will contribute to the scheduling latency problem. But any code which disables interrupts already runs with preemption turned off, so the situation is not made any worse by this patch. It could, in fact, be improved: all that really needs to be protected against is preemption by one specific interrupt handler thread. The extra scheduler complexity which would be required to implement that solution is unlikely to be worth it, however; better to just fix the drivers to use locks. So Ingo picked up Daniel's patch, spent a few minutes completely reworking it, and added it to his realtime preemption patch set. Meanwhile, Karim Yaghmour was heard wondering:
I'm not sure exactly why you guys are reinventing the wheel. Adeos
already does this soft-cli/sti stuff for you, it's been available
for a few years already, tested, and ported to a number of
architectures, and is generalized, why not just adopt it?
It does seem that not everybody understands what the Adeos patch (available from the Gna server) does. The description of Adeos, in its current form, as a "nanokernel" probably does this work a disservice; what Adeos really comes down to is a patch to the kernel's interrupt handling code. To reduce interrupt latency, Adeos takes the classic approach of adding a layer of indirection. The patch adds an "interrupt pipeline" to the low-level, architecture-specific code. Any "domain" (read "piece of code") can register itself with this interrupt pipeline, providing a priority as it does so. Whenever a hardware interrupt arrives, Adeos works its way down the pipeline, calling into the handler of each domain which has expressed an interest in that interrupt. The higher-priority handlers are, of course, called first. In this world, the regular Linux interrupt subsystem is registered as just another Adeos domain. Any code which absolutely, positively must have its interrupts arrive within microseconds can register itself as a higher-priority domain. When interrupt time comes, the high-priority code can respond to the interrupt before Linux even hears about it. Since nothing in Linux can possibly get in the way (unless it does evil things to the hardware), there is no need to worry about which parts of Linux might create latency problems. Some benchmark results were recently posted; they showed generally better performance from Adeos than from the realtime preemption patch. Some issues have been raised, however, with how those numbers were collected; the tests are set to be rerun in the near future. Meanwhile, a slow debate over inclusion of the realtime work continues, with some participants pushing for the code to be merged eventually, others being skeptical, and a few asking for the realtime discussion to be removed from linux-kernel altogether. One viewpoint worth considering can be found in this posting from Gerrit Huizenga, who argued that the realtime patches of today resemble the scalability patches from a few years ago, and that they must follow a similar path toward inclusion:
I believe that any effort towards mainline support of RT has to
follow a similar set of guidelines. And, I believe strongly that
*most* of the RT code should be crafted so that every single laptop
user is running most of the code *and* benefiting from it. If most
of the RT code goes unused by most of the population, and the only
way to get an RT kernel of any reasonable level is to ask the
distros to build yet another configuration, RT will always be a
poor, undertested, underutilized ugly stepchild of Linux.
Ingo Molnar clearly understands this; he has consistently worked toward making the realtime patches minimally intrusive and useful in many situations. Parts of the realtime work have already been merged, and this process may continue. There may come a time when developers will be surprised to discover that most of the realtime preemption patch can be found in the mainline.
NAPI performance - a weighty matterModern network interfaces are easily capable of handling thousands of packets per second. They are also capable of burying the host processor under thousands of interrupts per second. As a way of dealing with the interrupt problem (and fixing some other things as well), the networking hackers added the NAPI driver interface. NAPI-capable drivers can, when traffic gets high, turn off receive interrupts and collect incoming packets in a polling mode. Polling is normally considered to be bad news, but, when there is always data waiting on the interface, it turns out to be the more efficient way to go. Some details on NAPI can be found in this LWN Driver Porting Series article; rather more details are available from the networking chapter in LDD3.One of the things NAPI-compliant drivers must do is to specify the "weight" of each interface. The weight parameter helps to determine how important traffic from that interface is - it limits the number of packets each interface can feed to the networking core in each polling cycle. This parameter also controls whether the interface runs in the polling mode or not; by the NAPI conventions, an interface which does not have enough built-up traffic to fill its quota of packets (where the quota is determined by the interface's weight) should go back to the interrupt-driven mode. The weight is thus a fundamental parameter controlling how packet reception is handled, but there has never been any real guidance from the networking crew on how the weight should be set. Most driver writers pick a value between 16 and 64, with interfaces capable of higher speeds usually setting larger values. Some recent discussions on the netdev list have raised the issue of how the weight of an interface should be set. In particular, the e1000 driver hackers have discovered that their interface tends to perform better when its weight is set lower - with the optimal value being around 10. Investigations into this behavior continue, but a few observations have come out; they give a view into what is really required to get top performance out of modern hardware. One problem, which appears to be specific to the e1000, is that the interface runs out of receive buffers. The e1000 driver, in its poll() function, will deliver its quota of packets to the networking core; only when that process is complete does the driver concern itself with providing more receive buffers to the interface. So one short-term tactic would be to replenish the receive buffers more often. Other interface drivers tend not to wait until an entire quota has been processed to perform this replenishment. Lowering the weight of an interface is one way to force this replenishment to happen more often without actually changing the driver's logic. But questions remain: why is the system taking so long to process 64 packets that a 256-packet ring is being exhausted? And why does performance increase for smaller weights even when packets are not being dropped? One possible explanation is that the actual amount of work being done for each packet in the networking core can vary greatly depending on the type of traffic being handled. Big TCP streams, in particular, take longer to process than bursts of small UDP packets. So, depending on the workload, processing one quota's worth of packets might take quite some time. This processing time affects performance in a number of ways. If the system spends large bursts of time in software interrupt mode to deal with incoming packets, it will be starving the actual application for processor time. The overall latency of the system goes up, and performance goes down. Smaller weights can lead to better interleaving of system and application time. A related issue is this check in the networking core's polling logic:
if (budget <= 0 || jiffies - start_time > 1) goto softnet_break; Essentially, if the networking core spends more than about one half of one jiffy (very approximately 500 μsec on most systems) polling interfaces, it decides that things have gone on for long enough and it's time to take a break. If one high-weight interface is taking a lot of time to get its packets through the system, the packet reception process can be cut short early, perhaps before other interfaces have had their opportunity to deal with their traffic. Once again, smaller weights can help to mitigate this problem. Finally, an overly large weight can work against the performance of an interface when traffic is at moderate levels. If the driver does not fill its entire quota in one polling cycle, it will turn off polling and go back into interrupt-driven mode. So a steady stream of traffic which does not quite fill the quota will cause the driver to bounce between the polling and interrupt modes, and the processor will have to handle far more interrupts that would otherwise be expected. Slower interfaces (100 Mb/sec and below) are particularly vulnerable to this problem; on a fast system, such interfaces simply cannot receive enough data to fill the quota every time. From all this information, some conclusions have emerged:
Changing the code to implement these conclusions is likely to be a long process. Fundamental tweaks in the core of the networking code can lead to strange performance regressions in surprising places. In the mean time, Stephen Hemminger has posted a patch which creates a sysfs knob for the interface weight. That patch has been merged for 2.6.12, so people working on networking performance problems will soon be able to see if adjustable interface weights can be part of the solution.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Debian Sarge Declared StableThe long wait is over. After nearly three years of development, the Debian project has released "sarge" as the new stable version of Debian GNU/Linux. While the community behind the largest open source project continues to celebrate the occasion, we'll take a brief look at what surely is the greatest Debian release in its 12-year history.Despite only a minor increment in the version number (from 3.0 to 3.1), sarge represents a substantial improvement incorporating many new technologies and packages that have been provided by their respective upstream maintainers over the past three years. In terms of included packages, sarge is on a conservative side of things since most packages were in a state of "semi-freeze" several months prior to the release. The default kernel is 2.4.27 (an optional 2.6.8 kernel is also available in the initial GRUB boot menu after installation), the X window system is provided by XFree86 4.3.0, GNOME is at 2.8 and KDE at 3.3.2. While all of these packages are somewhat behind the current stable releases, sarge is still a major upgrade from woody. Just remember that if you had installed the then stable version of Debian just two weeks ago, your system would be running kernel 2.2.20 and GNOME 1.4! Debian 3.1 has broken a number of interesting records. With a total of 16,792 individual DEB packages, it is, without a doubt, the largest Linux distribution release ever produced. Its source code comes on no fewer than fifteen 650 MB compact discs. If one were to download all CD images for all 11 supported architectures, plus the images for the unofficial AMD64 port, and source code, this would amount to a total of 177 compact discs, or over 105 GB of data! No wonder it took almost three years to put it all together! Another interesting tidbit: the official release announcement was simultaneously published in 18 different languages, while the comprehensive 33-page release notes are available in 15 different languages. The installation of Debian can now be accomplished in one of the 43 available languages, including some obscure ones, such as Galician or Welsh. All this clearly demonstrates that a well-organized community of volunteer developers and contributors can often accomplish more than a large commercial company employing dozens of well-paid software engineers! Besides package upgrades, probably the most noticeable improvement in sarge is the brand new Debian Installer. Gone are the days when one had to navigate the unintuitive interface of "dselect" to select packages to install. Instead, the installer makes some intelligent partitioning and package selection guesses based on a preferred "scheme" as chosen by the user. As an example, selecting "workstation" as the preferred scheme, the installer would create separate partitions for /usr, /var, /tmp and /home, then install GNOME, KDE and many development packages. On the other hand, choosing "desktop" as the preferred scheme would result in a root partition with only one separate partition for /home, plus GNOME and KDE, and without the development packages. The available file systems include ext3, JFS, ReiserFS and XFS, while GRUB has replaced LILO as the default boot loader. The new installer also comes with a hardware auto-detection module enabled by default, although first reports indicate that these are not as powerful and reliable as the ones found in most other major distributions. Sarge supports 11 processor architectures, which is the same as woody. One interesting omission is the increasingly popular AMD64 platform, which has been in development for some time, but has not been included in the main Debian archive due to disk space limitations. Nevertheless, the AMD64 edition of Debian sarge was released as an "unofficial" port, complete with the full package tree, CD and DVD images, as well as support provided by the Debian Security Team throughout the lifetime of sarge. Despite its "unofficial" status, the AMD64 port has been able to keep pace with the main Debian archive and the debian-amd64 mailing list is now the second most active among the ports, only slightly behind the debian-powerpc list. Not everything went well with the release. An oversight while building the sarge ISO images caused that the sources.list entry for security updates pointed to the "testing" instead of the "stable" branch. This easily rectifiable problem only affected users installing from full CD or DVD images, which meant that these had to be rebuilt under a new version number - 3.1r0a. However, there was also a much more serious problem - a complete breakdown of the sarge security update infrastructure right after the release: "So, it looks like we'll be without security updates for quite a while," reported Martin Schultze in his web blog. Now that sarge is out of the bag, what's next? Naturally, the development continues unabated in the unstable and testing branches, the latter of which has now been renamed to "etch". Etch will eventually become the new stable release. In the meanwhile, the unstable branch has already received a large number of new package upgrades from the experimental branch, including upgrades to some of the important base packages, such as Perl. GNOME 2.10 has also been moved to unstable. Next, we will slowly start seeing major upgrades to glibc and GCC 4.x, as well as a big migration to apt 0.6 with its newly added support for cryptographic verification of the origin of packages. XFree86 will be replaced with X.Org and KDE should also be updated to 3.4.x in the not too distant future.
New Releases The Amazing Fedora Core 4!The Fedora Project has announced the release of Fedora Core 4. Some of the highlights include version 2.10 of the GNOME desktop, KDE 3.4, a version 2.0 pre-release of OpenOffice.org, PowerPC support, the Eclipse IDE, a "100% open source Java stack" (GCJ), install-time support for Fedora Extras packages, and lots more.
Debian AMD64 Sarge releasedFollowing on the heels of the big Sarge release is the release of Debian Sarge on AMD64. "Security Support for this release will be provided by the Debian Security Team via security.debian.org. Our security autobuilder will start this weekend. Should there be any DSA for sarge before that day we will provide it manually until then (but we dont expect this to happen at the moment)." There are also CDs and DVDs available.
Debian GNU/Linux 3.1 CD/DVD images updated (r0a)The first update to Debian Sarge has been released, due to a minor bug in CD and DVD images. This bug has been fixed in the r0a release. The problem can be fixed by editing /etc/apt/sources.list, but if you haven't downloaded yet you'll want this update.
OpenSolaris is outSun has followed through and made the first OpenSolaris source distribution available. It can be gotten from the download page. Do read the release notes before you start grabbing things, though.
Distribution News Debian GNU/Linux 'etch' newsWith Sarge out the door, it's time to shake things up in etch, the new development branch. To get that off to a rousing start is the C++ ABI change which will ripple through the toolchain (glibc, binutils, linux-kernel-headers, gcc).dpkg 1.13.9 ("On like Donkey Kong") made it's way into sid. You can find out more about the planned development in the dpkg 1.13 in Bits from the dpkg maintainer. Bill Allombert adds some bits of experience gained from handling upgrade-reports in the hopes of a smoother sarge -> etch upgrade. Aurelien Jarno notes that the addition of SELinux support may cause problems for the GNU/kFreeBSD and GNU/Hurd ports and explains the correct way to support these ports. Bill Allombert also looks at the Debian menu update and /usr/share/menu transition.
The security state of Fedora Core 4Mark Cox has posted a message describing the process that the Red Hat security team went through to verify that Fedora Core 4 was free of known vulnerabilities. They went through several hundred vulnerabilities from the CVE list, and, for each, verified that FC4 was not vulnerable. "For 20030101-20050607 there are a potential 863 CVE named vulnerabilities that could have affected FC4 packages. 759 (88%) of those are fixed because FC4 includes an upstream version that includes a fix, 10 (1%) are still outstanding, and 94 (11%) are fixed with a backported patch."
Installation Guide for Fedora Core 4The Fedora Documentation Project has announced (click below) the availability of the first Installation Guide for Fedora Core from the Fedora Project.
Fedora FoundationThe newly formed Fedora Foundation restates its goals and vision for the Fedora Project.
New Distributions Slamd64 10.1 ReleasedSlamd64 is an unofficial port of Slackware Linux to the x86_64 architecture; despite the name containing AMD64, Slamd64 should work both on K8 (AMD64) and EM64T (some Intel) processors. Slamd64 10.1 was announced (click below) June 14, 2005.
Distribution Newsletters Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of June 13, 2005 is out. This week's news covers PegasosPPC Open Desktop Workstations with Gentoo preinstalled, a new Gentoo/MIPS SGI LiveCD, a new version of Christian Hartmann's GuideXML editor, the developer of the week Michael Cummings and more.
DistroWatch Weekly, Issue 104The DistroWatch Weekly for June 13, 2005 is out. "Today's release of Fedora Core 4 marks the end of the current "release season", with only some of the smaller project likely to make any new releases between now and October. What effect will the controversial Apple's switch to Intel have on Linux? Hardly any, we believe. The featured distribution of the week section had to go to Debian GNU/Linux, following its much awaited new stable release early last week. And if you are still struggling to rid your inbox of all the unwanted drug and mortgage offers, Robert Storey provides further tips in the second part of his article on SpamAssassin."
Minor distribution updates MEPISLite ReleasedMEPISLite 3.3.1 is available via the MEPIS Linux ftp site. MEPISLite is designed for home users with modest hardware and for those who want to use a light-weight version of MEPIS with a MEPIS Traveller Disc.
Always Current Lineox Enterprise Linux 4.026Always Current Lineox Enterprise Linux 4.026 adds Update 1. Click below or see the release notes for more information: x86 architecture, AMD 64-bit x86_64 architecture.
Pie Box Enterprise Linux 4 AS Update 1Update 1 of Pie Box Enterprise Linux 4 is now available. It features numerous security and driver updates and is fully compatible with Red Hat Enterprise Linux 4. Click below for additional information.
Package updates Fedora Core 3 updates yumThis new yum-2.2.1-0.fc3 release fixes multiple small bugs.
Mandriva updates cyrus-saslA problem was discovered in saslauthd (part of cyrus-sasl which handles the Simple Authentication and Security Layer (SASL)) when using the LDAP authentication mechanism. Any administrators relying on saslauthd with LDAP authentication should upgrade their packages.
Slackware Linux updatesRecent updates to slackware-current include upgrades to several alsa packages, several kde packages, plus gnet-2.0.7, lcms-1.14, lesstif-0.94.4, libexif-0.6.12, samba-3.0.14a, glib-2.6.5, k3b-0.12, and more. See the change log for full details.
Newsletters and articles of interest The Debian legacy (NewsForge)This NewsForge article covers several Debian inspired variants. "For example, there are commercial distros such as Xandros and Linspire that contain extra proprietary software. Ubuntu is a popular user-friendly distribution, though recently there have been questions as to Ubuntu's ongoing compatibility with Debian proper. And Progeny, the company formed by Debian creator Ian Murdock, offers customized Linux solutions for commercial use."
Distribution reviews Ubuntu Linux Desktop Reviewed (LXer)Tom Adelstein has published a review of Ubuntu Linux 5.04 at LXer.com. "A tip of the hat to Ubuntu for its success. This distribution goes beyond a free, open source operating system with a business service model. Ubuntu has attracted and cultivated a dynamic and robust community of people willing to make the world a better place."
Review: Debian 3.1 (NewsForge)Bruce Byfield takes a look at Debian 3.1 on NewsForge. "Debian 3.1 is noticeably more security-conscious than other major distributions. You need the root password to mount removable drives or shut down the system. Similarly, as a minor obstacle to script kiddies, the root user cannot log in to a desktop. Nor are any unnecessary daemons configured, with the possible exception of atd."
My Workstation OS: Frugalware (NewsForge)NewsForge hears from a Frugalware fan. "Everything in Frugalware is built with simplicity in mind. Frugalware's Hungarian developers say this Linux distro is meant for the intermediate user. I say you just need to have some basic knowledge of Linux or the enthusiasm to learn it."
Page editor: Rebecca Sobol Development Bazaar-NG: a distributed version control systemBazaar-Ng is a next-generation version control system that is in the early stages of development. The Bazaar-Ng project leader is Martin Pool.
Bazaar-NG (or bzr) is a project of
Canonical
to develop an open source distributed version control system that is powerful, friendly, and scalable. Version control means a system that keeps track of previous revisions of software source code or similar information and helps people work on it in teams.
Bazaar-Ng is a fork of the Bazaar project, as explained in the project FAQ. Bazaar is a re-implementation of the GNU Arch protocol. Some of the unique Bazaar-Ng features are being fed back to Bazaar as they mature. Here is an overview of Bazaar-Ng features:
Distributed operation is easy: you can work while disconnected; you can fork any other project; you can contribute changes back easily.
The system is designed to scale to supporting very large trees with a lot of history. No operations require downloading the entire history of the project.
Changes can be "cherry-picked" out of branches as needed.
The project design document details the original project goals. The Bazaar-Ng command reference document list all of the available commands. The tutorial shows some examples of the system in use, it also mentions some of the future commands that are planned for implementation. The Bazaar-Ng project documentation has a large collection of useful information, including a comparison to a number of different version control systems. Version 0.0.5 of Bazaar-Ng has been announced. The project is in early development, many new features are currently being added and improved. As older version control systems such as cvs show their age, quite a few alternatives are being developed. Bazaar-Ng and Bazaar should prove to be worthy contenders for at least a part of that design space.
System Applications Audio Projects Speex 1.1.10 ReleasedVersion 1.1.0 of Speex, an audio speech CODEC, is out. "The main improvement in this release is a Blackfin port funded by Analog Devices. This includes Blackfin assembly optimizations that reduce cpu time by a factor of two. Also, the packet loss concealment code has now been converted to fixed-point and some of bugs for 16-bit architectures were fixed."
Database Software MaxDB 7.6 production version releasedProduction version 7.6 of MaxDB has been announced. "The new version 7.6 of MaxDB by MySQL has been released! This release is a production version, which means it is decleared stable and free of any critical bugs." Changes include a simplified installation process, increased high availability, easier administration, improved storage management, better backup reliability, performance improvements and finalized SQL schema support.
PostgreSQL Weekly NewsThe June 12, 2005 edition of the PostgreSQL Weekly News is online. Take a look for all of the latest PostgreSQL database articles.
ZODB 3.4 final releasedVersion 3.4 of ZODB, the Zope Object Database, is out. "Only minor changes were made since ZODB 3.4b1. See the news file for details".
Filesystem Utilities EVMS 2.5.3 Released (SourceForge)Release 2.5.3 of the Enterprise Volume Management System (EVMS) has been announced. "This is the third maintenance release in the EVMS 2.5.x series, and is primarily intended to fix some recent bug-reports, as well as to update to the most recent kernel and Device-Mapper releases."
Networking Tools OpenBGPD 3.7 releasedVersion 3.7 of OpenBGPD is available. "We are pleased to announce the official release of OpenBGPD 3.7. This is our second formal release. OpenBGPD is a fairly complete implementation of the Border Gateway Protocol, Version 4, as described in RFC 1771. BGP is a protocol used by routers to exchange routing information, and is one of the core protocols of the Internet."
OpenNTPD 3.7 releasedVersion 3.7 of OpenNTPD has been announced. "OpenNTPD is a FREE, easy to use implementation of the Network Time Protocol. It provides the ability to sync the local clock to remote NTP servers and can act as NTP server itself, redistributing the local clock. OpenNTPD is developed as part of the OpenBSD project, which sells CDs, T-Shirts, and Posters."
Security BASE 1.1.3 released (SourceForge)Version 1.1.3 of BASE, the Basic Analysis and Security Engine, has been announced. "This application provides a web front-end to query and analyze the alerts coming from a SNORT IDS system. The BASE project team is proud to announce the immediate availability of the 1.1.3(lynn) release. This release includes a number of performance increases along with a number of bug fixes. We have also included support for Oracle. Along with this, we have increased our translations to include Simplified Chinese and Czech!"
pam-mysql 0.6.0 (stable) released (SourceForge)Stable version 0.6.0 of pam-mysql is out with numerous improvements. "Two years and a half since the last release, we proudly announce the latest version of pam-mysql, which is a PAM(3) module that handles authentication / session management against MySQL database."
PassReminder 0.6.1 is out ! (SourceForge)Version 0.6.1 of PassReminder, a password manager application, has been released. "Present features include: column sorter, random password generator, searching, merging, import/export, drag and drop, group shown in a tree view, help."
Web Site Development Caravel CMS version 2.4 released (SourceForge)Version 2.4 of Caravel CMS, a modular content management system with an emphasis on operation by non-technical users, has been announced. "Version 2.4 adds PHP5 support and an improved upgrade script and web-based installation. It also marks the transition to tinyMCE for HTML editing, as well as improvements to the RSS tools and the Clock and Org Search apps. A number of bugfixes have been included."
mnoGoSearch 3.2.33 releasedVersion 3.2.33 of mnoGoSearch, a web site search engine, is out. See the change log for details.
SchoolBell 1.1.1 ReleaseVersion 1.1.1 of the SchoolBell calendaring server for groups and organizations has been released. "This release was meant to be a translation only release, but things didn't turn out that way. A number of people tested 1.1 and found a number of bugs, quite a few of the less invasive fixes made their way into this release."
SchoolTool Calendar 0.10 ReleaseVersion 0.10 of SchoolTool Calendar, a school administration server, is available. "This is the first release of SchoolTool completely based on Zope 3. It is focused on calendaring bringing all of the functionality of SchoolBell 1.1 into a package with a few other school specific features."
Desktop Applications Audio Applications QjackCtl 0.2.16 released!Version 0.2.16 of QjackCtl, the Qt front end to the JACK audio server daemon, is out with new features and bug fixes.
Desktop Environments GARNOME Weekly BuildsA new weekly build will be available for GARNOME, the bleeding-edge GNOME distribution. "After some thought, discussion and much testing of various build systems i've decided to try something new with GARNOME, in an effort to get as many interested people in a position to be able to test future GNOME releases as possible. In addition to the standard GARNOME release for each upstream release, every Thursday (GMT +10) a tarball will be created for branches of GARNOME -- that people can grab, compile, use and hopefully send bugreports, patches, criticisms, feature requests, etc to the list so that issues can be fixed *before* a release occurs."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit DigestThe June 10, 2005 edition of the KDE Commit-Digest is available, here's the content summary: "DCOP Client/Server implemented for KDE win32. New videodvd:/ kioslave does on the fly decryption from DVD. Kopete implements Yahoo! Stealth feature. Opening of WebCore development yields fruit: DOMParser, and CSS fixes."
Observations from KDE Trunk and Qt 4 (KDE.News)Matt Proud presents some observations about KDE Trunk and Qt version 4 on KDE.News. "Since KDE migrated to Subversion, I have been creating semi-weekly development builds in the hopes of finding bugs to report. Notable new features include Konqueror's new adblocking mechanism and Kicker's new applet manager."
Electronics XCircuit 3.3.17 releasedVersion 3.3.17 of XCircuit, an electronic schematic drawing package, is out. The CHANGES file says: "Fixed another error that showed up in Uwe's schematic, which is that the "test_insideness" algorithm fails if the box is degenerate---which happens for labels that are parameters set to a null string."
Fonts and Images Open Clip Art Library Release 0.14Release 0.14 of the Open Clip Art Library, a collection of SVG and PNG graphic images, is out. "Release 0.14 of the Open Clip Art Library (www.openclipart.org) is now available for download on-line as an individual package consisting of 3415 images submitted by over 200 artists from around the globe. The project has progressed much this month on the future core of the Open Clip Art Library, the Document Management System (DMS) and more infrastructure has been implemented for the website due to user-demand."
Games Eris 1.3.6 Released (WorldForge)Version 1.3.6 of Eris has been released. "Eris is the WorldForge client-side session layer, used by many existing clients. This release fixes many bugs and issues with the API, relating to error handling, setting entity attributes, and processing the world time from the server. Various minor improvements to the meta-server code have taken place, including revised HTML / XML output from the metaquery tool, thanks to Hagen." The WorldForge game site also has announcements for Cyphesis 0.3.11, WFMath 0.3.4, Mercator 0.2.3, and Atlas-C++ 0.5.96.
New Snapshot: xconq-7.5.0-0pre.0.20050612 (SourceForge)Version 7.5.0-0pre.0.20050612 of Xconq has been announced. "Xconq is an engine for turn-based strategy games. Variety of game genres run under Xconq: historical, sci-fi, fantasy, and modern. AI's. Network games. Multiple UI's and platforms. Easy-to-learn game design language. Large games library available." See the release notes for change information.
GUI Packages FOX Toolkit 1.4.16 releasedStable version 1.4.16 of the FOX Toolkit, a cross-platform C++ toolkit for GUI development, is out with bug fixes.
Qt 4 Release Candidate Now AvailableTrolltech has announced a new release candidate for QT 4. "The Release Candidate reveals refinements to key new technologies - Arthur: a powerful painting engine; Interview: an improved model-view controller framework; and Tulip: a collection of new tools and utilities classes. In addition, this release introduces several new features and capabilities set to appear in the final release of Qt 4."
Imaging Applications GIMP 2.3.1 development release (GnomeDesktop)Development release 2.3.1 of the GIMP, a powerful image manipulation application, has been announced, see the release notes for details.
Instant Messaging Gaim 1.3.1 releasedVersion 1.3.1 of Gaim, an instant messaging client, is out with a number of security fixes.
Interoperability Wine TrafficThe June 10, 2005 edition of Wine Traffic is available with the latest Wine project news.
Office Suites OpenOffice.org Build 1.9.108 releasedBuild 1.9.108 of the OpenOffice.org office suite is available, it features bug fixes and a few new capabilities.
The OpenOffice.org Uno Runtime Environment (URE)The OpenOffice.org project has announced the Uno Runtime Environment project. "I am pleased to announce that a sponsor, who is preferring to stay anonymous, is supporting us to do the next step in modulizing the OpenOffice.org office suite and to make its component model available independently. That means, that we are going to factor out the highly requested Universal Network Objects (UNO) into its own Uno Runtime Environment (URE)"
Web Browsers Brendan Eich Outlines Roadmap Plans for 1.8 and Beyond (MozillaZine)MozillaZine takes a look at plans for Mozilla 1.8 and beyond. "Right now, we're just past the 1.8 Beta 2 milestone, which was delivered as Deer Park Alpha 1 and Mozilla Thunderbird 1.1 Alpha 1. The next stage is 1.8 Beta 3, which will involve another set of developer-oriented previews (1.1 Alpha 2). The first end-user betas of the forthcoming releases (the 1.1 Beta previews) will follow as part of the 1.8 Beta 4 milestone. Current plans call for the 1.8 branch to be cut from the trunk no later than the end of June. This will allow the trunk to open for 1.9 development, paving the way for more major changes to be checked in."
Minutes of the mozilla.org Staff Meeting (MozillaZine)The minutes from the June 6, 2005 mozilla.org staff meeting have been announced. "Issues discussed include the next Mozilla Thunderbird 1.0.x release, Deer Park Alpha 1 and Mozilla Thunderbird 1.1 Alpha 1 feedback, the 1.1 Alpha 2 timeframe, Google's Summer of Code, awards, the news server, documentation, the Community Awards, conferences and the server transition plan."
Miscellaneous Drivel 2.0 (GnomeDesktop)Version 2.0 of Drivel, a journal editor, has been announced. "Drivel is a GNOME client for working with online journals, also known as weblogs or simply blogs. It retains a simple and elegant design while providing many powerful features"...
Tina POS 0.0.8 released (SourceForge)Version 0.0.8 of Tina POS, a point of sales application for systems with touch screens, has been announced. "This version adds different maps for restaurant view. A PostgreSQL bug has been fixed. Image fields data edition is improved. There is a new update database system for different releases of TinaPOS."
Languages and Tools Caml Caml Weekly NewsThe June 7-14, 2005 edition of the Caml Weekly News is online with the latest Caml language articles.
Perl This Week in Perl 6 (O'Reilly)The June 1-7, 2005 edition of This Week in Perl 6 is online with the latest Perl 6 development news.
PHP PHP 4.4.0RC1 AvailableVersion 4.4.0RC1 of PHP has been announced. "We just released the first release candidate for PHP 4.4.0. This is a bug-fix only release, the increased middle digit is needed because this release changes PHP's Internal API that causes existing third-party binary extensions to be incompatible with the new version. This release address a major problem within PHP concerning references. If references where used in a wrong way, PHP would often create memory corruptions which would not always surface and be visible. In other cases it can cause variables and objects to change type or class. If you encountered strange behavior like this, this release might fix it."
Python Urwid 0.8.8 - curses-based UI library for PythonVersion 0.8.8 of Urwid, a curses-based UI library for Python, is out. "This release adds a new web_display module that can emulate a console display within a web browser window, as well as other enhancements."
Python for Maemo releasedThe initial release of Python for the Maemo platform (the system on Nokia's Internet tablet device) is out. "This is in *alpha* stage yet. Bug fixes, wishes, suggestions, etc, are encouraged and welcomed."
Ruby Ruby Weekly NewsThe June 12, 2005 edition of the Ruby Weekly News includes all of the latest news and discussion from the ruby-talk mailing list.
Tcl/Tk Dr. Dobb's Tcl-URL!The June 10, 2005 edition of Dr. Dobb's Tcl-URL! is online with the latest Tcl/Tk articles and resources.
Dr. Dobb's Tcl-URL!The June 14, 2005 edition of Dr. Dobb's Tcl-URL! is online with the newest Tcl/Tk articles and resources.
Cross Compilers Release 3.0.1 of the GNU Development Chain for 68HC11/68HC12Release 3.0.1 of the GNU Development Chain for 68HC11/68HC12 has been announced. "It is based on Binutils 2.15, Gcc 3.3.5, Gdb 6.2 and Newlib 1.12.0."
Editors Bluefish 1.0.1 releasedVersion 1.0.1 of Bluefish, an HTML editor, is out with lots of bug fixes and other revisions.
Page editor: Forrest Cook Linux in the news Recommended Reading Thoughts on Debian's futureIan Murdock has posted some thoughts on Debian's future. "Now what? If you ask me (and you didn't, but I'm going to tell you anyway), Debian should have two overarching priorities for the next release: 1. putting a timed release cycle in place, so what happened with sarge never happens again; and 2. keeping the growing family of Debian derivatives united around a common core--namely, Debian itself. What's at stake? Bottom line: If we don't do something about both of these problems, actual and potential, Debian will be irrelevant by the time etch is out."
Power.Org on the Road to Open Hardware (IT-Director)IT-Director looks at Power.Org, calling its creation a "seminal" event. "IBM hopes that the creation of Power.Org could lead to the building of an Open Hardware community that will be capable of emulating the feats of Open Software. Indeed, this novel approach to encouraging the cooperative development of the Power microprocessor could deliver a wide range of new solutions to address every day needs along with highly specialised requirements."
Trade Shows and Conferences LinuxWorld Summit New York City: A Wrap-Up Report (Linux Journal)Linux Journal reports on the LinuxWorld Summit held last month in New York. "Designed to attract attendees from corporate managerial strata (read: big time suits) rather than function as a general penguin fest, the LinuxWorld Summit opened with daily keynote panels before featuring a three-track conference: "The Business of Linux and Open Source", "Data Center and Virtualization" and "Security: Inside and Out.""
The SCO Problem Followups on Novell's New Litigator and Apple (Groklaw)Groklaw predicts a legal battle between Novell and SCO. "You will enjoy reading Lamlaw's entry for June 10, ("Novell Hires Another Lawyer for the Team - Guess What He's Good At? (Groklaw)"), because he believes that Novell may be getting ready to sue SCO for slander of title. He agrees with my guess that they didn't hire a litigator now just to watch the judge finish off the current litigation. Novell has, he believes, the necessary pieces to turn around and sue SCO for slander of title, if they first bring an action to clear the Unix title and then, after winning that, sue for slander of title and get their special damages paid by SCO, for all the annoyance SCO brought them."
Companies Former Linux Architect Moves to Microsoft (eWeek)eWeek notes that Gentoo Founder and former chief architect Daniel Robbins has accepted a position at Microsoft Corp. "Microsoft confirmed that Robbins began work at Microsoft's campus in Redmond, Wash., on May 23. Sources at Microsoft said Robbins is working with Bill Hilf. Hilf is Microsoft's lead program manager for its Platform Strategy organization. There, he leads Microsoft's Linux and Open Source Software technology group. Before coming to Microsoft, Hilf drove IBM's Linux technical strategy for its emerging and competitive markets organization. Robbins' title is program manager for the Platform Strategy team."
Plumtree to Make Linux Shift (eWeek)eWeek reports on a shift toward Linux by Plumtree Software Inc. "Plumtree Software Inc. is preparing to release its first vertical applications for the retail and pharmaceutical industries while porting its portal, content management and application development platform to Linux. The company is attempting to capitalize on the growing demand for composite applications, which combine traditional business application functionality with collaborative processes that are often specific to particular industries."
Interviews Interview with Google's Chris DiBona on Summer of Code (Groklaw)Groklaw has an interview with Chris DiBona, Open Source Programs Manager, at Google Inc. " As soon as Google's Summer of Code project was announced, Groklaw member Marko Djukic suggested to me that we do an interview with Chris DiBona, who is now Open Source Programs Manager, at Google Inc., about the project, and Chris was gracious enough to say yes. Djukic is Core Developer for the Horde Project, a Summer of Code mentor."
Linus compares Linux and BSDs (NewsForge)NewsForge talks to Linus Torvalds about the differences between Linux and BSD. "NF: BSD is still considered by some to be more "technically correct" than the Linux kernel. Do you think the BSDs are better technically than the Linux kernel? Torvalds: Linux has a much wider audience, in many ways. That ranges from supporting much wider hardware (both in the driver sense and in the architecture sense) to actual uses. The BSDs tend to be focused in specific areas, while I have always personally felt that any particular focus on any particular use is a bad thing. Which one is "better"? To me, Linux is much better, since to me, the important thing for an OS is how well it performs under different patterns, be they embedded, server, or desktop, or just some totally crazy person in a basement trying something new."
BSD cognoscenti on Linux (NewsForge)NewsForge talks with a couple of BSD developers (Theo de Raadt and Christos Zoulas) to get their impressions of Linux. "Linux's code is much newer and it keeps constantly being re-factored. This has the nice side effect of keeping the code simple and readable (at the base system layers such as VM and FS), but stability is suffering. While 2.4.x was a monotonic climb to stability, the road of 2.6.x has been very bumpy."
Project Orange: Toward the first open source movie (NewsForge)NewsForge interviews the people behind Project Orange. "The idea behind the project is to show the power of open source software applications in a production environment. Several open source applications are already commonly used for video production, such as Blender, Yafray, Python, Verse, the GIMP, and Cinepaint."
Interview: Jack Valenti (Darknet)Darknet interviews Jack Valenti, former head of the MPAA. "Where did this backup copy thing come from? A digital thing lasts forever. No enterprise in the world gives you a backup copy of anything. You go buy a suit of clothes and you tear it and you come back and the guy says I'll try to sew it up for you, but he doesn't give you a backup pair of trousers. If you need a backup copy of a DVD you can go out and buy another one."
Jaromil of Rastasoft interviewed (linuxaudio.org)A new Audio Libre series article is available on linuxaudio.org. This one is called Hack down Babylon, and features an interview of Jaromil of Rastasoft about the dyne:bolic multimedia distribution.
Interview with KHTML Developers Ivor Hewitt and Allan Sandfeld JensenMatt Harrison presents an interview of Ivor Hewitt and Allan Sandfeld Jensen on his blog site. "I just conducted an interview with Ivor Hewitt and Allan (carewolf), the developers who merged in Apple's recent ACID2 changes into Konqueror. Read on to get their "inside" feel for the situation between KDE and Apple. Thanks Ivor and Allan for your excellent work and for responding!" (Found on KDE.News.)
Resources An Introduction to Open Source Geospatial Tools (O'ReillyNet)Tyler Mitchell presents an overview of open-source Geospatial tools on O'Reilly. "The development of open source geospatial software is an exciting part of the new geospatial landscape. Open source project offerings cover the spectrum of tools: command-line data conversion, spatially aware enterprise databases, internet mapping applications, desktop Geographic Information System (GIS) applications, geoprocessing libraries, and more."
High-Performance Commodity Computing Hits The Mainstream (developerWorks)IBM developerWorks covers grid computing in the world of financial services. "Take a look at the financial services space and you'll find that grid has gone mainstream into some of the world's largest enterprises, thanks to commodity Linux® servers, open source tools like Globus, and the growing adoption of service-oriented architectures. Our correspondent at the LinuxWorld New York Summit listened in as technology leaders discussed the burgeoning use of grid in the financial vertical."
Building a Linux virtual server (NewsForge)NewsForge looks at the Linux Virtual Server Project. "The main advantage of using LVS is that unlike Microsoft network load-balancing clusters, the LVS allows you to add a node running any operating system that supports TCP/IP to the cluster."
The Eighth Commandment of system administration (NewsForge)NewsForge looks at system logging issues in a series on system administration. "A system log is one of the most effective ways to monitor a server's health and underlying problems. Often before a major hardware or application crash takes place there are indicators of impending disaster within the syslog. As a good and attentive administrator, you should be reviewing your logs on a regular basis, but oftentimes these logs are forgotten due to other duties or important data is lost within pages of white noise telling about normal events."
How a Corrupted USB Drive Was Saved by GNU/Linux (Linux Journal)Colin Park saves a corrupted USB drive using SUSE and fsck, in this Linux Journal article. "My friend's brother had a 512MB Lexar Media Jumpdrive Pro USB drive that became corrupted after using it with Windows 2000. His IT department was able to get back some but not all of the file contents, but without any file names. On his own, he tried some recovery utilities, but all failed. Using a typical Linux distro--in this case SuSE 8.0--however, it wasn't hard to recover almost all of the data from the drive along with the filenames and to burn a CD-ROM of the contents."
Reviews Linux a PS3 option? (LinuxDevices)Linux Devices takes a look at Sony's PlayStation 3. "The PS3 will not come stock with a hard drive, but will have an expansion bay supporting removable 2.5-inch drives, Gamespot suggests. Sony will sell drives pre-packaged with Linux operating systems of various kinds, such as video editing and photo studio environments."
At the Sounding Edge: Using QSynth and QJackCtl (Linux Journal)Dave Phillips looks at two GUIs for fluidsynth and JACK in this Linux Journal article. "QSynth and QJackCtl are GUI front-ends for other software. QSynth provides a friendly user interface for the fluidsynth soundfont-based synthesizer. QJackCtl supplies a similar interface for the JACK audio server/transport control system. Both applications use a recent version of the Qt graphics toolkit and up-to-date versions of their other required components."
Miscellaneous Consolidation Proposal: ClearHealth, FreeMED and OpenEMR (LinuxMedNews)LinuxMedNews covers a proposal for consolidation and collaboration between several free software projects for the health care industry. "Why should there be a consolidation? To avoid duplication of effort. Because we are all developing very similar EMR systems using the same fundamental technologies. Each of the three projects is separately generating incompatible code to meet exactly the same requirements. If the three projects combined their efforts we would have a better EMR and Medical Practice Management System in far less time than we might working apart."
Spanish Lecturer Censored for defending P2P networksJorge Cortell explains how giving a lecture on P2P networking led to his forced resignation from the Polytechnic University of Valencia (UPV). "The Director called me and first asked me to remove any link to the university from my website, and also to "hide" the fact that I was teaching there. Then he told me about the pressures and threats he and the Program received (to be subjected to software licenses inspection, copyright violations inspections, or anything that may damage them). Obviously I had to resign to save his job (and everybody else's at the Masters Program). So I did." Thanks to Peter Moulder.
Xen getting multiprocessor support (News.com)News.com reports that multiprocessor support will be added to the Xen hypervisor project. "Xen, software that lets multiple operating systems run on the same computer, will become significantly more powerful with an upcoming version that introduces multiprocessor support."
Page editor: Forrest Cook Announcements Non-Commercial announcements Crystal Space project accepting donationsThe Crystal Space is producing a portable 3D Engine Framework. The project needs a financial boost to support development on the Linux platform. "This money will be used to get a new linux computer which is needed to better support Crystal Space on linux. At this moment Windows, Linux, and MacOS/X are supported by Crystal Space but most of the active developers are on Windows which means that that platform gets most attention. I have a linux computer but it is underpowered which makes it bad for testing the latest CS features on linux too."
Free Software Directory reaches 4,000 packagesThe Free Software Foundation's software directory has reached 4,000 packages. "The Free Software Foundation (FSF) today announced that the FSF's Free Software Directory registered its 4,000th software package. The Directory, which accounts for more than 40% of the traffic on the FSF's Web site (receiving 2.25 million hits per month, an average of 321K per day), has grown and improved steadily in the past year: one year ago, the Directory had 3153 packages; it now has 4,029. The Web form, which lets developers enter packages themselves, has been refined and expanded."
GNOME Women (GnomeDesktop)GnomeDesktop has an announcement about the launch of the GNOME Women project. "Hanna Wallach recently announced the formation of the GNOME Women project: "Concerned about the lack of female GNOME developers and inspired by the success of the Debian Women Project, Máirín Duffy and I have founded GNOME Women, a project to encourage more women to participate in GNOME development. At present, were starting smalljust an IRC channel and a forthcoming mailing listbut Im hopeful that the project will be as enourmously needed and successful as Debian Women."
GPL Version 3: Background to AdoptionThe Free Software Foundation has released an article (click below) by Richard Stallman and Eben Moglen, discussing the forthcoming GPL Version 3.
Open Country Joins OSDLOpen Country is a provider of IT systems management software for Linux servers, blades, desktops and appliances. The company is also the newest member of the Open Source Development Labs where it will participate, initially, in OSDL's Desktop Linux (DTL) working group to enable the Linux-powered enterprise.
Commercial announcements IBM, Power.org Advance Chip Innovation for LinuxPower.org has announced eleven new members supporting the group's formation, demonstrated breakthrough products and detailed momentum on the European continent for Power Architecture(tm) technology.
Intel Announces New Software Tool -- Compiler 9.0Intel Corporation has announced new tools for software developers to help build threaded applications and extract the best performance from applications on multi-core platforms. The Intel Compilers version 9.0 for C++ and Fortran programming languages also help improve security protection in Linux* and Windows* applications.
Mandriva acquires LycorisMandriva has announced the acquisition of "several assets" from Lycoris. "The joint plan is now to develop a new product that will be the convergence between our Mandriva Discovery product and Lycoris Desktop/LX. Both teams have already started working on this product." Lycoris CEO Joseph Cheek is moving to Mandriva as well.
McAfee Entercept for LinuxMcAfee, Inc. has announced the availability of its "Entercept" intrusion protection system for Linux (RHEL 3 in particular). Claimed features include buffer overflow prevention ("for all installed applications") and application shielding.
Nokia uses open-source browser for Series 60 platformNokia has announced that it will use open-source web browser code in its Series 60 smartphone platform. "A key component of this development has been Nokia's cooperation with Apple, as the Series 60 browser will use the same open source components, WebCore and JavaScriptCore, that Apple uses in its popular Safari Internet browser. Based on KHTML and KJS from KDE's "Konqueror" open source project, this software has enabled Safari to achieve industry-leading features and performance. Nokia intends to continue its collaboration with Apple and actively participate in the open source community to further develop and enhance these components, contributing Nokia's expertise in mobility."
VariCAD 2005 for Linux ReleasedVariCAD has announced the release of the Linux version of VariCAD 2005. This new version of VariCAD with a new 3D kernel brings new enhancements, such as better 3D object displaying, more convenient 3D positioning and solid editing, easier creation of 2D drawing from 3D views, improved snapping and object selection in 3D, and more.
REAL Software Announces Public Beta of REALbasic 2005 for LinuxREAL Software has announced that REALbasic 2005 for Linux is available for public beta and can be downloaded now from http://www.realsoftware.com/demo. REALbasic 2005 for Linux Standard Edition will be offered for free when it ships in August.
TimeSys Secures $6 Million in FundingTimeSys has announced the securing of $6M in funding. "TimeSys will use the funds to expand its reach among the rapidly growing number of developers choosing Linux as their embedded device development platform."
Zope Foundation to be createdZope Corporation has announced that it will be creating an independent foundation to manage the continuing development of the Zope content management system. The foundation will own the copyrights to the code and the right to use the "Zope" trademark. A "question and answer" IRC session has been scheduled for June 21 for those who wish to learn more about this move.
New Books "Digital Video Hacks" - O'Reilly's Latest ReleaseO'Reilly has published the book Digital Video Hacks by Joshua Paul.
Mac OS X Tiger for Unix Geeks - O'Reilly's Latest ReleaseO'Reilly has published the book Mac OS X Tiger for Unix Geeks by Brian Jepson and Ernest E. Rothman.
Resources The EFF's legal guide for bloggersThe EFF has posted a legal guide for bloggers with answers to questions on legal liability, intellectual property issues, and more. For publishers in the U.S., it would appear to be a highly useful document; it does not address the legal situation in any other country, however.
Education and Certification PostgreSQL Certified Engineer program has started worldwideSoftware Research Associates, Inc. has announced a PostgreSQL database certification program. "PostgreSQL CE, a PostgreSQL certification program, has started worldwide. PostgreSQL CE certifies skilled PostgreSQL engineers, and there are Silver and Gold qualifications for each skill level. The exam can be taken at local Pearson VUE testing centers, and it is available in English and Japanese."
Upcoming Events Europython updateAn update on the EuroPython 2005 conference has been sent out. The event takes place in Göteborg, Sweden on June 27-29, 2005. "The Europython schedule was publised on the Europython website today. With five parallel sessions for half of the conference and four for the rest, we think we have the largest selection of Python and Zope talks ever."
FUDCon2 at LinuxTagFUDCon 2 has been announced. "FUDCon2, the second gathering of Fedora Users and Developers, will be held at LinuxTag in Karlsruhe, Germany on June 24-25, 2005. FUDCon 2 will feature presentations from prominent members of the Fedora Project, both from Red Hat and from the Fedora community. Attendance is free to anyone attending LinuxTag".
Libre Software Meeting, Operating SystemsThe next Libre Software Meeting will be held from July 5-9, 2005 in Dijon, France. "The "Operating System Design and Implementation" topic this year will gather a wide range of developers and researchers in this area."
NDSS 2006 Call for PapersA call for papers has gone out for the 2006 Network and Distributed System Security Symposium. The event takes place in San Diego, CA during February, 2006. Papers are due by August 22, 2005.
OOoCon 2005 Call For PapersA call for papers has gone out for OOoCon 2005. "The third international OpenOffice.org Conference, OOoCon 2005, will be held in Koper-Capodistria, Slovenia, this year, from 28-30 September, and you are invited! Promoted this year as a joint effort by the Slovenian and Italian OpenOffice.org language projects, the conference provides the opportunity for the community to meet the developers, contributors, marketers, and others who are making OpenOffice.org one of the most important open-source projects and products today."
Where 2.0 Conference: New Directions for Location TechnologyO'Reilly has issued a press release about the upcoming Where 2.0 conference. ""Where 2.0 will make it obvious that web developers are the new market for geospatial tech," observes conference co-chair Nathan Torkington. "Map systems, satellite imagery, and yellow page information are all being made available to web hackers, with major corporate players in a race to offer the best platform to these developers. The GIS industry is watching very closely to see how this plays out.""
Events: June 16 - August 11, 2005
Web sites GnomeFiles.org One Year Old (GnomeDesktop)GnomeFiles.org celebrates its one year anniversary. "GnomeFiles.org, the software repository for applications using the multi-platform toolkit GTK+, is now one year old. During that time 840 applications were posted and 240,000+ file downloads occured. The site now enjoys about 20,000 pageviews daily, on average. A big thanks to Eugenia for putting together and maintaining gnomefiles!"
Miscellaneous Linux: ready for the seat backHere's an amusing set of pictures from an air traveler who was able to photograph the reboot sequence for the computer driving the seat-back display. Turns out it runs Linux...
Page editor: Forrest Cook
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Firefox screenshot]](/images/ns/ff-prefetch-sm.png)