LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for November 7, 2002A look at a Linux kernel rejectionThe Halloween deadline for submission of new features for the 2.5 kernel has passed. Linus has not made final decisions on everything on the wishlist, but most of the new features which will be in the next stable kernel series are in the development kernel now. And some developments clearly are not going to be in that next stable kernel. Negative results are often the most interesting - they expose interesting information on how the system works. So we'll look at why a seemingly sensible feature did not get into the 2.5 kernel.The project in question is the Linux Kernel Crash Dump (LKCD) subsystem. LKCD comes into play if a Linux kernel panics; it uses the swap area to create an image of the dying system. That dump can then used to figure out just what went wrong. Commercial operating systems have had crash dump capabilities for decades; crash dumps make life much easier for vendors facing angry customers who want their systems fixed immediately. Given the increasing interest in "enterprise" deployments and high-quality support, one would think that a crash dump capability would be a high priority for inclusion. One would also think that it would not be controversial, since crash dump support does not slow down or adversely affect users in any way. So why did it fail to go in? Certainly, there were some technical concerns about LKCD. A kernel which is crashing is, by definition, not functioning properly; do you really want that kernel to write massive amounts of data to disk as its last act? Some developers fear that LKCD has not taken sufficient care to avoid overwriting files as it saves its dump to disk. There is no real history of people having their systems trashed by LKCD, but the worry remains. LKCD has not played the kernel political game all that well. In some cases, it is enough to write code and ask that it be merged. But, as a general rule, you have to convince Linus that the development really belongs in his kernel. In practice, that means turning one or more of the top-tier developers into an advocate for your work. The LKCD developers have not done that; instead, they have tried putting pressure on Linus directly. Linus responded by digging in his heels and stating: "...right now I won't touch LKCD with a ten-foot pole, if only because I've been mail-bombed by people who argue for it when I have better things to do than to explain myself over and over again." But neither of those reasons are the real reason why LKCD got left out in the cold. As Linus has been saying for a few years, his real job anymore is saying "no" to people. He says "no" to anything that, in his opinion, does not really have to be in his kernel. It is a hard job; it requires enough backbone (and ego) to stand up against great pressure at times. But it is also a crucial role that must be played well if the kernel code is to remain maintainable over the long term. Linus said "no" to LKCD because he did see any real advantage to having it in his kernel. LKCD, says Linus, is a "vendor-driven" development. Since LKCD is vendor driven, the vendors that are interested can merge it into their trees. That is what free software is all about, of course. This attitude may seem a little harsh, but it makes sense when you consider a couple of points:
So, by suggesting that interested vendors patch in LKCD themselves, Linus is getting that code to the places where it is useful without having to put it into his tree. A certain amount of kernel source bloat is avoided, the way is left open for other potential crash dump implementations, and LKCD is still easily deployed in the situations where it is needed. All told, it is not an entirely unreasonable decision. The kernel process is often hard on developers, but it important that Linus continues to say "no" if we want to have a kernel which does not eventually collapse under its own weight. (See also: Linus's explanation of why LKCD didn't go in, and of how to get patches into the kernel in general, and this week's Kernel page, which looks at the next steps for the (non-merged) EVMS project).
The Microsoft settlementTempting as it may be to pass over the final judgement in the Microsoft case as not being of interest to Linux users, the truth of the matter is that there are a couple of things worth saying. Even though this settlement looks an awful lot like "business as usual."Free software advocates had hoped, for a while, that the settlement would at least require the opening of formats and protocols. Imagine the great things the Samba team could do if it had to spend less time reverse engineering everything. In the end, the final settlement offers nothing of value in this regard. Consider:
The most interesting provision with regard to licensing, though, may well be this one:
No provision of this Final Judgment shall... Require Microsoft to
document, disclose or license to third parties: (a) portions of
APIs or Documentation or portions or layers of Communications
Protocols the disclosure of which would compromise the security of
a particular installation or group of installations of anti-piracy,
anti-virus, software licensing, digital rights management,
encryption or authentication systems, including without limitation,
keys, authorization tokens or enforcement criteria; or (b) any API,
interface or other information related to any Microsoft product if
lawfully directed not to do so by a governmental agency of
competent jurisdiction.
As has been pointed out by others, the "security" argument could be used to lock up just about anything that Microsoft does not want to release. And why, exactly, does the U.S. government reserve to itself the right to suppress the release of API and protocol information? One assumes that somebody has something in mind here. After five years, the entire settlement goes away. The bottom line is that this decree is not going to help the free software community to any great extent. But, then, it never really was going to. Attacking Microsoft is not a useful goal for the free software community; our purpose is to create and distribute the best free software we can. And, for those who wish to see Microsoft in discomfort, it is worth noting that free software has already caused the company much worry. Microsoft's planned takeover of the server space has been thwarted, and the company's grip on other computing markets, while still firm, just does not look as invulnerable as it once did. Editors, compilers, and the free software development process may yet prove to be the most effective weapon against software monopolies. (See also: yet another leaked Microsoft memo, duly marked up by Eric Raymond. This one is a survey of opinions toward Linux. "Closing, those who are familiar with OSS and Linux are favorably predisposed towards them. Linking this work with other on-point research, we can assume that in the majority of cases this reported 'favorability' is more emotional than it is rational.")
Your weekly report from LWNIt's time for the weekly "report from LWN" column. Read on for the latest subscription information, the new search engine, gift certificates, and more.As of this writing, there are just under 2300 individual LWN subscribers. In recent times, that number has been growing by about 100 per week - not quite what we might really like, but enough to keep us reasonably happy if it continues. Making it continue could prove challenging, however. A number of subscribers signed up for only one or two months, and those subscriptions are beginning to expire. Unless those subscriptions get renewed (hint, hint...), we could conceivably start going backwards. Here's to hoping that doesn't happen. One way to help keep that from happening would be to shower your friends with LWN gift certificates. It's a great way to support LWN and, simultaneously, deal with your holiday shopping problems. We have sold about twenty group subscriptions, including a couple of reasonably large ones. Next week, perhaps, we'll publicly thank the companies which wish to be acknowledged in this way. Meanwhile, LWN once again has a search engine. It has the basic features one would expect, including the ability to filter on category and content type. It is indexed as content is generated, so search results always include the newest content. For now, only the new site (i.e. content back to last June) is covered; we're still figuring out what the best solution is for all of our older content. We may, as one reader suggested, simply put in a link to Google... That's pretty much it for this week. Thanks to all of you, again, for supporting LWN.net.
Security Brief items Keeping older Debian distributions secureThe Debian Project has sent out a survey in an attempt to figure out how many users are still using the "Potato" distribution. The project's goal is clear: they want to figure out when they can stop providing security updates for that version of the distribution. Pulling the plug on Potato may seem a bit premature, given that Woody was only released back in July. But, for Debian, this move is already late; remember that support for Debian 2.1 ("Slink") was withdrawn just one month after the Potato release.Debian is different from most distributions, of course, in that its users are expected to upgrade quickly. Given the ease of the process, there is generally little reason to wait. But the simple fact is that people do not like to upgrade working systems. If a computer is happily doing the tasks assigned to it, why thrash up the operating system and break things? Commercial distributors understand this inertia, and most of them go out of their way to support old distributions for at least a couple of years. As a volunteer-driven distributor, the Debian Project has had the freedom to cut off support sooner (because it does not have paying customers), and the need to do that, because it does not have paid developers who can be sent off to patch holes in ancient packages. The fact that the Debian Project is asking for input this time, rather than simply cutting off support after one month, shows a new sensitivity toward the needs of users beyond the Debian developer community. This is a good thing, of course, but Debian, by its nature, will still be limited in the amount of support it can provide for older versions of its distribution. This is an area where companies that ship commercial versions of Debian could contribute back to the project. By paying somebody to fix security problems in older versions of Debian GNU/Linux, these distributors can enhance the value of their own products while supporting the project that supports them. So far, no vendor of Debian-based distributions has stepped up to this plate. Indeed, Debian-based distributors tend not to bother with security updates at all, since the Debian Project itself does such a good job with them. If these companies are serious about using Debian as a base for a commercial product, however, they are going to have to get a bit more serious about long-term support. Otherwise, they are likely to find their customers going elsewhere.
CodeWeavers adds KLEZ immunityCodeWeavers has announced a new version (1.3.1) of its CrossOver Office product which features immunity to the KLEZ virus. "Whenever KLEZ attempts to run its .EXE file from the TMP directory, CrossOver Office 1.3.1 spawns a message to the user warning them that they may launching an application that could potentially harm their computer." Bringing Windows applications to Linux is a good thing for many users, but great care must be taken to not port Windows problems as well...
New vulnerabilities linuxconf: bad sendmail configuration file creation
log2mail: buffer overflow
luxman: pathname vulnerability
Mozilla: Privacy leak and other vulnerabilities
perl-MailTools: remote command execution
Updated vulnerabilities Apache shared memory scoreboard vulnerabilities
Heap corruption vulnerability in at
bind buffer overflow vulnerability in DNS resolver libraries
bzip2: file creation and symbolic link vulnerabilities
Potential unauthorized root access vulnerability in dietlibc
dvips: command execution vulnerability
Filename disclosure vulnerability in fam
Another set of fetchmail buffer overflows
GNU fileutils race condition
Potential remote root exploit in glibc
Buffer overflow in groff
Buffer overflow in gv
heartbeat: remotely exploitable buffer overflow
UW imapd remotely exploitable buffer overflow
inn: format string and insecure open vulnerabilities
Cross-site scripting vulnerability in Konqueror for KDE 3.0.3
kernel: several security issues fixed
krb5: Buffer Overflow in Kerberos Administration Daemon
LPRng accepts jobs from any host.
Cross-site scripting vulnerability in mhonarc
PHP Remote Compromise/DOS Vulnerability
mod_ssl: cross site scripting problem
ypserv: NIS information leak
Buffer overflow in nss_ldap
Remotely exploitable vulnerability in pine
Buffer overflow vulnerabilities in PostgreSQL
PXE server denial of service vulnerability
Local arbitrary code execution vulnerability in Python
Multiple-use vulnerability in Safe.pm
sendmail smrsh bypass vulnerability
Sharutils potential privilege escalation using uudecode
Multiple vulnerabilities fixed in Squid-2.4.STABLE7
squirrelmail: cross-site scripting vulnerability
syslog-ng: buffer overflow vulnerability
File overwrite vulnerability in tar and unzip
Multiple vendor telnetd vulnerability
Tomcat 4.x JSP source code exposure vulnerability
Local root vulnerability in chfn
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
Multiple vulnerabilities in wordtrans
Problems with libgtop_daemon
Wwwoffle remote privilege escalation vulnerability
Denial of service vulnerability in xinetd
zope: Insecure XML-RPC exception handling
Resources Linux Security WeekThe LinuxSecurity.com Linux Security Week Newsletter for November 4 is available.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel is 2.5.46, which was released by Linus on November 4. It includes uClinux (a port of the kernel to systems with no memory management unit), the "huge TLB" filesystem for working with large pages, more driver model work, the latest sys_epoll implementation, a big m68k update, the beginning of initramfs support (see below), an ARM update, extended attributes and some online resizing support for the ext2 and ext3 filesystems, and numerous other patches. The the long-format changelog has the details.Linus has taken a break (from kernel development, anyway) since releasing 2.5.46; his BitKeeper tree is almost empty. The current prepatch from Alan Cox is 2.5.45-ac1; it adds a number of fixes and backs out some "dangerous looking" SCSI driver changes. The latest 2.5 status summary from Guillaume Boissiere is dated November 4. Dave Jones has posted version 0.10 of his "post-Halloween" 2.5 kernel document. The current stable kernel is 2.4.19; there have been no 2.4.20 prepatches released over the last week.
Kernel development news The Orlov block allocatorThe performance of a file system is dependent on many things; one of the crucial factors is just how that filesystem lays out files on the disk. In general, it is best to keep related items together; a kernel compilation will go more quickly if the files within the kernel source tree all live close to each other on the disk. To achieve this goal, the ext2 and ext3 filesystems have long tried to lay out the contents of a directory in the same cylinder group (or, at least, in nearby groups).In the real world, however, it turns out to be better, sometimes, to spread things out. Imagine setting up a system with users' home directories in /home. If all the first-level directories within /home (i.e. the home directories for numerous users) are placed next to each other, there may be no space left for the contents of those directores. User files thus end up being placed far from the directories that contain them, and performance suffers. The ext2 filesystem has suffered from this sort of performance degradation for some time. The 2.5.46 kernel contains a new block allocator which attempts to address this problem. The new scheme, borrowed from BSD, is named the "Orlov allocator," after its creator Grigory Orlov; he has posted a brief description of the technique as it is used in the BSD kernels. The Linux implementation, as implemented by Alexander Viro, Andrew Morton, and Ted Ts'o, uses a similar technique but adds a few changes. Essentially, the Orlov algorithm tries to spread out "top-level" directories, on the assumption that they are unrelated to each other. Directories created in the root directory of a filesystem are considered top-level directories; Ted has added a special inode flag that allows the system administrator to mark other directories as being top-level directories as well. If /home lives in the root filesystem (and people do set up systems that way), a simple chattr command will make the system treat it as a top-level directory. When creating a directory which is not in a top-level directory, the Orlov algorithm tries, as before, to put it into the same cylinder group as its parent. A little more care is taken, however, to ensure that the directory's contents will also be able to fit into that cylinder group; if there are not many inodes or blocks available in the group, the directory will be placed in a different cylinder group which has more resources available. The result of all this, hopefully, is much better locality for files which are truly related to each other and likely to be accessed together. As of this writing, only one benchmark result with the new allocator has been posted. The results are promising: the time required to traverse through a Linux kernel tree (a dauntingly big thing, these days) was reduced by 30% or so. The Orlov scheme needs more rigorous benchmarking; it also needs some serious stress testing to demonstrate that performance does not degrade as the filesystem is changed over time. But the initial results are encouraging. Linux has, once again, benefitted from the ability to borrow good ideas from other free kernels.
Hot and cold pagesOne of the many changes rolled into the 2.5.45 kernel was the "hot-n-cold pages" patch from Martin Bligh, Andrew Morton, and others. It's a conceptually simple change that shows how far one has to go to deal with the realities of modern system architecture.One generally thinks of a system's RAM as being the fastest place to keep data. But memory is slow; the real speed comes from working out of the onboard cache in the processor itself. Much effort has, over the years, gone into trying to optimize the kernel's cache behavior and avoiding the need to go to main memory. The new page allocation system is just another step in that direction. The processor cache contains memory which has been accessed recently. The kernel often has a good idea of which pages have seen recent accesses and are thus likely to be present in cache. The hot-n-cold patch tries to take advantage of that information by adding two per-CPU free page lists (for each memory zone). When a processor frees a page that is suspected to be "hot" (i.e. represented in that processor's cache), it gets pushed onto the hot list; others go onto the cold list. The lists have high and low limits; after all, if the hot list grows larger than the processor's cache, the chances of those pages actually being hot start to get pretty small. When the kernel needs a page of memory, the new allocator normally tries to get that page from the processor's hot list. Even if the page is simply going to be overwritten, it's still better to use a cache-warm page. Interestingly, though, there are times when it makes sense to use a cold page instead. If the page is to be used for DMA read operations, it will be filled by the device performing the operation and the cache will be invalidated anyway. So 2.5.45 includes a new GPF_COLD page allocation flag for the situations where using a cold page makes more sense. The use of per-CPU page lists also cuts down on lock contention, which also helps performance. When pages must be moved between the hot/cold lists and the main memory allocator, they are transferred in multi-page chunks, which also cuts down on lock contention and makes things go faster. Andrew Morton has benchmarked this patch, and included a number of results with one of the patchsets. Performance benefits vary from a mere 1-2% on the all-important kernel compilation time to 12% on the SDET test. That was enough, apparently, to convince Linus.
Initramfs arrivesThe "initramfs" concept has been in the 2.5 plans since back before there was a 2.5 kernel. Things have been very quiet on the initramfs front, however, until the first patch showed up and was merged into the 2.5.46 tree.The basic idea behind initramfs is that a cpio archive can be attached to the kernel image itself. At boot time, the kernel unpacks that archive into a RAM-based disk, which is then mounted and used at the initial root filesystem. Much of the kernel initialization and bootstrap code can then be moved into this disk and run in user mode. Tasks like finding the real root disk, boot-time networking setup, handling of initrd-style ramdisks, ACPI setup, etc. will be shifted out of the kernel in this way. An obvious advantage of this scheme is that the size of the kernel code itself can shrink. That does not free memory for a running system, since the Linux kernel already dumps initialization code when it is no longer needed. But a smaller code base for the kernel itself makes the whole thing a little easier to maintain, and that is always a good thing. But the real advantages of initramfs are:
The patch, as found in 2.5.46, does not do a whole lot; it adds the basic mechanism but only removes "three simple lines" from the current initialization code. The bulk of the code will be added in the coming weeks - now that the "feature" is in the kernel, the details can be filled in without, technically, breaking the feature freeze. The plan for those steps has been laid out by Jeff Garzik:
That is as far as the plan goes, for now. There is no doubt that other parts of the initialization process will be moved to user space, however; it will be interesting to see how that process goes. There a couple of fundamental open questions that will have to be answered during the remaining 2.5 development period. One is whether the initialization process should be handled by a single "kinit" application, or whether it should be a collection of programs, and, probably, shell scripts. Then, there is the question of what to do with klibc. It will be packaged with the kernel for now, but a number of kernel developers think that klibc (and the whole user-space initialization setup) should eventually be split off into a separate project. These decisions might not be made until very shortly before the stable release.
EVMS changes directionThe EVMS project is an IBM-sponsored effort to provide volume management services for Linux. EVMS had high hopes for inclusion in the 2.5 kernel, but, when it came down to the wire, Linus opted to merge LVM2 instead. LVM2 lacks many of the features and fancy GUI management tools found in EVMS, but the kernel developers found the code to be much more to their liking. So EVMS got left out in the cold.Some developers, when their work is passed over for inclusion, complain at length on the linux-kernel list. Others simply take their marbles and go home. The EVMS project, instead, has decided to take a different approach: they will drop their kernel driver and rework their administration tools to work on top of LVM2 instead. The result, with luck, should be the best of both worlds for EVMS users: they get the well-respected management tools on top of the in-kernel LVM2 base. This decision has been strongly applauded on the kernel list; the EVMS team even got a rare note of respect from Alexander Viro. It takes class to pick yourself up from a big disappointment and move forward with a new, better plan. EVMS should have a lot of support as it moves into the future.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Kernel building
Memory management
Networking
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Eagle LinuxEagle Linux is a distribution that boots and runs from floppy or CD-ROM, so you can take Linux with you where ever you go. No disk partitioning or installation necessary. Eagle Linux is also a learning tool, because you build the CD yourself, on the platform of your choice, using the 'How-To' which covers everything needed to create your unique distribution with free software.
Of course you'll need a working Linux system with Internet access and a CD
burner to the create the Linux CD of your dreams. The instructions begin: Eagle Linux seems like an ideal tool to teach computer science students about Linux and operating systems in general. A school project in which the student builds her own Linux CD, which could come in handy at the computer lab or the Internet cafe. The author of Eagle Linux, Michael P. Angelo, tells us the distribution has been tested in a university setting in both computer science and electrical engineering programs. Eagle Linux 1.0 is Red Hat Linux-centric while Eagle Linux 2.0, due out in December, is based on Debian.
Distribution News Debian GNU/LinuxThe Debian Weekly News for November 5 is out. It looks at the Debian potato security survey, Debian as an anarchist organization, the beginnings of the first Woody update, and numerous other topics.Silicon Breeze has announced the new Debian Collection, featuring over 30 Debian swirls individually sculpted in gold, silver, turquoise and amber. This could be the first serious exhibition of a traditional art form available exclusively over the Internet, and inspired entirely by an Open Source project. Linux Orbit has a HOWTO article on getting Advanced Linux Sound Architecture (a.k.a. ALSA) sound modules set up properly. The HOWTO shows you how to compile and install the ALSA kernel modules, and then setup things using the ALSA Debian script so that modules are automatically loaded and unloaded, and your mixer levels are saved and restored on boot up. Here is a report on the first revision of the current stable Debian distribution (woody). If you still have a Debian 2.2 (potato) system in service, please respond to the potato survey on now from the Debian Security Team. In a nibble from the DDTP you can find out about the progress being made by the Debian Description Translation Project (DDTP).
Mandrake LinuxHere's the Mandrake Linux Community Newsletter for October 31, 2002. "This Week's Summary: What's Cookin' at MandrakeSoft?; 9.0 Documentation Now Online; MandrakeClub Transgaming Discounts; Mandrake in the News; Spotlight on the OpenRouter Project; Website Watch; Mandrake Linux Users Survey; Software Updates; Headlines from MandrakeForum"Mandrake has new printing-related packages available that offer many printing enhancements over those drivers provided with Mandrake Linux 9.0. Some improvements include a new driver for Lexmark Z11, a number of updated ghostscript drivers, a new version of HPIJS, a newer GIMP-Print which provides much better quality for most Epson Stylus printers, and many new printer drivers as well. Note: this advisory has an update out. The previous updates built ghostscript without the "cups" driver. That has been corrected in these new packages. A new initscripts package is available that fixes problems with certain locales including pl, sq, fi, lv, ru, sk, and Danish translation encoding. This package also corrects some issues with wireless link detection. A number of bugs present in samba versions prior to 2.2.6 were fixed. 2.2.6 is considered to be the final version of the 2.2.X series. We strongly suggest all users to upgrade to this version.
Sony PVR Powered by MontaVista LinuxMontaVista Software announced that MontaVista Linux Professional Edition 2.1 is the chosen operating system for the CoCoon Channel Server, the new Internet-connected Personal Video Recorder (PVR) from Sony.
OpenBSDOpenBSD 3.2 has been released, with improved hardware support, major improvements in the pf packet filter, ever-improving security, and lots more.
Slackware LinuxSlackware Linux has just a few changes to the current tree this week. See the week's changes below, or see the change log for full details.
SuSE Linux Enterprise Server Validated for IBM DB2 Database SoftwareSuSE Linux announced that the SuSE Linux Enterprise Server (SLES) has proved itself as a powerful Linux platform for IBM`s DB2 Version 8 database software with SLES latest certification for DB2.
New Distributions DeLi LinuxDeLi Linux stands for "Desktop Light" Linux, a smaller desktop oriented distribution for older computers, from 486 to Pentium MMX 166 or so. DeLi is based on Slackware 7.1 and includes plenty of desktop software like email clients, graphical webbrowser, an office package with word processor and spreadsheet, and more. Yet a full install, including XFree and development tools, requires about 300 MB of hard disk space. DeLi uses the rocksolid 2.2.19 kernel for its stability and smaller size. Still very much in beta, version 0.1 was just released this week.
uOSuOS is a complete source based operating system, designed to be configured and built in a flexible way. First used in November 2002, uOS is still a very much a beta system, with lots of kinks to work out. Although the goal is to make uOS usable by everyeone it currently requires Unix expertise to install and to run. uOS is based on GCC 3.2 / GLIBC 2.3 / WOLK Linux Kernel / X 4.2.1. It supports the newest drivers as well as the newest compilers. Core components are available under the 4F Licensing system (compliant to DFSG and OSI guidelines for Free Software). Initial version 0.81 is available.
Minor distribution updates 2-Disk Xwindow embedded Linux2-Disk Xwindow embedded Linux has released v1.4rc802. This project disappeared from Freshmeat sometime in September 2002, but now it has resurfaced with a new home page.
CLIC LinuxA new version of clustering project CLIC Phase1 has been released and is now available for download and testing.The Register has an article about CLIC Linux. "The researchers on this project set out with the goal of developing super-computer power from a low cost base and the natural and most obvious place for them to start was with the ever present PC. They all knew the possibilities of tying together low cost machines to create a super-computing power and had seen it done before. Previously, though, the kind of software used to manage an environment like this was commercial. In this case it isn't."
Haydar Linux Beta2Haydar Linux has announced the release of Haydar Linux Beta2. This version of Haydar Linux will support Arabic, Dutch and English, OpenOffice 1.0 "With Arabic Support", KDE 3.0.4 and lots more.
KNOPPIXKNOPPIX has released v3.1-31-10-2002 with minor feature enhancements. "Changes: This release has better support for GeForce 4 graphics cards, Gideon (Kdevelop 3.0), a bugfix for the mtab problem, knx-hdinstall patches, and preparation of knoppix-terminalserver for etherboot and PXE (untested)." Knoppix is a versatile little distribution, Don't miss "Knoppix makes a great GUI installer for Debian", a LinuxWorld article in the review section of this page.
MoviXMoviX has released v0.6 with minor feature enhancements. "Changes: A few new features have been added, including playlists, WMV and ASF formats, and DVD playback. Instructions are also provided for building a bootable CD with Nero for Windows users. A console mixer (nmixer) has been included for adjusting the audio levels." MoviX2, a closely related distribution with a multimedia focus, released v0.2.1 with bug fixes.
uClinuxuClinux has released v2.5.45-uc1 with a new kernel configuration.
WarewulfWarewulf has released v1.4 with major feature enhancements. "Changes: The entire monitoring subsystem was written to use UDP for node stats, and TCP for user clients to communicate with daemon. This feature will allow Warewulf to scale much better, and have less system overhead."
Distribution reviews Halloween Review: Evil Entity Linux, A Desktop Distribution with AttitudeHere's an article on Linux Orbit which takes a look at Evil Entity Linux DR 0.2.4f and talks to one of the distribution's developers and web site maintainers Dave Martin (a.k.a. Rev. Kloss Korban). "Dave Martin: "Evil Entity is a distribution like no other! Its primary goal is to provide the best home or dorm-room desktop environment possible. "EvilE" is not a server distribution, nor a corporate workstation platform, it's simply the most fun and useful tool you can install on your PC! Now you can install Linux and be up and running, on-line, ripping MP3s, burning CD's, watching DVD's and TV, editing video, and creating 3D models in minutes."
Knoppix makes a great GUI installer for Debian (LinuxWorld)Joe Barr reviews Knoppix as an installer for Debian in this LinuxWorld article. "As Knopper told me, "Knoppix is a real Debian system." I've seen mention of it being used as a rescue CD, as a secure firewall, as a portable network monitor and as a traveling companion that allows you to read e-mail away from home without leaving tell-tale traces on someone else's hard drive. Others have been interested in experimenting with it as a secure Apache server. Knopper has said he is working on a project that will allow it to be used as a terminal server."
More on Libranet 2.7 (Linux Journal)The Linux Journal looks (again) at Libranet Linux. "Where would I recommend Libranet? Well, if my neighbor wanted a desktop Linux distribution, I would be comfortable recommending it. Or if a company had Debian servers, Libranet could be just the ticket for moving desktops to Linux."
Page editor: Rebecca Sobol Development The Open POSIX Test SuiteA new project known as the Open Posix Test Suite has been put together by four Intel employees, Geoff Gustafson, Julie Fleischer, Rusty Lynch, and Inaky Perez-Gonzalez.The Announcement states: "The project's current approach to conformance testing is to record assertions from a close reading of the POSIX specifications, and write minimal test cases that prove or disprove these assertions. The test suite will be independent of specific API implementations, and will eventually be easily configurable to work with different implementations. The project aims for OS independence, using only POSIX APIs, the autoconf suite, and simple shell support." The Open Posix Test suite is licensed under the GPL and work is primarily being done on the Linux platform, although support for other Posix compliant platforms should be possible. "The Open POSIX Test Suite is an open source test suite with the goal of performing conformance, functional, and stress testing of the functions described in the IEEE Std 1003.1-2001 System Interfaces specification. Eventual testing of the full specification is desired." One of the project's goals is to achieve ANSI C compliance with the Linux kernel coding standards. Testing has been divided into the conformance, functional, and stress categories, for these POSIX function groups:
make tests[-pretty]
This will locate all the tests and run them; currently it only supports very basic tests [a single .c file that is first compiled to an .o file and then to a .text executable if it declares 'main']. A test is considered to be successful if it PASSes the three phases [build, link and execution]. However, if it does not have a 'main' entry point, then link and execution are omitted [it is intended just as a 'compile' test]. One of the design goals for the test suite is to make the addition of additional tests easy to do, outside contributions are being welcomed.
System Applications Database Software SAP DB version 7.3.00.29 releasedVersion 7.3.00.29 of the SAP DB database is available. The release notes detail the many changes.
Education Linux in Education ReportIssue #82 of the Linux in Education Report is out. Topics include a version of Knoppix, a bootable debian GNU/Linux based cdrom for educators, parents, and students, SchoolNet Namibia on Microsoft policies, the new Freeduc CD-ROM, and a number of new educational applications.
Networking Tools Metawall 0.12 ReleasedVersion 0.12 of Metawall has been released. "Metawall is a perl script that allows you to write firewall rules in a simple metalanguage."
Printing AFPL Ghostscript 7.32 beta releaseVersion 7.32 beta of AFPL Ghostscript has been released. "There are two major new features: Well Tempered Screening now works, even for 0 and 45 angle screens. See News.htm for details. Also, Russell Lang has fixed a longstanding usability problem: Encapsulated PostScript files are now recognized, and a "showpage" is added if missing. This fixes the problem of an EPS file displaying, but not saving as a file."
HPIJS 1.3 is released! (LinuxPrinting)LinuxPrinting.org is carrying an announcement for version 1.3 of HP's HPIJS free software printer drivers. New features include support for the newest HP printers, new photo modes for DeskJet 900 series printers, a new 8.5x15.5-inches paper size for the Deskjet 3425, and some bug fixes.
Web Site Development Zope Members NewsThe most recent headlines on the Zope Members News include: ZPhotoSlides 0.5 Released, PHParser 0.9.0 released, Linux Productivity Magazine Reviews Zope, OrderedObjectManager 1.2 released, NeoBoard 1.1 alpha version released , Second Zope 3 newsletter released to unsuspecting public, External Editor 0.6 - Its everywhere you want to be, ZWiki 0.12.0 released, Ariel Partners Releases XMLTransform 0.9, and ZShellScripts v0.2 is out with Lisp support !.
Midgard Weekly SummaryThe November 6, 2002 Midgard Weekly Summary is out with the latest Midgard news.
Aegir CMS 1.0 beta2 releasedVersion 1.0 beta2 of the Aegir Content Management System has been released.
Standards Developing LSB-certified applications (IBM developerWorks)George Kraft IV covers the process of writing LSB compliant code. "The Linux Standard Base is a big step toward ensuring binary compatibility among Linux applications, and it should greatly reduce the amount of testing and validation required for operation on multiple platforms. In five straightforward steps, George Kraft, chairman of the Linux Standard Base, shows you how to build an LSB-certified application."
Miscellaneous Cryptographic Terminology 101 (O'Reilly)Dru Lavigne covers network data encryption technologies on O'Reilly. "In the next few articles, I'd like to concentrate on securing data as it travels over a network. If you remember the IP packets series (see Capturing TCP Packets), most network traffic is transmitted in clear text and can be decoded by a packet sniffing utility. This can be bad for transmissions containing usernames, passwords, or other sensitive data. Fortunately, other utilities known as cryptosystems can protect your network traffic from prying eyes."
Desktop Applications Audio Applications Tkeca 1.0.0 releasedVersion 1.0.0 of Tkeca, a TK gui wrapper for the Ecasound audio tool, has been released. A number of gui changes have been included in this release.
Sweep 0.5.10a releasedVersion 0.5.10a (development) of the Sweep sound editor is available. "New features in this release include vertical zoom with a draggable dB scale and mouse wheel control, and some basic channel operations: Duplicate to stereo/multichannel, Swap left and right, Remove left/right, Mix down to mono, and Add/Remove channels."
Desktop Environments KDE 3.1 RC2: Ready For A HammeringKDE.News has an announcement for version 3.1 RC2 of KDE, the K Desktop Environment. "A good number of showstoppers in RC1 have been fixed, and the new default Crystal-SVG icon set has been polished based on the valuable feedback received. Nevertheless, please give this RC2 another round of thorough testing to make sure all the major wrinkles have been ironed out."
FootNotesHeadlines on the GNOME desktop FootNotes site include: Candidates for Fall 2002 GNOME Foundation Elections, Evolution 1.2 RC1 released, Dropline GNOME 1.2.1 for Slackware Linux, Anjuta 1.0.0 (Diwali) unleashed !, LinuxFocus.org: Developing Applications for Gnome with Python, Gnumeric 1.1.11 Released, Evolution for GNOME 2, This is the story of a gnome-media release, Bits and Pieces, AbiWord Announcement: Weekly Patch Prize, gtkmm 2.0.0 released, and more.
Graphics The Video-Whale ProjectZeeshan Ali Khattak has designed the Video-Whale Project, which assembles a group of Red-Hat Linux boxes into a wall of video. Check it out for some cool images. Thanks to Christian Fredrik Kalager Schaller.
Interoperability Kernel Cousin WineIssue #142 of Kernel Cousin Wine is out. Topics include SuSE and CrossOver Office, Releasing WineSetupTk, FAQ Maintainer Needed, Conversion to -DSTRICT, Wine/Windows Security Concerns, Detecting Wine vs. Windows, and IDL Generated obj_* Headers.
Multimedia GStreamer 0.4.2 releasedVersion 0.4.2 of the GStreamer streaming-media framework has been released. "This release has mainly focused on code clean-up and rounding out of the features. Large chunks of GStreamer are API stable at this point."
Office Applications OpenOffice User SurveyA new User Survey has been put together for the OpenOffice community. OpenOffice users are encouraged to take a few minutes to fill it out.
Kernel Cousin GNUeIssue #53 of Kernel Cousin GNUe is out. Popular topics include Volunteers for General Ledger, Performance and Overhead issues with AppServer, Designer usability and architecture, Sales Tax in the USA, Mailing list for DCL tickets, and much more.
AbiWord Weekly NewsIssue #116 of the AbiWord Weekly News is out with the latest AbiWord word processor development news. This edition features a Release HackDown, which is a list of things that need fixing prior to the release of version 1.0.4.
Gnumeric 1.1.11 releasedVersion 1.1.11 of the Gnumeric spreadsheet program has been released. This is a quickie release that fixes some bugs that were introduced in Version 1.1.10, which features a longer list of changes.
Web Browsers mozillaZineThe latest mozillaZine topics include: Newsgroup Filtering Coming to a Mozilla Near You, Tree Branches for 1.2, 101 Things Mozilla Can Do That IE Can't, Independent Status Reports, Mozilla Riddled with Fixed Security Holes, Chimera 0.6 Released, New Forums Now Open!, and Mozilla Becoming More Popular at University of Houston.
Miscellaneous GnuPG 1.2.1 releasedThe latest version of the GNU Privacy Guard, GnuPG 1.2.1, is now available.
Languages and Tools Caml Caml Weekly NewsThe October 29 - November 5, 2002 edition of the Caml Weekly News is out. Topics include The 'morpion solitaire' game, ocamlnet-0.94, module namespace, PXP 1.1.93, lablglut-1.2.2, Ensemble 1.39, and the OS X distribution.
The Caml HumpThis week, the new software on The Caml Hump includes an APM driver interface, the OCamlSDL interface to the Simple DirectMedia Layer library, the 'morpion solitaire' game, a group communication toolkit called Ensemble, lablglut A GLUT 3.7 binding, the Polymorphic XML parser PXP, OCamlnet: A collection of modules for the Objective Caml language which focus on application-level Internet protocols and conventions, and GlSurf for plotting surfaces.
COBOL TinyCOBOL 0.59 releasedVersion 0.59 of TinyCOBOL has been released. Release information is in the source code.
Java Jakarta Struts: Seven Lessons from the Trenches (O'Reilly)Chuck Cavaness points out seven techniques that are useful for working with Java Struts. "After his Internet company decided to adopt the Struts framework, Chuck Cavaness spent months trying to figure out how to use it in order to build a company application. If you're a Java programmer charged with developing Web applications with servlets and JSPs, you'll find a lot of insight and valuable information in the lessons Chuck had to learn the hard way. He describes some of them here."
For Tomcat Developers, Aspire Comes in a JAR (O'Reilly)Satya Komatineni introduces Aspire on O'Reilly. "Aspire.jar is a free, open source, .jar file that can be used for declarative data access, configuration, logging, and factory services needs. For Java developers who are continuing to adopt Tomcat as their primary development platform, this .jar file could save lot of time, while providing a highly flexible data architecture."
Lisp Lisp Conference Material OnlineConference material from the recent International Lisp Conference has been made available online.
Perl The Perl Review 0.6 Published (use Perl)The November issue of The Perl Review is out. Articles include Simple RSS with Perl, by Brian d Foy, Delightful Languages: Ruby, by Mike Stok, and Who's Doing What? Analyzing Ethernet LAN Traffic, by Paul Barry.
TPJ November is Out (use Perl)Use Perl mentions that the November issue of The Perl Journal is out. The journal is available in PDF format.
This Week on Perl 5-PortersThe 28, October - 3, November 2002 edition of This Week on Perl 5-Porters is out. Topics include Problems with RedHat 8, AUTOLOAD subroutines from undefined stashes, goto considered harmful in __DIE__ handlers, B::* adjustments, Tied hashes in boolean context, and more.
PAR: A cross between JAR and Perl2exe/PerlApp (use Perl)use Perl covers the release of version 0.21 of PAR. "The Perl Archive (PAR) toolkit, like Java's JAR, is a way to pack modules and scripts into easily-deployable zip files; programs can use modules inside PAR files transparently."
On Topic (O'Reilly)Allison Randal delves into the Perl "topics" on O'Reilly. "A few concepts in Perl 6 are strange at first sight. They seem hard to understand, but it's only because they're new and different. They aren't deep mystical concepts known only to Tibetan lamas. Anyone can understand them, but it helps to start with a common-sense explanation. This article looks at the concepts of "topic" and "topicalizer". The words aren't quotes from a particularly nasty bit of Vogon poetry. They're actually common terms from the field of linguistics ... which some might say is even worse. Still, the best way to understand topic in Perl is to understand its source."
Tagmemics talk online (use Perl)Use Perl points to an online Quicktime version of Allison Randal's Tagmemics talk.
PHP PHP Weekly SummaryTopics on this week's PHP Weekly Summary include Snapshots take a short holiday, Standards friendly phpinfo(), Regular expression conversion, a new Test suite, HTML errors, A new Manual for Windows, the second 4.3.0 beta release, a Hebrew patch for Jewish calendar, and Apache 2 documentation.
Python Dr. Dobb's Python-URL!The November 4, 2002 edition of Dr. Dobb's Python-URL! is out with a ton of useful Python projects and links.
The Daily Python-URLThis week's Daily Python-URL looks at articles on ctypes, David Beazley's Python Slides, PyMood, www.python.org wants YOU!, Psyche, ZPT basics (part 4), PyNassi, a Mini-symposium on scientific simulation in Python, Vista: a prototype for OSAF's Networked Personal Information Manager, an interview with Bram Moolenaar of VIM fame on his new project A-A-P, Grinder 3, Pl/Python and cursors in Pl/Pgsql for PostgreSQL, Dealing with user input in Python, and Apache log analysis using Python.
Ruby The Ruby Weekly NewsTopics on this week's Ruby Weekly News include A good link to read while we discuss RAA.succ, [rubyconf] want to meet Microsoft .NET guy?, and Thoughts on Ruby. New Ruby software includes Sys/Host 0.3.0, Text::Format 0.52.2, MIME::Types 1.004, RTidy/CityDesk, MUES 0.02, rpkg (test release), MiniRubyWiki, and DbTalk 0.71.
Scheme Scheme Weekly NewsThe Scheme Weekly News for November 4, 2002 is out. Topics include Metro-Schemers SIG's November meeting, SISC 1.6.3-rc, and GNU TeXmacs 1.0.0.20.
XML XML and Web Sites (O'Reilly)John E. Simpson writes about the use of XML for the building of web sites. "This is what I want to know: how to build a site using open-source (i.e. free) software that allows me to provide dynamic content. This dynamic content would include trivial things such as reporting the weather for a zip code I specify to not-so-trivial things such as allowing a user to change the associated stylesheet so that they could specify font, font-size, background color, and other properties through an interface form and these attributes would be remembered the next time the user visits the site."
Plan to use XML namespaces, Part 1 (IBM developerWorks)David Marston writes about XML namespaces on IBM's developerWorks. "This article introduces XML namespaces, explores their practical benefits, and shows you how they are used in the standard XML formats and tools defined by the W3C. Several W3C specifications are mentioned, notably XML Schema and XSLT, which offer useful ideas for using namespaces to your advantage. Best practices range from terminology usage up through system-wide design."
Make Your XML RDF-Friendly (O'Reilly)Bob DuCharme and John Cowan discuss XML-RDF issues on O'Reilly. "Suppose you're designing an XML application or maybe just writing a DTD or schema. You've followed various best practices about element and attribute names, when to use elements versus attributes, and other design issues, because you want your XML to be useful in the widest variety of situations. As RDF interest and application development grows, there's an increasing payoff in keeping RDF concerns in mind along with the other best practices as you design document types. Your documents store information, and small tweaks to their structure can allow an RDF processor to see that information as subject-predicate-object triples, which it can make good use of."
Profilers OProfile 0.4 releasedVersion 0.4 of the OProfile code profiler is available. "Featured are Pentium 4 support, and support for the new 2.5 kernel support. There are also a significant number of important bug fixes. Users are encouraged to upgrade."
Miscellaneous Single-User Subversion (O'Reilly)Rafael Garcia-Suarez writes about the Subversion revision control system on O'Reilly. "Subversion is an open source revision control system, similar in purpose to the well-known, widely deployed, and aging CVS. It is designed to provide state-of-the-art versioning, built from modern technologies. Subversion is still in development and has not reached version 1.0 yet. However, it's pretty stable and you can use it right now. In this article, we'll cover the basics of Subversion, how to install it, and how to use Subversion for personal projects."
Page editor: Forrest Cook Linux in the news Recommended Reading The Microsoft VerdictFor anyone who hasn't heard yet, U.S. District Court Judge Colleen Kollar-Kotelly has made a decision in the case of the United States v. Microsoft Corp. There is quite a bit of press about it, naturally. It is even possible that LWN.net will have more to say in our upcoming weekly edition. In the meantime here are a few links.
Europe's Microsoft Alternative (Washington Post)The Washington Post details Spain's conversion from Windows to Linux. "Vazquez de Miguel is the minister of education, science and technology in a western region of Spain called Extremadura, a mostly rural expanse of olive trees and tiny towns with 1.1 million inhabitants. In April, the government launched an unorthodox campaign to convert all the area's computer systems, in government offices, businesses and homes, from the Windows operating system to Linux, a free alternative." Thanks to Eric
SchoolNet rebuffs M$The SchoolNet Namibia project has released some of the correspondence between Microsoft and SchoolNet. "Based on your earlier blatant assertions, Microsoft is very keen on harnessing major publicity along the lines of "Microsoft replaces Linux at SchoolNet Namibia". I'm afraid that is simply not going to happen. I have, from the very beginning made it VERY clear that SchoolNet has NO desire to REPLACE Linux with Microsoft..." Thanks to Ashwin N
Trade Shows and Conferences High-Tech Firm Aims to Push Further into Mainstream (Nando)The Raleigh, N.C. News & Observer reports on a Red Hat road tour. "Four Red Hat employees will embark on an RV tour of the country today in a grass-roots campaign orchestrated to reassure the T-shirt and sandal-clad base of Linux fans that Red Hat is still cool and simultaneously lure new users to the open-source computer operating system."
Security Fueling Open-Source Adoption (eWeek)eWeek reports from Red Hat Inc.'s Open Source Security Summit. "Much of the early enthusiasm for Linux and other open-source operating systems was sparked by the software's low cost and adaptability. But, with a growing emphasis on security in the overall IT marketplace, many customers are looking at open source as a more secure alternative to proprietary software."
Companies Borland thinks Mono for open source .NET challenge (Register)The Register covers Borland Software Corp's investigation of Project Mono. "Scotts Valley, California-based Borland is investigating use of Ximian Inc's Project Mono in Kylix, as a possible means for Windows developers to move .NET applications to Linux."
Can free source-code stop Microsoft? (The Economist)Here are a couple of articles from the Economist. The first looks at RealNetworks' open source announcement. "RealNetworks' move is another sign that the software industry is going hybrid. Mixing elements of proprietary software, where the source-code is tightly controlled, with open-source programs enables firms to expand a market, harvest the ideas of others and, they hope, still make money."On the fun side here's the theory of Tetris. Thanks to Thomas Blankenhorn
Windows cheaper than Linux, says Microsoft (vnunet)Vnunet reports from the Gartner Symposium, where Microsoft claims that Windows is cheaper than Linux over its total lifecycle. "When asked by Gartner about Microsoft's intensifying battle against the open source operating system, European president Jean-Phillipe Courtois claimed that Linux is in fact more expensive to run than Windows."
NEC unveils fault-tolerant Linux server (Register)Here's an article in the Register about NEC's new fault-tolerant offering. "The product's Linux operating system is based on Red Hat Inc's Linux 7.1 but features 'significant changes' to the kernel, device drivers, storage management and memory management to enable it to support the fault tolerant features. NEC's UK business development director, Paul Evans, stated that the modifications made to the Linux operating system would be released to the open source community via NEC's involvement in the OSDL Open Source Development Lab."
Simputer Linux handheld for developing world finds builder (Register)The Register reports on the progress India-based PicoPeta Simputer Private Ltd has made bringing the Simputer to the people. "The Simputer is designed to be a cheap, mass market computing device which will fill a yawning gap in developing countries, such as India, where traditional PCs are still beyond the reach of the population. But PicoPetas' ambitions had seemed set to come to naught, as it struggled to find backing for the project."
Yahoo shifts to open-source scripting (News.com)News.com reports on Yahoo's adoption of PHP for its web site scripting language. "With an eye toward its bottom line, Yahoo has decided to jettison its own proprietary scripting language in favor of the open-source alternative PHP. The scripting switch will affect the way Yahoo creates a wide array of features and functions, from serving advertisements to designing applications like its calendar and e-mail applications. While Yahoo won't rewrite pages that currently use the proprietary language, the shift will ultimately affect virtually every Yahoo page and reflects a broader development philosophy toward open-source technologies."
Yahoo Expands Commitment To Open Source (TechWeb)TechWeb looks at Yahoo as it switches to PHP for its server-side Web scripting. "Yahoo is using PHP for new properties, such as the remember.yahoo.com site for Sept. 11, 2002 [sic], and for internal tools, such as content management. Most Yahoo properties are integrating PHP slowly, and there are no plans to rewrite the entire site. Early adopters include PayDirect, Yahoo Classified, the personalized news page, and almost the entire travel Web site."
Making the Case for PHP at Yahoo!Michael J. Radwin has put together a presentation on choosing open-source software for Yahoo.com. "Abstract: Running a high-performance dynamic website is a daunting task. The short development cycles needed to stay ahead of the competition demand a web-centric scripting language that is easy to maintain and update. We'll explore a case study of one company (Yahoo!) that is making the transition to PHP from a proprietary server-side page language written in C/C++."
Business Understanding open-source licenses (ZDNet)ZDNet is carrying a Gartner Group pronouncement about open source licensing. "By 2005, warranties and additional maintenance for at least the 100 most-popular open-source software products will be offered by commercial software vendors, service providers, or insurance companies (0.7 probability). In the meantime, users can minimize any 'fitness for purpose' risks through evaluation and testing, and by only using production releases of well-known, mature products from reputable distributors."
Is Microsoft losing ground to Linux? (News.com)News.com looks at a couple of areas in which Linux has scored recent victories. "Open-source software gave Microsoft a one-two punch this week, with the European Union and an African nonprofit educational organization showing preference for Linux systems."
Interviews Scratching an itch: a KDE developer speaks (Sydney Morning Herald)The Sydney Morning Herald interviews Sirtaj Singh Kang, a.k.a. Taj, official KDE Spokesperson for Australia on the topic of KDE.
Resources Embedded Linux Newsletter for Oct. 31, 2002 (LinuxDevices)The October 31, 2002 edition of the LinuxDevices Embedded Linux Newsletter is out with the latest Embedded Linux news.
Advanced filesystem implementor's guide, Part 12 (IBM developerWorks)This IBM developerWorks article introduces the Enterprise Volume Management System (EVMS) for Linux. "Have you ever stopped to think about how many powerful storage-related technologies are available for Linux? Consider just our options for a journaling filesystem: ReiserFS, ext3, XFS, and JFS. Several years ago, Linux didn't even have a journaling filesystem. Now, we have plenty of them and find ourselves in the luxurious position of being able to choose the best filesystem for our needs. Choice is definitely a good thing."
Reviews Corporates eye OpenOffice (vnunet)Vnunet eyes OpenOffice. "A new beta version, dubbed Build 643, was launched last week, making it easier to migrate to the open-source suite by simplifying the way users create macros. A macro recorder now lets users create macros by recording their keystrokes and mouse movements as they navigate through dialog boxes."
Bricolage: A Good Open-Source Option (eWeek)eWeek has reviewed Bricolage, an open-source Perl-based web content management system.
Miscellaneous European Commission eyes Linux (vnunet)Vnunet covers Netproject's pilot contract to examine deployment of open source software in government departments. "The investigation will consider Linux and open source applications for both servers and desktops and in both local and central government. It will include authentication of users and authorisation of what resources can be accessed."
Latest Linux kernel to control access (vnunet)The vnunet article looks at features that will be included in the 2.6 version of the Linux kernel. "Recent developments to improve task scheduling and the handling of threads mean that Linux has just about solved the scalability problems that have prevented many IT departments from using Linux on high-end hardware. These updates are also set to debut in version 2.6."
What I Learned on Linux Lunacy (Linux Journal)Doc Searls covers the second annual Linux Lunacy Geek Cruise in this Linux Journal article. "I had high expectations for the trip, and all of them were exceeded. I won't go into the details of what went on; see the Linux Journal web site on Friday for a nice long report. But I will give you a brief summary of what became a lot clearer to me--and to everybody else, I think--by the end of a week on a ship with Linus, Guido van Rossum, Eric Raymond, Ted Ts'o, Randall Schwartz, Steve Oualline and a star chamber of other alpha geeks. The short of it is Linux is an even bigger phenomenon than it appears to be, and so is the open-source development model that produced it."
Geeks on the Half Shell 2.0: Cruising the New Dominion with Linus and Friends, Part 1 (Linux Journal)Doc Searls provides a travel log of the Linux Lunacy Geek Cruise. "Day Three (Tuesday) began at Cozumel, an island off Mexico's Yucatan peninsula, not far from CancĂșn. There we dispersed to a variety of towns, beaches and Mayan ruins before reconvening on the ship for talks on filesystems (Ted), Perl (Randall), "Vim for Vi Users" (Steve Oualline) and "Preparing for Incident Response and Forensics" (Brian Carrier). I gave the pre-dinner keynote, "The Silent Majority: How Linux Got to Be Everywhere While Nobody Was Watching". It was a fun talk for a fun crowd. The only criticism came from one guy who said, "There weren't enough laughs at the end." Which still means he was entertained for nearly an hour."
Linux Lunacy II: Geek Cruise Photo Gallery (Linux Journal)For those of you who have been following Doc Searls account of the second Linux Lunacy cruise, here are the pictures, and here is the slideshow for Doc's keynote presentation. Also part 2 of "Geeks on the Half Shell 2.0".
Page editor: Forrest Cook Announcements Commercial announcements Penguin Computing Expands Product Line with Four Processor Linux ServerPenguin Computing has announced the immediate availability of its next generation Intel(R)-based Relion class server.
New Survey Finds Linux Adoption Growing in ChinaThe Evans Data Corporation has released a report showing that the People's Republic of China is emerging as one of the world's Open Source Linux operating system strongholds.
Mainline and Sistina Deliver zSeries Linux Global File System for MainframesMainline Information Systems and Sistina Software have announced an alliance that will deliver a Linux-based data-sharing solution for the IBM S/390 and zSeries platforms.
Resources The October 2002 Netcraft Web Server SurveyThe October 2002 Netcraft Web Server Survey is out with the latest web server usage statistics. Competition in SSL Certificate Market is discussed.
LPI News for October, 2002The October, 2002 Linux Professional Institute News is out with the latest news from the LPI.
Linux Gazette #84Issue #84 of the Linux Gazette is out, with a whole slew of Linux related articles.
Upcoming Events Ottawa Linux Symposium 2003 call for papersThe 2003 Ottawa Linux Symposium will be happening June 23 to 26 in Ottawa, Ontario, Canada. The call for papers has gone out, with a submission deadline of January 15, 2003.
Red Hat Roadtrip in LAThe Red Hat Roadtrip will be in Los Angeles, CA on Tuesday, November 12th, 2002. "USC and lalugs.org are proud to present a Round Table discussion with Red Hat on the topic "Linux on the University Desktop". Please come and help us hash out how universities can roll out Linux to their desktop users. The event will take place from 6PM to 8PM in room THH 202 at USC." More information on the event is available here. Thanks to Dan Kegel.
LinuxWorld keynote speakers announcedLinuxWorld New York (January 21-24) has announced its keynote speaker lineup: Hector Ruiz (AMD), Michael Tiemann (Red Hat), Steven Mills (IBM), and Randy Mott (Dell).
Events: November 7, 2002 - January 2, 2003
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook Letters to the editor Letters to the Editor
There's been a lack of letters to the editor that has been commented on by LWN a number of times. I'd like to express my thoughts on why there have been few, if any, people writing in. With the new CMS built for LWN the advent of comments to specific articles was added. This was due to a large request from readers. There is nothing wrong with being able to comment and have a psudo-interactive discussion. A side effect, though, is that things people previously would have sent in as letters are now simply being posted as comments. Is this good or bad or a non-issue? I can't say. For me, I'd rather have the LttE than article comments but that's just my preference. Maybe a compromise system could be used. A page with an outline of all the comments ordered by article title might work. This is just a thought off the top of my head. Anyone else have any ideas? -- Your mouse has moved. Windows(R) must be restarted for the change to take effect. Reboot now? [OK]
Looking for a LAMP distro
A lot of attention has been given to the huge group of independent developers and companies that create a huge volume of Linux software that is Apache, MySQL and Perl/Python/PHP centered. O'Reilly has created a seperate web page dedicated to those people/projects. What I don't get is why Red Hat, SuSE or Mandrake don't have a single-CD distro aimed at supporting this crowd. As a LAMP developer, I would love to point people intersted in my software toward a LAMP distro and say, "If you're intested in this software, but don't have a Linux computer, just download this distro, install it and then install our software over it." To my way of thinking, this small, "specialized" server distro would reqire very little in the way of additional maintenance cost for any of the established Linux distro companies, and provide an excellent "gateway Linux" to get whole companies hooked on thier product. Jody Harris Realization Systems, Inc. -- http://www.realizationsystems.com/ - changing the way people communicate http://www.galacticslacker.com/ - read it and weep
On ACLs
You commented that you would like more letters so I thought I would spend a few minutes writing something - something on the topic of ACLs which as you noted caused a lot of discussion and differing opinions on linux-kernel. For myself I think that it is sad that ACL support had to go into Linux. Not sad that it *did*, but sad that it *had to*. Linus is ever the pragmatist, and including support for ACL's is certainly the pragmatic thing to do. But I think that the environment that makes it a pragmatic decision is sad. You see, I would rather go in the opposite direction, and remove what ACL's we do have from being supported by the kernel: they aren't needed, and are often 'wrong', except in the simplest cases. They aren't needed because I have access to much more flexible ACL's completely outside of the kernel. Apache, for example, provides very flexible access control via the .htaccess file and various 'require' directives and authentication mechanisms. These mechanisms allow people to create their own groups and give access based on patterns in filenames, both features that are very useful and unlikely to be supported by any ACL mechanism that is embedded in the kernel. You might think that apache's access control only allows control of read access, but write access is also very much a possibility. By defining a few generally applicable 'PUT' handlers (e.g. one which will append, one which will check-in to RCS first, etc) a sysadmin can make it fairly straight forward for users to give controlled write access to files as they choose. And this leads to the second issue, that current ACLs (and by that I mean UNIX rwx for each of ugo) are wrong except in the simplest cases. Giving anyone else unfettered write access to your files is probably a bad idea. We have a long history of how much of a bad idea a world writable /tmp is, and group-writable directories aren't really much better. The issues with others-writable files aren't so bad, but still, in most cases you would really like some sort of control. Possibly allowing others to append, providing their username appears first would be ok. Possibly checking the file into a revision control system before making a change would be ok. But un-checked write access just isn't sensible. Obviously some files would benefit from much more subtle access control rules. Your example of /etc/password as mentioned in the article on reiser4 is a good one. Some people possibly should have write access to some parts of their own record. Some people might be denied read access to some fields of other people's records. Hans Reiser, it would seem, would like to embed all that knowledge in the filesystem. I would rather lift it all up and embed it in some user-space service. Quite possibly that service could present a filesystem-like interface (as I'm sure it would in plan-9) and that interface could be 'mounted' into the filesystem name-space. But embedding knowledge of such access controls in the kernel is, to me, wrong. So what is my grand vision (which will never eventuate due to the weight of current-practice)? - File systems do not store any ownership/access control information. - File systems are mounted either readonly, or writable. / and /usr are readonly. /home (which will only contain my home) is writable. - Each process has a separate 'mount table' and associated view of the name space (this is coming to Linux if it isn't here already). My processes see my home directory, your processes see yours. - Access to other people's personal filesystems have to be through some sort of gateway, such as apache/http. Such gateways would be able to impose arbitrary access controls as appropriate. There may well be a very light weight gateway that provides everyone with read-only access to a certain part of other peoples home directories (e.g. /home/public) to make sharing easier. - These gateways would use cryptographically secure identities (much like ssh does, and possibly using something like ssh-agent to supply them) so they could easily and securely be either remote or local. Thus we lift the whole ACL issue out of the kernel and place it clearly in user-space. As there doesn't seem to be clear agreement about what ACLs should really look like anyway (witness the Posix draft that nobody seems to like), I think the flexibility of being in user-space is a good thing. Doing away with access bits does mean that we loose the 'x' bit. But having non-executable files in directories in your PATH is a bit pointless anyway, and the kernel already knows what files are executable based on 'magic numbers'. The 'x' bit of directories doesn't add anything useful over the 'r' bit. It would also mean loosing the possibility of removing write access from files that you own. This (the 'user-write' bit) is probably the only permission bit that might be worth leaving, but I would want to think about it some more before I was certain that (in the ideal world) we should even keep that. I think filesystems should be left to store files and names of files (and symlinks/devices I guess) I think inter-person access control should be left to user-space daemons which are in a position to be more flexible than any ACL scheme that a kernel/fs developer is likely to come up with. I think the filesystem interface is likely to be a good interface for accessing such daemons, but that is quite different from embedding the daemons functionality in a filesystem. As a sort of summary, it seems a pity to have to include a questionable feature due to outside pressure. It is true that having ACL support in the kernel doesn't preclude me from coming up with a system that doesn't need it. However as Linus said recently on another matter (LKCD I think it was), a problem with including something that is 'good' but might not be 'best' is that it reduced the incentive to create the 'best' thing. I feel that logic could apply to ACLs. NeilBrown
Page editor: Jonathan Corbet
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||