LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for June 23, 2005Changes at the Linux Mark InstituteLinux users and developers, as a whole, prefer to avoid legal and political hassles. As a result, contacts with the legal system tend to be initiated by the outside world. In the case of the Linux trademark, that contact happened in 1996, when one William Della Croce thought it would be fun to register the Linux trademark in the U.S. and start shaking down the few struggling companies which were trying to make a living in that space back then. The community reacted, lawyers were called in, and, eventually, the trademark was transferred to Linus Torvalds.There have been occasional trademark issues since then. In 1999, a company called Channel One Gmbh made a grab for the trademark in Germany. They lost too. In early 2000, "SeriousDomains" brought about a trademark shutdown from Linus when it tried to scalp a pile of Linux-related domain names. The notion of spending big bucks for LinuxOnSteroids.com may seem amusing, but remember that things were a little different those days. Just look at the LWN Weekly Edition covering this event - the other front page story was that a company called Linuxcare thought people might want to line up and buy its stock. Whether the domain name or the stock would be worth more now is debatable. But that event was the first episode in which the Linux trademark had been used to shut down a business in this way. In the aftermath, Linus posted an informal trademark policy to explain how he thought the mark should be used:
I want "Linux" to be as free as possible as a term, and the real
reason for having a trademark in the first place was to _protect_
it rather than use it as some kind of legalistic enforcement thing.
At that time, Linus noted that official permission to use the trademark would involve the payment of a "nominal fee," which would go to Linux International's "trademark fund." That is where things sat for a long time. Companies using the Linux mark were expected to obtain a license for a one-time $500 fee. More recently, however, some changes have popped up which shine a light on a shift in how the trademark is being administered.
Changes at LMIThe headquarters for Linux trademark administration is, as it has been for some years, the Linux Mark Institute (LMI). It should come as no surprise that Linux International is no longer handling the trademark. What might surprise some people, however is that LMI has been reincorporated in Oregon and its web server is now hosted by OSDL. Even more surprising might be changes made to the licensing agreement for the trademark itself. None of these changes have been announced to the community. The following table highlights a couple of key differences between the current version of the license, and the license as it appeared last October, thanks to archive.org.
The new license has clearly gained a great many capital letters. It also has a new "schedule A" setting out what the license will cost. The figure varies depending on the amount of revenue the licensee gains from the Linux-related products; it can be anywhere from $500 to $5000. At the low end, there is a $200 rate for non-profit companies. At the high end, the $5000 applies to each product or service using the trademark. In all cases, however, the new fee is annual - it must be paid every year, or the right to use the trademark goes away. What has also come out is that the Institute is actively contacting companies and telling them that they need a license. In this quest, it has started to upset some members of the community; in particular, Bruce Perens received a demand that the UserLinux project purchase a trademark license. Mr. Perens does not appear to be upset about trademark licensing in general, but the terms of the new agreement are not to his liking. In particular, he objects to the terms of the license grant, which reads:
LMI hereby grants to SUBLICENSEE... a
nonexclusive, non-transferable license and right to use the
SUBLICENSED TRADEMARK solely (a) in the TERRITORY; (b) for the
SUBLICENSEE MARKS identified on the signature page of this
Agreement; and (c) on AUTHORIZED GOODS/SERVICES which are (i)
produced by or for SUBLICENSEE, and (ii) distributed under
SUBLICENSEE's name.
How, asks Bruce, can these terms be made to work for a project like Debian, which has little control over how its distribution is distributed? Can Debian call its product "GNU/Linux" when said product can be distributed by others, using different names?
What is really going onLWN spent some time trying to figure out what is going on at LMI; in the process, we took up quite a bit of Jon 'maddog' Hall's and Eric Boustani's time. Eric, a member of the LMI board, has been involved with the Linux trademark since the beginning, when he helped to set up the initial licensing scheme. What Eric tells us is that, over the last year, there has been a constant effort to solidify and improve the management of the Linux trademark, with the community's interests kept firmly in mind. While the work has been ongoing, only now are the results beginning to be visible.There were a number of problems with the previous management scheme which needed to be addressed. The number of trademark licenses issued was too small - companies simply were not buying them. The protection of the Linux trademark was spotty - it is not possible to simply create a worldwide trademark license, and the mark had not been registered in many countries. There have been abuses of the trademark (Linux-related domain names pointing to porn sites, for example) which needed to be shut down. Solidifying the Linux trademark requires bringing more resources to bear, which is being done in a couple of ways. One is the increase in licensing fees, especially for the larger companies which are making money from Linux. The other was to bring in some outside support, which has come from OSDL. So OSDL is providing hosting and some staff time to assist LMI. Eric insisted, however, that OSDL has not taken over the management of the Linux trademark, and that it has no special rights with regard to that mark. The licensing changes are aimed at improving the situation. The old licensing fee was simply not enough to fund LMI at the level it needed to properly manage the trademark. The change in the license term is meant to address a different problem: the perpetual term of the old license gave LMI no way to terminate a license. Termination in this case is not a punitive or enforcement measure; the real problem is simply companies which go out of business or stop using a Linux-related trademark for some other reason. A renewable license allows parts of the name space to be reclaimed when they fall out of use. The one-year term also allows the license to be regularly reviewed and updated; things change quickly in the Linux community, and the legal structures need to be able to change too. LMI was not able to talk much about the specific complaints raised by Bruce Perens. Mr. Hall has described them as "non-issues," however. He and Mr. Boustani have both said that the last thing LMI wants to do is to create difficulties for community projects. If some aspect of the licensing language does turn out to be a problem, they will find a way to change it if they can. One thing that is worth noting is that the process by which LMI makes its decisions is opaque to the community, at best. Mr. Bourstani tells us that LMI understands this, and plans to change things. So we should see initiatives from LMI to "open things up" and give the community a larger say in how the trademark is administered. Much of the work which has happened so far has been the laying of the foundations that needed to happen first. For the curious: the current LMI board members are: Larry Augustin, Eric Bourstani, Jon 'maddog' Hall, Linus Torvalds, and Stuart Cohen. Mr. Cohen is the CEO of OSDL; he has held a board position for a relatively short period of time.
In conclusion...One might wonder why all of this matters. The fact is that the care of the Linux trademark is an important issue. The trademark must be held by somebody, or we run the risk of more Della Croce-style shakedown attempts. If no effort is made to protect the trademark, it may degrade into a generic term which anybody can use. This may seem like the best outcome to some, but who can doubt that it would lead to some sleazy operators distributing products called "Linux" which none of us would recognize as such? It is to our benefit that the term "Linux" actually means something. If we want that situation to continue, then somebody must defend the trademark. So a group like the Linux Mark Institute seems like a necessary evil. LMI has not conducted itself in a manner contrary to the community's interests in the past, and it does not appear that the recent changes at LMI will be anything but good for the community. If the community is to believe that over the long term, though, LMI will have to follow through with its plans for greater openness. An organization which is truly operating in the community's interest has no reason to fear the community's participation.
A look at XenThe Xen virtual machine monitor is starting to pop up all over the place, or at least in several Linux distributions. Fedora Core 4 comes with Xen packaged as part of the release. SUSE Professional 9.3 includes Xen, there's the Xenophilia Linux distribution that is based around Xen, and Xen is in Debian unstable as well. XenSource, a company founded by Xen project developers, has also been in the news, and is getting funding from Kleiner Perkins Caufield & Byers and Sevin Rosen Funds as well as technology contributions from Intel.This seems like a good time to take a look at Xen, see what it's capable of, and where it's going. We decided to test out Xen in Fedora Core 4, and the latest release from the Xen project in the form of a live CD to see how mature Xen is. According to the Xen Quickstart guide, Xen in FC4 is based on the Xen unstable tree, so some features will be a bit rough. Users who want to test Xen without installing FC4 can download demo CDs based on Debian from the Xen website. We also spoke with XenSource's Simon Crosby, a founder of XenSource and former professor at the University of Cambridge where Xen got its start. Xen is a "hypervisor," or virtual machine monitor, which can execute several virtual machines on a single piece of hardware. Xen isn't unique in being able to run virtual hosts -- Linux users can run virtual machines using User-Mode Linux (UML), bochs, VMware products, SWsoft's Virtuozzo and a number of other virtualization technologies. Xen operates a bit differently, however, than UML or VMware Workstation. Xen requires that a OS be ported to run on Xen's hypervisor, rather than attempting to emulate an x86 virtual machine completely as VMware Workstation does. The Xen approach is supposed to offer superior performance -- a performance comparision between VMware Workstation, Xen, native Linux and UML is available on the Xen website -- but it means that unmodified operating systems will not run on top of Xen. Users who want to run a virtual instance of Microsoft Windows, for example, will have to look elsewhere, at least for now. Crosby said that work is being done that will allow unmodified guest OSes to run on top of Xen, but that won't be complete until some time after 3.0 is released. Also, Xen runs only on x86 systems with 686 processors or better, though ports to x86_64 and other processors are in progress. Crosby said that IBM is working on Power5 support, HP is working on Xen on IA64 and that he believes Sun is working on a Sparc port as well. The current Xen release will run on SMP systems, but does not include SMP support for guests. However, Crosby said that work is being done in this area, and the 3.0 roadmap calls for SMP support within guest hosts as well. In addition to allowing a system to run multiple instances of Linux, Xen also works with NetBSD and FreeBSD, so users aren't restricted to using a Linux host for running Xen. Using the Xen live CD, we ran instances of Debian with the 2.4 and 2.6 series kernels alongside instances of FreeBSD and NetBSD. We installed the Fedora Core 4 with the default "Workstation" set of packages. Xen's packages are not installed by default so we used Yum to grab the Xen host kernel, the Xen guest kernel and support packages. Xen in FC4 still requires a great deal of manual setup. There's no point-and-click GUI interface included to allow easy creation of Xen virtual hosts, and some users might find the steps to setting up Xen to be somewhat daunting. We followed along with the Fedora+Xen Quickstart guide to install Xen and create virtual hosts, and the Xen users' manual to get started with the basic Xen utilities. After installing the Xen0 kernel, we disabled SELinux support and restarted the host to boot into the Xen0 kernel. SELinux needs to be disabled in order to create the guest filesystems. After rebooting, we created a 2GB file to use for the filesystem and then installed the Fedora Core 4 base system using Yum. It is also possible to export block devices directly to guest domains, so users could choose to use entire partitions for Xen guest filesystems. After creating the filesystem, and creating a configuration file for the guest system under /etc/xen, we started up the guest host. We gave the guest 128 MB of RAM on a system with 1 GB total. We then tested the system a bit by creating a network interface, installing Apache with Yum and so on. The guest and host performance seemed fine, even when we started up a second guest with the same configuration on the same machine. Xen also includes a web-based control interface. This interface didn't work in FC4, but worked just fine with the Xen live CD. After firing up "xensv" we were able to connect to the localhost on port 8080 and perform most of the functions available via the command line using the web-based interface. The control interface for Xen is adequate, but certainly won't be winning any awards for ease of use. Crosby acknowledged that "you have to be something of a guru to use it," but noted that Xen's is very polished in the area of stability. Indeed, we didn't run into any stability issues with Xen while testing, and it looks like it's already suitable for utility computing. Crosby noted that XenSource is running its website and other services within Xen hosts. Another interesting feature in Xen is the ability to move Xen instances from one physical machine to another. Crosby said that it's possible to move a Xen virtual machine "so that the guest is only non-responsive to the outside world for tens of miliseconds." Xen 3.0 is scheduled for sometime in the July time frame according to the Xen roadmap. Crosby said that 3.0 will fork "in a few weeks time," and that the Xen team was waiting on a few features from the community before forking. When 3.0 forks in July, Crosby said that the Xen team would be working with the community, partners and distributions to hammer out the bugs. We also talked to Crosby about the direction of XenSource, and whether its future offerings would be released as open source. Crosby said that the company planned to ship some proprietary tools for use with Xen, though Xen would continue to be open source. He also said that XenSource is interested in a world where the hypervisor is "ubiquitous" and provides an ecosystem with "a whole load of opportunities for vendors to compete in, creating a big pie... and we aim to have a fair slice of that pie." While Xen is still a little rough around the edges, it's well worth a look for users who want a free software solution for virtualization. Xen's performance seems very good, and it looks like a good solution for Linux testing and perhaps web hosting and so forth. Given the interest from investors, Intel, SUSE, Red Hat and others, it seems likely that Xen will continue to improve at a rapid pace.
Security Attack of the killer iPodsApparently, the latest security threat to the enterprise is Pod slurping. Gartner recommended banning portable storage devices, including iPods, last year, but Abe Usher has taken it a step farther by providing a proof-of-concept application called slurp that could run off of an iPod or other portable storage device. Usher paints a scary scenario to put the fear of iPods in all of us:
An unauthorized visitor shows up after work hours disguised as a janitor
and carrying an iPod (or similar portable storage device). He walks from
computer to computer and "slurps" up all of the Microsoft Office files from
each system. Within an hour he has acquired 20,000 files from over a dozen
workstations. He returns home and uploads the files from his iPod to his
PC. Using his handy desktop search program, he quickly finds the
proprietary information that he was looking for.
A scary scenario indeed. We put slurp to the test, to see if it is indeed
that quick and easy. Usher's slurp.exe runs off of the portable storage
device and copies documents (including *.doc, *.xml, *.xls, *.txt and
others) from the " Indeed, slurp.exe works as advertised, searching the target computer (a Windows XP machine) and copying all Office documents from the target directory to the USB drive in less than a minute. (Admittedly, there were only a dozen or so, so target computers with hundreds of documents may take more time.) While testing, it also occurred to us that slurp could also provide a valuable legitimate use by allowing users to back up their Office documents to work on them at home. Note that Usher's slurp.exe is "crippled" to only allow a user that's logged in to copy documents, and maxes out at 200 files. Usher calls for organizations to put several technology- and policy-based countermeasures in place to reduce the risk of data theft with portable devices. We agree with Usher that organizations with sensitive data should have strong physical security to prevent intruders from gaining access to systems. Usher's scenario - an unauthorized visitor snooping through the office unsupervised - shouldn't be allowed in any workplace that needs to enforce data security. Restricting removable storage devices, however, may be much more difficult -- and ultimately futile, since they're easy to conceal and users with physical access to machines also probably have access to other means for sending sensitive information off-site: e-mail or uploading files to web-based storage, for example. Keeping unauthorized users away from systems is one thing, preventing a disgruntled employee from removing documents is another. Usher's technical suggestions are also interesting. He suggests disabling USB connections in the system's BIOS, using encryption, keeping corporate data on protected network shares and using third-party applications like DeviceLock to lock down access to USB and other removable devices. Administrators who wish to disable USB connections in the system bios will also need to password-protect the BIOS to prevent a user from simply re-enabling it. Use of encryption for sensitive data is certainly recommended, though training average PC users to actually utilize encryption may be more easier said than done. Keeping data on network shares only works if there's a way to prevent the user from copying the data to the local PC or sending it off-site via the network. Third party apps like DeviceLock are only useful while a PC is running -- so a user who reboots the PC and uses a live CD of some kind is going to be able to bypass DeviceLock rather easily. The possible abuses of portable storage devices like the iPod should be taken seriously. The ability to copy tens of gigabytes of data onto a pocket-sized device is certainly a threat to organizations with sensitive data to protect. However, it wouldn't pay to focus on portable storage devices alone. There are many, many ways that someone with physical access would be able to compromise an organization's security. Banning iPods and other storage devices, without a comprehensive security policy that covers other possible attacks, is likely to do nothing more than annoy employees.
New vulnerabilities cacti: SQL injection and PHP file inclusion
cpio: directory traversal
Java: applet privilege escalation
PeerCast: format string vulnerability
ruby: arbitrary command execution
SpamAssassin: denial of service
SquirrelMail: several XSS vulnerabilities
sudo: race condition
Tor: information disclosure
trac: file upload vulnerability
webapp-config: insecure temporary file handling
Updated vulnerabilities a2ps: input validation error
bzip2: race condition and infinite loop
cpio - file permissions error
cURL: buffer overflow
cvs: multiple vulnerabilities
cyrus-imapd: buffer overflows
dbus: information disclosure
dhcp: format string vulnerability
Dnsmasq: poisoning and DoS
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
ettercap: format string vulnerability
evolution: message crash vulnerability
Foomatic: Arbitrary command execution in foomatic-rip
FreeRADIUS: buffer overflow and SQL injection
gaim: denial of service
gaim: remote DoS
gdb: multiple vulnerabilities
gtk-pixbuf, gtk2: denial of service
gedit: format string vulnerability
gettext: Insecure temporary file handling
gftp: missing input sanitizing
ghostscript: symlink vulnerabilities
glibc: tempfile vulnerability in catchsegv script
gnupg: information leak
grip: buffer overflow
groff: insecure temporary directory
gxine: format string vulnerability
gzip: race condition and directory traversal
htdig: cross site scripting
ImageMagick: xwd coder denial of service
imap: buffer overflow in c-client
imlib2: buffer overflows
infozip: privilege escalation, directory-traversal
junkbuster: heap corruption and settings modification
kdelibs: unsanitzied input
kernel: multiple vulnerabilities
kernel: ELF loader core dump vulnerability
kernel: multiple vulnerabilities
kimgio input validation errors
libconvert-uulib-perl: arbitrary code execution
libdbi-perl: insecure temporary file
libgd2: buffer overflows in PNG handling
libnet-ssleay-perl: weakened cryptographic operations
libTIFF: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
lvm10: creates insecure temporary directory
mailman: path traversal
mc: buffer overflow
mikmod: buffer overflow
mod_python: remote access vulnerability
Mozilla Firefox, Mozilla Suite: multiple vulnerabilities
mozilla firefox: javascript vulnerabilities
MPlayer: heap overflows
MySQL: input validation and temporary file vulnerabilities
ncpfs: multiple vulnerabilities
Net-SNMP: fixproc insecure temporary file creation
nfs-utils: arbitrary code execution
openssh: directory traversal
openssl: der_chop script temp file vulnerability
OpenSSL: information leak
OpenSSL: denial of service vulnerabilities
Opera: multiple vulnerabilities
perl: setuid vulnerabilities
perl: symlink vulnerability
php4: integer overflow and denial of service
phpsysinfo: cross-site-scripting
postgresql: EXECUTE privilege vulnerability
postgresql: database initialization errors
Pound: buffer overflow
ppxp: missing privilege release
realplayer: arbitrary code execution
rp-pppoe, pppoe: missing privilege dropping
samba: integer overflow vulnerability
shtool: insecure temp file
SpamAssassin: Denial of Service vulnerability
squid: DNS spoofing
SquirrelMail: multiple vulnerabilities
File overwrite vulnerability in tar and unzip
tcpdump: denial of service
tcpdump: multiple DoS issues
telnet: buffer overflows
telnet: information disclosure vulnerability
UnAce: buffer overflow and directory traversal
vixie-cron: crontab allows any user to read another users crontabs
wget: file overwrites and arbitrary code execution
Wordpress: multiple vulnerabilities
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
XV: multiple vulnerabilities
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 kernel is 2.6.12, which was released on June 17. Quite a few fixes - but no substantial changes - were merged after the last release candidate. For those who might not remember back to last March: 2.6.12 contains, among other things, a driver for the "trusted computing" (TPM) chip found in Thinkpads (and elsewhere), SuperHyway bus support, a multilevel security implementation for SELinux, device mapper multipath support, the address space randomization patches, a restored Philips webcam driver (still lacking full functionality), full I/O barrier support for serial ATA drives, resource limits which can be used to allow unprivileged users to run tasks with realtime priority, and a huge pile of fixes. See the long-format changelog for the details back to 2.6.12-rc2. For details prior to that, see the long-format changelogs for 2.6.12-rc2 and 2.6.12-rc1.No 2.6.13 prepatches have yet been released. There are, however, a few hundred patches in Linus's git repository, including a big SCSI subsystem update (the venerable SCSI changer driver has finally been merged), version 18 of the wireless extensions (with WPA2 security support), a new SysKonnect ethernet driver, some audit subsystem improvements, some networking updates, a set of device model updates (see below), a number of virtual memory improvements, some Rock Ridge filesystem improvements, a new set of framebuffer fonts, some RAID (MD) improvements, and a number of fixes. The current -mm tree is 2.6.12-mm1. Recent changes to -mm include a new version of the completely fair queueing (CFQ) I/O scheduler, some VFS scalability work, and lots of fixes.
Kernel development news What to merge for 2.6.13?Andrew Morton, looking forward to 2.6.13, has posted a list of major patches which, in his opinion, will (or will not) be merged soon. Reviewing the list, along with the subsequent discussion, gives a good sense for what the next 2.6 kernel might look like. Of course, the final product is still likely to contain a few surprises.Some of the decisions are not particularly controversial. Andrew is likely to merge the OCFS2 filesystem, some Xen precursor patches, execute in place support, software suspend support for SMP systems, some kernel timer performance improvements, various KProbes updates, the RapidIO subsystem, some scheduler tweaks, and some memory management work. Nobody has really complained about the inclusion of any of these patches (yet), so their path into the kernel might be relatively smooth. One patch which has gotten surprising support is kexec, which was first covered here in November, 2002. The ability to quickly boot a new kernel without going through the system firmware is nice, but the real payoff for kexec comes when it is combined with kernel crash dumps. Crash dumps can be a useful diagnostic tool, especially for vendors who are trying to track down a bizarre crash which only occurs at a customer's site. So various distributors have included some sort of crash dump capability in their kernels for some time. These patches will typically write kernel memory to a disk or network device, then reboot the system. The approaches taken to crash dumps so far share one significant problem: they all rely on the kernel to create its own dump. But this is a kernel which has just gone into panic mode; it is not in a stable state. The chances of an oopsing kernel completing a satisfactory crash dump are not all that high (Arjan van de Ven estimates that it works about 10% of the time). The real problem, however, is the risk involved in allowing an unstable kernel to continue performing I/O; there is a very real possibility that a (corrupted) crash dump could end up being written on top of something that the owner would have preferred to keep. The kexec approach gets around this problem by rebooting the system before performing the dump. The normal, production kernel is configured to set aside a small range of memory, which it never uses. Instead, a different kernel is loaded into that memory; this kernel will be small, and configured to do little other than performing crash dumps. If the system should panic, kexec is used to immediately boot into the crash dump kernel. This kernel, which will be starting fresh and in a known state, can then write the contents of memory to some sort of permanent store before rebooting into a new production kernel. This approach is safer and more reliable; the mailing list discussion has been favorable enough that kexec/kdump appears likely to be merged. The reiser4 filesystem has sat in the -mm tree for some time, and Andrew indicated that he might merge it this time around. Reiser4 has run into trouble into the past, mostly as a result of its "file as a directory" semantics which change how Linux works, can confuse tools, and, crucially, can lead to system deadlocks. This feature has been disabled for now, but there is still opposition to merging reiser4 into the mainline. The main issue this time around would appear to be the plugin architecture used by reiser4. Plugins can be used to change the behavior of the filesystem in many ways, from adding compression to completely changing how the file is laid out on disk. The plugin mechanism is a key part of Hans Reiser's longer-term vision of how filesystems should work; he hopes to eventually move all kinds of functionality into the filesystem level. The kernel developers, however, do not think that this sort of mechanism should be built into a filesystem; instead, much of what plugins do belongs in the VFS layer. So they would like to see reiser4 slimmed down into a much smaller, dumber system, with the plugin capability added on top of it and made available for other filesystems as well. Hans is resisting making this (large) change; he asks that the review process take a different tack:
How about review by benchmark instead? It works, it runs faster
than the competition, users like it, we addressed the core kernel
patch complaints, it should go in and receive the exposure that
will result in lots of useful improvements and suggestions. It
seems like we are getting an unusual review process.
Things appear to be at a standoff which could block the inclusion of reiser4 for some time. Yet another change under consideration is configurable clock frequencies for the i386 and ia-64 architectures. The current value (1KHz) turns out not to be optimal for all users; lower clock frequencies can improve throughput on some systems at the cost of coarser timer resolution and possibly increased latencies. There have been complaints about the new default (250Hz) and the fact that the patch is going in at all when more sweeping changes to the timer system (such as the dynamic tick patch) are waiting on the wings. Your editor's guess is that the patch will be merged, but the default may be changed to keep the current HZ value. FUSE (user-space filesystems) is being discussed again. FUSE has run into opposition due to the way it overrides the file permissions checking done at the VFS level. There does not appear to be any solution to this issue that pleases everybody, so it is hard to say where this one might go. It is possible that FUSE will be merged, but without its particular permissions behavior - a solution which would leave a number of FUSE users still needing to apply a patch to get the behavior they want. It didn't appear on Andrew's list, but the removal of devfs has also been a discussion item. Andrew didn't entirely like the full patch set which completely removed devfs from the kernel; he wondered what would happen if enough people complained and devfs had to be restored at some point in the future. So the current approach is to simply remove the devfs configuration option, making the functionality inaccessible. Eventually, if no major problems turn up, the code can be removed for real.
A big set of driver core changesGreg Kroah-Hartman has gotten 2.6.13 off to a good start with a massive set of driver core patches. There are a fair number of API changes that come with this patch set, so the whole thing is worth a look. In-tree code has been fixed to use the new API, but, as always, maintainers of external code are on their own.Two of the more significant changes were covered here last March. The interfaces have not changed since then, so that coverage will not be duplicated. The first of these changes is the complete rework of the "class" API. The interface known as "class_simple" turned out to be the best way to work with classes, so Greg reworked it as the class API, changing everything as he went. The interface known as class_simple is no more, but the new class API looks much like class_simple used to. The other change is the addition of the "klist" type: an extension to the kernel linked list type which includes its own, built-in reference counting and locking. The next change is in the prototypes of the store() and show() callbacks for device attributes. These callbacks now look like:
ssize_t (*show)(struct device *dev, struct device_attribute *attr,
char *buf);
ssize_t (*store)(struct device *dev, struct device_attribute *attr,
const char *buf, size_t count);
In each case, the callbacks have picked up a pointer to the actual attribute being accessed, allowing one callback to handle multiple attributes. There have been a number of internal changes to device model data structures which really shouldn't affect other code, but which might anyway. Various internal lists have been removed; in some cases, they have been replaced with klists. And a number of character pointers are now explicitly const pointers. Code wanting to look through the devices bound to a driver can use a new function to iterate through the list:
int driver_for_each_device(struct device_driver *driver,
struct device *start,
void *data,
int (*fn)(struct device *, void *));
This function will call fn() for each device bound to the given driver, stopping at the end of the list or when fn() returns a non-zero value. Inodes in sysfs now have an i_op->setattr() function, meaning that their permissions can be changed and those changes will last for as long as the system runs. Changing of sysfs permissions was never really supported in the past; it would work for a bit, but the permissions could be reverted at seemingly random times. This is not really an API change, but creators of sysfs attributes should bear in mind that the permissions on those attributes might be changed from their original values.
Dealing with disk I/O problemsFilesystem authors try hard to avoid losing data. Many of them have discovered, the hard way, that failure to return a user's bits in exactly the same condition as when they were entrusted to the filesystem can lead to serious disgruntlement down the road. There are limits to what a filesystem can do, however, when the hardware starts to fail. If a disk drive begins to go bad, or somebody yanks out a hotpluggable device, problems are simply going to happen.So what should a filesystem do in such a case? The behavior shown by most Linux filesystems (and partially enforced by the VFS layer) is to return an I/O error status (EIO) when things start to fail, then remount the filesystem in a read-only mode in an attempt to avoid any further damage. The end result is that a user-space application might see an EIO error return once - or it might not, since not all in-kernel error codes make it all the way back to user space. After that, the returned error will be EROFS (read-only filesystem), which is not entirely illuminating. Back in the good old days, we would just look in the system log file to see what was really going on. The new crowd of Linux users would rather not have to do that, however; they expect the system to tell them, politely, that their hardware is on fire and that they are about to deeply regret not having run any backups since sometime last winter. The problem is that the POSIX API is simply not set up to return that sort of detailed error information. Breaking compatibility with POSIX is not an option, so something complicated would have to be done to return error information within the bounds of the current API. Beyond that, however, is the simple fact that the application which is currently beating its head against disk errors might not be the right one to be having a pleasant conversation with the user about those errors. These issues have led Ted Ts'o to suggest that a different mechanism should be used. Rather than try to shove additional information through the existing API, the kernel should simply report events like disk disasters via an out-of-band mechanism. For example, errors could be reported with the user notification mechanism and fed into DBus for distribution. The user could then be informed of the trouble and given the opportunity to panic in a desktop-specific manner. There seems to be a high level of agreement that the out-of-band notification is the right way of doing things. All that is needed is for somebody to do the hacking to actually make it happen.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials 64 Studio - creative and nativeLike many Linux users, I've been through the full range of operating systems and architectures over the years. A decade ago I was learning to use System 7 on the Mac and various creative applications from companies like Quark, Aldus and Adobe. Users took it for granted then that both the hardware and software were proprietary, with all that implied. But since these systems represented the gateway to the world of desktop media creation, we put up with it. The emerging field of Web design introduced people like me to Linux on the server, and with the release of applications like the Gimp, we began to use Linux on the desktop too.Today, we have free software applications covering many of the creative disciplines, including 2D and 3D graphics, audio, video and publishing for the web or print. Unfortunately - despite the well-established concept of a printing press or recording studio on every desktop - media creation, when compared with media 'consumption', remains a niche activity. It seems that even Apple, supposedly the friend of artists and creative types everywhere, has decided to target the mass market with consumer electronics products instead. This niche status is reflected in the fact that none of the mainstream Linux distributions work particularly well 'out of the box' for media creation - but to be fair, Windows XP or OS X also require many additional packages to be installed before their users can realize the full creative potential of their chosen platform. Specialist Linux audio distributions do exist, including AGNULA/DeMuDi and Studio to Go!, with a decent level of integration for music-making. But as far as I'm aware, all of these audio distributions are x86-only so far, and there are few specialist distributions in the other creative fields. Ratatouille, a Knoppix-based distribution designed for animation is one exception.
Why 64-bit?Typical desktop users, writing letters, following progress on eBay or checking their email are more than adequately served by existing 32-bit processors, and for these users CPU power consumption is probably the most important issue, due to its impact on notebook battery life and system noise. But when you're working with video, 3D, multiple tracks of audio, real time processing or rendering, you need to squeeze the most possible out of your hardware. It's my view that creative users will be in the vanguard of 64-bit desktop adoption, since it's a logical next step when a couple of gigabytes of RAM are just not enough.Free software users have access to source code, so they can (in theory) build systems on any new architecture that comes along. Of course in practice, there have been few viable candidates for a successor to x86, and it has only been since the launch of the AMD Opteron, Athlon 64 and now Turion that we have been able to talk realistically about 64-bit on the desktop. The fact that Intel has embraced the 64-bit extensions to x86, together with Apple dropping Power, means that for the foreseeable future there is only one desktop architecture. Ironically, it is the probably the fact that 32-bit Windows can run on these chips, making them commodity processors, which means that they are widely available for building the creative Linux desktop. Crucially, they are also affordable, which is a significant factor in this niche. Most creative people are either students or freelancers for at least some of the time, and so 64-bit on the desktop, Linux or otherwise, will probably only succeed if it doesn't cost significantly more than 32-bit computing. Linux clearly has a head start on x86_64, and as LWN.net has related recently, you can choose from a number of natively compiled desktop distributions for the platform. Unfortunately for the creative user, all of these distributions are aimed at the general-purpose audience. It's impossible to be all things to all people, and what's good for the so-called consumer is rarely right for the content creator. For example, typical distributions use Arts or ESD to share the sound card between applications, while many Linux musicians would want to use JACK - admittedly more complex, but far more powerful. Default selections of applications would be very different, and even gigantic distributions like Debian don't package all of the specialist tools needed for media creation.
A 64-bit Debian remix64 Studio is a new native x86_64 distribution with a selected set of creative tools and as much integration between them as possible. Most of the packages come from the Pure 64 port of Debian testing, with some from Ubuntu, some from DeMuDi and some custom built. Because we're sticking very closely to Debian with the 64 Studio design, it's our intention that users will be able to install any application that we don't include directly from a Pure 64 port mirror. This includes most of the well-known applications with the exception of OpenOffice.org, which just won't build natively on x86_64 yet.Switching to native 64-bit software doesn't necessarily realize an instant and obvious improvement in performance on the same hardware, but I believe that if we create a native platform, then application developers can begin to realize the benefits of 64-bit processor optimisation and an improved memory architecture. Even in the short term, it makes more sense than building i386 binaries to run on the latest hardware. 64 Studio version 0.2.0 alpha is available for download now as an .iso image. Changes from stock Debian include X.org instead of XFree86, the Gnome desktop installed by default, and a base selection of packages including the Gimp, Inkscape, Scribus, Blender, Audacity, Ardour, Jamin and Kino. Version 0.3.0 will be out at the end of June with more packages and enhancements, and the distribution is seamlessly upgradeable with apt-get of course. We have a fully open development mailing list and a ticket system for tracking bugs on http://64studio.com/. We'd be more than pleased to hear your test reports and suggestions for the distribution. You can help us make free software the creative desktop of choice. The 64 Studio companySince specialist distributions have relatively few users, they usually end up being maintained by a single person. External funding - whether from a government agency or venture capitalists - is often unreliable in the long term, and can sometimes steer the agenda of the distribution away from that of the users. I believe maintaining a niche distribution is too much work for a volunteer, so I have set up a company which is paying the lead developer, Free Ekanayaka, to create and maintain the system using the Custom Debian Distribution framework.Perhaps it's because I come from a publishing background, but I envisage the ideal Linux distribution to work in a similar way to a magazine. The maintainers are fundamentally in an editorial role, selecting the most appropriate free software from the many thousands of packages available, and putting it into a convenient monthly snapshot. Since the software is free software, it would be churlish of us to demand that people pay us to do this, but if we provide something of value then it should be worth a reasonable annual subscription. It's my view that the Mandrake Club was a step in the right direction, but that company didn't originally intend to integrate club membership with support, so you paid to be a member and then had to shell out for per-incident support on top. Community support often meets or exceeds the quality that proprietary software vendors provide, but people tell me that it's reassuring to have some paid-for support available as an option. Sometimes our questions are just too ordinary to interest people on a mailing list or forum, or at the other end of the scale they can require patience and time-consuming research to answer. It can sometimes be difficult to get the help you need when you're up against a project deadline. I believe that by covering one kind of desktop user really well, the 64 Studio company can provide detailed support for the people that need it at a modest cost. For the people that don't need support, or are planning large deployments where per-seat licences would be prohibitive, it's still free software - and we're not going to lock people into support contracts in order for them to access updates either. There will also be commercial support available for OEMs who want to build products using 64 Studio as a base, or to bundle the distribution with hardware as an alternative to Windows XP x64 edition. One day, we might even be able to buy a 64-bit laptop with the software we want on it! Biographical note: Daniel James is one of the founders of LinuxUser & Developer magazine, and served as the first director of the linuxaudio.org consortium.
New Releases OpenPKG 2.4 releasedOpenPKG 2.4 is out. "Much valued by IT decision makers and beloved by Unix system administrators, OpenPKG is the world leading instrument for deployment and maintenance of Open Source Unix software when administration crosses platform boundaries." This meta-distribution has grown to 562 packages for this release; click below for the details.
New Mandriva Linux Multi Network FirewallMandriva has announced the second version of its comprehensive infrastructure and security system Multi Network Firewall. MNF2 provides advanced firewalling, IDS (Intrusion Detection System) and VPN (Virtual Private Network) capabilities in a single product with a simple web interface. New features include new types of VPN such as PPTP and OpenVPN, network interface bonding and bridging, traffic shaping, network mapping and peer-to-peer filtering. MNF2 ships with one year online security update service and support options.
Live Linux System Knoppix 4.0 is ready (Heise)Heise Online looks forward to the imminent Knoppix 4.0 release. "Moreover, in Version 4.0 a number of expansions have been integrated that have flowed back to Knoppix from the Knoppix-based distributions Kanotix, Quantian, Paipix and Freeduc. With, for example, the Kanotix hardware support for ISDN and DSL adapters from AVM, an improved hard disk installer, scientific software from Quantian and Paipix and learning software for children from Freeduc among them."
Astaro Introduces Version 6 of Astaro Security LinuxAstaro Corporation has announced the release of version 6 of its Astaro Security Linux Unified Threat Management software. "The new version adds improved protection for Voice over Internet Protocol (VoIP) communications, increased protection from "zero-day attacks," enhanced configuration options, and support for the Linux 2.6 Kernel."
Distribution News Debian release team meeting minutesThe Debian release team held a meeting on June 18; some rough minutes from that meeting have been posted. After looking at the hard goals for the etch release (including X.org, gcc toolchain upgrade, amd64 integration, non-free firmware purging, etc.) and additional "would be nice" items, the group decided that an 18-month release cycle "seems sane." There's even a timeline calling for etch to come out in early December 2006.
Debian GNU/Linux newsMartin Michlmayr reports on a number of orphaned packages that are likely to be dropped. "There are currently over 200 orphaned packages, many of which have been on WNPP for quite a long time and some with RC bugs. I intend to request the removal of a number of packages in three weeks unless a package has been adopted by someone by then."James Troup reports that Debian's hosting of machines at Above.Net has come to an end. Some services will be relocated temporarily while a new provider can be found.
Release notes for FC4 erratumFedora Core 4 features release notes written using a new procedure and featuring many new details. Click below for links to FC4 errata and how to get involved in writing release notes for FC5.
An update from Terra Soft: Apple, PowerPC, LinuxTerra Soft, provider of Yellow Dog Linux, reports on its new sources for PowerPC. "IBM, Freescale, Mercury/Momentum, Genesi, Terra Soft and others are rallying to fill the void created by Apple's departure and expand the Power Architecture marketplace. Initiatives such as Power.org will help ensure the Power family will reach its full potential."
New Distributions KlinuxKlinux is an Italian GNU/Linux embedded distribution for industrial applications from Koan Software. It includes an integrated development environment (IDE) and debugging instruments for embedded and real time systems. Klinux is based on kernel 2.4.26 and 2.6.10. It supports all the processor families x86, ARM (StrongArm, XScale, AT91), and PPC.
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for June 21, 2005 is out. This edition looks at GNOME 2.10.1 in unstable, Debian at LinuxTag, Woody to Sarge upgrades, SELinux and BSD Ports, the menu system update, Debian in embedded systems, an etch wishlist, PostgreSQL transition, and much more.
Debian Weekly NewsThe Debian Weekly News for June 14, 2005 covers a discussion on release goals and the release team for etch, proposed changes to the release policy, C++ ABI changes, voting for DebConf 5 talks, Sarge for AMD 64, Debian and SELinux, and several other topics.
Debian Weekly NewsThe Debian Weekly News for June 8, 2005 is out with a look at 3.1 release parties, Debian at Code Fest Japan 2005, QA goals for Etch, and other topics.
Fedora Weekly News Issue 1The first Fedora Weekly News is out. Topics include the release of Fedora Core 4, an installation guide for Fedora Core 4, Tour de Fedora Core IV, upgrading Fedora Core 3 to Fedora Core 4, Red Hat Magazine - June 2005 - Issue 8, and more.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of June 20, 2005 is out. New management for the Gentoo store, Gentoo at the German LinuxTag 2005 in Karlsruhe, Gentoo Forum admin and moderators to become official staff members, Gentoo Forums receive hardware donation, are among this week's topics.
DistroWatch Weekly, Issue 105The DistroWatch Weekly for June 20, 2005 is out. "This issue focuses on some of the interesting events of the past week, including the war of words between the Linux and BSD communities, the failure of Lycoris as a business model, and the surprising revelation that the founder of Gentoo and one of the leading Linux personalities has accepted a job offer from Microsoft. We also wonder why SUSE does not participate in this year's LinuxTag, introduce a Debian sarge variant "with a human face", and tell you how to get the latest release of Linspire for free. The featured distribution of the week is INSERT, a tiny security and rescue live CD."
Package updates Fedora Core updatesFedora Core 4 updates: parted-1.6.22-3.FC4, system-config-securitylevel-1.5.8.1-1, elinks-0.10.3-3.1, ruby-1.8.2-7.fc4.1, arts-1.4.1-0.fc4.1, kdelibs-3.4.1-0.fc4.1, kdebase-3.4.1-0.fc4.1, kdemultimedia-3.4.1-0.fc4.1, kdesdk-3.4.1-0.fc4.1, kdeaccessibility-3.4.1-0.fc4.1, kdeaddons-3.4.1-0.fc4.1, kdeartwork-3.4.1-0.fc4.1, kdebindings-3.4.1-0.fc4.1, kdeedu-3.4.1-0.fc4.1, kdegames-3.4.1-0.fc4.1, kdegraphics-3.4.1-0.fc4.1, kdenetwork-3.4.1-0.fc4.1, kdepim-3.4.1-0.fc4.2, kdeutils-3.4.1-0.fc4.1, kdevelop-3.2.1-0.fc4.1, kdewebdev-3.4.1-0.fc4.1, kdeadmin-3.4.1-0.fc4.1, kde-i18n-3.4.1-0.fc4.1, util-linux-2.12p-9.5, sudo-1.6.8p8-2.1, gawk-3.1.4-5.2, mc-4.6.1a-0.10.FC4, pilot-link-0.12.0-0.pre3.0.fc4.1, selinux-policy-targeted-1.23.18-12, alsa-lib-1.0.9rf-2.FC4, alsa-utils-1.0.9rf-2.FC4, system-config-soundcard-1.2.12-2, jpilot-0.99.8-0.pre9.fc4.1, ImageMagick-6.2.2.0-3.fc4.0, hwdata-0.158.1-1.Fedora Core 3 updates: checkpolicy-1.17.5-1.2 (policy compiler only), selinux-policy-targeted-1.17.30-3.9 (allow unconfined_t full execmod access), ruby-1.8.2-1.fc3.2 (backported changes from devel), util-linux-2.12a-24.3 (bug fixes).
Slackware updatesThis week's Slackware updates include some java packages, an upgrade to sudo-1.6.8p9, and an upgrade to gtk+-2.6.8. See the slackware-current changelog for complete details.
Distribution reviews My Workstation OS: Kurumin Linux (NewsForge)Here's an article on NewsForge from a Kurumin Linux fan. "In fact, one of the highlights of this distribution is its extensive use of scripts. Kurumin comes out of the box with more than 400 small scripts -- most of them embedded in Clica-Aki, Kurumin's Control Panel -- aimed at making easier some of the usual configuration tasks such as setting up a server, installing softmodems and wireless adapters, and installing new software. These scripts are generically named Magic Icons, and they are designed to do what they have to do with just a few clicks."
Page editor: Rebecca Sobol Development Manage your movie collection with GCfilmsGCfilms is a film management application that is hosted on the FSF France's Gna project repository.
GCfilms is an application that can be used to manage a movie collection. A user can stock all the movies he has with some associated informations (where it is located, movie category, already seen or not, a rating,...). Then one can retrieve some movies matching filtering criteria (specific values for movies information).
This application has a plugin system to be able to find movies specific information (running time, actors, director,...) from Internet website. The user only enters the movie title and GCfilms automatically fill in these fields.
GCfilms features the following capabilities:
The installation instructions are simple and cover a number of popular Linux distributions and Windows. A test installation on Fedora Core 3 was refreshingly easy to perform. GCfilms is a cross-platform application that is written in Perl. Dependencies include Perl, Gtk2, and gtk2-perl. Version 5.1 of GCfilms was released this week: "Since last version announced on this site, there have been many improvements. These include: Completed translations, More user feedback (to try to be compliant with Gnome HIG), Performances improvements, Automatic conversion for genres, New plugins, Bug fixes and other improvements." For those of you with an artistic bent, a logo contest is underway, submissions will be accepted until the end of August. If you have a large collection of films that would benefit from some organization, GCfilms is the perfect application to use.
System Applications Database Software PostgreSQL Weekly NewsThe June 18, 2005 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL database articles.
Interoperability Samba 3.0.20pre1 Available for DownloadVersion 3.0.20pre1 of Samba is available for testing. "This is a preview release of the Samba 3.0.20 code base and is provided for testing only. This release is *not* intended for production servers. There has been a substantial amount of development since the 3.0.14a stable release (and since the 3.015pre2 release as well). We would like to ask the Samba community for help in testing these changes as we work towards the next official, production Samba 3.0 release." New features include a new asynchronous winbindd, support for Microsoft Print Migrator, a new Windows NT registry file I/O library, the SeTakeOwnershipPrivilege user right, and new net share migrate options.
Mail Software VA Linux Publicly Releases `FlexPOP'VA Linux has released FlexPOP, a POP mail server as open-source software. "FlexPOP is a new POP server developed by VA Linux, which has the merit of being fast and secure. FlexPOP supports the Maildir format, thus it can be used on large-scale systems which use NFS spools. Other strong points include user authentication with LDAP, POP before SMTP support, POP lock (mutual exclusion) support when accessed concurrently, timeout setting support for POP commands, delayed response support when POP authentication errors occurred and encrypted connection support."
FlexWebmail and FlexControl added to the VA FMS RosterVA Linux Systems Japan K.K: "... introduced FlexWebmail, a high-performance Webmail server, and FlexControl, a Web interface for user/mail account control, as a part of the VA FMS (FlexMessaging Solution), a total messaging solution. VA FMS are based on Open Source Software, and achieves high reliability, high availability, high performance and high extensibility."
Gotmail 0.8.4 ReleasedVersion 0.8.4 of Gotmail, a perl script that automatically downloads from hotmail.com, is out. "The focus of this release was to get as many patches merged and bugs closed from the sourceforge.net project tracker as possible. While last release fixed the hotmail.com page structure change, this release focused on optional features. Also, this release adds support for more than just hotmail.com and msn.com, and now allows use from other supported domains like: charter.com, compaq.net, hotmail.co.jp, hotmail.co.uk, hotmail.de, hotmail.fr, hotmail.it, messengeruser.com, passport.com, and webtv.net."
Sendmail X alpha 3 is outThe alpha 3 release of Sendmail X, a mail transfer agent, is available for testing.
Web Site Development scgi 1.4 releasedVersion 1.4 of scgi has been released. "The SCGI protocol is a replacement for the Common Gateway Interface (CGI) protocol. It is a standard for applications to interface with HTTP servers. It is similar to FastCGI but is designed to be easier to implement."
Zope 3.1.0 beta 1 released!Version 3.1.0 beta 1 of the Zope web development platform has been released, testers are needed. "Zope 3 is the next major Zope release and has been written from scratch based on the latest software design patterns and the experiences of Zope 2. It is in our opinion that Zope 3.1 is more than ready for production use, which is why we decided to drop the 'X' for experimental from the name."
Desktop Applications Audio Applications QjackCtl 0.2.17 releasedVersion 0.2.17 of QjackCtl, the Qt front end to the JACK audio server daemon, has been released. This release adds control over systemic I/O latency settings and coreaudio backend work.
Business Applications Bear 2.0rc3 has been released (SourceForge)Version 2.0rc3 of Bear, the ROLAP server from the BEE Project, has been announced. "We are going to release stable version of the v2.0.0 during the next week. We plan to release rc1 of v2.0.1 in the same time as well. This new version will bring several new features (e.g. improved subtotals management).""The BEE Project is a suite of tools supporting a Business Intelligence project implementation within middle-sized companies. The project methodology includes optimal data storage with respect to data analytical yield. The infrastructure for the ETL processes (data extraction and transformation, data warehouse loading) and the multi-layer application for analytic reporting are being developed. The solution architecture is based on the ROLAP methodology (relational on-line analytical processing) with the aim to cover projects with data volume up to 50 GB effectively, using open source technologies on the Linux/Intel platform."
Data Visualization matplotlib 0.82 releasedVersion 0.82 of matplotlib, a Python-based data plotting utility, is out. See the what's new document for change information.
Desktop Environments GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
GARNOME Weekly Snapshot Builds (GnomeDesktop)Paul Drain has announced a new release schedule for GARNOME, the testing version of GNOME. "After some thought, discussion and much testing of various build systems i've decided to try something new with GARNOME, in an effort to get as many interested people in a position to be able to test future GNOME releases as possible. In addition to the standard GARNOME release for each upstream release, every Thursday (GMT +10) a tarball will be created for branches of GARNOME -- that people can grab, compile, use and hopefully send bugreports, patches, criticisms, feature requests, etc to the list so that issues can be fixed *before* a release occurs."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Electronics New gEDA applicationsThe latest new electronic applications from the gEDA project include PCB snapshot 20050609, gnucap version 2005-06-10, Icarus Verilog snapshot 20050617, and GSpiceUI v0.7.18.
Games Ember 0.3.1 releasedThe WorldForge game project has released version 0.3.1 of Ember "Ember is a fully functional 3d client for the WorldForge project. It takes advantage of the latest graphic cards to present a beautiful, fully interactive world. An easy to use GUI allows the player to interact with both the world and other players with ease. This release adds support for areas, such as fields or paths. These areas are dynamically created from entities in the world. Also added support for showing objects wielded by characters. Additionally, a lot of bugfixes and graphical tweaks went into this version."
phpDiplomacy 0.6 Released (SourceForge)Version 0.6 of phpDiplomacy, a web-based board game, has been announced. "Diplomacy is a popular board game in which you battle to control Europe, but this isn't a game of luck; to win you must be diplomatic and strategic, forming and breaking alliances and bargains. phpDiplomacy takes the fight for Europe to the internet." Numerous enhancements have been added to the game.
Interoperability Wine TrafficIssue #279 of Wine Traffic is online with the latest news from the Wine project. Topics include: $$ and Development, Winecfg Goes Live, Documenting Config Options, AppDB Searching & To-Do, FFMpeg Video Wrapper (con't), MSN Messenger 6.2, Windows Icons in KDE, and VMWare Licenses.
Medical Applications NetEpi Case Manager V0.9 (late beta) available (LinuxMedNews)A late-beta release of version 0.9 of NetEpi Case Manager has been announced. "NetEpi Case Manager is a tool for securely collecting structured information about cases and contacts of communicable (and other) diseases of public health importance, through Web browsers and the Internet. New data collection forms can be designed and deployed quickly by epidemiologists, using a Web browser 'point-and-click' interface, without the need for knowledge of or training in any programming language."
Hui OpenVistA 3.0 Released to WorldVistA (LinuxMedNews)LinuxMedNews covers the release of version 3.0 of Hui OpenVista, an open-source healthcare information system. "The Hui development team made several key enhancements to Hui OpenVista - most notably a more streamlined configuration process. Release 3.0 provides a preconfigured baseline system that simplifies the steps needed to convert the Freedom of Information Act (FOIA) version of VistA to OpenVista. This enables users to quickly download the baseline as a starting point for configuring the system to their specific requirements."
Multimedia GStreamer Python 0.8.2 releasedVersion 0.8.2 of GStreamer Python has been announced. "This is the 0.8.2 release of the GStreamer Python bindings. It should be used with the 0.8.x series of GStreamer and GStreamer Plugins. This is the third stable 0.8.0 gst-python release, it's now considered stable and ready to be used in production. It's already being used by serveral applications."
Office Applications Gnumeric 1.5.2 Released (GnomeDesktop)Version 1.5.2 of the Gnumeric spreadsheet has been announced. It features Win32 improvements, Excel import improvements, Linear regression lines in scatter plots, and bug fixes.
Kolab 2 Groupware released!Stable release 2.0 of Kolab Groupware is out. Kolab is a replacement for Microsoft Exchange that can manage email, appointments, contacts and tasks. ""With our focus on native offline-capable clients, Kolab 1 had brought a new approach to the groupware world," explains Bernhard Reiter, CEO of Intevation GmbH and project coordinator. "With this second generation, users can now share their groupware folders even with users that use Outlook when they are using KDE and vice versa." Additional new features are support for servers at several locations, usability, speed improvements, support for spam-control and anti virus software."
Office Suites KOffice 1.4 releasedThe KOffice Team has announced the next version of the lightweight, integrated and complete office suite. Version 1.4 includes two new components - Krita and Kexi - and support for the OpenDocument file format.
Web Browsers Mozilla Firefox 1.0.5 Test Builds Available (MozillaZine)Test builds of the Mozilla Firefox 1.0.5 web browser are available. "The Mozilla Foundation is preparing to release a minor security update for Mozilla Firefox, ratcheting the browser up to version 1.0.5. While the final version isn't here yet, test builds of 1.0.5 for Windows, Linux and Mac OS X are now available."
Reporter Tool Makes Reporting Broken Websites Easier (MozillaZine)MozillaZine mentions a new feature in the Firefox browser. "Deer Park Alpha 1 and the latest Mozilla Firefox trunk builds include a tool for reporting broken websites. Known as Reporter, the tool is designed to make it easy for users to send details about sites that do not work well with Firefox. When a user encounters a problematic site, he or she can use the 'Report Broken Web Site' command in the Help menu to fill out a problem report with all the necessary details."
Independent Status Reports (MozillaZine)The June 17, 2005 edition of the Mozilla independent status reports have been announced. "The latest set of independent status reports includes updates from MenuX, InFormEnter, InfoRSS, PasswordMaker, pageplaylist, MozCreator, Platypus, Launchy, xulfrog, Mozilla Materials, Russ Key, Leet Key, WordBlock and adaptivehomepage."
Minutes of the mozilla.org Staff Meeting (MozillaZine)MozillaZine has announced the availability of the minutes from the May 13 mozilla.org staff meeting. "Issues discussed include the Mozilla Firefox 1.0.5 security release, Mozilla Thunderbird 1.0.5, feedback from Deer Park Alpha 1 and Thunderbird 1.1 Alpha 1, the 1.1 Alpha 2 timeframe, the server outage plan, Thunderbird accessibility and Apple."
Miscellaneous iPodder version 2.1 released (SourceForge)Version 1.2 of iPodder, a media aggregator which can automatically download files to a computer or portable device, is available. Here are some of the changes: "iPodder's accessibility has been extended with the addition of more than 15 languages and enhanced meta data for the visually impaired. Additionally, the foundation for one-click capabililty has been implemented, and support for feedmanagers like Podnova have been installed. This update also improves security and optimizes handling."
JMRI production version 1.6 is available (SourceForge)Production version 1.6 of JMRI/DecoderPro has been announced. "This project provides Java interfaces and sample implementations for controlling a model railroad layout from a personal computer. JMRI is intended as a jumping-off point for hobbyists to build their own layout controls."
Languages and Tools Caml Caml Weekly NewsThe June 20, 2005 edition of the Caml Weekly News has been released, take a look for the latest new Caml language articles.
Java PMD v3.2 released (SourceForge)Version 3.2 of PMD is available. "PMD is a Java source code analyzer. It finds unused variables, empty catch blocks, unnecessary object creation, and so forth. PMD v3.2 includes three new rules, a flurry of bugfixes, and various internal improvements to make writing rules easier."
Python Dr. Dobb's Python-URL! - weekly Python news and links (Jun 22)The June 22, 2005 edition of Dr. Dobb's Python-URL! is out with another weekly roundup of Python language articles.
Miscellaneous Open Language Tools Project code is availableThe first source code from the Open Language Tools project has been released. The Open Language Tools XLIFF Translation Editor and the Open Language Tools XLIFF Filters components are available. "The aim of the tools is to make the task of translating software and documentation as easy as possible, and so allow more people to use computers than ever before. If you can't use a computer because it's interface isn't translated into your language then we want to provide tools that can help."
Page editor: Forrest Cook Linux in the news Recommended Reading Mozilla Trademark Policy Finalised (MozillaZine)MozillaZine looks at the Mozilla Trademark Policy. "Last month, the Mozilla Foundation finalised its trademark usage rules. The Mozilla Trademark Policy sets out the terms and conditions under which the Mozilla Foundation's trademarks (terms like 'Mozilla' and 'Firefox' and their associated logos) can be used by third parties. In addition to the main trademark policy, there are also several related trademark documents, including the Localization Trademark Policy (sets out the rules for translated versions of Mozilla software) and the Mozilla Community Edition Policy (covering modified versions of Mozilla Firefox or Mozilla Thunderbird), though some of these are still at the draft stage."
US Patent Reform (Groklaw)Groklaw looks at the patent reform bill currently before the US Congress. "This bill's for you, if you are a high-tech company. I guess Microsoft is sick of being sued for patent infringement and losing. IBM would like patent reform too. And Oracle, and the BSA. Everyone knows the system is broken. But what to do about it? This is a bill to address their concerns."
Pop-up vulnerability found in major browsers (News.com)News.com reports on a new spoofing vulnerability which affects most browsers, free and proprietary. "To take advantage of the flaw, a cybercriminal would have to direct a Web user from a malicious site to a genuine, trusted site such as an online bank, in a new browser window. The malicious site would then open a JavaScript dialog box in front of the trusted Web site, and a user might then be fooled into sending personal information back to the malicious site."
Trade Shows and Conferences David A. Wheeler's Travelogue: FISL 6.0 in Porto Alegre, BrazilDavid A. Wheeler has written a travelogue (with pictures) on his recent trip to the 6th International Free Software Conference in Porto Alegre, Brazil (FISL 6.0). "For many, OSS/FS was essentially an opportunity to regain national sovereignty or company control over their own infrastructure, instead of allowing an external company (and a foreign one at that) to maintain total control and visibility over their internal infrastructure. There also appeared to be significant concerns about transparency as a reason why OSS/FS was so strongly preferred -- one speaker said something like "Governments need to know what happens in their networks, so they need to audit their code, so it [must?] be public source.""
KDE at LinuxTag 2005 - First Day Impressions (KDE.News)KDE.News reports from LinuxTag. "The booth was crowded as always. We were visited by politicians, entrepreneurs interested in deploying the Kiosk framework on Internet terminals, and for tomorrow a guided tour for pupils is planned so they can learn about how to effectively use their new desktop in school - which is KDE."
Companies eBay launches developer Web site (News.com)News.com covers eBay's new developer Web site. "At the Web site, dubbed eBay Community Codebase, developers will have access to source code for various eBay and PayPal tools and sample applications, as well as provide a way to more easily collaborate on projects with others. "We are dipping our toe, so to speak, in the pond of the open-source world," said Greg Isaacs, director of eBay's Developer Program."
Is Linux moving to HP's NonStop (Tandem) platform? (LinuxWorld)LinuxWorld.com.au considers the possibility of Linux being ported to HP's NonStop platform. "Speaking at a recent Red Hat customer/partner event, Martin Fink, the general manager of Linux and open source business at HP, said: "Maybe one day you'll actually see Red Hat Linux running native on NonStop" He stopped short of saying the move would definitely happen. HP has not formally committed to porting Linux to the NonStop platform, which runs on RISC-based CPUs made by Silicon Graphics. However, the vendor appears interested in running Linux on NonStop servers along the same line that IBM has moved its Linux operating system to run natively and as a virtual partition on the Big Iron."
Gentoo Linux founder to 'educate' Microsoft (News.com)News.com looks into Microsoft's hiring of Daniel Robbins. "Daniel Robbins, the founder and former chief architect of the Gentoo project, began working for Microsoft in late May, according to a posting this week on the Gentoo Web site. According to Gentoo, Robbins is "helping Microsoft to understand open source and community-based projects." Microsoft confirmed Wednesday that Robbins will have an educational role at the company."
Sun Delays Linux on Solaris Feature (GeekInformed)GeekInformed looks into a missing feature in Sun's newly released OpenSolaris operating system. "Sun Microsystems had scheduled to release a feature in Solaris 10 - codenamed Project Janus - that would allow consumers to run Linux applications unmodified on Sun's operating system, but the feature is missing in OpenSolaris. Instead of bringing attention to the missing feature, Sun is emphasizing a related open-source project - named Xen - as an alternative."
Tiny open source window manager catches a giant's eye (NewsForge)NewsForge looks at Matthew Allum's Matchbox Window Manager, which supports X11 on devices with small screens. "Allum became enamored with the idea of running Linux on a Compaq Ipaq in 2000 when he saw screenshots published by Compaq that showed the Ipaq happily running Linux. He bought one and installed Debian, but found that a lot of the Linux-based window managers didn't work with the small 240x320 display. Frustrated, he "bought a book on xlib," sat down, and in 2001 wrote Matchbox, a 50KB highly flexible window manager that depends only on xlib, which makes it lightweight enough to run on small devices without using too many resources."
Linux Adoption Korea brings homegrown open source to schools (News.com)News.com reports on South Korea's New Education Information System. "The project, called the New Education Information System, is built on a Korean-developed version of Linux that already services 190 schools in the heart of capital city Seoul. Jin Ko Hyun, president of the Korea IT Industry Promotion Agency, or KIPA, which is behind the project, said it has taken schools two years to test Buyeo, the Korean version of Linux."
Legal The BSA Sends A Letter Re EU SW Patents (Groklaw)Groklaw has an update on the EU software patents debate. "The Dutch government, in a report presented to the Dutch parliament recently, and now being circulated to other EU member states, says the software patent directive should be put on hold for five years, while issues get defined and sorted out better. They also think there is no way to separate patentable and unpatentable software. It's all or nothing, in their view, and they'd like all, but with tweaks to the patent system to reform it so that stupid patents don't get granted." Update: The Foundation for a Free Information Infrastructure (FFII) has draft results of the JURI vote available.
Big software houses seen winners in EU patent vote (Reuters)Reuters reports on Monday's JURI committee vote on the European software patent directive. "But the bill's sponsor in the legislature, French socialist Michel Rocard, suffered a string of defeats as key changes were made to his text. Rocard wanted a narrow definition of what sort of inventions could be patented, insisting that only a programmable piece of hardware could be covered, such as ABS brakes on a car or an insulin pump. Data processing and other inventions that are more pure software based should be excluded... But changes won by center-right and liberal opponents pushed the bill closer to a version adopted by the EU's 25 member states, which chose a far wider scope for patenting." Since this version now differs from the Council's version, it will have to be passed by a majority in the full session in July. That seems unlikely (nobody really likes this version), so the European Council may have its way in the end.
Interviews Joseph Cheek speaks about Mandriva's acquisition of Lycoris (DesktopLinux)DesktopLinux interviews Lycoris founder Joseph Cheek, Mandriva's acquisition of Lycoris is discussed. "Q: Do you expect Lycoris Desktop/LX to become merged with the Mandriva distro's, or will the Lycoris Linux desktop continue on as an independent distribution, for the foreseeable future? If they will be merged, how soon would you expect that to occur? A: They will be merged. The plan is to merge Desktop/LX Personal with Mandriva Discovery 2006, available this fall. Other bits of technology may show up in other Mandriva products, such as PowerPak and PowerPak+, Cooker, and so on, and some may take longer to integrate, but we expect to have a solid upgrade path available for purchase and/or download this fall."
Interview: Axmark and Behlendorf on OSS for India (NewsForge)NewsForge has an interview with David Axmark, co-founder of MySQL AB, and Brian Behlendorf, founder and CTO of CollabNet -- on the benefits of an open source IT economy for a country such as India. "NF: What does open source mean for India? Axmark: An opportunity to compete on equal footing with the developed nations. An opportunity to market company and personal skills without a big budget. An opportunity to be independent of the large software vendors and be in control of your own destiny."
Interviews on KPDF Usability Work (KDE.News)KDE.News features two interviews. "During recent conversations with some of the members of the OpenUsability project, some of the usability work on one of the more exciting applications in KDE, KPDF, was brought to my attention. I managed to catch up with Florian, from OpenUsability, and Albert, one of the KPDF maintainers to talk a little about themselves and their work and about the usability review and followup in KPDF."
Resources The Daemon, the GNU and the Penguin, Chapter 12 (Groklaw)Groklaw presents Chapter 12 of the online book "The Daemon, the GNU and the Penguin" by Dr. Peter H. Salus. The chapter covers GNU, the GPL and Cygnus.
Free Software Magazine Issue 4 is outFree Software Magazine for May 2005 has been released. This issue looks at the next (r)evolution, Unix Power Tools 3rd edition reviewed, the risks of writing and using proprietary software, and more.
Cooking with Python, Part 1 (O'ReillyNet)O'ReillyNet presents an excerpt from Python Cookbook, Second Edition. "Unicode is easy to handle in Python, if you respect a few guidelines and learn to deal with common problems. This is not to say that an efficient implementation of Unicode is an easy task. Luckily, as with other hard problems, you don't have to care much: you can just use the efficient implementation of Unicode that Python provides."
Creating desktop profiles with Sabayon (Red Hat Magazine)Red Hat Magazine covers the use of Sabayon to create templates for user profiles. "Suppose that you are an administrator of a large network. Part of your job involves creating user accounts for new people. Every user has different needs. Technically, you can tailor a desktop for every one of these new users. However, that would quickly get very tedious." (Found on Footnotes)
The Linux /proc Filesystem as a Programmers' Tool (Linux Journal)Linux Journal provides examples of the use of the /proc filesystem. "Before we begin to talk about the proc filesystem as a programming facility, we need need to establish what it actually is. The proc filesystem is a pseudo-filesystem rooted at /proc that contains user-accessible objects that pertain to the runtime state of the kernel and, by extension, the executing processes that run on top of it. "Pseudo" is used because the proc filesystem exists only as a reflection of the in-memory kernel data structures it displays. This is why most files and directories within /proc are 0 bytes in size."
TUX Magazine: iPod for KDE and K3b (KDE.News)KDE.News mentions the KDE articles in the latest edition of TUX magazine. "In this month's TUX magazine KDE's Jes Hall explains how to get your iPod working with amaroK. It also includes a comprehensive guide to KDE's CD burning application K3b. Available in HTML is a review of Kubuntu. TUX is a magazine for new GNU/Linux users and available as free PDF download."
Integrate Firefox with other tools (NewsForge)NewsForge presents an excerpt from the book "Firefox Hacks: Tips and Tools for Next-Generation Web Browsing" by Nigel McFarlane. "If you're moving over to Firefox from Mozilla, you've surely noticed how Firefox is built to be a sleeker, faster browsing engine. It accomplishes this in part by shedding all of its counterparts from the Mozilla Suite, including an email/news client, composer, and chat client. But that doesn't mean this functionality is no longer available. With a few extensions -- or with no work at all -- you can make Firefox integrate with your email client as though it were still part of a suite. You don't have to stop there, either; at least one valuable extension gives you the power to connect Firefox with virtually any program on your system."
OpenOffice.org Writer vs. Microsoft Word (NewsForge)NewsForge is running a detailed comparison of OpenOffice.org Writer 2.0 and Microsoft Word 2003. "That is not to say that Writer is a perfect program. Its interface is wildly inconsistent. Some features, notably cross-references, can most kindly be described as lacking. And in version 2.0, the attempt to imitate Microsoft Word hides several useful features. Yet, despite these shortcomings, OOo Writer is not only as fully developed as Microsoft Word, but often superior in terms of features and stability."
Reviews DShield - A community approach to intrusion detection (NewsForge)NewsForge looks at DShield. "DShield bills itself as a distributed intrusion detection system. It works by collecting statistics from firewalls all over the world. Just how many reports does DShield receive? Currently its Web site lists about 24 million records each day, with more than 840 million recorded last month."
A Festival of speech synthesis for Linux (NewsForge)NewsForge takes a look at the Festival Speech Synthesis System. "Festival is a free, portable, extensible, language-independent, run-time speech synthesis engine for various platforms that has been under development since 1999. Primary authors of the C++ system include Alan W Black, Paul Taylor, and Richard Caley. Festival is a part of the Festvox project that aims to make the building of new synthetic voices more systematic and better documented, making it possible for anyone to build a new voice."
How to Talk About Jini, J2EE, and Web Services at a Cocktail Party (O'ReillyNet)Kathy Sierra and Bert Bates explain Java distributed technologies on O'Reilly. "Heard about distributed technologies for Java, but not sure what they are or why they're important? Kathy Sierra and Bert Bates, authors of Head First Java, 2nd Edition, present this cocktail-party overview. Hold your own in conversation with Java geeks."
Miscellaneous Is Linux For Losers? (Forbes)The world is pointing to this, so we might as well too: this article is what you get when you put Daniel Lyons and Theo de Raadt together. "There's also a difference in motivation. 'Linux people do what they do because they hate Microsoft. We do what we do because we love Unix,' De Raadt says." Despite the real competition between Linux and the BSD family, there have rarely been outright hostilities between the two camps. It would be a shame if that were to change now.
Page editor: Forrest Cook Announcements Non-Commercial announcements FreeMED Foundation Seeks Board Members (LinuxMedNews)The non-profit FreeMED Software Foundation is seeking new members for its board of trustees. "The Foundation is seeking to expand its Board of Trustees and re-invogorate our development and ongoing process of leading edge innovation. We are looking particularly for physicians or Health Informatics personnel with experience and interest in electronic/computerized medical records and practice management. The term is two years. Most meetings are held by phone or net conference"
Linux and KDE Provide Rugged Desktops in Uganda, Africa (KDE.News)KDE.News covers the installation of solar and pedal-powered Linux/KDE desktop systems in western Uganda, by Inveneo and ActionAid. Inveneo's press release includes pictures of the installation.
OpenPKG Foundation e.V. establishedThe Open Source software project OpenPKG has announced the establishment of the OpenPKG Foundation e.V., a nonprofit organization providing the financial, material and manned support of OpenPKG.
Commercial announcements ANTs Software announces database with support for 64-Bit LinuxANTs software, inc. has announced version 3.2 of theANTs Data Server, a relational database management system that runs on 64 bit Opteron systems. "Supporting popular 64-bit Linux operating system implementations running on low-cost AMD Opteron platforms, ADS 3.2 sets a new price-performance benchmark, allowing very large OLTP and real-time analytical processing and reporting in main memory."
CadSoft Releases Eagle 4.15CadSoft has released version 4.15 of Eagle, a commercial printed circuit CAD application with a freely downloadable "lite version" for hobby use. See the what's new document for the list of changes.
HP Ships Over 1 Million Linux ServersHP has announced its sale of over 1 million Linux servers. "HP today announced that it has set an industry-first milestone by shipping more than 1 million Linux servers to customers since 1998, 45 percent more than any other major hardware vendor. HP has led the worldwide Linux server market for 29 consecutive quarters. In the first quarter of 2005, HP grew 2.5 percentage points faster than the market in units on a year-over-year basis, shipped nearly 10 times as many Linux servers as Sun, led IBM by almost 8 percentage points in quarterly revenue share and outpaced Dell in both units and revenue."
Netline Moves Headquarters to U.S., Changes NameThe open-source collaboration server Netline has announced a move of headquarters and a change of name to Openexchange Inc. "Netline Internet Service, makers of the world's leading open source collaboration server, announced today that it has transferred the intellectual property, trademarks, URL's, branding and marketing rights to Open-Xchange Server from Netline to New York-based Openexchange Inc. Under a multi-year contract, Netline will continue to provide development services for Openexchange and has been designated as an Open-Xchange reseller."
PathScale and ParTec Team to Deliver Linux ClustersPathScale has announced that it will team with ParTec to deliver Opteron-based Linux clusters. "PathScale's new InfiniPath(TM) InfiniBand cluster interconnect is being integrated with and optimized for operation with ParTec's ParaStation4(TM), a robust and efficient cluster middleware solution that consists of high-performance communication tools and a sophisticated software management layer."
Sleepycat Ships Major Upgrade to Berkeley DB Java EditionSleepycat Software has announced a new Java version of its Berkeley Database. "Sleepycat Software, makers of the world's most widely deployed open source developer databases, today announced the general availability of version 2.0 of Berkeley DB Java Edition, a transactional database written in pure Java technology. Additionally, Sleepycat today announced that Berkeley DB Java Edition is now officially certified on Sun Microsystems' Solaris 10 Operating System for x64 platforms."
USBDUX makes Knoppix live CD with USB DAQ supportUSBDUX has announced a Knoppix-based live CD with support for its USB data acquisition devices. "Customers who have enjoyed the unique combination of Linux and USB offered by USBDUX can now use the system from a windows machine simply by booting Linux from the CD drive."
VA Linux Publicly Releases 'FlexPOP'VA Linux Systems Japan K.K. (VA Linux) has announced the release of 'FlexPOP', a fast and secure POP server which supports large-scale systems, and an Open Source Software solution. FlexPOP is a part of the company's VA FMS (FlexMessaging Solution), a total messaging solution for use in small-to-middle scale organizations to large scale network service providers with over one million accounts. FlexPOP source code can be obtained from FlexPOP Project hosted on SourceForge.net.
Zend Collaborates with PayPalZend and PayPal have announced a collaborative development effort. "Zend Technologies, Inc., the PHP company, and creator of products and services supporting the development, deployment and management of PHP-based applications, today announced it collaborated with PayPal, a leading online payment company, to contribute updates to the open source PHP SOAP project, delivering a new version of PEAR::SOAP. PEAR::SOAP version 0.90 updated many previously known issues and vastly improved the module's WSDL and namespace support. By giving these improvements back to the PHP community, developers worldwide are better able to work with all Web Services from their PHP applications."
New Books No Starch Releases "Ending Spam"O'Reilly has published the book Ending Spam by Jonathan A. Zdziarski.
SitePoint Releases "Firefox Secrets"SitePoint has published the book Firefox Secrets by Cheah Chu Yeow.
"Performance Tuning for Linux Severs" published by IBM PressIBM Press has published the book Performance Tuning for Linux Severs by Sandra K. Johnson, Gerrit Huizenga and Badari Pulavarty.
Web Mapping Illustrated - O'Reilly's Latest ReleaseO'Reilly has published the book Web Mapping Illustrated by Tyler Mitchell.
Resources (IN)SECURE Magazine Issue 2 is outIssue #2 of (IN)SECURE Magazine, a PDF-format, free, digital security magazine, is available.
Building the Ultimate Student WorkstationPete Harlow has written an article on building a Linux-based student workstation. "This describes the building of a state - of - the - art Linux - based student workstation from a small barebones box, from mechanical assembly through to software installation."
Contests and Awards Design a logo, win fame and prizes (NewsForge)News Forge has an announcement for a logo contest, the prize is a 60GB iPod Photo MP3. "The Open Source Academy, a United Kingdom government project designed to encourage the use of open source software in the public sector, needs a logo. In the spirit of open source community, the Academy launched a logo design competition today, and you don't have to be a professional graphics designer to enter."
Nominations Open for 2005 Linux Medical News Freedom Award (LinuxMedNews)LinuxMedNews has announced that nominations are being accepted for the 5th annual Medical News Freedom Award of $500. Nominations should be submitted by July 30. "Free and open source software isn't 'magic pixie dust' and there are real people making significant personal sacrifices as well as doing difficult work to make medicine's free software future a reality. This award is intended to honor the individul or project who has accomplished the most towards the goal of improving medical education and practice through free/open source medical software."
Upcoming Events Black Hat Briefings AnnouncementsRegistration is open for the summer Black Hat Briefings conference. The event will be held at Caesars Palace in Las Vegas, Nevada on July 27-28, 2005, training sessions will be held on July 23-24 and July 25-26.
Debian Project at OSS Symposium, LinuxTag and DebConfThe Debian Project will have member representation at the OSS Symposium, LinuxTag and DebConf events in June and July, 2005.
Events: June 23 - August 18, 2005
Web sites KDE Dot News: Now Sponsored by Ark Linux and OSUOSL (KDE.News)KDE.News has announced its sponsorship by Ark Linux and OSUOSL. "I am pleased to announce that KDE Dot News has gained new hosting sponsors. We are now hosted on the Ark Linux server through the OSU Open Source Lab network, having successfully completed the transfer little more than a week ago. As some of you may know, we have a long history of having been hosted and co-hosted with Ark Linux, so it is great to be back with our old friends."
Mozilla Quality Assurance Weblog Launched (MozillaZine)MozillaZine has an announcement for the new Mozilla Quality weblog site. "Some members of the Mozilla quality assurance team have launched a new weblog for the QA and testing community. The Mozilla Quality weblog, hosted here at MozillaZine, is run by Mozilla Foundation employees Asa Dotzler (QA lead), Jay Patel (manages the Quality Feedback Agent infrastructure), Marcia Knous (project manager who does some QA stuff) and Tracy Walker (QA engineer)."
Miscellaneous Jeff Merkey rides againFor some amusement: have a look at Jeff Merkey's new site: merkeylaw.com. "This site tracks the Federal Lawsuits filed in US District Court, District of Utah against Pamela Jones, Groklaw, Finchhaven, Pagan Savage, Merket.net, Slashdot, Bruce Perens, IP-Wars.net and John Does 1 - 200. This lawsuit is scheduled to be filed June 22, 2005." Incidentally, Jeff is acting as his own lawyer...
The next chapter in the Merkey sagaJeff Merkey claims to have filed his suit against Bruce Perens, Pamela Jones, Slashdot, and 200 "John Does". It makes for wild reading. "Perens posted Internet messages on LWN.net stating to Linux and OSS members that 'Merkey works for SCO,' and that 'Merkey should be placed in a file of people to be killed'. Merkey has not or ever worked for SCO or the Canopy Group." Your editor, strangely enough, is unable to find any comments on the system calling for anybody to be killed.
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||