LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
Recent Features
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for July 07, 2005Getting Started Listening to PodcastsLast week, I discussed creating podcasts and offered some pointers to how you could get started along with reviews of a couple of books that can help. This week I want to back up a bit and talk about how you can get started listening to podcasts.The Basics First, though, I do need to address the question of what makes a podcast different from a regular audio file posted on a website. On a purely technical level, nothing is really different about the audio file. In fact, if you just want to listen to a podcast to see if it is something you would like to listen to on a regular basis, the best bet is often to go to the podcast website and simply download a recent episode and play it in your media player. What is different is the way in which the audio file is normally retrieved. Rather than being something you click on, download, and play, you subscribe to the podcast RSS feed. This works by virtue of the fact that Dave Winer added an element called an Enclosure to RSS 2.0. Note that the enclosure element is actually not specific to audio: it can be used for pretty much any media element including video or images. The beauty of this solution is that you simply need to subscribe to whichever podcasts interest you and then listen to them whenever new shows arrive - and whenever you feel like playing them. No need to check web sites for updates. No need to be online to listen to a streaming feed. Many people have referred to podcasting as "TiVo for audio" or "timeshifting radio" and indeed it very much works that way. So in order to subscribe to podcasts, you need some software tool that can: a) handle RSS feeds; and b) interpret the RSS enclosure tag to download the media automatically for you. At a base level, that is pretty much all you need and the software that does this is often called either a "podcatcher" or "podcast aggregator". Of course, the programs out there don't simply do the base. They add the ability to easily manage your subscriptions, schedule the interval to check (ex. setup an appropriate cron job), manage the downloaded files, etc. The Software Linux users have the choice, of course, of podcatcher software in pretty much any language and with or without a GUI. A search on "podcast" at sites such as SourceForge or freshmeat will turn up a variety of choices in various states of development. Some of the prime contenders are: iPodder - For someone just getting started who wants a GUI, my personal recommendation would be to start out with iPodder (also called the "iPodder Lemon" because of its logo). Being python-based, iPodder is cross-platform and is heavily-used within the Windows and Mac worlds. Linux users receive the benefit of all that usage/testing and have a robust program to use. Screenshots are available if you would like to see what it is all about. BashPodder - For the text-inclined, BashPodder provides the functionality you need via a basic shell script. Simple, easy, and a breeze to extend. In fact, the site contains a wide range of user-contributed extensions and customizations. Additionally, for those who want the power of the shell but still with a GUI, there is BPConf that allows you to easily configure BashPodder. jpodder - Another interesting choice is jpodder, a Java-based cross-platform podcatcher. Like iPodder, it is GUI-based and has a range of features. Other choices - There are a range of other options (and readers are encouraged to leave their recommendations as comments), including:
A reader last week also commented that they were able to have Apple's iTunes program running on their Linux system using CrossOver Office. In any event, you need to have one of these programs installed to have the simplicity of subscribing to podcasts. The Next Step Once you have the software installed, you need to find podcasts to which you can subscribe. Some of the podcatchers, such as iPodder, include a built-in directory. Even with such a directory, though, you'll probably want to check out some of the directory sites. More keep appearing on a daily basis, but some of the major sites include:
Typically all you need to do is find the URL for the show's RSS feed and then enter it into your podcatcher software. Some programs allow drag-and-drop... but in any event that's it... you are now subscribed and will start to receive new shows. (Some podcatcher software will download the most recent show and then all new shows - some software will download all shows available in the feed.) Happy listening! And please do feel free to leave comments to this article about your favorite podcasts - or feedback about various podcatcher software.
A look at the Bizgres ProjectThere are a lot of PostgreSQL-derivative projects in the news lately. In May we looked at the EnterpriseDB project. The Bizgres Project released their 0.6 release last week, with a few new features of interest to organizations using PostgreSQL for data warehousing and business intelligence.The Bizgres project was launched in April of this year. It is based on the PostgreSQL project, with development sponsored by Greenplum, which also uses the Bizgres source code in its DeepGreen offering. Josh Berkus, who works for Greenplum and is a member of the PostgreSQL core team, talked to us about the Bizgres release and the plans for the project. The 0.6 release has two features of interest that are not currently found in PostgreSQL. The first is a patch that speeds up bulk loading of text data. Berkus said that the patch "speeds up bulk loading of text data by refactoring some of the bulk loader code." The other feature is an improvement in temporary table creation. When tables are created using the "CREATE TABLE AS SELECT" statement, transaction logging is bypassed which can provide major benefits in performance -- in effect, a kind of "scratch" table that can be used to hold a copy of data that is being worked with without logging transactions. Berkus said that the Bizgres team is planning on expanding the capability to include the ability to bulk load into a "scratch table" but the current feature does not allow that. With so many PostgreSQL-derived projects available, some may wonder if the project is forking. He said that Greenplum plans to contribute its features back to the PostgreSQL project, but that the timing of PostgreSQL releases made it hard to get the features that interest Greenplum and its customers into mainstream PostgreSQL in a timely fashion:
Feature freeze for 8.1 was July 1st, that was the last day for consideration of patches for 8.1, and for that matter, if you introduced a major patch on July 1 that hadn't been discussed, there's very little chance it'd be introduced [in the 8.1 release of PostgreSQL]. Much of the stuff [in Bizgres] has bad timing, and would have waited for 8.2.
Since PostgreSQL 8.2 is currently slated for summer of 2006, there is a distinct advantage in creating a derivative distribution of PostgreSQL to allow Greenplum and the Bizgres Project to push its features out to its users earlier. Berkus compared this to Linux vendors like Red Hat backporting features from the 2.5/2.6 kernel series to the 2.4 series while 2.6 was still in development. He also compared Bizgres to embedded Linux or Real Time Linux, "in that we're focusing on a distribution of PostgreSQL entirely focused on needs of people running data warehouses or doing business intelligence." Users outside those profiles, said Berkus, probably don't want to consider Bizgres or DeepGreen at all. He also said that the Bizgres project is focused only on Linux, Solaris and Windows, as opposed to all of the platforms that are supported by the PostgreSQL project, which produces fewer platform compatibility issues for Bizgres. Berkus allowed for the possibility that Bizgres could have features that do not make it into mainstream PostgreSQL, if they were of benefit to data warehouse applications without providing a benefit to general performance, but that he wasn't aware of any features under consideration that would fit that category. As for licensing, Berkus said that anything developed by Greenplum for Bizgres would be available under a "BSD or analogous license."
We want to permit commercialization. Our goal, overall is to make it the standard in data warehousing and the BSD license is the best to choose. It eliminates any legal concerns that someone might have about adopting your software.
He also said that he wasn't concerned about other companies snapping up Bizgres' technology. According to Berkus, the major vendors like Microsoft, IBM and Oracle, "already have technology of their own that they have investment in, and they're unlikely to abandon theirs... and if they did [take Bizgres features and make them proprietary] it would be enough of a moral victory that it would be worth it." Given the number of companies working on PostgreSQL distributions, it should be interesting to see how many of the improvements flow back into the main project, and whether the various companies can avoid straying too far from the main project. It should also be interesting to see whether the Bizgres project gains much steam as an independent project. The mailing list traffic isn't particularly heavy yet, but the project is still very new. For users who are interested in trying out Bizgres, the 0.6 release is available as source code or binaries for Solaris 10 or Red Hat Linux.
First Look at Knoppix 4.0The much awaited "maxi" DVD edition of Knoppix 4.0 was presented at the Linux Tag conference in Karlsruhe, Germany last week. As usual, this was a special edition and not a public release, but it didn't take long before the ISO image hit some of the popular BitTorrent download sites and it was even spotted on a few FTP servers a few days later. The reason for the high demand is not hard to understand - Knoppix 4.0 is the largest live Linux DVD ever produced, with a great collection of "the best open source software" available today.First, some numbers. The size of the single-layer compressed DVD image is 4,122 MB. It contains over 9 GB of software in the form of 2,663 Debian packages providing more than 5,300 individual programs. Most of them come from the recently released Debian 3.1 "sarge", but there are several noteworthy upgrades, such as KDE 3.4.1. KDE is still the default desktop, but Knoppix 4.0 now contains ten other desktop environments and window managers, including the complete GNOME (2.8.1) and XFce (3.8.16 and 4.0.6), and even some exotic ones, such as LarsWM, Openbox, and RatPoison. Booting this DVD on a 4-year old 1.4 GHz Pentium 4 system with 384 MB of RAM took just under 8 minutes (from the GRUB boot prompt to KDE); for comparison, booting the Knoppix 3.9 CD on the same system took only about 3.5 minutes. It needs to be mentioned that, starting from version 4.0, Knoppix will be split into two editions - "maxi" DVD and "light" CD. The light edition will essentially be the same Knoppix live CD that we have come to love and appreciate over the last couple of years, except that all development software will be removed and replaced with more general desktop applications. The public release of Knoppix 4.0 is expected within the next few weeks, with the "maxi" DVD and "light" CD editions appearing simultaneously. The Knoppix 4.0 DVD contains many of the most popular open source software packages for the desktop, server, office, graphics, multimedia, and development. Compared to the live CD edition, users now have a choice of KOffice (1.3.5) and GNOME Office (AbiWord + Gnumeric), in addition to OpenOffice.org (a recent beta of the 2.0 series). On the server side of things, both Apache 1.3 and 2.0 are present, and, unlike the CD edition, the DVD also includes PostgreSQL 8. Some other interesting packages that have been missing from all recent Knoppix CD releases include Blender, Eclipse, GnuCash, Mozilla, LyX and teTeX. One downside of the DVD is that, with so many applications included, the standard Debian menus tend to be badly cluttered and poorly organized; as an example, the "Internet" submenu contains a total of 76 items, while the "System" submenu contains 88 items! Besides adding new packages, what else is new in Knoppix 4.0? In the absence of any changelog we had to dig around the menus and file system to see what exciting things are hiding under the bonnet. The DVD has retained the Unionfs file system so extra packages can be installed on the fly - either from Debian repositories with apt-get or the newly included Synaptic, or via the web-based Klik installer, which also includes some non-free packages. A new feature is the ability to switch between the 11 desktop environments through a "Restart KNOPPIX Desktop" utility. Also, the DVD now contains a lot more documentation in HTML and PDF formats, including the excellent 133-page Knowing Knoppix and m23 Software Distribution guides. There seems to be an increasing level of collaboration between the developers of Knoppix and other Knoppix-derived live CD and DVD projects. The Kanotix developers contributed some DSL network configuration and hard disk installation code (due to data decompression, a partition of at least 12 GB in size is required for installing the DVD edition of Knoppix 4.0 on the hard disk). Much of the newly included scientific and statistical software was accepted from the Quantian and Paipix live DVD projects, while a lot of educational software found its way into Knoppix from Freeduc, a distribution designed for schools. Although providing a large number of applications on the DVD should please those users who missed some important pieces of software on the earlier CD editions, the size of the DVD presents its own set of problems. We have already mentioned the unsightly and difficult-to-navigate menus, but a potentially more annoying problem is the general sluggishness of the system while it runs from the DVD. Maybe a more modern DVD drive would be able to launch software packages in a speedier manner, but we were not impressed with a delay lasting several minutes after clicking on a PDF file in Konqueror. Likewise, OpenOffice.org Writer took 150 seconds to launch. Even navigating the menus was painfully slow, much slower than any of the CD editions. Of course, once an application is cached in the memory it starts a lot faster, but the first run of any large software package will likely test your patience. This brings in the question about how useful a 4 GB Knoppix live DVD really is. Although it is easy to get excited over all the goodies available at a mouse click, many people will undoubtedly be put off by the long boot times, poor system responsiveness and cluttered menus. After having played with the system for a few minutes, we found ourselves craving for the much leaner and faster Knoppix CD - although not nearly as full-featured as the DVD edition, it contains enough applications to satisfy the majority of users. Whether you use Knoppix as a rescue CD, carry it around to boot computers in Internet cafes, or employ it to demonstrate Linux and open source software to interested parties, the CD edition of Knoppix will probably remain a more practical tool than the more complete, but also more sluggish DVD edition.
Security Brief items PEAR XML_RPC remote code execution vulnerabilityA serious vulnerability in the PEAR XML_RPC library and the XML-RPC for PHP package has been disclosed. The vulnerability allows unsanitized data to be passed to theeval() call, which would allow execution of arbitrary PHP code.
The vulnerability was reported by James Bercegay of the GulfTech Security Research Team. Bercegay reports that the
<?xml version="1.0"?>
<methodCall>
<methodName>test.method</methodName>
<params>
<param>
<value><name>','')); phpinfo(); exit;/*</name></value>
</param>
</params>
</methodCall>
PEAR's library or the XML-RPC for PHP package are used in a number of PHP-based projects, including WordPress, Drupal, PostNuke, Xaraya, phpGroupWare, Tikiwiki, and many others, which means that there are a lot of vulnerable servers out there. Users of PHP-based blogging applications and other packages that use XML_RPC should check to see if the software is vulnerable and update the package as soon as a new release is available. Some projects, like PostNuke, are advising users to remove the offending code altogether.
PEAR's XML_RPC library is also distributed with many Linux distributions. Most of the vulnerable projects and distributions have announced updated packages, and the PHP project has bundled the new PEAR XML_RPC package in PHP 4.4.0RC2, and a separate release is available on the PEAR site. The final PHP 4.4.0 release is scheduled for July 11. Users can also update the PEAR library by running " Users should upgrade or take steps to remove the library as soon as possible, as it seems likely that exploits of this vulnerability will begin appearing in the wild soon, if they have not already.
New vulnerabilities crip: insecure temporary files
kernel: multiple vulnerabilities
phpbb: arbitrary command execution
php-pear: remote code execution
zlib: buffer overflow
Updated vulnerabilities a2ps: input validation error
kernel: Linux amd64 kernel vulnerabilities
bzip2: race condition and infinite loop
cacti: SQL injection and PHP file inclusion
ClamAV: denial of service
cpio - file permissions error
cpio: directory traversal
cURL: buffer overflow
cvs: multiple vulnerabilities
cyrus-imapd: buffer overflows
dbus: information disclosure
dhcp: format string vulnerability
Dnsmasq: poisoning and DoS
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
ettercap: format string vulnerability
evolution: message crash vulnerability
Foomatic: Arbitrary command execution in foomatic-rip
gaim: denial of service
gdb: multiple vulnerabilities
gtk-pixbuf, gtk2: denial of service
gedit: format string vulnerability
gettext: Insecure temporary file handling
gftp: missing input sanitizing
ghostscript: symlink vulnerabilities
glibc: tempfile vulnerability in catchsegv script
gnupg: information leak
grip: buffer overflow
groff: insecure temporary directory
gxine: format string vulnerability
gzip: race condition and directory traversal
Heimdal: buffer overflow vulnerabilities
htdig: cross site scripting
ImageMagick: xwd coder denial of service
imap: buffer overflow in c-client
imlib2: buffer overflows
infozip: privilege escalation, directory-traversal
junkbuster: heap corruption and settings modification
kdelibs: unsanitzied input
kernel: multiple vulnerabilities
kernel: ELF loader core dump vulnerability
kernel: multiple vulnerabilities
kimgio input validation errors
libconvert-uulib-perl: arbitrary code execution
libdbi-perl: insecure temporary file
libgd2: buffer overflows in PNG handling
libnet-ssleay-perl: weakened cryptographic operations
libTIFF: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
lvm10: creates insecure temporary directory
mailman: path traversal
mc: buffer overflow
mod_python: remote access vulnerability
Mozilla Firefox, Mozilla Suite: multiple vulnerabilities
mozilla firefox: javascript vulnerabilities
MPlayer: heap overflows
MySQL: input validation and temporary file vulnerabilities
ncpfs: multiple vulnerabilities
Net-SNMP: fixproc insecure temporary file creation
nfs-utils: arbitrary code execution
openssh: directory traversal
openssl: der_chop script temp file vulnerability
OpenSSL: information leak
OpenSSL: denial of service vulnerabilities
perl: setuid vulnerabilities
perl: symlink vulnerability
php4: integer overflow and denial of service
phpsysinfo: cross-site-scripting
postgresql: EXECUTE privilege vulnerability
postgresql: database initialization errors
Pound: buffer overflow
ppxp: missing privilege release
razor-agents: denial of service
RealPlayer HelixPlayer arbitrary code execution
rp-pppoe, pppoe: missing privilege dropping
ruby: arbitrary command execution
samba: integer overflow vulnerability
SpamAssassin: Denial of Service vulnerability
SpamAssassin: denial of service
squid: DNS spoofing
SquirrelMail: multiple vulnerabilities
SquirrelMail: several XSS vulnerabilities
sudo: race condition
File overwrite vulnerability in tar and unzip
tcpdump: denial of service
tcpdump: multiple DoS issues
telnet: buffer overflows
Tor: information disclosure
trac: file upload vulnerability
vixie-cron: crontab allows any user to read another users crontabs
wget: file overwrites and arbitrary code execution
Wordpress: multiple vulnerabilities
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
XV: multiple vulnerabilities
Resources Linux Advisory Watch - July 1st 2005The Linux Advisory Watch for July 1, 2005 is out, with articles on Linux File & Directory Permissions Mistakes, Measuring Security IT Success, Getting to Know Linux Security: File Permissions, The Tao of Network Security Monitoring: Beyond Intrusion Detection, and other news.
Linux Security Week - July 4th 2005The Linux Advisory Watch for July 4, 2005 is out. Articles include Review: The Book of Postfix: State-of-the-Art Message Transport, Introduction: Buffer Overflow Vulnerabilities, Getting to Know Linux Security: File Permissions, and more.
Page editor: Rebecca Sobol Kernel development Brief items Kernel release statusThe 2.6.13-rc1 kernel was released on Jun 28. It contained over 2000 different patches, showing that there was a lot of pent-up development during the end of the 2.6.12 release cycle. It contains changes in almost all areas of the kernel, such as: USB, SCSI, driver core, ALSA, static cleanups, IDE, network drivers, network core, audit, input, pcmcia, I2C, W1, V4L, NFS, IB and ARM arch. It also contains some new features such as kexec/kdump, execute-in-place and a new architecture called xtensa. Also, devfs has been disabled from the build (but the code is still present). In all, over 3000 files were changed, with over 190000 lines added and over 84000 lines removed.Since then, the 2.6.13-rc2 kernel was released on July 5. It had a much more manageable set of around 180 patches. The patches were mostly bug fixes for various things that were merged in the 2.6.13-rc1 release: driver core, PCI, ARM, TCP, pcmcia and serial, along with a few new options: driver binding and unbinding from userspace through sysfs. The current stable 2.6 kernel is 2.6.12.2, it was released on July 1. Linux 2.4.32-pre1 was released on July 4, it contains x86_64 security updates and other fixes.
Kernel development news A couple of graphical git front endsThe development of git is a classic free software success story, even at this early stage. When Linus Torvalds needed a new tool for managing source code revisions, he sat down for a week and bashed out something which was enough for other people to play with. It didn't do much, but it contained enough in the way of good ideas and functionality that a group of developers quickly gathered around it and started making it better. Git may still have a number of rough edges, but, to a great extent, it has taken BitKeeper's place in the development process.One of those rough edges has been the lack of graphical tools for working with the repository. Things are happening in this area as well, however, and there are now two tools available which warrant a look. These tools (being gitk and qgit) both function as patch browsers; neither, currently, can actually make any changes to a git repository. In other words, capabilities like three-way patch conflict resolution are still missing. But you have to start somewhere; either of these tools will be helpful for anybody who wishes to look at the path the kernel took to get to the current point.
gitk is a Tk-based utility written by Paul Mackerras; the current release
is version 1.1. The build
Running gitk yields a three-paned window. At the top is a reverse-time list of committed patches, along with a graphical trace showing which tree each patch was merged from. Tags in the repository are indicated by a cute little yellow tag in this pane. The bottom left shows the selected patch in a fairly gaudy, colorful form. The commit text and the patch itself are run together, just as they would appear in an emailed patch. On the lower right is a list of files touched by the current patch; clicking on the name of a file narrows the view to the corresponding portion of the patch. There is a simple "find" function which can search for patches whose description or author information match a given string; searching with regular expressions is possible. If you know the SHA tag for a given commit, you can type (or paste, presumably) it into a blank and view the corresponding patch. gitk also stores the SHA ID of the current commit in the X selection, allowing it to be pasted into git commands if need be.
The alternative to gitk is qgit, a Qt-based application
currently at version 0.6. The initial experience with qgit is a little
rougher; the application uses SCons for
building instead of make. Since most systems tend not to have SCons
The initial qgit window looks very similar to gitk. The lower left pane shows only the commit text, however; the actual patch is nowhere to be seen. A single click on the filenames on the right appears to do nothing; a double click will pop up a separate window with the full text of the file. It turns out that one has to double-click on the appropriate line in the top pane to get a separate window with the patch itself. Once the window is up, it will be updated with the body of any patch selected in the main window. The presentation of the patches is a bit nicer than in gitk; the use of color is a bit more restrained, and patches are shown in the diff -up format that developers are used to reading. The patch window, however, has the obnoxious feature that it is permanently on top of any other window on the screen, regardless of the user's desires. Nicely, in version 0.6, the qgit file browser window includes line-by-line annotation which makes it easy to figure out which commit modified a specific piece of code. This feature is enough to make one wish that the kernel.org git repository contained more than a few months of history. qgit also makes it possible to search for specific patches; entering a string in the blank and clicking "filter" will narrow the patch view to the patches containing the string. It is not obvious, but the way back to the full listing is to hit "filter" again. Once upon a time, your editor asked the BitKeeper folks how to determine which tree was the source of any particular changeset in the mainline. The answer that came back was that this information was not available - BitKeeper did not store it. So it is pleasing to see this information so readily in evidence in either git front end. We really do have a better handle on the development history than we did even a few months ago. Both tools can be a bit rough to use at times, and their features are limited. When one considers that, back at the beginning of March, none of this software existed at all, it is hard not to be impressed. There is a lot happening around git, and, chances are, we've just barely seen the beginning of it.
Looking at inotify againIn September, 2004, LWN.net took a look at the inotify patch. This patch has been reworked a number of times by its primary developers, and has been living in the -mm kernel tree for a few months. With the recent What to merge for 2.6.13? discussion, inotify was mentioned as something that might be considered for merging into the main kernel tree. One thing that few kernel developers had paid attention to in the inotify patch was the userspace interface to the feature. So, let's take a look at how a programmer is supposed to interact with inotify.From the documentation included in the kernel patch, inotify communicates to userspace through a character device, /dev/inotify. This is a misc character device (it uses the misc_register() kernel interface to create its character device), and if you use udev to manage /dev, the device node is automatically created. If not, the character node needs to be created by hand: mknod /dev/inotify c 10 63Inotify works with something called "watches". A "watch" is an object and a mask that describe an event that the user wants to receive notification events from. The object is either a file or a directory, as represented by an open file descriptor, and the mask is a bitmask of events. The different types of events that can be monitored are: IN_ACCESS The file was accessed IN_MODIFY The file was modified IN_ATTRIB The metadata changed IN_CLOSE_WRITE The writtable file was closed IN_CLOSE_NOWRITE The unwrittable file closed IN_OPEN The file was opened IN_MOVED_FROM The file was moved from location X IN_MOVED_TO The file was moved to location Y IN_CREATE A subfile was created IN_DELETE A subfile was deleted IN_DELETE_SELF self was deletedIf the user wants to monitor all events, a handy IN_ALL_EVENTS macro is defined which includes all of the above event flags combined together. To create a watch and register it with the kernel, an ioctl is called on the /dev/inotify node:
struct inotify_request request = { fd, mask };
int watch_desc = ioctl(dev_fd, INOTIFY_WATCH, &request);
where fd is the open file descriptor of the file or directory you wish
to watch, and mask is the type of event to monitor.
To remove a watch that is already in place, another ioctl should be
sent:
ioctl(dev_fd, INOTIFY_IGNORE, watch_desc); Once a watch has been registered with the kernel, a simple read() call to the device node is used to retrieve events based on that watch (and all other watches that have been registered for this process.) The structure of the data that read from the kernel is described in the following C struct:
struct inotify_event {
__s32 wd; /* watch descriptor */
__u32 mask; /* watch mask */
__u32 cookie; /* cookie to synchronize two events */
__u32 len; /* length (including nulls) of name */
char name[0]; /* stub for possible name */
};
All of the fields are pretty self explanatory, with the exception of
"cookie". If this field is not set to 0, then it is used to tell
userspace that multiple events happened at the same time on the same
object. An example of this is renaming a file. If a directory is being
watched and the following file rename happens in it:
mv foo bazthere would be 2 events generated, an IN_MOVE_FROM and an IN_MOVE_TO event. They would both have the same cookie value, which allows userspace to coordinate the events. The /dev/inotify node allows select() and poll() to be called on it, so a blocking read() is not necessary, which would tie up a program's thread. The FIONREAD ioctl is also supported by inotify, and returns the size of the current pending event queue, if userspace wishes to do dynamic buffer allocation to place the events into. When the userspace program that had the /dev/inotify node open exits, or when the node is closed, all watches that were registered with the kernel are destroyed and cleaned up properly. For a very simple example program that shows how to register for events, and read events as they happen, see the inotify-utils package that can be found here. For more details on the kernel design decisions that the inotify developers went through in creating this system, please see the inotify documentation in the kernel patch. It describes why a character node was used instead of signals, and other details.
Patches and updates Core kernel code
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Page editor: Forrest Cook Distributions News and Editorials Yellow Dog Linux 4.0.1 and Y-HPCA conspicuous banner at the Terra Soft Solutions web site informs viewers that "PowerPC is not dead". This resonant affirmation of PPC's capacity to endure is meant to address the concerns of consumers that doubt the value PowerPC software in the wake of Apple's stunning x86 about-face. Those that follow the issue know that the perpetuation of the PowerPC architecture is not really in dispute. With robust POWER processors in all the next generation gaming systems, it is likely that the architecture will be around for years to come. While we will soon see PowerPC consoles on top of our televisions, Apple's migration to x86 creates some questions about the relevance of PowerPC on the desktop. With POWER supercomputers topping the list and IBM aggressively promoting Linux on POWER, it looks like the Linux PPC server market is starting to heat up. Kai Staats, CEO of Terra Soft Solutions (TSS) and a familiar face in the PPC Linux community believes that there is more than enough demand for PPC server solutions to keep him in business despite Apple's hasty retreat from the market. TSS is an Apple reseller, best known for Yellow Dog Linux (YDL), it's popular GNU/Linux distribution for the PowerPC platform. Based on Fedora, YDL 4.0.1 is a flexible and intuitive distribution that supports a wide variety of hardware from Apple and IBM. While broader package selection and community driven development models make non-commercial alternatives like Debian and Gentoo a superior choice for many developers and home consumers, availability of quality services and support as well as pre-installation make YDL a popular pick for schools, government agencies and corporations that utilize PowerPC technology. The 4.0.1 release features a number of important updates and adds support for the iMac G5 and the Mac mini. I put it to the test to see how it compares to some of my favorite non-commercial distributions. Aside from the excellent hardware support and virtually flawless automated configuration, YDL is relatively unremarkable. Those who are comfortable with Fedora and RPM package management will feel right at home with it. It performs relatively well and it is relatively stable. The limited availability of YDL RPMs is probably the most prodigious defect. While four CDs may seem like a lot, there are a lot of holes. Firefox is only available via the 'Extras' repository, and libglade for Ruby (which I use heavily for rapid application development) doesn't appear to be available at all. Developers who don't use mainstream languages are out of luck: YDL doesn't come with compilers for Eiffel, C#, Ocaml or Haskell. If you want to use GHC or Mono, for instance, you are probably better of with Debian or Gentoo. While my esoteric development needs may not be indicative of general user needs, it is likely that the needs of most users will not be adequately met by what is available within the limited YDL package ecosystem.You can use TSS's web-based repository interface to find out if YDL has the packages you need. The boxed set comes with four installation CDs, four source CDs, a 10 page installation quickstart, a cute frisbee-esque thing bearing the YDL logo, and a comprehensive 180 page guide that contains a thorough introduction to KDE, a relatively effective introduction to the command line, and a concise introduction to Linux administration. The guide contains expository comparisons to OS X and Windows that will help users of other operating systems understand the significance of various KDE/Linux features. The most notable deficiency of the user guide is the severe KDE bias and the absence of Gnome documentation. Aside from that, the guide provides good coverage of relevant features. The distribution comes with YUM for package management. Though YUM has become a standard part of the RedHat Linux distribution, it was originally designed by TSS (and then modified by Duke University) specifically for YDL. YUM has a smaller code base than apt4rpm and features superior dependency handling. YDL 4.0.1 comes with a few intriguing PowerPC extras, including Mac-On-Linux (MOL), which allows users to run an entire mac environment at near-native speed inside of a window. I was looking forward to trying out MOL with OS X. Unfortunately, MOL doesn't support OS X 10.4, so I was unable to see it in action. Apparently, it doesn't support macs with G5 processors either. It's still worth looking at, and probably quite impressive when it works. Check out this spooky screenshot from the MOL web site. With any luck, MOL support for Tiger will be added soon. TSS provides a number of services for customers. YDL.net Enhanced members get a pop/imap accessible e-mail account, early access to YDL ISOs and web hosting. Updates appear to be free via YUM. Also of interest is Terra Soft's Y-HPC, a 64-bit PowerPC GNU/Linux distribution and "cluster construction-management suite" compatible with a wide variety of PowerPC systems, including Apple's Xserve and IBM's JS20. Y-HPC provides users with a complete 64-bit development environment that features IBM's XLF and XLC compilers. Y-HPC natively supports double-precision as well as up to 16GB of RAM and contains complete 32 and 64-bit development tool chains. Y-HPC comes with a PowerPC port of SystemImager and TSS's unique, user-friendly image management interface called Y-Imager that facilitates visual, node-based cluster construction. Y-HPC also features PPC-64 builds of many popular open source applications. I still prefer Debian on my desktop, but YDL presents a few compelling benefits, particularly for those who already have extensive experience with RedHat or Fedora. There are also definitely contexts in which Terra Soft's high performance computing solutions are optimal. TSS designed a YDL-based Xserve imaging cluster for deployment on US Navy submarines and provided Boeing with specialized G5 computers for Weapons Systems Officers training programs. Despite the imminent extinction of Apple PPC hardware, we may see renewed interest in TSS as demand for Linux on POWER escalates.
New Releases Trustix Secure Linux 3.0Trustix Secure Linux 3.0 has been released. "Other additions to the system include X.org X11 libraries, FreeRadius support, easy PXE installs, Mini CD and Net CD versions of the OS, enhanced hardware detection, installation on RAID and logical volumes and a range of kernel upgrades including the shift to Linux 2.6 kernel and BASH 3." Click below for the announcement.
Ubuntu "Breezy Badger" Colony CD 2Ubuntu has the Colony CD 2 ready. This is the second in a series of milestone CD images that will be released throughout the Breezy development cycle, as images that are known to be reasonably free of showstopper CD-build or installer bugs, while representing very current snapshots of Breezy. You can download it here or click below for the full announcement.
Distribution News Debian GNU/Linux newsMatthias Klose reports that GCC 4.0 is the default GCC in etch as part of the C++ ABI change.The Sixth Annual Debian Conference begins July 9, 2005 at the Computer Science department of the Helsinki University of Technology in Espoo, Finland This editor plans to arrive in HEL on Saturday afternoon.
FC4 CD/DVD Installer Syslinux Crash WorkaroundThose installing Fedora Core 4 may have a problem with certain motherboard chipsets that may be affected by the syslinux crash bug. For those having trouble with FC4 installs, Warren Togami presents a workaround (click below).
Slackware LinuxSlackware Linux reports that a new package browser is being tested at http://slackware.it/en/. "Everyone is invited to give a look over there, and report any kind of problem you may find. The plan is to backport the new package browser here on the .com if everything goes well, and maybe some of the other new features from slackware.it too (depending on how well they scale.)"
New Distributions grml-small 0.1 releasedGRML is a live CD based on Knoppix and Debian with a collection of GNU/Linux software for system administrators. It provides automatic hardware detection and can be used for system rescue, for analyzing systems/networks or as a working environment. grml-small fits on a business card CD-ROM or USB device with 50MB. The initial version of grml-small, 0.1 (codename zugschlus), was released July 5, 2005.
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for July 5, 2005 looks at Debian packages for X.Org, minutes of the release team meeting, ongoing installer development, ongoing Firefox Trademark problems, a GLADE transition, and more.
Fedora Weekly News Issue 3The Fedora Weekly News for July 4, 2005 is out. Topics in this issue include Status of Livna Repository, JPackage Java for FC4, Bluetooth Dialup Networking for FC4, Caveats and Known Bugs on FC4, FC3 to FC4 Upgrade Process Question, More Fedora Core 4 Reviews, Up2date Issue on FC4, and more.
Ubuntu MOTU report - issue 5In this edition of the MOTU report you'll meet two new Masters of the Universe and find out more about the C++ transition, REVU - a next-generation package review tool, and more.
DistroWatch Weekly, Issue 107The DistroWatch Weekly for July 4, 2005 is out. "Last week's release of SUSE LINUX 9.3 ISO images provided much excitement during the otherwise dull week and many users are now discovering the joys of computing with one of the oldest and best-known Linux operating systems around. In the meantime, the Debian Project ended up with a tarnished reputation for being unable to provide timely security updates for sarge - will this fiasco bring radical changes to the project's security infrastructure? Also in this issue: comment on the recent merger of Mandriva and Lycoris, and an interesting change in the release policy of Fedora Core."
Minor distribution updates WHoppix becomes WHAXWHoppix was a Knoppix-based live CD designed to be a standalone penetration testing toolkit. The focus remains the same, but WHAX is now SLAX/Slackware based. WHAX v.3.0 Beta2 was released July 5, 2005.
Package updates Fedora Core updatesFedora Core 4 updates: totem-1.0.4-1 (upgrade to version 1.0.4), rgmanager-1.9.34-5 (upgrade), magma-plugins-1.0.0-2 (upgrade), iddev-2.0.0-1 (upgrade), magma-1.0.0-1 (upgrade), gulm-1.0.0-2 (upgrade), fence-1.32.1-1 (upgrade), dlm-1.0.0-3 (upgrade), cman-1.0.0-1 (upgrade), ccs-1.0.0-1 (upgrade), GFS-6.1.0-3 (upgrade), mod_perl-2.0.1-1.fc4 (upgrade), qt-3.3.4-15.1 (patches and bug fixes), gnbd-1.0.0-1 (upgrade), netpbm-10.27-4.FC4.2 (bug fixes), cryptsetup-luks-1.0.1-0.fc4 (fix twp incompatibilities), kdevelop-3.2.1-0.fc4.2 (fix undefined symbol issue), kdeartwork-3.4.1-0.fc4.2 (look at the right xscreensaver dirs), gjdoc-0.7.5-3 (FC4 update), javacc-3.2-1jpp_2fc (FC4 update), lucene-1.4.3-1jpp_3fc (FC4 update).Fedora Core 3 updates: netpbm-10.27-4.FC3.1 (bug fixes), selinux-policy-targeted-1.17.30-3.16 (allow unconfined_t to execmod file_type), kdenetwork-3.3.1-3.1 (fix Kopete MSN login).
Trustix Secure Linux updatesTrustix bug fix advisories: #2005-0031 updates (clamav, cpplus, dev, imagemagick, kerberos5, kernel, openldap, pam_ldap, perl-net-server, php, php4, sqlgrey, swup) and notes end of life for Trustix Secure Linux 1.5 and 2.1, #2005-0032 updates (iproute, kernel, sqlgrey).
Newsletters and articles of interest Comodo-Trustix announce Trustix Secure Linux 3.0 release (IT Observer)IT Observer covers the release of Trustix Secure Linux 3.0. "TSLs rapidly expanding new user base has identified a wide range of possible improvements which have now been implemented and made available in this release. Foremost amongst these is the new installer "Viper". Apart from the added ease of use and many new features "Viper" boasts the ability to poll the latest updates during the installation process. This ensures that servers deploying TSL will be up to date and secure right from the first installation effectively closing the insecurity window that exists between first installation and the time it takes to locate, download and implement upgrades."
LiveLAMP Available: $10,000 Server Software Solution Free (Groklaw)Groklaw looks at LiveLAMP, a bootable CD project from Australia's Open Source Victoria. "According to OSV, LiveLAMP can turn any PC into an instant server capable of supporting up to 1,000 students doing work on over a dozen programming languages and hundreds of development tools. Technologies covered include PHP, Python, Perl, MySQL, Ruby, PostgreSQL, C++, C, Pascal, Fortran, CVS, Apache, Lex/Yacc, text editing, HTML, JavaScript, CSS, XML and many more. LiveLAMP will fully integrate with their existing Windows, Apple or Linux systems. OSV estimates that purchasing proprietary versions of this software for 1000 students and teachers would cost each school over $10,000 if they had to pay for it."
My Workstation OS: Puppy Linux (NewsForge)NewsForge looks at Puppy Linux. "The Puppy Linux distribution was started by Barry Kauler independently of any other distro. Barry went back to basics and reinvented a much better wheel. Puppy has an informed, diverse, and active support forum, a wiki (with news), and great developers who actually listen. The distribution is regularly updated."
Distribution reviews FreeSBIE: A FreeBSD live CD (NewsForge)NewsForge reviews FreeSBIE, a FreeBSD-based live CD. "The current version 1.1 is based on FreeBSD version 5.3. It works directly from the CD without altering any data on your hard disk, but version 1.1 also offers the option of a hard disk installation using a feature borrowed with permission from the BSDinstaller team. FreeSBIE support several types of desktop environments. You can use it as a shell only, or as a full desktop with all the applications you expect in a desktop system."
Bleeding-Edge Linux Desktop: SuSE Linux Professional 9.3 (eWeek)eWeek reviews Novell's SuSE Linux Professional 9.3. "What it all adds up to in the end is that if you need an advanced Linux desktop, SLP is an excellent choice. It's also great for people who need to look right over the bleeding edge of Linux technology to see what tomorrow will bring. However, for beginners or general desktop users, there are better choices."
Linux to the rescue: A review of three system rescue CDs (NewsForge)This NewsForge article looks at three open source rescue CDs. "I tested the three for basic rescue features: mounting partitions to read and write data, disk management (format, partition, etc.), network access, CD/DVD writing, and virus scanning. These are the most important rescue disk features, and if they work well, you are well on your way to getting your machine working again."
Page editor: Rebecca Sobol Development Track eBay bids with JBidwatcherThe JBidWatcher project is:
A Java-based application allowing you to monitor auctions you're not part of, submit bids, snipe (bid at the last moment), and otherwise track your auction-site experience. It includes adult-auction management, MANY currencies (yen, pound, dollar (US, Canada, Australian, and New Taiwanese), Swiss Francs, and euro, presently), drag-and-drop of auction URLs, a unique and powerful 'multisniping' feature, a relatively nice UI, and is known to work cleanly under Linux, Windows, Solaris, and MacOSX from the same binary.
The feature list includes:
Newly added features include:
Version 0.9.7 of JBidWatcher was released this week. "This version is a major overhaul, with several major new features and dozens of bugfixes. The top four features are Customizable Columns, Buy It Now support, automatically Subtract Shipping from Snipes, and RSS Feeds." See the changelog file for more information on this release. JBidWatcher has been released under the Lesser General Public License (LGPL). The software is available for download here. If you are a frequent eBay auction bidder, JBidWatcher is a handy tool that can give you an advantage over other bidders. All that you need to worry about is where to store all of that new stuff you just bought.
System Applications Database Software HSQLDB 1.8.0 released (SourceForge)Version 1.8.0 of HSQLDB, an SQL database engine that is written in Java, has been announced. "HSQLDB is a relational database engine written in Java, with a JDBC driver, supporting a large subset of ANSI-92 SQL. A small, fast engine with both in memory and disk based tables. This product is the continuation of HypersonicSQL."
Interoperability Samba3 Compendium ReleasedA new Samba documentation collection has been released. "For those who want a more searchable Samba book, the Samba Compendium may be of interest. This electronic-only book is made up of all current samba documentation, logically arranged to suit the electronic medium."
Mail Software bogofilter 0.95.2 releasedVersion 0.95.2 of bogofilter, a Bayesian mail filter, is out. "This release includes unicode support. When creating a new wordlist, the UTF-8 character set will be used. For compatibility, bogofilter will not use unicode when operating with old wordlists. Additionally, wordlist locking has been changed. One lock is now used for the whole database rather than one lock per page."
Eridani releases MailStripper V1.3.2Eridani Star System has announced the release of MailStripper version 1.3.2, an SMTP spam filter. A long-standing stream freeze and timeout bug has been fixed.
Printing Chap 4 Of New CUPS ManualChapter 4 of the CUPS printing system manual is online: "This chapter describes how to save printer options for your printer and set your default printer."
VPN Software SSL-Explorer 0.1.12 released (SourceForge)Version 0.1.12 of SSL-Explorer, an open-source SSL VPN solution, is out. "Release 0.1.12 of SSL-Explorer contains several new features mainly concerning authentication methods. A new 'security questions' module has been introduced that may be prompted in addition to regular password entry. Authentication schemes may also now be defined that allow the administrator to configure authentication policies to suit their environment. This allows the user to select from a range of defined authentication schemes when logging in. A number of usability enhancements have also been introduced; the most notable of which being the dynamic popup menu. Lastly, the VPN client may now be started from any page in SSL-Explorer."
Web Site Development Analog is 10, Nathan is 0Stephen Turner has announced the 10th year anniversary of Analog, a web server logfile analysis package. "Today is analog's 10th birthday! On 29th June 1995, I wrote a message to the comp.sources.testers newsgroup asking for people to test a new logfile analyser I had started writing".
Nvu 1.0 Released (MozillaZine)MozillaZine covers the release of version 1.0 of the Nvu web authoring system. "I am immensely happy to report that Nvu 1.0 went live an hour ago. As usual, it's available from the official site (www.nvu.com) or the official mirror (nvu.viapanda.com/1.0/changelog) for Windows, Mac, Linspire5, FC3, Linux 2.6.10, and for the first time Mandriva. Nvu broke the 500,000 users limit with version 1.0PR, and we expect even better results for this 1.0."
Desktop Applications Audio Applications Snd-ls V0.9.4.3, Mammut V0.20, Ceres V0.43 and moreA multiple announcement for the audio applications Snd-ls V0.9.4.3, Mammut V0.20, Ceres V0.43 and the Snd RT-extension documentation has been sent out.
Desktop Environments GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
libnotify in GNOME Applets (GnomeDesktop)Rodrigo Moya is experimenting with libnotify in various GNOME applets. "While Rodrigo has already scrapped the trash notification, there are many places where this could be a nice enhancement in the GNOME Desktop. What do you think? What types of actions would you use/not use notifications?"
Nautilus Enhancements (GnomeDesktop)GnomeDesktop covers the latest enhancements to the Nautilus file manager. "Some new enhancements are finding their way into Nautilus. The first is new tree functionality complete with auto-expand for dnd to the spatial Nautilus list view, much like what is seen here on a Mac. Nautilus now has the ability to create a new file when dragging and dropping text into a Nautilus window."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit Digest (KDE.News)KDE.News has announced the July 1, 2005 edition of the KDE Commit Digest. Here's the content summary: "Kopete supports MSN http protocol. amaroK adds support for media:/ urls. Speedups in Krita and aKregator. Work continues on Quanta plugin for KDevelop."
Electronics Electric 8.02 releasedVersion 8.02 of Electric, a VLSI CAD design system, has been announced. "This is a complete translation of Electric from C to Java, and also includes some new features."
XCircuit 3.3.19 releasedVersion 3.3.19 of XCircuit, an electronic schematic drawing package, is out. Changes include improvements to the undo mechanism and other fixes.
Games Cyphesis 0.3.12 ReleasedVersion 0.3.12 of Cyphesis, a server for WorldForge games, has been released. New features include drawing of paths and roads, a new river, growing trees from seeds, a graveyard, bug fixes and more.
Imaging Applications GIMP development snapshot (2.3.2) (GnomeDesktop)Development snapshot 2.3.2 of the GIMP has been announced. "The most notable change in this release is the start of a massive menu reorganization. Your feedback on this effort is much appreciated. Please add your suggestions on how to proceed with this."
Instant Messaging Laffer 0.3.2.7 released (SourceForge)Version 0.3.2.7 of Laffer, a cross-platform web-based instant messenger client, is out. "Changes are: The initial protocol for the communication between the IM proxy server and the client was changed. There is new "docs" directory where the documentation will be stored."
Medical Applications OpenVistA SemiVivA FOIA Gold 20050507 available (LinuxMedNews)OpenVistA SemiVivA FOIA Gold 20050507, a medical health record system, has been announced. "It combines the FOIA release from the VA's FTP site with GT.M V5.0-000."
Music Applications wcnt 1.2 releasedVersion 1.2 of wcnt, a not-real-time modular audio synth, sequencer, and sampler, is out with numerous changes.
Office Suites OpenOffice.org NewsletterThe June, 2005 edition of the OpenOffice.org Newsletter is online with the latest OO.o office suite news.
extendedPDF 1.3 beta releasedVersion 1.3 beta of extendedPDF has been announced. "'extendedPDF' is an OpenOffice.org macro that converts an OpenOffice document into a PDF document. The output includes the original document's headings as PDF bookmarks, and includes the original hyperlinks as PDF hyperlinks. Document meta-information (such as title, author, and keywords) is also added."
RSS Software Making Your RSS Feed Look Pretty in a Browser (O'ReillyNet)Ben Hammersley customizes RSS feeds for display in a web browser. "As more and more non-techie websites offer syndication feeds, a growing number of non-technical readers are clicking on the links and filling their screens with confusing XML. But syndication content doesn't have to look like geeky markup or malformed text in your readers' browsers. You can make it look quite pretty, and give clues to what the feed is actually for."
Science Ghemical 1.90 ReleasedDevelopment version 1.90 of Ghemical, a molecular modeling package, is available.
Video Applications VLC media player 0.8.2 released (SourceForge)Version 0.8.2 of VLC media player is available. "VLC 0.8.2 has been released and has support for Dirac encoding and decoding. Dirac is a general-purpose video codec aimed at resolutions from QCIF (180x144) to HDTV (1920x1080) progressive or interlaced. It uses wavelets, motion compensation and arithmetic coding and aims to be competitive with other state of the art codecs."
Web Browsers SeaMonkey Project Continues Internet Suite (MozillaZine)MozillaZine covers progress in the SeaMonkey project. "Robert Kaiser Writes: "On behalf of the SeaMonkey Council, I'm happy to announce the formation of a group to continue new development of the Mozilla Application Suite code under its new name: SeaMonkey." "See the official announcement for more details about the new SeaMonkey project and it's relation to Mozilla." "We'll be offering our first developer release, SeaMonkey 1.0 alpha, shortly.""
Rewrite of Bookmarks Code Planned (MozillaZine)MozillaZine covers an effort to rewrite the Firefox bookmark code. "Vladimir Vukicevic has announced that he plans to completely rewrite the bookmarks code used by Mozilla Firefox. The revamped bookmarks system should be simpler, more flexible and allow bookmarks to be used in new ways. Vlad explains, "The first order of business is to come up with a list of things that we'd like to be able to do with bookmarks, and then to create a data API that can support all these things in a fairly generic fashion.""
Languages and Tools Caml Caml Weekly NewsThe July 5, 2005 edition of the Caml Weekly News is online with the latest Caml language developments.
Java GNU Classpath 0.16 releasedVersion 0.16 of GNU Classpath, a set of essential libraries for Java, is available. "This is the first release of GNU Classpath since our Harmony collaboration with the Apache group." Numerous improvements are included.
Hermes 1.9.1 Released (SourceForge)Version 1.9.1 of Hermes has been announced. "Hermes, a GUI for working with JMS, has a new release. You can browse queues and subscribe to topics, copy messages around between providers, the clipboard and the filesystem. Hermes includes a simple plugin framework so non-JMS functionality can be exposed in the GUI. This lets you monitor queue depths, get statistics from the provider and search for administered queues and topics."
Lisp SBCL 0.9.2 releasedVersion 0.9.2 of Steel Bank Common Lisp has been released. "This version supports the EUC-JP external format, provides better management of symlinks, a larger dynamic space size on the PPC architecture, improved threading, and more."
Perl This Week in Perl 6 (O'Reilly)The June 21-28, 2005 edition of This Week in Perl 6 is online with the latest Perl 6 development news.
PHP PEAR XML_RPC Vulnerability and PHP 4.4.0RC2 releasePHP Version 4.4.0 RC2 has been released with a security fix. "An easily exploitable security issue was discovered in PEAR XML_RPC <= 1.3.0. We recommend that users of this PEAR class immediately upgrade to the latest version with: pear upgrade XML_RPC The same security problem exists in many other XML RPC implementations, please check if the installed applications that you use might have a similar problem. The new PEAR XML_RPC package is also bundled with the second release candidation of PHP 4.4.0RC2. Besides this new PEAR package there are two minor issues fixed since PHP 4.4.0RC1."
Python python-dev SummaryThe June 1-15, 2005 edition of the Python-dev Summary is online with coverage of the Python-dev mailing list.
Dr. Dobb's Python-URL!The July 5, 2005 edition of Dr. Dobb's Python-URL! is online with the latest Python development articles.
pyc 0.6 releasedVersion 0.6 of pyc, a utility for compiling Python applications into bytecode, is available. See the Change Log for more information.
Tcl/Tk Dr. Dobb's Tcl-URL!The July 4, 2005 edition of Dr. Dobb's Tcl-URL! is available with the latest Tcl/Tk news and resources.
Debuggers An introduction to Delta Debugging (NewsForge)NewsForge examines the Delta Debugging technique. "Every developer knows that debugging -- the process of finding and fixing defects in program code -- is an important process. Often, the effort devoted to it outweighs the cost of all the other software development phases. Debugging is unpredictable, since a single bug can hold clueless developers hostage for long time. And unfortunately, debugging has always been a mostly manual affair -- but that's about to change, with the advent of Delta Debugging."
Page editor: Forrest Cook Linux in the news Recommended Reading ESR: 'We Don't Need the GPL Anymore' (O'ReillyNet)Federico Biancuzzi talks to Eric Raymond about license issues. "Q:Why did you say we don't need the GPL anymore? A:It's 2005, not 1985. We've learned a lot in the last 20 years. The fears that originally led to the reciprocity stuff in GPL are nowadays, at least in my opinion, baseless. People who do what the GPL tries to prevent (e.g., closed source forks of open source projects) wind up injuring only themselves. They trap themselves unto competing with a small in-house development group against the much larger one in the parent open source project, and failing."
Changes loom for patent process in US, EU (NewsForge)NewsForge looks at patent reform in the U.S. "Non-obviousness is supposed to be the foundation of the patent system. No invention should be granted a patent if it doesn't contain the "aha" factor - the element of surprise that grabs experts in the technology, causing them to exclaim, "wow! I never thought of that!" Yet, over and over again, the United States Patent and Trademark Office (USPTO) grants patents for algorithms that leave software developers scratching their heads and saying, "that one, we already knew.""
European Software Patent Directive Defeated (FSFE)The European software patent directive has been defeated, according to a press release from the Free Software Foundation Europe (FSFE). "After years of struggle, the European Parliament finally rejected the software patent directive with 648 of 680 votes: A strong signal against patents on software logic, a sign of lost faith in the European Union and a clear request for the European Patent Office (EPO) to change its policy: the EPO must stop issuing software patents today."
Trade Shows and Conferences JavaOne 2005: Participate in the Future of Java (O'ReillyNet)O'ReillyNet covers JavaOne 2005. "Participation is Sun's theme for JavaOne 2005, as repeatedly preached by speakers in the general sessions of the two days that opened this week's developer conference. The idea was captured early by emcee John Gage, Sun's chief researcher and science office director, who began the first day by asking developers to stand up, then by asking all CTOs, VCs and other deal-makers to stand up. "OK, programmers," he said, "there's who you have to meet.""
Report: FreeNX on LinuxTag (KDE.News)KDE.News has a report on the FreeNX talk at LinuxTag. "During the full hour of live demoing, not only did they showcase very fast remote GUI access to various KDE desktops. Amongst these was a brandnew Kubuntu installation on an IBM mainframe derivative (a Power5/PPC64 machine) running a very nice polished KDE 3.4.1. Kurt and Fabian had recently ported FreeNX to that platform."
Report: KDE at Le Droit D'auteur et Vous (KDE.News)KDE.News has a report from Le Droit D'auteur et Vous (Copyrights and You). "The main thing I realised during the whole day was about education. Everyone has the right to have access to education and educational material should be free. One of the main successes of the last three years is Wikipedia showing that it is possible to achieve this."
The MA Software Council's OSS SIG Kickoff Meeting (Groklaw)Groklaw covers the kickoff meeting of the Massachusetts Software Council's Open Source Software SIG. "There were three sessions, one on legal issues, one on business issues, and one on how to run an open source project, plus a, um, lively talk by Mark Fleury, CEO of JBOSS, as the keynote speaker at lunch. He's Dr. Fleury, by the way. He has a PhD in Physics. It was very much an interactive speech, with the audience participating fully. How could they help it?"
The How and Who of Where (O'ReillyNet)O'Reilly presents coverage of the 2005 Where 2.0 conference. "The two days of O'Reilly Media's Where 2.0 conference flew by, and beneath all the high-tech gadgets was the fact that to support this latest generation of location-based applications, you still need to begin by collecting and organizing the data. A9.com, NAVTEQ, and Eyebeam representatives explained how they gather and organize data. Then, Ron Ondrejka brought down the house with his description of how his team used to gather images of the Earth from spy satellites in the 1960s."Another article entitled The What and Why of Where looks at other aspects of the conference.
The SCO Problem IBM's Unsealed Opposition to SCO's Motion for Leave to File 3rd Amended Complaint - as text (Groklaw)Groklaw reports that SCO's Motion for Leave to File Third Amended Complaint was denied. "Judge Dale Kimball very properly said it's too late to raise all that now: "It appears that SCO -- or its predecessor -- either knew or should have known about the conduct at issue before it filed its original Complaint. Accordingly, the court declines to permit the filing of a Third Amended Complaint.""
Companies Linux moves into midrange Motorola phones (News.com)News.com looks at Motorola's plans for using Linux in its cell phones. "Motorola announced a new step this week in its plan to remake most of its mobile phone line with Linux, expanding use of the open-source operating system to midrange phones. The E895 is a flip-phone design that uses a version of Linux from MontaVista Software, said Cheryln Chin, vice president for Motorola mobile phone marketing. Motorola expects to begin shipping it in Asia in the fourth quarter of the year and in other parts of the globe after that."
Trolltech and Opera aim to get Linux on the road (Heise Online)Heise Online looks at a joint effort by Opera and Trolltech. "Opera, the Norwegian vendor of the web browser of the same name, and Norwegian software firm Trolltech, the developer of the C++ framework Qt for the KDE Unix/Linux desktop among others things, have entered into a strategic partnership. Their joint efforts will focus on products for mobile communications and home entertainment, as Opera announced today. The Qtopia development environment and software platform for mobile devices will be combined with Opera. In addition, the two firms will be collaborating on marketing campaigns. They intend to strengthen the position of the Linux operating system on the markets for mobile and home electronics."
Creating a clearinghouse for open-source info (News.com)News.com looks at SourceLabs' new Swik site. "Called Swik, the site combines a search engine, a wiki for posting documentation and reviews, and information-sharing tools that use Really Simple Syndication, or RSS. The site was launched Wednesday. Swik is aimed at people, notably software developers, who seek a listing of open-source products and a communications hub to help navigate through the tens of thousands of projects out there."
Linux Adoption City of Vienna Chooses KDE (KDE.News)KDE.News reports on the use of Debian systems with KDE in the city of Vienna, Austria. "A customized version of Debian with KDE, dubbed "Wienux" was chosen as the official alternative to Windows for the 18,000 PCs of the city. It is up to the individual workers to choose if they prefer a KDE Desktop or a Microsoft based system. The officials expect that about 4,800 machines will run KDE in the short term."
Legal It's a NO! - 648 - 14 (Groklaw)Groklaw covers the European Parliament's rejection of software patents. "Of course, this is not the end. After the vote the EU Commission said it would respect the vote and would not put forth "any new proposed legislation in this area", according to Reuters. There are hints that the next chapter will be an attempt to pass the so-called "Community" patent. Talk about Orwellian-newspeak. Here's the plan: Lawmakers including Kauppi said the rejection of the legislation should give fresh impetus to the creation of a single European system, known as the ``Community'' patent."
Chip Salzenberg Sued, Home Raided (use Perl)use Perl covers Chip Salzenberg's legal troubles. "'In April of this year, Health Market Science of King of Prussia, PA, told police that they feared I was misappropriating trade secrets. That very afternoon, police raided my house with a search warrant to seize every computer in the house, paper files, CDs, and DVDs... even my wireless router and cable modem!' Chip was the pumpking for perl's 5.004 release." Find out more at geeksunite.net.
Interviews Arnd Bergmann on Cell (developerWorks)developerWorks talks with Arnd Bergmann, a kernel hacker with the IBM Linux Technology Center. "developerWorks caught up with Arnd Bergmann, the IBM Linux on Cell kernel maintainer, to talk about the port, about the Cell and Cell-based "workstations" (which aren't workstations at all) and about programming to Cell -- among other things."
KDE-Artists.org: Featured Coder Ryan Nickell (KDE.News)KDE.News mentions an interview with Ryan Nickell. "The KDE-Artists website is featuring an interview with Ryan Nickell, one of the current authors of SuperKaramba and Smooth Blend. He talks about his baby SuperKaramba, the KDE community website KDE-look.org, Plasma, KDE 4 and he even answers some personal questions."
All SAP Solutions Should Soon Run on Linux (Sap Info)Sap Info talks to Stefan Schindewolf about running SAP applications under Linux. "The Linux interest group of the German-speaking SAP user group, DSAG, is currently working on entering the world of 64 bits and is collaborating closely with the SAP LinuxLab. Stefan Schindewolf, the chair of the interest group, explains how SAP customers can profit from Linux."
Resources The Daemon, the GNU & the Penguin, Ch. 14, by Dr. Peter H. Salus (Groklaw)Groklaw has chapter 14 of Peter Salus' The Daemon, the GNU and the Penguin. This chapter covers Plan 9 and Inferno.
Keeping email under lock and (public) key (NewsForge)Marcelo Rinesi explains how to encrypt mail archives in a NewsForge article. "With governments and law enforcement organizations pushing for increasingly intrusive monitoring and logging of business email messages, network administrators are put in an uncomfortable situation. Even disregarding privacy implications, such systems pose security problems at least as serious as those they attempt to solve. A "master archive" of emails is after all an extremely tempting target to external hackers, but it also has staggering potential for internal abuse. Ideally, we would want no centralized mail logs, but legal and corporate requirements mandate suitable record-keeping in the case of an internal or external audit. One way to meet both goals is by encrypting the archive using public key cryptography."
Porting LinuxBIOS to the AMD SC520 (Linux Journal)Ron Minnich explains how to build a custom BIOS in a Linux Journal article. "Building a Linux system that will boot in seconds, not minutes, requires a custom BIOS. But thanks to a new compiler and development process, we can build a BIOS for a new motherboard with only C code-no assembly. In this article, we describe the work done by the Cluster Research Team at Los Alamos National Laboratory to port LinuxBIOS to the AMD SC520 CPU."
GNOME and KDE on LUGRadioGnomeDesktop points to Episode 31 of LUGRadio, which features an interview with Yannick Pellet and Carlos Guerreiro about the GNOME and GTK+ using Nokia 770 internet tablet.KDE.News covers all the KDE activity at LUGRadio Live.
Blowing the lid off of TiVo (IBM developerWorks)Peter Seebach looks inside of a TiVo video recording appliance. "Everyone's heard that the TiVo "runs Linux". In this installment of Linux on board, Peter takes a look at the Linux system installed on the TiVo. Examining the TiVo system reveals how one company made the transition from desktop operating system to embedded system."
Reviews DNS name serving through NSD (NewsForge)Daniel Rubio reviews NSD on NewsForge. "Given the sheer importance of name servers in providing Domain Name System (DNS) resolution -- a process used by every Web-facing application to translate domain names into IP addresses and vice versa -- not many people put much thought into the available software alternatives for pulling off this feat. One compelling application is NSD, an alternative to the widely deployed BIND name server."
Miscellaneous Final Voting in 2005 Readers' Choice Awards (Linux Journal)The final round of voting in the 2005 Linux Journal Readers' Choice awards is underway. "The final ballot is based on the results of two previous rounds of open voting, in which write-in votes were accepted in every category. The top two vote-getters in each category have made it to the final ballot. In categories were the vote totals were close, an additional one or two nominees also made it to the official ballot."
Page editor: Forrest Cook Announcements Non-Commercial announcements Karlsruhe Memorandum on Softwarepatentability needs your signature!The Free Software Foundation Europe is collecting signatures for its Karlsruhe Memorandum on Softwarepatentability. "Georg Greve, president of Free Software Foundation Europe (FSFE) asks "everyone to sign up to the Karlsruhe Memorandum on software patentability preserve your freedom to be creative!" Started last Saturday during GNU/Linuxtag in Karlsruhe, Germany the memorandum was signed by more than 200 people and 26 companies.."
yapc::NA::2005 Conference Proceedings (use Perl)Use Perl has a call for conference materials from the recent YAPC::NA::2005 event. "For the presenters: this is your chance to update your slide show or presentation material that you want to include in the proceedings. It also gives you one last chance to update your photo and biography."
Commercial announcements DbWrench Database Design v1.2.0 ReleasedA free trial version of DbWrench Database Design v1.2.0 is available for the PostgreSQL database.
DENX Embedded Linux Development Kit for PowerPC Evaluation KitDENX Software Engineering has announced the availability of its Embedded Linux Development Kit in the AMCC PowerPC® 440EP evaluation kit. "The DENX Embedded Linux Development Kit provides a complete and powerful software development environment for embedded and real-time systems. All components of the ELDK are available for free with complete source code under GPL or other free software licenses."
Desktop Alert Releases Secure XMPP Jabber-based Linux ServerDesktop Alert Inc. has announced Jabcast 2.0 Secure for Linux. "Desktop Alert Inc. has released Jabcast 2.0 Secure for Linux which is based on an open source, secure, ad-free alternative to consumer IM services like AIM, ICQ, MSN, and Yahoo. Jabcast is a set of streaming XML protocols and technologies that enable any two entities on the Internet to exchange messages, presence, and other structured information in close to real time."
FSMLabs Brings Its RTLinux to ARM Processor-Based PlatformsFSMLabs, Inc. has announced the availability of RTLinuxPro development and deployment platform for a wide array of ARM(R) processors.
Red Hat Reports Fiscal First Quarter ResultsRed Hat, Inc. has announced financial results for its fiscal first quarter ended May 31, 2005. "Total revenue for the quarter was $60.8 million, a year-over-year increase of 46% and a sequential increase of 6%. Enterprise subscription revenue was $48.7 million, an increase of 63% year-over-year and 7% sequentially."
SGI Teams With IBM on Security and Identity SystemSGI has announced the availability of IBM's Entity Analytics Portfolio on the SGI Altix Server platform. "IBM's DB2 EAS portfolio on SGI Altix helps solve identity problems common in national security, compliance, fraud detection, customer relationship management, insider threat detection, and other applications. The solution is designed to bring a new level of accuracy, precision, and fidelity to the concept of identity recognition and relationship resolution for government and commercial organizations."
VA Linux Business Forum a Spirited Success in TokyoVA Linux Systems Japan proclaims the VA Linux Business Forum, held last week in Tokyo, as a success. "This year the forum sought to explore the continuing growth of VA Linux as a technology source, present current business conditions and the directions of VA Linux partner companies as the core businesses driving the Linux and Open Source movement, as well as introduce new technologies and solutions essential to the enterprise market built from the Linux kernel level upward."
New Books Addison-Wesley Publishes Second Edition of Advanced Programming in the UNIX EnvironmentAddison-Wesley has announced the release of the Second Edition of Advanced Programming in the UNIX Environment, originally authored by W. Richard Stevens, and now comprehensively revised and expanded by Stephen A. Rago.
JBoss: A Developer's Notebook - O'Reilly's Latest ReleaseO'Reilly has published the book JBoss: A Developer's Notebook by Norman Richards and Sam Griffith, Jr.
Contests and Awards Nominations for NJAPHs Open (use Perl)Nominations are being accepted for a new Perl award. "jesse writes "At YAPC::NA, David H. Adler and I announced the creation of a new set of awards for the perl community: the NJAPHs. These awards recognize Perl hackers who have made an outstanding technical contribution in the past year. Nominations are now open, and will be tallied at OSCON, where information about how to cast your vote will be announced. The awards will be presented at YAPC::EU.""
Event Reports More coverage of International Lisp Conference 2005More coverage of the 2005 International Lisp Conference is available online.
Upcoming Events GarageGames Presents the 4th Annual IGCGarageGames will be holding the 4th Annual Indie Games Con from October 7-9, 2005 in Eugene, Oregon. "Indie Games Con (IGC) is a fun, informal and informative community gathering of independent game developers from around the world. IGC is designed to be a summit meeting of like-minded developers with the shared goal to focus on collaboration and building community. Along with sessions on game art, technology, tools and business, the event has a central ShowOFF Center where developers can showcase their current prototypes, demos and newly released games."
UKUUG Linux 2005 ConferenceThe UKUUG Linux 2005 Conference will be held in Swansea on August 4-7, 2005. A detailed description of the event is now available.
Events: July 7 - September 1, 2005
Miscellaneous KDE Announces the 24 Google Projects (KDE.News)The KDE Project and Google have announced the 24 KDE projects selected for the Summer of Code project. "The accepted projects span accessibility work, improvements to the office and personal information management suites, and innovations to KDE architecture. Much anticipated projects include one addressing VoIP in KDE, and a unified document viewer to handle multiple formats with a plugin architecture for third party vendor extensions."
Summer of Code Results (MozillaZine)MozillaZine reports on the list of Mozilla-related projects chosen to be part of Google's Summer Of Code. "Selected projects include an event logger for Firefox, a SIP phone client for Thunderbird, a Firefox extension installer, a XUL front end for Bugzilla, a graphical theme builder for Mozilla, a BitTorrent client built with XUL/XPCOM and localizations for Latvian, Thai, Vietnamese and Hindi."
Python Summer Of Code projectsA. M. Kuchling has announced the project list for the Python projects that will be mentored by the Python Software Foundation during the Summer Of Code event.
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[gitk screenshot]](/images/ns/kernel/gitk-sm.png)
![[qgit screenshot]](/images/ns/kernel/qgit-sm.png)
![[jbidwatcher]](/images/ns/jbidwatcher.png)
The project has been around since 2002, the
