A look at a Linux kernel rejection

The Halloween deadline for submission of new features for the 2.5 kernel has passed. Linus has not made final decisions on everything on the wishlist, but most of the new features which will be in the next stable kernel series are in the development kernel now. And some developments clearly are not going to be in that next stable kernel. Negative results are often the most interesting - they expose interesting information on how the system works. So we'll look at why a seemingly sensible feature did not get into the 2.5 kernel.

The project in question is the Linux Kernel Crash Dump (LKCD) subsystem. LKCD comes into play if a Linux kernel panics; it uses the swap area to create an image of the dying system. That dump can then used to figure out just what went wrong. Commercial operating systems have had crash dump capabilities for decades; crash dumps make life much easier for vendors facing angry customers who want their systems fixed immediately. Given the increasing interest in "enterprise" deployments and high-quality support, one would think that a crash dump capability would be a high priority for inclusion. One would also think that it would not be controversial, since crash dump support does not slow down or adversely affect users in any way. So why did it fail to go in?

Certainly, there were some technical concerns about LKCD. A kernel which is crashing is, by definition, not functioning properly; do you really want that kernel to write massive amounts of data to disk as its last act? Some developers fear that LKCD has not taken sufficient care to avoid overwriting files as it saves its dump to disk. There is no real history of people having their systems trashed by LKCD, but the worry remains.

LKCD has not played the kernel political game all that well. In some cases, it is enough to write code and ask that it be merged. But, as a general rule, you have to convince Linus that the development really belongs in his kernel. In practice, that means turning one or more of the top-tier developers into an advocate for your work. The LKCD developers have not done that; instead, they have tried putting pressure on Linus directly. Linus responded by digging in his heels and stating: "...right now I won't touch LKCD with a ten-foot pole, if only because I've been mail-bombed by people who argue for it when I have better things to do than to explain myself over and over again."

But neither of those reasons are the real reason why LKCD got left out in the cold. As Linus has been saying for a few years, his real job anymore is saying "no" to people. He says "no" to anything that, in his opinion, does not really have to be in his kernel. It is a hard job; it requires enough backbone (and ego) to stand up against great pressure at times. But it is also a crucial role that must be played well if the kernel code is to remain maintainable over the long term.

Linus said "no" to LKCD because he did see any real advantage to having it in his kernel. LKCD, says Linus, is a "vendor-driven" development. Since LKCD is vendor driven, the vendors that are interested can merge it into their trees. That is what free software is all about, of course. This attitude may seem a little harsh, but it makes sense when you consider a couple of points:

• Vendors, with very rare exception, do not ship Linus's kernels as he distributes them. Most vendor kernels are heavily patched, with dozens (or even hundreds) of changes and added features. The spec file for the 2.4.18 kernel shipped with Red Hat Linux 8.0 lists a full 200 patches; Red Hat has added User-mode Linux, TUX, the O(1) scheduler, the low-latency patch, NAPI, netdump (a network-based crash dumper), etc. LKCD would be a small addition to the list of patches already applied by distributors. The fact that few vendors have included LKCD suggests that they, who are the main market for such a feature, are not yet interested in it.

• It is hard to imagine any vendor being interested in a crash dump that comes from anything other than one of their own stock kernels. Linux empowers any user to obtain and build any kernel they want, but those users cannot, in general, expect their vendors to chase bugs in "roll your own" kernels.

So, by suggesting that interested vendors patch in LKCD themselves, Linus is getting that code to the places where it is useful without having to put it into his tree. A certain amount of kernel source bloat is avoided, the way is left open for other potential crash dump implementations, and LKCD is still easily deployed in the situations where it is needed. All told, it is not an entirely unreasonable decision. The kernel process is often hard on developers, but it important that Linus continues to say "no" if we want to have a kernel which does not eventually collapse under its own weight.

(See also: Linus's explanation of why LKCD didn't go in, and of how to get patches into the kernel in general, and this week's Kernel page, which looks at the next steps for the (non-merged) EVMS project).

Comments (3 posted)

The Microsoft settlement

Tempting as it may be to pass over the final judgement in the Microsoft case as not being of interest to Linux users, the truth of the matter is that there are a couple of things worth saying. Even though this settlement looks an awful lot like "business as usual."

Free software advocates had hoped, for a while, that the settlement would at least require the opening of formats and protocols. Imagine the great things the Samba team could do if it had to spend less time reverse engineering everything. In the end, the final settlement offers nothing of value in this regard. Consider:

• Microsoft is required to license its protocols under RAND terms. These terms involve license fees, of course, and are thus quite discriminatory against free software.

• Microsoft does not have to license to companies which have a "history of software counterfeiting or piracy or willful violation of intellectual property rights." Potential licensees also have to convince Microsoft of the "authenticity and viability" of their business, and submit their code to Microsoft for verification.

The most interesting provision with regard to licensing, though, may well be this one:

As has been pointed out by others, the "security" argument could be used to lock up just about anything that Microsoft does not want to release. And why, exactly, does the U.S. government reserve to itself the right to suppress the release of API and protocol information? One assumes that somebody has something in mind here.

After five years, the entire settlement goes away.

The bottom line is that this decree is not going to help the free software community to any great extent. But, then, it never really was going to. Attacking Microsoft is not a useful goal for the free software community; our purpose is to create and distribute the best free software we can. And, for those who wish to see Microsoft in discomfort, it is worth noting that free software has already caused the company much worry. Microsoft's planned takeover of the server space has been thwarted, and the company's grip on other computing markets, while still firm, just does not look as invulnerable as it once did. Editors, compilers, and the free software development process may yet prove to be the most effective weapon against software monopolies.

(See also: yet another leaked Microsoft memo, duly marked up by Eric Raymond. This one is a survey of opinions toward Linux. "Closing, those who are familiar with OSS and Linux are favorably predisposed towards them. Linking this work with other on-point research, we can assume that in the majority of cases this reported 'favorability' is more emotional than it is rational.")

Comments (6 posted)

Your weekly report from LWN

It's time for the weekly "report from LWN" column. Read on for the latest subscription information, the new search engine, gift certificates, and more.

As of this writing, there are just under 2300 individual LWN subscribers. In recent times, that number has been growing by about 100 per week - not quite what we might really like, but enough to keep us reasonably happy if it continues. Making it continue could prove challenging, however. A number of subscribers signed up for only one or two months, and those subscriptions are beginning to expire. Unless those subscriptions get renewed (hint, hint...), we could conceivably start going backwards. Here's to hoping that doesn't happen.

One way to help keep that from happening would be to shower your friends with LWN gift certificates. It's a great way to support LWN and, simultaneously, deal with your holiday shopping problems.

We have sold about twenty group subscriptions, including a couple of reasonably large ones. Next week, perhaps, we'll publicly thank the companies which wish to be acknowledged in this way.

Meanwhile, LWN once again has a search engine. It has the basic features one would expect, including the ability to filter on category and content type. It is indexed as content is generated, so search results always include the newest content. For now, only the new site (i.e. content back to last June) is covered; we're still figuring out what the best solution is for all of our older content. We may, as one reader suggested, simply put in a link to Google...

That's pretty much it for this week. Thanks to all of you, again, for supporting LWN.net.

Comments (19 posted)

Keeping older Debian distributions secure

The Debian Project has sent out a survey in an attempt to figure out how many users are still using the "Potato" distribution. The project's goal is clear: they want to figure out when they can stop providing security updates for that version of the distribution. Pulling the plug on Potato may seem a bit premature, given that Woody was only released back in July. But, for Debian, this move is already late; remember that support for Debian 2.1 ("Slink") was withdrawn just one month after the Potato release.

Debian is different from most distributions, of course, in that its users are expected to upgrade quickly. Given the ease of the process, there is generally little reason to wait. But the simple fact is that people do not like to upgrade working systems. If a computer is happily doing the tasks assigned to it, why thrash up the operating system and break things? Commercial distributors understand this inertia, and most of them go out of their way to support old distributions for at least a couple of years. As a volunteer-driven distributor, the Debian Project has had the freedom to cut off support sooner (because it does not have paying customers), and the need to do that, because it does not have paid developers who can be sent off to patch holes in ancient packages.

The fact that the Debian Project is asking for input this time, rather than simply cutting off support after one month, shows a new sensitivity toward the needs of users beyond the Debian developer community. This is a good thing, of course, but Debian, by its nature, will still be limited in the amount of support it can provide for older versions of its distribution. This is an area where companies that ship commercial versions of Debian could contribute back to the project. By paying somebody to fix security problems in older versions of Debian GNU/Linux, these distributors can enhance the value of their own products while supporting the project that supports them.

So far, no vendor of Debian-based distributions has stepped up to this plate. Indeed, Debian-based distributors tend not to bother with security updates at all, since the Debian Project itself does such a good job with them. If these companies are serious about using Debian as a base for a commercial product, however, they are going to have to get a bit more serious about long-term support. Otherwise, they are likely to find their customers going elsewhere.

Comments (2 posted)

CodeWeavers adds KLEZ immunity

CodeWeavers has announced a new version (1.3.1) of its CrossOver Office product which features immunity to the KLEZ virus. "Whenever KLEZ attempts to run its .EXE file from the TMP directory, CrossOver Office 1.3.1 spawns a message to the user warning them that they may launching an application that could potentially harm their computer." Bringing Windows applications to Linux is a good thing for many users, but great care must be taken to not port Windows problems as well...

Comments (none posted)

linuxconf: bad sendmail configuration file creation

Package(s):	linuxconf	CVE #(s):
Created:	November 6, 2002	Updated:	November 6, 2002
Description:	The linuxconf "mailconf" module can create sendmail configurations which allow the server to run as an open relay, instantly turning your site into a spammer's tool and getting you onto blacklists.
Alerts:	Conectiva CLA-2002:544 linuxconf 2002-11-06

Comments (1 posted)

log2mail: buffer overflow

Package(s):	log2mail	CVE #(s):
Created:	November 6, 2002	Updated:	November 6, 2002
Description:	Enrico Zini discovered a buffer overflow in log2mail, a daemon for watching logfiles and sending lines with matching patterns via mail. The log2mail daemon is started upon system boot and runs as root. A specially crafted (remote) log message could overflow a static buffer, potentially leaving log2mail to execute arbitrary code as root.
Alerts:	Debian DSA-186-1 log2mail 2002-11-01

Comments (none posted)

luxman: pathname vulnerability

Package(s):	luxman	CVE #(s):	CAN-2002-1245
Created:	November 6, 2002	Updated:	November 6, 2002
Description:	LuxMan is a maze game which, one would think, would not be much of a threat. It has, however, a pathname vulnerability that can be turned into a local root exploit. Versions through 0.41 are vulnerable.
Alerts:	Debian DSA-189-1 luxman 2002-11-06

Comments (none posted)

Mozilla: Privacy leak and other vulnerabilities

Package(s):	mozilla	CVE #(s):	CAN-2002-1126 CAN-2002-1091
Created:	November 1, 2002	Updated:	February 13, 2003
Description:	Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, including manually entered URLs. Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. See also Mozilla's Recently fixed security issues page. All users are encouraged to upgrade to this latest stable 1.0.x release of Mozilla.
Alerts:	Conectiva CLA-2003:568 mozilla 2003-02-13 Mandrake MDKSA-2002:075 mozilla 2002-10-31

Comments (none posted)

perl-MailTools: remote command execution

Package(s):	MailTools	CVE #(s):	CAN-2002-1271
Created:	November 5, 2002	Updated:	September 19, 2003
Description:	The SuSE Security Team reviewed critical Perl modules, including the Mail::Mailer package. This package contains a security hole which allows remote attackers to execute arbitrary commands in certain circumstances. This is due to the usage of mailx as default mailer which allows commands to be embedded in the mail body. Note that mail processing programs which use this package can be affected by this vulnerability; in particular, SpamAssassin is vulnerable if you use the -r or -w flags.
Alerts:	Debian DSA-386-1 libmailtools-perl 2003-09-18 Gentoo 200302-01 SpamAssasin 2003-02-02 Mandrake MDKSA-2002:076 perl-MailTools 2002-11-07 Gentoo 200211-001 MailTools 2002-11-06 SuSE SuSE-SA:2002:041 perl-MailTools 2002-11-05

Comments (none posted)

Linux Security Week

The LinuxSecurity.com Linux Security Week Newsletter for November 4 is available.

Full Story (comments: none)

Kernel release status

The current development kernel is 2.5.46, which was released by Linus on November 4. It includes uClinux (a port of the kernel to systems with no memory management unit), the "huge TLB" filesystem for working with large pages, more driver model work, the latest sys_epoll implementation, a big m68k update, the beginning of initramfs support (see below), an ARM update, extended attributes and some online resizing support for the ext2 and ext3 filesystems, and numerous other patches. The the long-format changelog has the details.

Linus has taken a break (from kernel development, anyway) since releasing 2.5.46; his BitKeeper tree is almost empty.

The current prepatch from Alan Cox is 2.5.45-ac1; it adds a number of fixes and backs out some "dangerous looking" SCSI driver changes.

The latest 2.5 status summary from Guillaume Boissiere is dated November 4.

Dave Jones has posted version 0.10 of his "post-Halloween" 2.5 kernel document.

The current stable kernel is 2.4.19; there have been no 2.4.20 prepatches released over the last week.

Comments (none posted)

The Orlov block allocator

The performance of a file system is dependent on many things; one of the crucial factors is just how that filesystem lays out files on the disk. In general, it is best to keep related items together; a kernel compilation will go more quickly if the files within the kernel source tree all live close to each other on the disk. To achieve this goal, the ext2 and ext3 filesystems have long tried to lay out the contents of a directory in the same cylinder group (or, at least, in nearby groups).

In the real world, however, it turns out to be better, sometimes, to spread things out. Imagine setting up a system with users' home directories in /home. If all the first-level directories within /home (i.e. the home directories for numerous users) are placed next to each other, there may be no space left for the contents of those directores. User files thus end up being placed far from the directories that contain them, and performance suffers. The ext2 filesystem has suffered from this sort of performance degradation for some time.

The 2.5.46 kernel contains a new block allocator which attempts to address this problem. The new scheme, borrowed from BSD, is named the "Orlov allocator," after its creator Grigory Orlov; he has posted a brief description of the technique as it is used in the BSD kernels. The Linux implementation, as implemented by Alexander Viro, Andrew Morton, and Ted Ts'o, uses a similar technique but adds a few changes.

Essentially, the Orlov algorithm tries to spread out "top-level" directories, on the assumption that they are unrelated to each other. Directories created in the root directory of a filesystem are considered top-level directories; Ted has added a special inode flag that allows the system administrator to mark other directories as being top-level directories as well. If /home lives in the root filesystem (and people do set up systems that way), a simple chattr command will make the system treat it as a top-level directory.

When creating a directory which is not in a top-level directory, the Orlov algorithm tries, as before, to put it into the same cylinder group as its parent. A little more care is taken, however, to ensure that the directory's contents will also be able to fit into that cylinder group; if there are not many inodes or blocks available in the group, the directory will be placed in a different cylinder group which has more resources available. The result of all this, hopefully, is much better locality for files which are truly related to each other and likely to be accessed together.

As of this writing, only one benchmark result with the new allocator has been posted. The results are promising: the time required to traverse through a Linux kernel tree (a dauntingly big thing, these days) was reduced by 30% or so. The Orlov scheme needs more rigorous benchmarking; it also needs some serious stress testing to demonstrate that performance does not degrade as the filesystem is changed over time. But the initial results are encouraging. Linux has, once again, benefitted from the ability to borrow good ideas from other free kernels.

Comments (1 posted)

Hot and cold pages

One of the many changes rolled into the 2.5.45 kernel was the "hot-n-cold pages" patch from Martin Bligh, Andrew Morton, and others. It's a conceptually simple change that shows how far one has to go to deal with the realities of modern system architecture.

One generally thinks of a system's RAM as being the fastest place to keep data. But memory is slow; the real speed comes from working out of the onboard cache in the processor itself. Much effort has, over the years, gone into trying to optimize the kernel's cache behavior and avoiding the need to go to main memory. The new page allocation system is just another step in that direction.

The processor cache contains memory which has been accessed recently. The kernel often has a good idea of which pages have seen recent accesses and are thus likely to be present in cache. The hot-n-cold patch tries to take advantage of that information by adding two per-CPU free page lists (for each memory zone). When a processor frees a page that is suspected to be "hot" (i.e. represented in that processor's cache), it gets pushed onto the hot list; others go onto the cold list. The lists have high and low limits; after all, if the hot list grows larger than the processor's cache, the chances of those pages actually being hot start to get pretty small.

When the kernel needs a page of memory, the new allocator normally tries to get that page from the processor's hot list. Even if the page is simply going to be overwritten, it's still better to use a cache-warm page. Interestingly, though, there are times when it makes sense to use a cold page instead. If the page is to be used for DMA read operations, it will be filled by the device performing the operation and the cache will be invalidated anyway. So 2.5.45 includes a new GPF_COLD page allocation flag for the situations where using a cold page makes more sense.

The use of per-CPU page lists also cuts down on lock contention, which also helps performance. When pages must be moved between the hot/cold lists and the main memory allocator, they are transferred in multi-page chunks, which also cuts down on lock contention and makes things go faster.

Andrew Morton has benchmarked this patch, and included a number of results with one of the patchsets. Performance benefits vary from a mere 1-2% on the all-important kernel compilation time to 12% on the SDET test. That was enough, apparently, to convince Linus.

Comments (none posted)

Initramfs arrives

The "initramfs" concept has been in the 2.5 plans since back before there was a 2.5 kernel. Things have been very quiet on the initramfs front, however, until the first patch showed up and was merged into the 2.5.46 tree.

The basic idea behind initramfs is that a cpio archive can be attached to the kernel image itself. At boot time, the kernel unpacks that archive into a RAM-based disk, which is then mounted and used at the initial root filesystem. Much of the kernel initialization and bootstrap code can then be moved into this disk and run in user mode. Tasks like finding the real root disk, boot-time networking setup, handling of initrd-style ramdisks, ACPI setup, etc. will be shifted out of the kernel in this way.

An obvious advantage of this scheme is that the size of the kernel code itself can shrink. That does not free memory for a running system, since the Linux kernel already dumps initialization code when it is no longer needed. But a smaller code base for the kernel itself makes the whole thing a little easier to maintain, and that is always a good thing. But the real advantages of initramfs are:

• Customizing the early boot process becomes much easier. Anybody who needs to change how the system boot can now do so with user-space code; patching the kernel itself will no longer be required.

• Moving the initialization code into user space makes it easier to write that code - it has a full C library, memory protection, etc.

• As pointed out by Alexander Viro: user-space code is required to deal with the kernel via system calls. This requirement will flush a lot of in-kernel "magic" currently used by the initialization code; the result will be cleaner, safer code.

The patch, as found in 2.5.46, does not do a whole lot; it adds the basic mechanism but only removes "three simple lines" from the current initialization code. The bulk of the code will be added in the coming weeks - now that the "feature" is in the kernel, the details can be filled in without, technically, breaking the feature freeze. The plan for those steps has been laid out by Jeff Garzik:

• A small C library ("klibc") will be merged to support initramfs applications.

• A small "kinit" application will be created with klibc. In the beginning, it will only do enough work to show that the mechanism is functioning properly.

• The "initrd" (initial ramdisk) subsystem will be moved into kinit, and out of the kernel itself.

• The mounting of the root filesystem will be moved to user space. A lot of code for dealing with things like NFS-mounted root filesystems will go away.

That is as far as the plan goes, for now. There is no doubt that other parts of the initialization process will be moved to user space, however; it will be interesting to see how that process goes.

There a couple of fundamental open questions that will have to be answered during the remaining 2.5 development period. One is whether the initialization process should be handled by a single "kinit" application, or whether it should be a collection of programs, and, probably, shell scripts. Then, there is the question of what to do with klibc. It will be packaged with the kernel for now, but a number of kernel developers think that klibc (and the whole user-space initialization setup) should eventually be split off into a separate project. These decisions might not be made until very shortly before the stable release.

Comments (9 posted)

EVMS changes direction

The EVMS project is an IBM-sponsored effort to provide volume management services for Linux. EVMS had high hopes for inclusion in the 2.5 kernel, but, when it came down to the wire, Linus opted to merge LVM2 instead. LVM2 lacks many of the features and fancy GUI management tools found in EVMS, but the kernel developers found the code to be much more to their liking. So EVMS got left out in the cold.

Some developers, when their work is passed over for inclusion, complain at length on the linux-kernel list. Others simply take their marbles and go home. The EVMS project, instead, has decided to take a different approach: they will drop their kernel driver and rework their administration tools to work on top of LVM2 instead. The result, with luck, should be the best of both worlds for EVMS users: they get the well-respected management tools on top of the in-kernel LVM2 base.

This decision has been strongly applauded on the kernel list; the EVMS team even got a rare note of respect from Alexander Viro. It takes class to pick yourself up from a big disappointment and move forward with a new, better plan. EVMS should have a lot of support as it moves into the future.

Comments (1 posted)

Eagle Linux

Eagle Linux is a distribution that boots and runs from floppy or CD-ROM, so you can take Linux with you where ever you go. No disk partitioning or installation necessary. Eagle Linux is also a learning tool, because you build the CD yourself, on the platform of your choice, using the 'How-To' which covers everything needed to create your unique distribution with free software.

Of course you'll need a working Linux system with Internet access and a CD burner to the create the Linux CD of your dreams. The instructions begin:
"To compile the kernel, first obtain the most recent kernel from somewhere such as http://www.kernel.org. It will be packaged as a .tar.gz in most cases, and you will want it to reside in /usr/src after download."

Eagle Linux seems like an ideal tool to teach computer science students about Linux and operating systems in general. A school project in which the student builds her own Linux CD, which could come in handy at the computer lab or the Internet cafe. The author of Eagle Linux, Michael P. Angelo, tells us the distribution has been tested in a university setting in both computer science and electrical engineering programs.

Eagle Linux 1.0 is Red Hat Linux-centric while Eagle Linux 2.0, due out in December, is based on Debian.

Full Story (comments: none)

Debian GNU/Linux

The Debian Weekly News for November 5 is out. It looks at the Debian potato security survey, Debian as an anarchist organization, the beginnings of the first Woody update, and numerous other topics.

Silicon Breeze has announced the new Debian Collection, featuring over 30 Debian swirls individually sculpted in gold, silver, turquoise and amber. This could be the first serious exhibition of a traditional art form available exclusively over the Internet, and inspired entirely by an Open Source project.

Linux Orbit has a HOWTO article on getting Advanced Linux Sound Architecture (a.k.a. ALSA) sound modules set up properly. The HOWTO shows you how to compile and install the ALSA kernel modules, and then setup things using the ALSA Debian script so that modules are automatically loaded and unloaded, and your mixer levels are saved and restored on boot up.

Here is a report on the first revision of the current stable Debian distribution (woody).

If you still have a Debian 2.2 (potato) system in service, please respond to the potato survey on now from the Debian Security Team.

In a nibble from the DDTP you can find out about the progress being made by the Debian Description Translation Project (DDTP).

Comments (none posted)

Mandrake Linux

Here's the Mandrake Linux Community Newsletter for October 31, 2002. "This Week's Summary: What's Cookin' at MandrakeSoft?; 9.0 Documentation Now Online; MandrakeClub Transgaming Discounts; Mandrake in the News; Spotlight on the OpenRouter Project; Website Watch; Mandrake Linux Users Survey; Software Updates; Headlines from MandrakeForum"

Mandrake has new printing-related packages available that offer many printing enhancements over those drivers provided with Mandrake Linux 9.0. Some improvements include a new driver for Lexmark Z11, a number of updated ghostscript drivers, a new version of HPIJS, a newer GIMP-Print which provides much better quality for most Epson Stylus printers, and many new printer drivers as well. Note: this advisory has an update out. The previous updates built ghostscript without the "cups" driver. That has been corrected in these new packages.

A new initscripts package is available that fixes problems with certain locales including pl, sq, fi, lv, ru, sk, and Danish translation encoding. This package also corrects some issues with wireless link detection.

A number of bugs present in samba versions prior to 2.2.6 were fixed. 2.2.6 is considered to be the final version of the 2.2.X series. We strongly suggest all users to upgrade to this version.

Comments (none posted)

Sony PVR Powered by MontaVista Linux

MontaVista Software announced that MontaVista Linux Professional Edition 2.1 is the chosen operating system for the CoCoon Channel Server, the new Internet-connected Personal Video Recorder (PVR) from Sony.

Full Story (comments: none)

OpenBSD

OpenBSD 3.2 has been released, with improved hardware support, major improvements in the pf packet filter, ever-improving security, and lots more.

Full Story (comments: none)

Slackware Linux

Slackware Linux has just a few changes to the current tree this week. See the week's changes below, or see the change log for full details.

Full Story (comments: none)

SuSE Linux Enterprise Server Validated for IBM DB2 Database Software

SuSE Linux announced that the SuSE Linux Enterprise Server (SLES) has proved itself as a powerful Linux platform for IBM`s DB2 Version 8 database software with SLES latest certification for DB2.

Full Story (comments: none)

DeLi Linux

DeLi Linux stands for "Desktop Light" Linux, a smaller desktop oriented distribution for older computers, from 486 to Pentium MMX 166 or so. DeLi is based on Slackware 7.1 and includes plenty of desktop software like email clients, graphical webbrowser, an office package with word processor and spreadsheet, and more. Yet a full install, including XFree and development tools, requires about 300 MB of hard disk space. DeLi uses the rocksolid 2.2.19 kernel for its stability and smaller size. Still very much in beta, version 0.1 was just released this week.

Comments (none posted)

uOS

uOS is a complete source based operating system, designed to be configured and built in a flexible way. First used in November 2002, uOS is still a very much a beta system, with lots of kinks to work out. Although the goal is to make uOS usable by everyeone it currently requires Unix expertise to install and to run. uOS is based on GCC 3.2 / GLIBC 2.3 / WOLK Linux Kernel / X 4.2.1. It supports the newest drivers as well as the newest compilers. Core components are available under the 4F Licensing system (compliant to DFSG and OSI guidelines for Free Software). Initial version 0.81 is available.

Comments (none posted)

2-Disk Xwindow embedded Linux

2-Disk Xwindow embedded Linux has released v1.4rc802. This project disappeared from Freshmeat sometime in September 2002, but now it has resurfaced with a new home page.

Comments (none posted)

CLIC Linux

A new version of clustering project CLIC Phase1 has been released and is now available for download and testing.

The Register has an article about CLIC Linux. "The researchers on this project set out with the goal of developing super-computer power from a low cost base and the natural and most obvious place for them to start was with the ever present PC. They all knew the possibilities of tying together low cost machines to create a super-computing power and had seen it done before. Previously, though, the kind of software used to manage an environment like this was commercial. In this case it isn't."

Comments (none posted)

Haydar Linux Beta2

Haydar Linux has announced the release of Haydar Linux Beta2. This version of Haydar Linux will support Arabic, Dutch and English, OpenOffice 1.0 "With Arabic Support", KDE 3.0.4 and lots more.

Full Story (comments: none)

KNOPPIX

KNOPPIX has released v3.1-31-10-2002 with minor feature enhancements. "Changes: This release has better support for GeForce 4 graphics cards, Gideon (Kdevelop 3.0), a bugfix for the mtab problem, knx-hdinstall patches, and preparation of knoppix-terminalserver for etherboot and PXE (untested)." Knoppix is a versatile little distribution, Don't miss "Knoppix makes a great GUI installer for Debian", a LinuxWorld article in the review section of this page.

Comments (none posted)

MoviX

MoviX has released v0.6 with minor feature enhancements. "Changes: A few new features have been added, including playlists, WMV and ASF formats, and DVD playback. Instructions are also provided for building a bootable CD with Nero for Windows users. A console mixer (nmixer) has been included for adjusting the audio levels." MoviX2, a closely related distribution with a multimedia focus, released v0.2.1 with bug fixes.

Comments (none posted)

uClinux

uClinux has released v2.5.45-uc1 with a new kernel configuration.

Comments (none posted)

Warewulf

Warewulf has released v1.4 with major feature enhancements. "Changes: The entire monitoring subsystem was written to use UDP for node stats, and TCP for user clients to communicate with daemon. This feature will allow Warewulf to scale much better, and have less system overhead."

Comments (none posted)

Halloween Review: Evil Entity Linux, A Desktop Distribution with Attitude

Here's an article on Linux Orbit which takes a look at Evil Entity Linux DR 0.2.4f and talks to one of the distribution's developers and web site maintainers Dave Martin (a.k.a. Rev. Kloss Korban). "Dave Martin: "Evil Entity is a distribution like no other! Its primary goal is to provide the best home or dorm-room desktop environment possible. "EvilE" is not a server distribution, nor a corporate workstation platform, it's simply the most fun and useful tool you can install on your PC! Now you can install Linux and be up and running, on-line, ripping MP3s, burning CD's, watching DVD's and TV, editing video, and creating 3D models in minutes."

Comments (none posted)

Knoppix makes a great GUI installer for Debian (LinuxWorld)

Joe Barr reviews Knoppix as an installer for Debian in this LinuxWorld article. "As Knopper told me, "Knoppix is a real Debian system." I've seen mention of it being used as a rescue CD, as a secure firewall, as a portable network monitor and as a traveling companion that allows you to read e-mail away from home without leaving tell-tale traces on someone else's hard drive. Others have been interested in experimenting with it as a secure Apache server. Knopper has said he is working on a project that will allow it to be used as a terminal server."

Comments (6 posted)

More on Libranet 2.7 (Linux Journal)

The Linux Journal looks (again) at Libranet Linux. "Where would I recommend Libranet? Well, if my neighbor wanted a desktop Linux distribution, I would be comfortable recommending it. Or if a company had Debian servers, Libranet could be just the ticket for moving desktops to Linux."

Comments (none posted)

The Open POSIX Test Suite

A new project known as the Open Posix Test Suite has been put together by four Intel employees, Geoff Gustafson, Julie Fleischer, Rusty Lynch, and Inaky Perez-Gonzalez.

The Announcement states: "The project's current approach to conformance testing is to record assertions from a close reading of the POSIX specifications, and write minimal test cases that prove or disprove these assertions. The test suite will be independent of specific API implementations, and will eventually be easily configurable to work with different implementations. The project aims for OS independence, using only POSIX APIs, the autoconf suite, and simple shell support."

The Open Posix Test suite is licensed under the GPL and work is primarily being done on the Linux platform, although support for other Posix compliant platforms should be possible. "The Open POSIX Test Suite is an open source test suite with the goal of performing conformance, functional, and stress testing of the functions described in the IEEE Std 1003.1-2001 System Interfaces specification. Eventual testing of the full specification is desired." One of the project's goals is to achieve ANSI C compliance with the Linux kernel coding standards.

Testing has been divided into the conformance, functional, and stress categories, for these POSIX function groups:

• Clocks and Timers (TMR)
• Threads (THR)
• Message Queues (MSG)
• Semaphores (SEM)
• Signals

Running a test appears to be fairly easy, the test code just needs to be compiled and executed, test results come as a pass/fail return code with optional messages. According to the documentation:

One of the design goals for the test suite is to make the addition of additional tests easy to do, outside contributions are being welcomed.

Comments (2 posted)

SAP DB version 7.3.00.29 released

Version 7.3.00.29 of the SAP DB database is available. The release notes detail the many changes.

Comments (none posted)

Linux in Education Report

Issue #82 of the Linux in Education Report is out. Topics include a version of Knoppix, a bootable debian GNU/Linux based cdrom for educators, parents, and students, SchoolNet Namibia on Microsoft policies, the new Freeduc CD-ROM, and a number of new educational applications.

Comments (none posted)

Metawall 0.12 Released

Version 0.12 of Metawall has been released. "Metawall is a perl script that allows you to write firewall rules in a simple metalanguage."

Full Story (comments: none)

AFPL Ghostscript 7.32 beta release

Version 7.32 beta of AFPL Ghostscript has been released. "There are two major new features: Well Tempered Screening now works, even for 0 and 45 angle screens. See News.htm for details. Also, Russell Lang has fixed a longstanding usability problem: Encapsulated PostScript files are now recognized, and a "showpage" is added if missing. This fixes the problem of an EPS file displaying, but not saving as a file."

Comments (1 posted)

HPIJS 1.3 is released! (LinuxPrinting)

LinuxPrinting.org is carrying an announcement for version 1.3 of HP's HPIJS free software printer drivers. New features include support for the newest HP printers, new photo modes for DeskJet 900 series printers, a new 8.5x15.5-inches paper size for the Deskjet 3425, and some bug fixes.

Comments (none posted)

Zope Members News

The most recent headlines on the Zope Members News include: ZPhotoSlides 0.5 Released, PHParser 0.9.0 released, Linux Productivity Magazine Reviews Zope, OrderedObjectManager 1.2 released, NeoBoard 1.1 alpha version released , Second Zope 3 newsletter released to unsuspecting public, External Editor 0.6 - Its everywhere you want to be, ZWiki 0.12.0 released, Ariel Partners Releases XMLTransform 0.9, and ZShellScripts v0.2 is out with Lisp support !.

Comments (none posted)

Midgard Weekly Summary

The November 6, 2002 Midgard Weekly Summary is out with the latest Midgard news.

Full Story (comments: none)

Aegir CMS 1.0 beta2 released

Version 1.0 beta2 of the Aegir Content Management System has been released.

Full Story (comments: none)

Developing LSB-certified applications (IBM developerWorks)

George Kraft IV covers the process of writing LSB compliant code. "The Linux Standard Base is a big step toward ensuring binary compatibility among Linux applications, and it should greatly reduce the amount of testing and validation required for operation on multiple platforms. In five straightforward steps, George Kraft, chairman of the Linux Standard Base, shows you how to build an LSB-certified application."

Comments (4 posted)

Cryptographic Terminology 101 (O'Reilly)

Dru Lavigne covers network data encryption technologies on O'Reilly. "In the next few articles, I'd like to concentrate on securing data as it travels over a network. If you remember the IP packets series (see Capturing TCP Packets), most network traffic is transmitted in clear text and can be decoded by a packet sniffing utility. This can be bad for transmissions containing usernames, passwords, or other sensitive data. Fortunately, other utilities known as cryptosystems can protect your network traffic from prying eyes."

Comments (none posted)

Tkeca 1.0.0 released

Version 1.0.0 of Tkeca, a TK gui wrapper for the Ecasound audio tool, has been released. A number of gui changes have been included in this release.

Full Story (comments: none)

Sweep 0.5.10a released

Version 0.5.10a (development) of the Sweep sound editor is available. "New features in this release include vertical zoom with a draggable dB scale and mouse wheel control, and some basic channel operations: Duplicate to stereo/multichannel, Swap left and right, Remove left/right, Mix down to mono, and Add/Remove channels."

Full Story (comments: none)

KDE 3.1 RC2: Ready For A Hammering

KDE.News has an announcement for version 3.1 RC2 of KDE, the K Desktop Environment. "A good number of showstoppers in RC1 have been fixed, and the new default Crystal-SVG icon set has been polished based on the valuable feedback received. Nevertheless, please give this RC2 another round of thorough testing to make sure all the major wrinkles have been ironed out."

Comments (none posted)

FootNotes

Headlines on the GNOME desktop FootNotes site include: Candidates for Fall 2002 GNOME Foundation Elections, Evolution 1.2 RC1 released, Dropline GNOME 1.2.1 for Slackware Linux, Anjuta 1.0.0 (Diwali) unleashed !, LinuxFocus.org: Developing Applications for Gnome with Python, Gnumeric 1.1.11 Released, Evolution for GNOME 2, This is the story of a gnome-media release, Bits and Pieces, AbiWord Announcement: Weekly Patch Prize, gtkmm 2.0.0 released, and more.

Comments (none posted)

The Video-Whale Project

Zeeshan Ali Khattak has designed the Video-Whale Project, which assembles a group of Red-Hat Linux boxes into a wall of video. Check it out for some cool images. Thanks to Christian Fredrik Kalager Schaller.

Comments (none posted)

Kernel Cousin Wine

Issue #142 of Kernel Cousin Wine is out. Topics include SuSE and CrossOver Office, Releasing WineSetupTk, FAQ Maintainer Needed, Conversion to -DSTRICT, Wine/Windows Security Concerns, Detecting Wine vs. Windows, and IDL Generated obj_* Headers.

Comments (none posted)

GStreamer 0.4.2 released

Version 0.4.2 of the GStreamer streaming-media framework has been released. "This release has mainly focused on code clean-up and rounding out of the features. Large chunks of GStreamer are API stable at this point."

Full Story (comments: none)

OpenOffice User Survey

A new User Survey has been put together for the OpenOffice community. OpenOffice users are encouraged to take a few minutes to fill it out.

Full Story (comments: none)

Kernel Cousin GNUe

Issue #53 of Kernel Cousin GNUe is out. Popular topics include Volunteers for General Ledger, Performance and Overhead issues with AppServer, Designer usability and architecture, Sales Tax in the USA, Mailing list for DCL tickets, and much more.

Comments (none posted)

AbiWord Weekly News

Issue #116 of the AbiWord Weekly News is out with the latest AbiWord word processor development news. This edition features a Release HackDown, which is a list of things that need fixing prior to the release of version 1.0.4.

Comments (none posted)

Gnumeric 1.1.11 released

Version 1.1.11 of the Gnumeric spreadsheet program has been released. This is a quickie release that fixes some bugs that were introduced in Version 1.1.10, which features a longer list of changes.

Full Story (comments: none)

mozillaZine

The latest mozillaZine topics include: Newsgroup Filtering Coming to a Mozilla Near You, Tree Branches for 1.2, 101 Things Mozilla Can Do That IE Can't, Independent Status Reports, Mozilla Riddled with Fixed Security Holes, Chimera 0.6 Released, New Forums Now Open!, and Mozilla Becoming More Popular at University of Houston.

Comments (none posted)

GnuPG 1.2.1 released

The latest version of the GNU Privacy Guard, GnuPG 1.2.1, is now available.

Full Story (comments: none)

Caml Weekly News

The October 29 - November 5, 2002 edition of the Caml Weekly News is out. Topics include The 'morpion solitaire' game, ocamlnet-0.94, module namespace, PXP 1.1.93, lablglut-1.2.2, Ensemble 1.39, and the OS X distribution.

Full Story (comments: none)

The Caml Hump

This week, the new software on The Caml Hump includes an APM driver interface, the OCamlSDL interface to the Simple DirectMedia Layer library, the 'morpion solitaire' game, a group communication toolkit called Ensemble, lablglut A GLUT 3.7 binding, the Polymorphic XML parser PXP, OCamlnet: A collection of modules for the Objective Caml language which focus on application-level Internet protocols and conventions, and GlSurf for plotting surfaces.

Comments (none posted)

TinyCOBOL 0.59 released

Version 0.59 of TinyCOBOL has been released. Release information is in the source code.

Comments (none posted)

Jakarta Struts: Seven Lessons from the Trenches (O'Reilly)

Chuck Cavaness points out seven techniques that are useful for working with Java Struts. "After his Internet company decided to adopt the Struts framework, Chuck Cavaness spent months trying to figure out how to use it in order to build a company application. If you're a Java programmer charged with developing Web applications with servlets and JSPs, you'll find a lot of insight and valuable information in the lessons Chuck had to learn the hard way. He describes some of them here."

Comments (none posted)

For Tomcat Developers, Aspire Comes in a JAR (O'Reilly)

Satya Komatineni introduces Aspire on O'Reilly. "Aspire.jar is a free, open source, .jar file that can be used for declarative data access, configuration, logging, and factory services needs. For Java developers who are continuing to adopt Tomcat as their primary development platform, this .jar file could save lot of time, while providing a highly flexible data architecture."

Comments (none posted)

Lisp Conference Material Online

Conference material from the recent International Lisp Conference has been made available online.

Full Story (comments: none)

The Perl Review 0.6 Published (use Perl)

The November issue of The Perl Review is out. Articles include Simple RSS with Perl, by Brian d Foy, Delightful Languages: Ruby, by Mike Stok, and Who's Doing What? Analyzing Ethernet LAN Traffic, by Paul Barry.

Comments (none posted)

TPJ November is Out (use Perl)

Use Perl mentions that the November issue of The Perl Journal is out. The journal is available in PDF format.

Comments (none posted)

This Week on Perl 5-Porters

The 28, October - 3, November 2002 edition of This Week on Perl 5-Porters is out. Topics include Problems with RedHat 8, AUTOLOAD subroutines from undefined stashes, goto considered harmful in __DIE__ handlers, B::* adjustments, Tied hashes in boolean context, and more.

Comments (none posted)

PAR: A cross between JAR and Perl2exe/PerlApp (use Perl)

use Perl covers the release of version 0.21 of PAR. "The Perl Archive (PAR) toolkit, like Java's JAR, is a way to pack modules and scripts into easily-deployable zip files; programs can use modules inside PAR files transparently."

Comments (none posted)

On Topic (O'Reilly)

Allison Randal delves into the Perl "topics" on O'Reilly. "A few concepts in Perl 6 are strange at first sight. They seem hard to understand, but it's only because they're new and different. They aren't deep mystical concepts known only to Tibetan lamas. Anyone can understand them, but it helps to start with a common-sense explanation. This article looks at the concepts of "topic" and "topicalizer". The words aren't quotes from a particularly nasty bit of Vogon poetry. They're actually common terms from the field of linguistics ... which some might say is even worse. Still, the best way to understand topic in Perl is to understand its source."

Comments (none posted)

Tagmemics talk online (use Perl)

Use Perl points to an online Quicktime version of Allison Randal's Tagmemics talk.

Comments (none posted)

PHP Weekly Summary

Topics on this week's PHP Weekly Summary include Snapshots take a short holiday, Standards friendly phpinfo(), Regular expression conversion, a new Test suite, HTML errors, A new Manual for Windows, the second 4.3.0 beta release, a Hebrew patch for Jewish calendar, and Apache 2 documentation.

Comments (none posted)

Dr. Dobb's Python-URL!

The November 4, 2002 edition of Dr. Dobb's Python-URL! is out with a ton of useful Python projects and links.

Full Story (comments: none)

The Daily Python-URL

This week's Daily Python-URL looks at articles on ctypes, David Beazley's Python Slides, PyMood, www.python.org wants YOU!, Psyche, ZPT basics (part 4), PyNassi, a Mini-symposium on scientific simulation in Python, Vista: a prototype for OSAF's Networked Personal Information Manager, an interview with Bram Moolenaar of VIM fame on his new project A-A-P, Grinder 3, Pl/Python and cursors in Pl/Pgsql for PostgreSQL, Dealing with user input in Python, and Apache log analysis using Python.

Comments (none posted)

The Ruby Weekly News

Topics on this week's Ruby Weekly News include A good link to read while we discuss RAA.succ, [rubyconf] want to meet Microsoft .NET guy?, and Thoughts on Ruby. New Ruby software includes Sys/Host 0.3.0, Text::Format 0.52.2, MIME::Types 1.004, RTidy/CityDesk, MUES 0.02, rpkg (test release), MiniRubyWiki, and DbTalk 0.71.

Comments (none posted)

Scheme Weekly News

The Scheme Weekly News for November 4, 2002 is out. Topics include Metro-Schemers SIG's November meeting, SISC 1.6.3-rc, and GNU TeXmacs 1.0.0.20.

Comments (none posted)

XML and Web Sites (O'Reilly)

John E. Simpson writes about the use of XML for the building of web sites. "This is what I want to know: how to build a site using open-source (i.e. free) software that allows me to provide dynamic content. This dynamic content would include trivial things such as reporting the weather for a zip code I specify to not-so-trivial things such as allowing a user to change the associated stylesheet so that they could specify font, font-size, background color, and other properties through an interface form and these attributes would be remembered the next time the user visits the site."

Comments (none posted)

Plan to use XML namespaces, Part 1 (IBM developerWorks)

David Marston writes about XML namespaces on IBM's developerWorks. "This article introduces XML namespaces, explores their practical benefits, and shows you how they are used in the standard XML formats and tools defined by the W3C. Several W3C specifications are mentioned, notably XML Schema and XSLT, which offer useful ideas for using namespaces to your advantage. Best practices range from terminology usage up through system-wide design."

Comments (none posted)

Make Your XML RDF-Friendly (O'Reilly)

Bob DuCharme and John Cowan discuss XML-RDF issues on O'Reilly. "Suppose you're designing an XML application or maybe just writing a DTD or schema. You've followed various best practices about element and attribute names, when to use elements versus attributes, and other design issues, because you want your XML to be useful in the widest variety of situations. As RDF interest and application development grows, there's an increasing payoff in keeping RDF concerns in mind along with the other best practices as you design document types. Your documents store information, and small tweaks to their structure can allow an RDF processor to see that information as subject-predicate-object triples, which it can make good use of."

Comments (none posted)

OProfile 0.4 released

Version 0.4 of the OProfile code profiler is available. "Featured are Pentium 4 support, and support for the new 2.5 kernel support. There are also a significant number of important bug fixes. Users are encouraged to upgrade."

Comments (none posted)

Single-User Subversion (O'Reilly)

Rafael Garcia-Suarez writes about the Subversion revision control system on O'Reilly. "Subversion is an open source revision control system, similar in purpose to the well-known, widely deployed, and aging CVS. It is designed to provide state-of-the-art versioning, built from modern technologies. Subversion is still in development and has not reached version 1.0 yet. However, it's pretty stable and you can use it right now. In this article, we'll cover the basics of Subversion, how to install it, and how to use Subversion for personal projects."

Comments (1 posted)

The Microsoft Verdict

For anyone who hasn't heard yet, U.S. District Court Judge Colleen Kollar-Kotelly has made a decision in the case of the United States v. Microsoft Corp. There is quite a bit of press about it, naturally. It is even possible that LWN.net will have more to say in our upcoming weekly edition. In the meantime here are a few links.

• News.com: Rivals come up short in decision "In her strongly worded decision, Kollar-Kotelly said that the remedies proposed by nine state attorneys general were so outlandish that they amounted to an "unjustified manipulation of the marketplace"...""
• TechWeb: No 'Hibernation' For Microsoft "Speaking during a teleconference Friday evening, Microsoft chairman Bill Gates called the judge's decision a fair resolution and said his company has already taken steps to comply."
• eWeek Exclusive: Peter Coffee on MS Settlement "In short words, the company broke the law--and got away with it."
• Dan Kegel has provided line-by-line comparison of the original proposal and the final judgement, along with his impressions.

Comments (none posted)

Europe's Microsoft Alternative (Washington Post)

The Washington Post details Spain's conversion from Windows to Linux. "Vazquez de Miguel is the minister of education, science and technology in a western region of Spain called Extremadura, a mostly rural expanse of olive trees and tiny towns with 1.1 million inhabitants. In April, the government launched an unorthodox campaign to convert all the area's computer systems, in government offices, businesses and homes, from the Windows operating system to Linux, a free alternative." Thanks to Eric

Comments (2 posted)

SchoolNet rebuffs M$

The SchoolNet Namibia project has released some of the correspondence between Microsoft and SchoolNet. "Based on your earlier blatant assertions, Microsoft is very keen on harnessing major publicity along the lines of "Microsoft replaces Linux at SchoolNet Namibia". I'm afraid that is simply not going to happen. I have, from the very beginning made it VERY clear that SchoolNet has NO desire to REPLACE Linux with Microsoft..." Thanks to Ashwin N

Comments (1 posted)

High-Tech Firm Aims to Push Further into Mainstream (Nando)

The Raleigh, N.C. News & Observer reports on a Red Hat road tour. "Four Red Hat employees will embark on an RV tour of the country today in a grass-roots campaign orchestrated to reassure the T-shirt and sandal-clad base of Linux fans that Red Hat is still cool and simultaneously lure new users to the open-source computer operating system."

Comments (none posted)

Security Fueling Open-Source Adoption (eWeek)

eWeek reports from Red Hat Inc.'s Open Source Security Summit. "Much of the early enthusiasm for Linux and other open-source operating systems was sparked by the software's low cost and adaptability. But, with a growing emphasis on security in the overall IT marketplace, many customers are looking at open source as a more secure alternative to proprietary software."

Comments (1 posted)

Borland thinks Mono for open source .NET challenge (Register)

The Register covers Borland Software Corp's investigation of Project Mono. "Scotts Valley, California-based Borland is investigating use of Ximian Inc's Project Mono in Kylix, as a possible means for Windows developers to move .NET applications to Linux."

Comments (none posted)

Can free source-code stop Microsoft? (The Economist)

Here are a couple of articles from the Economist. The first looks at RealNetworks' open source announcement. "RealNetworks' move is another sign that the software industry is going hybrid. Mixing elements of proprietary software, where the source-code is tightly controlled, with open-source programs enables firms to expand a market, harvest the ideas of others and, they hope, still make money."

On the fun side here's the theory of Tetris. Thanks to Thomas Blankenhorn

Comments (1 posted)

Windows cheaper than Linux, says Microsoft (vnunet)

Vnunet reports from the Gartner Symposium, where Microsoft claims that Windows is cheaper than Linux over its total lifecycle. "When asked by Gartner about Microsoft's intensifying battle against the open source operating system, European president Jean-Phillipe Courtois claimed that Linux is in fact more expensive to run than Windows."

Comments (13 posted)

NEC unveils fault-tolerant Linux server (Register)

Here's an article in the Register about NEC's new fault-tolerant offering. "The product's Linux operating system is based on Red Hat Inc's Linux 7.1 but features 'significant changes' to the kernel, device drivers, storage management and memory management to enable it to support the fault tolerant features. NEC's UK business development director, Paul Evans, stated that the modifications made to the Linux operating system would be released to the open source community via NEC's involvement in the OSDL Open Source Development Lab."

Comments (none posted)

Simputer Linux handheld for developing world finds builder (Register)

The Register reports on the progress India-based PicoPeta Simputer Private Ltd has made bringing the Simputer to the people. "The Simputer is designed to be a cheap, mass market computing device which will fill a yawning gap in developing countries, such as India, where traditional PCs are still beyond the reach of the population. But PicoPetas' ambitions had seemed set to come to naught, as it struggled to find backing for the project."

Comments (none posted)

Yahoo shifts to open-source scripting (News.com)

News.com reports on Yahoo's adoption of PHP for its web site scripting language. "With an eye toward its bottom line, Yahoo has decided to jettison its own proprietary scripting language in favor of the open-source alternative PHP. The scripting switch will affect the way Yahoo creates a wide array of features and functions, from serving advertisements to designing applications like its calendar and e-mail applications. While Yahoo won't rewrite pages that currently use the proprietary language, the shift will ultimately affect virtually every Yahoo page and reflects a broader development philosophy toward open-source technologies."

Comments (none posted)

Yahoo Expands Commitment To Open Source (TechWeb)

TechWeb looks at Yahoo as it switches to PHP for its server-side Web scripting. "Yahoo is using PHP for new properties, such as the remember.yahoo.com site for Sept. 11, 2002 [sic], and for internal tools, such as content management. Most Yahoo properties are integrating PHP slowly, and there are no plans to rewrite the entire site. Early adopters include PayDirect, Yahoo Classified, the personalized news page, and almost the entire travel Web site."

Comments (1 posted)

Making the Case for PHP at Yahoo!

Michael J. Radwin has put together a presentation on choosing open-source software for Yahoo.com. "Abstract: Running a high-performance dynamic website is a daunting task. The short development cycles needed to stay ahead of the competition demand a web-centric scripting language that is easy to maintain and update. We'll explore a case study of one company (Yahoo!) that is making the transition to PHP from a proprietary server-side page language written in C/C++."

Comments (none posted)

Understanding open-source licenses (ZDNet)

ZDNet is carrying a Gartner Group pronouncement about open source licensing. "By 2005, warranties and additional maintenance for at least the 100 most-popular open-source software products will be offered by commercial software vendors, service providers, or insurance companies (0.7 probability). In the meantime, users can minimize any 'fitness for purpose' risks through evaluation and testing, and by only using production releases of well-known, mature products from reputable distributors."

Comments (none posted)

Is Microsoft losing ground to Linux? (News.com)

News.com looks at a couple of areas in which Linux has scored recent victories. "Open-source software gave Microsoft a one-two punch this week, with the European Union and an African nonprofit educational organization showing preference for Linux systems."

Comments (none posted)

Scratching an itch: a KDE developer speaks (Sydney Morning Herald)

The Sydney Morning Herald interviews Sirtaj Singh Kang, a.k.a. Taj, official KDE Spokesperson for Australia on the topic of KDE.

Comments (none posted)

Embedded Linux Newsletter for Oct. 31, 2002 (LinuxDevices)

The October 31, 2002 edition of the LinuxDevices Embedded Linux Newsletter is out with the latest Embedded Linux news.

Full Story (comments: none)

Advanced filesystem implementor's guide, Part 12 (IBM developerWorks)

This IBM developerWorks article introduces the Enterprise Volume Management System (EVMS) for Linux. "Have you ever stopped to think about how many powerful storage-related technologies are available for Linux? Consider just our options for a journaling filesystem: ReiserFS, ext3, XFS, and JFS. Several years ago, Linux didn't even have a journaling filesystem. Now, we have plenty of them and find ourselves in the luxurious position of being able to choose the best filesystem for our needs. Choice is definitely a good thing."

Comments (none posted)

Corporates eye OpenOffice (vnunet)

Vnunet eyes OpenOffice. "A new beta version, dubbed Build 643, was launched last week, making it easier to migrate to the open-source suite by simplifying the way users create macros. A macro recorder now lets users create macros by recording their keystrokes and mouse movements as they navigate through dialog boxes."

Comments (none posted)

Bricolage: A Good Open-Source Option (eWeek)

eWeek has reviewed Bricolage, an open-source Perl-based web content management system.

Comments (none posted)

European Commission eyes Linux (vnunet)

Vnunet covers Netproject's pilot contract to examine deployment of open source software in government departments. "The investigation will consider Linux and open source applications for both servers and desktops and in both local and central government. It will include authentication of users and authorisation of what resources can be accessed."

Comments (1 posted)

Latest Linux kernel to control access (vnunet)

The vnunet article looks at features that will be included in the 2.6 version of the Linux kernel. "Recent developments to improve task scheduling and the handling of threads mean that Linux has just about solved the scalability problems that have prevented many IT departments from using Linux on high-end hardware. These updates are also set to debut in version 2.6."

Comments (9 posted)

What I Learned on Linux Lunacy (Linux Journal)

Doc Searls covers the second annual Linux Lunacy Geek Cruise in this Linux Journal article. "I had high expectations for the trip, and all of them were exceeded. I won't go into the details of what went on; see the Linux Journal web site on Friday for a nice long report. But I will give you a brief summary of what became a lot clearer to me--and to everybody else, I think--by the end of a week on a ship with Linus, Guido van Rossum, Eric Raymond, Ted Ts'o, Randall Schwartz, Steve Oualline and a star chamber of other alpha geeks. The short of it is Linux is an even bigger phenomenon than it appears to be, and so is the open-source development model that produced it."

Comments (none posted)

Geeks on the Half Shell 2.0: Cruising the New Dominion with Linus and Friends, Part 1 (Linux Journal)

Doc Searls provides a travel log of the Linux Lunacy Geek Cruise. "Day Three (Tuesday) began at Cozumel, an island off Mexico's Yucatan peninsula, not far from Cancún. There we dispersed to a variety of towns, beaches and Mayan ruins before reconvening on the ship for talks on filesystems (Ted), Perl (Randall), "Vim for Vi Users" (Steve Oualline) and "Preparing for Incident Response and Forensics" (Brian Carrier). I gave the pre-dinner keynote, "The Silent Majority: How Linux Got to Be Everywhere While Nobody Was Watching". It was a fun talk for a fun crowd. The only criticism came from one guy who said, "There weren't enough laughs at the end." Which still means he was entertained for nearly an hour."

Comments (none posted)

Linux Lunacy II: Geek Cruise Photo Gallery (Linux Journal)

For those of you who have been following Doc Searls account of the second Linux Lunacy cruise, here are the pictures, and here is the slideshow for Doc's keynote presentation. Also part 2 of "Geeks on the Half Shell 2.0".

Comments (none posted)

Penguin Computing Expands Product Line with Four Processor Linux Server

Penguin Computing has announced the immediate availability of its next generation Intel(R)-based Relion class server.

Comments (none posted)

New Survey Finds Linux Adoption Growing in China

The Evans Data Corporation has released a report showing that the People's Republic of China is emerging as one of the world's Open Source Linux operating system strongholds.

Comments (none posted)

Mainline and Sistina Deliver zSeries Linux Global File System for Mainframes

Mainline Information Systems and Sistina Software have announced an alliance that will deliver a Linux-based data-sharing solution for the IBM S/390 and zSeries platforms.

Comments (none posted)

The October 2002 Netcraft Web Server Survey

The October 2002 Netcraft Web Server Survey is out with the latest web server usage statistics. Competition in SSL Certificate Market is discussed.

Full Story (comments: none)

LPI News for October, 2002

The October, 2002 Linux Professional Institute News is out with the latest news from the LPI.

Full Story (comments: none)

Linux Gazette #84

Issue #84 of the Linux Gazette is out, with a whole slew of Linux related articles.

Full Story (comments: none)

Ottawa Linux Symposium 2003 call for papers

The 2003 Ottawa Linux Symposium will be happening June 23 to 26 in Ottawa, Ontario, Canada. The call for papers has gone out, with a submission deadline of January 15, 2003.

Comments (none posted)

Red Hat Roadtrip in LA

The Red Hat Roadtrip will be in Los Angeles, CA on Tuesday, November 12th, 2002. "USC and lalugs.org are proud to present a Round Table discussion with Red Hat on the topic "Linux on the University Desktop". Please come and help us hash out how universities can roll out Linux to their desktop users. The event will take place from 6PM to 8PM in room THH 202 at USC." More information on the event is available here. Thanks to Dan Kegel.

Comments (none posted)

LinuxWorld keynote speakers announced

LinuxWorld New York (January 21-24) has announced its keynote speaker lineup: Hector Ruiz (AMD), Michael Tiemann (Red Hat), Steven Mills (IBM), and Randy Mott (Dell).

Comments (none posted)

Events: November 7, 2002 - January 2, 2003

Date	Event	Location
November 7 - 8, 2002	16th System Administration Conference(Lisa '02)	Philadelphia, PA
November 9, 2002	Lightweight Languages 2002(LL2)	(MIT)Cambridge, MA
November 11 - 15, 2002	Java Days Europe	Helsinki, Oslo, Frankfurt, Zurich, Milan
November 14 - 15, 2002	The Open Source Health Care Alliance(OSHCA)	(UCLA Medical Center)Los Angeles, CA
November 18 - 21, 2002	Embedded Systems Conference, Boston	(Hynes Convention Center)Boston, Mass
November 18 - 21, 2002	ApacheCon US 2002	(Alexis Park Resort)Las Vegas, NV
December 3 - 5, 2002	Linux Bangalore/2002	(J.N.Tata Auditorium)Bangalore, India
December 9 - 20, 2002	UMeet conference	On IRC

Comments (none posted)

This week's software announcements

Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:

• Sorted alphabetically,
• Sorted by license.

Comments (none posted)

Letters to the Editor

From:		Joe Klemmer <klemmerj@webtrek.com>
To:		letters@lwn.net
Subject:		Letters to the Editor
Date:		04 Nov 2002 11:06:00 -0500

	There's been a lack of letters to the editor that has been commented on
by LWN a number of times.  I'd like to express my thoughts on why there
have been few, if any, people writing in.

	With the new CMS built for LWN the advent of comments to specific
articles was added.  This was due to a large request from readers. 
There is nothing wrong with being able to comment and have a
psudo-interactive discussion.  A side effect, though, is that things
people previously would have sent in as letters are now simply being
posted as comments.

	Is this good or bad or a non-issue?  I can't say.  For me, I'd rather
have the LttE than article comments but that's just my preference. 
Maybe a compromise system could be used.  A page with an outline of all
the comments ordered by article title might work.  This is just a
thought off the top of my head.  Anyone else have any ideas?

-- 
Your mouse has moved.
Windows(R) must be restarted for the change to take effect.
Reboot now?  [OK]

Comments (3 posted)

Looking for a LAMP distro

From:		havoc <havoc@harrisdev.com>
To:		letters@lwn.net
Subject:		Looking for a LAMP distro
Date:		Wed, 30 Oct 2002 21:50:09 -0700

A lot of attention has been given to the huge group of independent 
developers and companies that create a huge volume of Linux software 
that is Apache, MySQL and Perl/Python/PHP centered.  O'Reilly has 
created a seperate web page dedicated to those people/projects.  What I 
don't get is why Red Hat, SuSE or Mandrake don't have a single-CD distro 
aimed at supporting this crowd.

As a LAMP developer, I would love to point people intersted in my 
software toward a LAMP distro and say, "If you're intested in this 
software, but don't have a Linux computer, just download this distro, 
install it and then install our software over it."  To my way of 
thinking, this small, "specialized" server distro would reqire very 
little in the way of additional maintenance cost for any of the 
established Linux distro companies, and provide an excellent "gateway 
Linux" to get whole companies hooked on thier product.

Jody Harris
Realization Systems, Inc.
-- 
http://www.realizationsystems.com/ - changing the way people communicate
http://www.galacticslacker.com/ - read it and weep

Comments (2 posted)

On ACLs

From:		Neil Brown <neilb@cse.unsw.edu.au>
To:		letters@lwn.net
Subject:		On ACLs
Date:		Wed, 6 Nov 2002 23:00:35 +1100

You commented that you would like more letters so I thought I would
spend a few minutes writing something - something on the topic of ACLs
which as you noted caused a lot of discussion and differing opinions
on linux-kernel.

For myself I think that it is sad that ACL support had to go into
Linux.  Not sad that it *did*, but sad that it *had to*.
Linus is ever the pragmatist, and including support for ACL's
is certainly the pragmatic thing to do.  But I think that the
environment that makes it a pragmatic decision is sad.

You see, I would rather go in the opposite direction, and remove what
ACL's we do have from being supported by the kernel:  they aren't
needed, and are often 'wrong', except in the simplest cases.

They aren't needed because I have access to much more flexible ACL's
completely outside of the kernel.  Apache, for example, provides very
flexible access control via the .htaccess file and various 'require'
directives and authentication mechanisms.  These mechanisms allow
people to create their own groups and give access based on patterns
in filenames, both features that are very useful and unlikely to be
supported by any ACL mechanism that is embedded in the kernel.

You might think that apache's access control only allows control of
read access, but write access is also very much a possibility.  By
defining a few generally applicable 'PUT' handlers (e.g. one which
will append, one which will check-in to RCS first, etc) a sysadmin
can make it fairly straight forward for users to give controlled write
access to files as they choose.

And this leads to the second issue, that current ACLs (and by that I
mean UNIX rwx for each of ugo) are wrong except in the simplest cases.

Giving anyone else unfettered write access to your files is probably a
bad idea.  We have a long history of how much of a bad idea a world
writable /tmp is, and group-writable directories aren't really much better.
The issues with others-writable files aren't so bad, but still, in
most cases you would really like some sort of control.  Possibly
allowing others to append, providing their username appears first
would be ok.  Possibly checking the file into a revision control
system before making a change would be ok.  But un-checked write
access just isn't sensible.

Obviously some files would benefit from much more subtle access
control rules.  Your example of /etc/password as mentioned in the
article on reiser4 is a good one.  Some people possibly should have
write access to some parts of their own record.  Some people might be
denied read access to some fields of other people's records.  Hans
Reiser, it would seem, would like to embed all that knowledge in the
filesystem.  I would rather lift it all up and embed it in some
user-space service.  Quite possibly that service could present a
filesystem-like interface (as I'm sure it would in plan-9) and that
interface could be 'mounted' into the filesystem name-space.  But
embedding knowledge of such access controls in the kernel is, to me,
wrong.


So what is my grand vision (which will never eventuate due to the
weight of current-practice)?

- File systems do not store any ownership/access control information.
- File systems are mounted either readonly, or writable.  / and /usr
  are readonly.  /home (which will only contain my home) is writable.
- Each process has a separate 'mount table' and associated view of the
  name space (this is coming to Linux if it isn't here already).
  My processes see my home directory, your processes see yours.
- Access to other people's personal filesystems have to be through
  some sort of gateway, such as apache/http.  Such gateways would be
  able to impose arbitrary access controls as appropriate.
  There may well be a very light weight gateway that provides everyone
  with read-only access to a certain part of other peoples home
  directories (e.g. /home/public) to make sharing easier.
- These gateways would use cryptographically secure identities (much
  like ssh does, and possibly using something like ssh-agent to
  supply them) so they could easily and securely be either remote or
  local.

Thus we lift the whole ACL issue out of the kernel and place it
clearly in user-space.  As there doesn't seem to be clear agreement
about what ACLs should really look like anyway (witness the Posix
draft that nobody seems to like), I think the flexibility of being in
user-space is a good thing.

Doing away with access bits does mean that we loose the 'x' bit.  But
having non-executable files in directories in your PATH is a bit
pointless anyway, and the kernel already knows what files are
executable based on 'magic numbers'.
The 'x' bit of directories doesn't add anything useful over the 'r'
bit.

It would also mean loosing the possibility of removing write access
from files that you own.  This (the 'user-write' bit) is probably the
only permission bit that might be worth leaving, but I would want to
think about it some more before I was certain that (in the ideal
world) we should even keep that.


I think filesystems should be left to store files and names of files
  (and symlinks/devices I guess)
I think inter-person access control should be left to user-space
  daemons which are in a position to be more flexible than any ACL scheme
  that a kernel/fs developer is likely to come up with.
I think the filesystem interface is likely to be a good interface for
  accessing such daemons, but that is quite different from embedding
  the daemons functionality in a filesystem.

As a sort of summary, it seems a pity to have to include a
questionable feature due to outside pressure.
It is true that having ACL support in the kernel doesn't preclude me
from coming up with a system that doesn't need it.  However as
Linus said recently on another matter (LKCD I think it was), a problem
with including something that is 'good' but might not be 'best' is
that it reduced the incentive to create the 'best' thing.  I feel that
logic could apply to ACLs.

NeilBrown

Comments (6 posted)