LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
Recent Features
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for August 25, 2005On the defense of piracy enablersNoted anti-patent activist Florian Mueller recently distributed a statement regarding the Linux trademark policy. This policy, according to Mr. Mueller, is just fine; trademarks are not a barrier to innovation and free software in the way that patents are. Opposing trademark protection, he says, risks making the anti-patent community look like it opposes intellectual property in general; that, in turn, could hurt the fight against software patents.That could all be true, as far as it goes. Mr. Mueller does not stop there, however:
In addition to the debate over the Linux trademark, Mueller is also
worried over the role that some organizations play in an American
court by defending the developers of the "bnetd" software against
computer game publisher Blizzard Entertainment: "It's very unwise
for organizations like the EFF (Electronic Frontier Foundation) to
rush to the aid of piracy-enablers. It makes it look like software
patent critics are against copyright, which most of us are not."
This, in your editor's opinion, is dangerous and incorrect reasoning. One could start by noting that bnetd was certainly not implemented as a "piracy enabler." Bnetd is a game server for certain games created by Blizzard Entertainment. It was created because its developers, having experienced Blizzard's game servers, decided that they could create a better environment for themselves. So they wrote their own game server package which lacks some of the problems of Blizzard's Battle.net. It also lacks Blizzard's authentication mechanisms (for which the requisite implementation information is not available in any case). As a result, bnetd can (unlike Battle.net) be used by multiple players who have made copies of the same game CD; this is an unintended side effect of bnetd's implementation, not its purpose for existing. It seems unlikely that any significant amount of piracy has been "enabled" by bnetd. But it would not matter in any case. The issue here is not one of piracy, it is, instead, about the right to create interoperable software. If bnetd is illegal, then our right to develop software to interoperate with commercial offerings is much reduced. That is an outcome which is worth fighting. We have seen this sort of issue before. Dmitry Sklyarov's e-book processor could be said to be a "piracy enabler." Adobe certainly made that claim. Fortunately, few people questioned the correctness or necessity of defending Mr. Sklyarov. Similarly, Jon Johansen was accused of facilitating piracy by releasing the DeCSS code. But DeCSS is not about piracy; it is about our right to play the DVDs we have purchased on our Linux systems. If we cannot write interoperable software, we will be stuck with whatever others deign to sell to us. In the U.S., at least, the fight for civil liberties often requires defending unpleasant people. It is the criminals, pornographers, drug dealers, and others whose rights tend to be infringed first. But even the sleaziest of people still have rights; if those rights are not defended, they will soon cease to exist for everybody else as well. If the people we disagree with do not have rights, we do not either. Calling the bnetd developers "piracy enablers" puts them in the same camp as other societal outcasts. Pirates are, after all, among the great evildoers of our time - at least, according to some people. So casting developers as pirates makes it easier to attack them. But even if bnetd were truly a "piracy enabler," its developers would still deserve our support. These developers did something that many or most of us believe is within our rights to do. Should we write them off just because somebody says they are helping pirates? Anybody who believes that the bnetd developers do not deserve the community's support would be well advised to think about what the next "piracy enabler" might be. BitTorrent, perhaps. MythTV? Sound Juicer? Gaim or Kopete? How about GreaseMonkey? Or XBox Linux? Or Linux in general, for that matter. The fight against software patents is crucially important, and it is well to think about how we might best win it. But any victory which involves throwing members of our community to the wolves to avoid any appearance of being soft on intellectual property rights will be illusory at best. The EFF is doing the right thing when it defends the bnetd developers; this fight is just as important to our rights as the patent fight.
OSI procedures - a study in quotesThe Open Source Initiative announced last April that it was forming a committee to address the license proliferation problem. This committee is charged with the task of coming to terms with this problem, proposing ways of improving the situation, and sorting open source licenses into "tiers" as a way of directing projects toward a preferred subset. The archive of the committee's closed mailing list suggests that, as of this writing, not a whole lot of work has gotten done yet.The issue of committee membership recently surfaced on the license-discuss mailing list. Rather than attempt to summarize the discussion, your editor decided to provide a few quotes and let the participants speak for themselves. For the curious, the entire thread is available from the archives.
Some time ago, I applied to be on the license proliferation
committee. I eventually got a form letter from Laura Majerus saying
that they had too many qualified people....
Most of you will realize that I am uniquely qualified as the main author of the guidelines that OSI now seeks to interpret, and someone who has assisted many businesses and legal professionals in working within those guidlines since then. Two people with experience similar to mine but less in duration were admitted to the committee. There are a few legal professionals admitted. All others admitted are extremely worthy individuals, and have been working very hard at this, but I can't really say they are more experienced.... And thus, I really have to question the process. -- Bruce Perens
http://bastiat.org/en/the_law.html
It's very short. You should read it. I discovered something very interesting in it: it doesn't matter who writes the law, as long as the law treats everyone equally.... Rather than judging the process, you should judge the result. Since there are no results yet, you have nothing to say anything about. -- Russ Nelson
Several years ago I agitated strongly about the lack of any
semblance of democracy or transparency in the OSI. I stopped when
I realized that the OSI didn't really matter. Since then the OSI
has some to matter somewhat more--e.g., sourceforge.net looks to it
to ratify licenses. But it still doesn't matter very much....
Personally I think the OSI should drop any claims about representing the community, and instead describe itself as a group of self-selected experts who periodically issue opinions about open source licensing-- i.e., more or less the same as any NGO. I think that would be more honest and more helpful.
How we do things is immaterial. What we do is the only thing that
matters. When you eat in a restaurant, you don't get to vote for
the cook. You voted when you walked into the restaurant. People
selected OSI because we matter.
-- Russ Nelson
I feel it's unfair to everyone, not just me, to keep my expertise
off of the committee. That's why I stated my case.
-- Bruce Perens
The license proliferation committee will have to make hard
decisions. We made one in your case, and you are attempting to
strong-arm us into changing our minds. This is evidence to me that
we chose well to keep you off the committee. The license
proliferation committees' continued rejection of you is necessary
practice for ignoring the anticipated pressure. Even though you
don't like the form of it, you are contributing to the success of
the committee.
-- Russ Nelson
A priori, democracy is held to be good. This is faith-based
reasoning.
-- Russ Nelson
If the writings of Bastiat weigh stronger on the decision making
process of the OSI then those of Perens, then maybe it's better
that we don't get to watch...
-- Keven Bedell
In fact, you weren't rejected because you were or were not Bruce
Perens on the night of September 22, 1997. You were rejected
because you were person N+M on a committee of N people where M>0.
No malice intended; you just didn't make the cut; sorry that you
weren't even the guy out in right field; hope your feelings weren't
hurt (would it help to apologize?).
-- Russ Nelson
The committee as it presently exists is over-lawyered, and I would
have added some balance and a lot of skill. If you look at the
discussion list, it will be clear that they aren't getting very
much energy out of that group of extremely busy people. Turning
away an extremely-qualified volunteer who has already worked on the
problem isn't a good idea.
-- Bruce Perens For what it is worth, the current committee membership is Brian Geurts, John Cowan, McCoy Smith, Diane Peters, Cliff Schmidt, Laura Majerus, Karna Nisewaner, Russ Nelson, Damien Eastwood, Eric Raymond, Mitchell Baker, Rishab Aiyer Ghosh and Sanjiva Weerawarana. There are no indications that any changes to the membership will be made.
Guten Tag from AvahiEarly this week, the Avahi team announced the 0.1 release of Avahi, dubbed "Guten Tag." Avahi is a framework for service discovery on local networks, using the same specifications as Apple's Bonjour (formerly "Rendezvous"), Multicast DNS (mDNS) and DNS Service Discovery (DNS-SD) from the Zero Configuration Networking (Zeroconf) working group. So, Avahi allows programs to publish services that are available and to discover services that are available on other machines. As an example, a user could find local printers without needing to know their IP address, or which computers are publishing file shares.We asked two of the Avahi developers, Trent Lloyd and Lennart Poettering, about this release and what we could expect from future releases. Avahi is a framework, and is meant to be used by other programs that have a need for mDNS/DNS-SD. It uses a D-BUS API, with "implicit bindings" for Python, Mono and many other languages, according to Poettering. According to the release notes, a few of the "SHOULDs" for mDNS were not implemented. We were curious about what hadn't been implemented, and whether they planned to implement them in the future. Poettering explained why some of the "SHOULDs" were not in this release:
This depends. Some of the missing "SHOULDs" are difficult to implement (or
at least I'm to lazy to implement them for what it's worth), some of the
"SHOULDs" are currently discussed to be removed from the RFC entirely, some
don't apply to our implementation and others I consider questionable.
Poettering also identified three "SHOULDs" in the mDNS specification that are not implemented in the 0.1 release of Avahi:
Unicast response bit generation (Avahi honours it on incoming queries but
doesn't set it on outgoing queries). According to Marc Krochmal (one of the
two Apple guys behind mDNS/DNS-SD) they're considering the complete removal
of this feature, as its added complexity outweighs the gain.
An extra delay should be applied when relying to packets with the TC (truncation) bit set. This is on the TODO list. It's a fairly new addition to the spec (only available in the spec as of 7th June 2005). Passive observation of failures. This must be slipped from my mind completely. I didn't have that one on my list. Since avahi doesn't implement this (optional) feature at all, the "SHOULDs" don't apply to Avahi right now. (Though I added this to the TODO list now) Despite the low version number, and the fact that a few of the "SHOULDs" have not yet been implemented, Lloyd said that this release is actually quite usable:
Well the low version number is a bit of a misnomer it terms of featureness,
it does have quite a lot in it, there is some work for 0.2 to provide a
couple new resolver interfaces to the DBUS for better handling of services
changing their information, and it will certainly contain bug fixes.
Poettering also noted that Avahi "has lots of uncommon features that even Apple's stack doesn't have." One feature that Poettering highlighted is "avahi-dnsconfd," which "allows the configuration of unicast DNS servers via mDNS in a DHCP-like fashion. This is especially useful on IPv6 where address autoconfiguration is available out-of-the-box, but DNS server configuration currently isn't." We also asked if the low version number indicated that Avahi would be undergoing major API changes. Poettering said that he doesn't see "any major changes coming for the near future" but that there would probably be some API additions.
One thing that Poettering stressed is that Avahi is not GNOME-centric or KDE-centric. "We currently ship a glib adapter for our libraries, but this purely optional... We are interested in adoption of Avahi in all desktop environments, including both GNOME and KDE. Admittedly the core developers of Avahi are all GNOME people, but that's just personal preference." There are other implementations of mDSN/DNS-SD available, but not under what many would consider a "free" license. Avahi is available under the LGPL, so it should be usable by nearly any project that would care to incorporate Avahi. At the moment, Avahi is only available for Linux. The only stumbling block appears to be netlink, according to Poettering and Lloyd. Poettering says that "as soon as the BSD compatible replacement for netlink is in place, porting to other kernels should be really simple." It should be interesting to see how Avahi is incorporated into Linux applications and distributions. The ability to easily advertise printing, file-sharing and other services for desktop users -- putting Linux on par with Mac OS X -- is one more component in helping to secure Linux's place on the desktop.
Security Victory against spam?The August 20 edition of The Economist includes an article (restricted to Economist subscribers as of this writing) makes an interesting claim:
But "spam", unsolicited e-mail, seems to be in retreat. The
amount of spam that swishes through the internet is holding steady
or declining, according to most studies. And of the stuff that
still exists, the vast majority is blocked by filters before it
gets to an inbox.
The core of the article is based on a MessageLabs report stating that spam, which constituted 83% of all email traffic in January, fell to "only" 67% in June. 67% remains a horrifying number, but it also clearly is a step in the right direction. Interestingly, your editor's personal spam indicator, currently running at about 4,000/day, does not show any decline at all. Some people, it seems, are just lucky. The Economist credits a number of factors in the decline. Filters are one of those, though the article only mentions proprietary offerings. (Said proprietary filters are credited with 95% effectiveness, incidentally; your editor can attest that a well-trained SpamAssassin can do much better than that). Smarter recipients are another; evidently most Internet users have already enlarged whatever parts of their anatomy they felt were too small, or figured out that it wasn't going to happen for them. High-profile legal setbacks for selected spammers have provided a small disincentive. And phishing attacks, which are very much on the increase, have convinced many users that spam can be dangerous and is best avoided. Phishing is where the action is now - especially in South America, it would seem, where a strong interest in postcard sites makes attacks relatively easy. Since there is money in phishing, this problem is likely to grow, at least until enough people get burned that a general awareness sets in. It is a somewhat ironic outcome, meanwhile, that the phishers may be helping to take the profits out of spam, and thus reducing the problem. Declaring victory on spam seems somewhat premature, however. The costs of carrying that much garbage through the email system, filtering, and shoveling out mailboxes remain high. But wouldn't it be interesting if the arms race between spammers and their opponents turned out to be winnable - by the good guys - after all?
New vulnerabilities cvs: insecure temp file
elm: buffer overflow
kernel: multiple vulnerabilities
Kismet: multiple vulnerabilities
lm-sensors: insecure temp files
mantis: missing input sanitizing
openvpn: multiple vulnerabilities
pcre3: arbitrary code execution
php: arbitrary code execution
slocate: long path bug
Updated vulnerabilities a2ps: input validation error
Adobe Acrobat Reader: arbitrary code execution
affix: two remote vulnerabilities
amd64: multiple vulnerabilities
httpd: off-by-one overflow and cross-site scripting
awstats: command injection vulnerability
bluez: command execution
bzip2: race condition and infinite loop
cpio: directory traversal
CUPS: multiple vulnerabilities
cyrus-imapd: buffer overflows
dbus: information disclosure
dhcpcd: denial of service
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
epiphany: Mozilla regression vulnerability
ethereal: dissector vulnerabilities
evolution: format string issues
Foomatic: Arbitrary command execution in foomatic-rip
gaim: buffer overflow
gdb: multiple vulnerabilities
gtk-pixbuf, gtk2: denial of service
gedit: format string vulnerability
gettext: Insecure temporary file handling
ghostscript: symlink vulnerabilities
glibc: tempfile vulnerability in catchsegv script
gnupg: information leak
grip: buffer overflow
groff: insecure temporary directory
gzip: arbitrary command execution
htdig: cross site scripting
imap: buffer overflow in c-client
imlib2: buffer overflows
junkbuster: heap corruption and settings modification
kdeedu: tempfile handling vulnerabilities
kdelibs: kate backup file permission leak
kernel: ELF loader core dump vulnerability
kernel: multiple vulnerabilities
kernel: multiple vulnerabilities
krb5: double-free flaw
libconvert-uulib-perl: arbitrary code execution
libdbi-perl: insecure temporary file
libgadu: memory alignment bug
libgd2: buffer overflows in PNG handling
libnet-ssleay-perl: weakened cryptographic operations
libtiff: insufficient validation
libTIFF: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
mod_python: remote access vulnerability
Mozilla: frame injection spoofing
mysql: low-impact security fix
ncpfs: multiple vulnerabilities
nfs-utils: arbitrary code execution
OpenSSL: information leak
OpenSSL: denial of service vulnerabilities
pam_ldap: plain text authentication leak
perl: setuid vulnerabilities
perl: symlink vulnerability
phpsysinfo: cross-site-scripting
postgresql: database initialization errors
Pound: buffer overflow
ProFTPD: format string vulnerabilities
pstotext: remote execution of arbitrary code
rp-pppoe, pppoe: missing privilege dropping
ruby: arbitrary command execution
shorewall: rule bypass vulnerability
SquirrelMail: several XSS vulnerabilities
sudo: race condition
sysreport: insecure temporary file
File overwrite vulnerability in tar and unzip
tcpdump: denial of service
tcpdump: multiple DoS issues
thunderbird mozilla firefox: multiple vulnerabilities
Tor: information disclosure
ucd-snmp: denial of service
vim: arbitrary command execution
vixie-cron: crontab allows any user to read another users crontabs
wget: file overwrites and arbitrary code execution
XChat 2.0.x SOCKS5 Vulnerability
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xorg-x11: integer overflows
xpdf: buffer overflow
xpdf: denial of service
zlib: buffer overflow
zlib: buffer overflow
Events ToorCon 7ToorCon 7 will be held on September 16 to 18 in San Diego. Speakers include Paul Vixie, Roger Dingledine, Jay Beale, and many others. Early registration ends on September 1; click below for the full announcement.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.13-rc7, announced by Linus on August 23. This prepatch, probably the final one before 2.6.13, includes a rather large number of small fixes; the long-format changelog has the details.A handful of additional fixes has found its way into Linus's git repository since 2.6.13-rc7 came out. The current -mm tree is 2.6.13-rc6-mm2. Recent changes to -mm include a number of architecture updates (including various i386 tweaks to better support virtualization), a couple of new timeout functions (see below), and various fixes.
Kernel development news A pair of new timeout functionsThe traditional way to delay a process for a given period of time is via schedule_timeout():
set_current_state(state);
schedule_timeout(delay);
The state parameter to set_current_state() should be either TASK_INTERRUPTIBLE or TASK_UNINTERRUPTIBLE, depending on whether the delay should be cut short on signal delivery or not. Evidently, a common error is to omit the call to set_current_state(), with the result that the request delay does not happen. As a way of making life easier, the -mm tree now includes a pair of new functions:
signed long schedule_timeout_interruptible(signed long timeout);
signed long schedule_timeout_uninterruptible(signed long timeout);
These functions take care of setting the process state, so the delay should always happen as expected. Presumably these functions will be merged into the mainline for 2.6.14.
Linux and TCP offload enginesThe TCP/IP protocol suite takes a certain amount of CPU power to implement. So it is not surprising that network adapter manufacturers have long been adding protocol support to their cards. This support can vary from the simple (checksumming of packets, for example) through to full TCP/IP implementations. An adapter with full protocol support is often called a TCP offload engine or TOE.Linux has never supported the TOE features of any network cards. For some time, there had not even been much discussion of TOE support. The topic has return, however, with this patch adding TOE support which was posted by Scott Bardone of Chelsio Communications. This TOE patch is clearly intended to support Chelsio's line of network adapters, but it has been coded as a more generic "open TOE" framework. The Chelsio folks would very much like to see this patch merged for the 2.6.14 kernel release. Those who are curious about the TOE patch can go in and look at the code; it is relatively straightforward. At its core, it creates a new type of extended network device (struct toedev) with an additional set of methods:
int (*open)(struct toedev *dev); int (*close)(struct toedev *dev); int (*can_offload)(struct toedev *dev, struct sock *sk); int (*connect)(struct toedev *dev, struct sock *sk); int (*send)(struct toedev *dev, struct sk_buff *skb); int (*recv)(struct toedev *dev, struct sk_buff **skb, int n); int (*ctl)(struct toedev *dev, unsigned int req, void *data); void (*neigh_update)(struct net_device *lldev, struct toedev *dev, struct neighbour *neigh, int fl); There are various hooks sprinkled through the TCP code to detect when a TOE-capable device is being used and call the appropriate method rather than performing the TCP processing in the kernel. One assumes that the patch works as advertised, but its chances of getting into the kernel appear to be relatively small. There is a very long list of objections which have been raised, including:
There is also the inconvenient little detail that a company called Alacritech owns several patents relating to TOE. It recently used those patents to extract money from Microsoft, which is including TOE support in its upcoming Windows release. This, alone, would almost certainly cause distributors to disable TOE support, even if it were to find its way into the kernel. (For the record, Chelsio claims to have done its legal homework, but not everybody finds that claim to be convincing). Will it find its way in? Not if David Miller has anything to say on the matter:
I am still very much against TOE going into the Linux networking
stack. There are ways to obtain TOE's performance without
necessitating stateful support in the cards, everything that's
worthwhile can be done with stateless offloads.
There is essentially zero chance of a networking patch being merged over David's objections, so the TOE developers have an uphill road ahead of them. One might well ask: if TOE cannot be merged, how will Linux maintain competitive speeds as networks get faster? A big area of interest, currently, is offloading parts of the protocol which do not require great intelligence or state in the card. The kernel already supports TCP segmentation offloading (TSO), where an adapter can create TCP packets out of a large array of data. TSO reduces the necessary CPU power, bus overhead, and cache impact to send a series of packets, but it still does not require that the adapter actually know anything about specific TCP connections. There is talk of using a similar technique for incoming packets: an adapter could merge a configurable set of incoming packets into a single array, thus reducing the demands on the rest of the system. One way or another, the networking stack is likely to keep up with the demands of current hardware. It has often been said that a maintainer's real job is to say "no" to patches. Not all features are worth their (very real) cost, and merging some patches can be detrimental to the kernel in the long run. For years, the networking maintainers have felt that TOE support is the kind of patch which should not be accepted, and the current implementation appears not to have changed their minds. TOE appears to be one of those ideas which never really goes away, however, so chances are good that we will see this debate again in the future.
Configfs - an introductionComplicated kernel subsystems can require complex configuration. Traditionally, Unix-like subsystems have made this configuration possible either via new system calls, or by way of a complex, ioctl()-based interface. Neither approach is considered to be optimal. New system calls clutter the namespace and must be added separately for each architecture; they are also quite inflexible once defined and used by user-space code. Anybody who uses the ioctl() interface for new code tends to get sneered at; using ioctl() is like adding new system calls but without the clear definition of the interface that a system call gives you.So how should a new subsystem allow for configuration from user space? In some cases, sysfs can be used. Sysfs, however, was never really meant for this application. It provides a view into the kernel's data structures, and it can be used to cause things to happen with those structures. But sysfs cannot be used to create new objects - at least, not without distorting the interface somewhat. It is the wrong tool for this job. The right tool might turn out to be a thing called configfs. It is yet another virtual filesystem, but one which is oriented toward user-space configuration tasks. It is currently part of the OCFS2 patch set, but it is likely to be merged separately due to interest from other kernel projects. It could, conceivably, be merged as early as 2.6.14. Configfs is meant to be mounted on /config. Each subsystem which uses configfs then creates one or more top-level directories within configfs for their configurations; the distributed lock manager code, for example, creates /config/dlm/. That directory can start out empty, or it can be populated with the initial configuration of the subsystem, whichever is appropriate. Like sysfs, configfs uses directories as the way of representing objects. Directories contain files ("attributes") which display the current state of the object, and which, optionally, may be writable to change that state. A fundamental difference, however, is that a suitably-privileged user-space process can create directories within configfs. That action will result in a callback within the kernel and the creation of the corresponding object. Directories created within configfs will have a set of attribute files from the beginning. As an example (taken from the configfs documentation), consider a hypothetical network block device driver called "fakenbd." This driver would set up /config/fakenbd, which would start out empty. A system administrator could then use mkdir to create a network disk by creating an appropriately-named subdirectory under /config/fakenbd. That directory (called disk1, say) would be populated by the kernel with the relevant attributes: target for the IP address of the server providing the disk, device for the device on the server, and rw to control whether the disk is to be writable or not. The administrator would simply write the appropriate value into each attribute, and the disk would be configured. Some observers have questioned the distinction between configfs and sysfs. Users may well wonder why there are two separate directory trees performing similar tasks - especially since sysfs can be used for certain types of administrative functions. Configfs also has certain problems (such as persistence of attribute permissions) which have already been encountered - and solved - in sysfs. The kernel developers do see the two as being fundamentally different, however, so a merger seems unlikely. If configfs takes off, one could imagine it being used all over the kernel. Much of what is done with ioctl() now could be moved over. Other patches (such as CKRM) which have their own configuration filesystems could switch to configfs. In the long term, configfs could be the path to a much more consistent - and transparent - way of configuring the many subsystems which make up the Linux kernel.
Configfs - the APIThe configfs introduction described how this filesystem looks from user space. Anybody wanting to use configfs within a kernel subsystem will also be interested in the kernel-side interface. The configfs API will be somewhat familiar to developers who have worked with kobjects and sysfs; there are some differences, however. What follows is a blindingly fast overview of the configfs API; hold on tight.Configfs implements a set of object types used to put together a configuration hierarchy:
More specifically, anybody wanting to create a configfs hierarchy must set up one or more config items - even if the only item, at the outset, is the config_subsystem structure implementing the top-level directory. Creating a config item requires, in turn, that some other structures be set up. The first of these is:
struct configfs_item_operations {
void (*release)(struct config_item *item);
ssize_t (*show_attribute)(struct config_item *item,
struct configfs_attribute *attr,
char *buffer);
ssize_t (*store_attribute)(struct config_item *item,
struct configfs_attribute *attr,
const char *buffer, size_t size);
int (*allow_link)(struct config_item *src,
struct config_item *target);
int (*drop_link)(struct config_item *src,
struct config_item *target);
};
This structure defines how a specific config item operates. The release() method will be called whenever a config item's reference count drops to zero; its job is to perform the necessary cleanup. Attributes are implemented via the show_attribute() and store_attribute() methods, which work in the obvious manner. The final two methods, if present, control whether the creation of symbolic links between config items is allowed (allow_link()) and provide notification when a symbolic link is removed (drop_link()). The above operations structure should be filled in for a specific type of config item. Then, it is necessary to store a pointer to the structure in a config_item_type structure:
struct config_item_type {
struct module *ct_owner;
struct configfs_item_operations *ct_item_ops;
struct configfs_group_operations *ct_group_ops;
struct configfs_attribute **ct_attrs;
};
Here, ct_owner is used to manage module reference counts, and ct_item_ops is the set of methods seen above. ct_group_ops is a separate set of operations for config groups; we'll get to those shortly. The final field, ct_attrs, defines the actual attributes which belong to this type of config item; it is an array of pointers to configfs_attribute structures:
struct configfs_attribute {
char *ca_name;
struct module *ca_owner;
mode_t ca_mode;
};
As with sysfs, the structure representing an attribute contains little information beyond its name and permissions. A single set of functions is used for all attributes belonging to a given item type; they must figure out which attribute is being accessed themselves by looking at the name or by embedding the configfs_attribute structure inside another structure. An actual config item looks like this:
struct config_item {
char *ci_name;
char ci_namebuf[UOBJ_NAME_LEN];
struct kref ci_kref;
struct list_head ci_entry;
struct config_item *ci_parent;
struct config_group *ci_group;
struct config_item_type *ci_type;
struct dentry *ci_dentry;
};
Code creating a config item should zero the entire structure, then initialize it with one of:
void config_item_init(struct config_item *item);
void config_item_init_type_name(struct config_item *item,
const char *name,
struct config_item_type *type);
If the name and type are set using the second form, no other initialization is required. The item, once created, will show up in configfs and will contain the attributes defined by its type. Config items have a reference count, which is manipulated with the usual sort of functions:
struct config_item *config_item_get(struct config_item *item);
void config_item_put(struct config_item *item);
Items are created within a config group, defined by this structure:
struct config_group {
struct config_item cg_item;
struct list_head cg_children;
struct configfs_subsystem *cg_subsys;
struct config_group **default_groups;
};
As noted before, a config group is just a config item which can contain other items (or groups). So it has a config_item structure embedded within it. There is also a set of subgroups which will automatically be created whenever a group is created within this group. This list (default_groups), along with the list of attributes associated with the config item, define the full contents of the group's directory when it is created. Groups are initialized in a manner similar to items:
void config_group_init(struct config_group *group);
void config_group_init_type_name(struct config_group *group,
const char *name,
struct config_item_type *type);
Groups must define a set of group operations (and store a pointer to them in the config_item_type structure):
struct configfs_group_operations {
struct config_item *(*make_item)(struct config_group *group,
const char *name);
struct config_group *(*make_group)(struct config_group *group,
const char *name);
int (*commit_item)(struct config_item *item);
void (*drop_item)(struct config_group *group,
struct config_item *item);
};
Any particular config group type should only define either make_item() or make_group(), but not both. If make_group() exists, it will be called in response to a request from user space to create a directory; its job is to create a config_group structure, initialize it, and return it. In the absence of a make_group() method, make_item() will be called instead. There is, thus, no way to create a group which allows the dynamic creation of both items and groups within it; that limitation is unlikely to be a problem in most cases. The drop_item() method will be called when an item (or group) is deleted from the group. The commit_item() method is there to support transactional access to group members; that functionality is not implemented in the current configfs patch. The top level of the hierarchy is a configfs_subsystem structure, which is just a special group:
struct configfs_subsystem {
struct config_group su_group;
struct semaphore su_sem;
};
Code creating a subsystem must first initialize the embedded group in the usual manner, then register the subsystem with:
int configfs_register_subsystem(struct configfs_subsystem *subsys);
There is a configfs_unregister_subsystem() function as well. The above whirlwind tour is, hopefully, enough to give a feel for how to work with configfs. Those wanting more information may wish to consult the extensive documentation file and the example module distributed with the configfs patch.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Janitorial
Memory management
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Roundup of Upcoming Distribution ReleasesFor many Linux distributions and BSD projects, the end of summer in the Northern Hemisphere traditionally signals the beginning of an intensive new testing and release process. What can we look forward to in the upcoming months?Let's start with SUSE Linux. The third beta release of SUSE 10.0 should be out by the time you read this, with the final release expected around the middle of September. After years of being developed behind closed doors, SUSE is about to become one of the most open Linux projects, complete with public participation and available as a free download as soon as the testing process is finished. The response by the Linux community has been overwhelmingly positive so far and SUSE's newly established Bugzilla and mailing lists are buzzing with interest. Judging by the first two betas, SUSE 10.0 will be a solid release, perhaps lacking major new features, but it should come with many updated packages, a more consumer-friendly installer and plenty of eye candy. The 'apt' package management utility will be included for the first time. And its Xen virtualization technology and Beagle desktop search tool are likely to be a lot more mature than in SUSE 9.3. Mandriva Linux 2006 has been in beta testing since the end of July and the final release should be out before September is over. As has become tradition in the Mandriva development labs, the beta releases are published behind schedule, but the company has been hard at work replacing all references to Mandrake with Mandriva and revamping most of the their web sites. Mandriva 2006 will be the first release under the company's new annual release cycle. Many users hoped that it would incorporate some of the technologies from its recent acquisitions of Conectiva and Lycoris, but there have been few signs of those in the three betas released so far, with 'urpmi' still remaining the distribution's preferred package management tool. One interesting update is that Mandriva's latest beta is the first distribution shipping with a cvs version of the upcoming X.Org 7.0. The developers of Ubuntu Linux have had their hands full with a new version 5.10, code name "Breezy Badger", scheduled for release on October 13th. As with previous versions, there will be a preview release immediately after GNOME 2.12 is declared stable on September 7th, followed by a release candidate a week before the final Ubuntu 5.10. Breezy will ship with a large number of new features, including a graphical installer, improved support for laptops through LaptopMission, thin client integration, application launch pads, complete sound infrastructure including audio CD burning, and the usual updates to artwork, sound events and branding. The release will be accompanied by Kubuntu (Ubuntu with KDE) and also Edubuntu, a distribution specifically designed for classroom use. Besides all the coding, much effort has been put into promotion of Ubuntu (and Linux in general) - a 12-day Ubuntu conference will be held in early October in Montreal, Canada and Ubuntu is also part of a task force to formulate South Africa's national strategy on open source - an initiative that Ubuntu's Mark Shuttleworth believes could foster international cooperation and increased adoption of open source software by governments and the private sector across the globe. September should also see the final release of FreeBSD 6.0. It has been delayed by more than a month due to several show stopper bugs in the core system resulting in instability and kernel panics. At the time of writing, the FreeBSD 6.0 development page lists six critical bugs and one required feature that has yet to be completed. It is not yet clear whether FreeBSD 6.0 will be considered "production quality" or just an "early adopter's preview", as was the case with FreeBSD 5.0. On a related note, new versions of both OpenBSD (version 3.8, currently in beta) and NetBSD (version 3.0) are scheduled for release in October. Slackware Linux is another project that will release a new version of its distribution within the next couple of months. Patrick Volkerding has already indicated that version 10.2 will enter a beta testing phase shortly and since its "current" tree looks in a reasonably good shape, the testing process will probably be very short. Slackware 10.2 will remain on the conservative side of things, with the maintainer still giving clear preference to the tried and tested Linux 2.4 as the distribution's default kernel. And although many packages in Slackware's "current" branch have been updated to their latest versions, Slackware 10.2 will ship without GNOME - for the first time since Slackware 4.0! Also for the first time in years, the fans and beta testers of Fedora Core (and Red Hat Linux before) will be deprived of the adrenaline that used to accompany the highly intensive testing process of their favorite distribution. That's because the developers of Fedora Core have agreed to extend the distribution's release cycle from six to nine months, with the expected release of Fedora Core 5 now scheduled for the middle of February 2006. That said, the first two test releases should appear before Christmas, so there will be some beta testing to deal with, but the usual rush to complete testing before a certain pre-Christmas deadline will be absent this year. The extended release cycle should be a welcome relief for the Fedora developers, especially since Core 5 will likely form the basis of the all-important Red Hat Enterprise Linux 5, possibly coming out in the second half of 2006. Among other major distributions, the Gentoo Linux project has recently completed its second release of the year and there won't be any new one until early 2006. Debian GNU/Linux is currently in a major transition course towards X.Org, glibc 2.3.5, GCC 4.0 and apt 0.6 so it will take time before there is any talk about releasing "etch" (Debian's next version). Similarly, the many Debian derivatives that have been, until recently, happy to base their releases on the more up-to-date unstable ("sid") branch of the pre-sarge period are now forced to postpone any new releases until "sid" completes its current transition. In the meantime, the developers of MEPIS Linux have been concentrating on building various specialist editions of MEPIS Linux, all based on Debian "sarge" and, if tradition is kept alive at Xandros, we might perhaps see a new release of Xandros Desktop before the end of the year.
New Releases Ubuntu Breezy Badger "Colony 3" now availableThe Ubuntu developers have announced the release of the "Colony CD 3", the third test release of the upcoming "Breezy Badger" release. A number of improvements have been added since the previous "Colony"; see the announcement for the details.
Distribution News Dissertation: Three ethical moments in DebianBiella Coleman is an anthropology graduate student who has been working for years with the Debian community as part of her dissertation work. That dissertation has now been accepted, and one chapter of it, entitled "Three ethical moments in Debian: the making of an ethical hacker part III" has been posted on the net. Click below for Biella's announcement and description of the work; the (80-page) chapter is available as a 2MB PDF file. (Thanks to Adam Heath).
GNU Classpath distro DevJamThe GNU Classpath DevJam is a developer and packager meeting around coordinating and improving the state of packaging of large scale applications written in the java programming language using the GNU Classpath, gcj and other free java-like VMs tool chain for the various GNU/Linux distributions. "We hope to get together a group of (20 till 30) people wanting to do some hands on hacking to show the state of the art in packaging. Resulting in the availability of several new packages, improvements to the free tool chains and cross-distribution packaging conventions quickly after the meeting."
Fedora newsThe Fedora Project is recruiting documentation authors, with a current focus on the FC5 release notes.The Fedora Project has announced an updated Guide to Managing Software with Yum. This documentation is for Fedora Core 3 and Fedora Core 4.
New Distributions FreespireFreespire is made from the freely available source code of the Linspire operating system, and other Linux distributions. All the proprietary components and trademarks have been removed. The initial release is a live CD / proof of concept, for i386 and AMD64.
Underground DesktopUnderground Desktop is a GNU/Linux distribution targeted to the desktop user, featuring a graphical installation (using Anaconda for Debian by Progeny). It is based on Debian 'unstable', optimized for i686, with a KDE desktop.You can find reviews of Underground Desktop on NewsForge and Linux.com.
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for August 23, 2005 is out. This week: the DPL delegates the authority to make a decision regarding the use of the Debian trademark to Don Armstrong, a howto on installing Debian on the Sun Blade 150, a look at kernel version dependency, using LSB init scripts, and several other topics.
Fedora Weekly News Issue 10The latest issue of the Fedora Weekly News has the meeting minutes for Fedora Documentation, meeting minutes for Fedora Marketing, more speakers needed for FUDCon London 2005, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of August 22, 2005 is out, with a report from Linux World Expo San Francisco, a look at some user projects like car console and MythTV, and more.
Mandriva Linux Community Newsletter #107The Mandriva Linux Community Newsletter for August 22, 2005 looks at the new Mandriva Club site, the changing domain names and other topics.
Red Hat Magazine Issue 10The latest issue of Red Hat Magazine is online, with a look at debugging code with strace, CVS is out, Subversion is in, Fedora Extras Focus, Red Hat Summit 2006: Goin' country, creating vector graphics with Inkscape, building the Fedora Foundation: Goals established, and more.
DistroWatch Weekly, Issue 114The DistroWatch Weekly for August 22, 2005 is out. "The long awaited KNOPPIX 4.0 live DVD was finally released last week - with a large collection of great software, but also with a few nasty bugs. In the meanwhile, the openSUSE project continues its fast-paced beta testing process of SUSE Linux 10.0 with more great software and an easy way to upgrade to the latest version. Our featured project of the week is aLinux - a distribution with amazing eye candy, unparallelled multimedia support, and many bleeding edge software packages."
Minor distribution updates New Quantian torrent at tlm-projectThe Quantian project has lost a server, but gained a torrent at the Linux Mirror Project. "As I mentioned recently on quantian-general and in my blog, the machine hosting Quantian at University of Washington is no more. I am indebted to Tony, Eric and U W for the service and bandwidth they have provided. It really helped."
Ports: Fedora Core support on the way for GNU-DarwinThe GNU-Darwin project will be adding Fedora Core support to the ports tree. "For the purists, Debian support was added to CVS last year. In other news, sales and donations continue to provide for the growth and development of the Distribution. We are providing internet services, email, webpages, Office discs, Package discs, and bootable OS installer discs; all bone fide free software. We are clearly the most free, active, and lucrative Darwin-based project."
Package updates Fedora updatesFedora Core 4 updates: system-config-netboot (bug fixes), doxygen (update to 1.4.4), kdbg (update to 2.0.0), system-config-bind (bug fixes), tar (silence newer option), gstreamer-plugins (bug fixes), vnc (bug fix), metacity (bug fix), pygtk2 (update to bugfix version 2.6.2), shadow-utils (bug fixes), evolution (update to 1.6.5), MyODBC (bug fix), xpdf (update to 3.01), libgal2 (bug fix), dhcpv6 (bug fixes), system-config-netboot (bug fixes), diskdumputils (updated source), bind (bug fixes), glibc (bug fixes and rebuilt with gcc-4.0.1-4.fc4), eject (update 2.1.1).Fedora Core 3 updates: kdbg (update to 2.0.0), system-config-bind (bug fixes), pcre (add symlinks for header files), MyODBC (bug fix), doxygen (update to 1.4.4), xpdf (update to 3.01), dhcpv6 (bug fixes), system-config-netboot (bug fixes), kdebase (Bluecurve theme for KDM), hwdata (fix MegaRAID controller mapping), eject (update to 2.1.1).
Mandriva MDKA-2005:039Mandriva has updated indexhtml with the new URLs for the various Mandriva domain names.
Distribution reviews Linux wireless freedom with OpenWrt (NewsForge)NewsForge reviews OpenWrt. "You can turn your blue Linksys router into a Linux box with OpenWrt, an embedded Linux distribution for Linksys WRT54G and WRT54GS routers. This tiny distribution exceeds the default firmware functionality in many useful ways. Instead of having only a Web-controlled wireless access point, OpenWrt provides you with a fully interactive Linux system. Some notable features are the ability to telnet/SSH to your router, install software such as Snort, Mini-Sendmail, and Asterisk, and create and control VLANs for every Ethernet port on the device."
Suse Linux Professional 9.3 64bit (Personal Computer World)Personal Computer World has a review of SUSE Linux. "It turns out that Suse Linux is an excellent platform for 64bit computing. On our Intel EM64T system, everything worked more or less immediately, including USB, Intel Hi-definition audio, and the Nvidia Geforce 5900 PCI Express graphics. We could compile and run 64bit applications, while 32bit applications such as Open Office ran fine as well."
Page editor: Rebecca Sobol Development The Sylpheed Email ClientSylpheed is a GTK+ based lightweight email client that is authored by Hiroyuki Yamamoto. According to the project FAQ, Sylpheed aims to be fast, graceful, intuitive, easy to configure, reliable and full of features. The name comes from the wind spirits, the Sylphs, representing the lightweight nature of the application.
Version 2.0.0 of Sylpheed was announced this week, it features a switch to GTK2, usability improvements, inline viewing of attached images, and more. The software was a breeze to configure, build, and install on a Fedora Core 3 system. Pre-compiled packages are available for several popular Linux distributions. Operation was simple and intuitive, as advertised. Your author is seriously considering a switch from the old reliable (and somewhat clunky by today's standards) exmh mail client to Sylpheed.
System Applications Audio Projects Alsa 1.0.10rc1 packages are availableVersion 1.0.10rc1 of the ALSA sound driver packages are available for testing: "all packages except alsa-firmare were released - version name is 1.0.10rc1. Please, test the packages and report the bugs (especially packaging and compilation problems) to the ALSA bug-tracking-system." See the change log file for details.
Clusters and Grids Open MPI code base now availableThe Open MPI Project has released their high-performance message passing library code under the BSD license. "Open MPI is a project combining technologies and resources from several other projects (FT-MPI, LA-MPI, LAM/MPI, and PACX-MPI) in order to build the best MPI library available. A completely new MPI-2 compliant implementation, Open MPI offers advantages for system and software vendors, application developers and computer science researchers."
Database Software Firebird 1.5.3 Release Candidate 1Release Candidate 1 of the Firebird 1.5.3 database is available. "The Firebird Project is pleased to announce a release candidate for the forthcoming Firebird 1.5.3 release, for testing. Download kits are available for Windows and Linux."
PhpPgAdmin 3.5.5 ReleasedVersion 3.5.5 of PhpPgAdmin has been announced, it features several bug fixes.
PostgreSQL Weekly NewsThe August 21, 2005 edition of the PostgreSQL Weekly News is out. Take a look for the latest PostgreSQL stories.
Embedded Systems BusyBox 1.01 releasedStable version 1.01 of BusyBox, a condensed collection of command-line utilities, is out. "A new stable release (BusyBox 1.01) is now available for download, containing over a hundred small fixes that have have cropped up since the 1.00 release."
Interoperability Samba 3.0.20 is AvailableVersion 3.0.20 of Samba has been announced. "This is the latest stable release of Samba. This is the version that production Samba servers should be running for all current bug-fixes. This is a substantial upgrade from previous Samba 3.0.x releases."
LDAP Software LAT 0.7 ReleasedVersion 0.7 of LAT, the LDAP Administration Tool, is out with a number of new features.
Mail Software Gotmail 0.8.6 ReleasedVersion 0.8.6 of Gotmail is available. "The Gotmail project, a perl script which downloads mail from hotmail.com without user interaction, released version 0.8.6 today. This version adds support for running the script on the various Windows platforms. Additionally, thanks to new developer, Jos De Laender, Gotmail now has support for multiple languages. There are many new commandline options as well as several improvements with the packaging for the project."
Networking Tools aircrack 2.23 releasedStable version 2.23 of aircrack, a set of tools for auditing wireless networks, is out with bug fixes.
Web Site Development CherryPy for CGI programmers (IBM developerWorks)Leonard Richardson introduces CherryPy on IBM developerWorks. "The CherryPy application framework for Python makes Web applications easier to write than plain Common Gateway Interface (CGI). At the same time, it's simple -- not full of little-used features -- and easy to learn. This introduction shows everything needed to write Web applications with CherryPy."
Qwicap 1.3 Released (SourceForge)Version 1.3 of Qwicap has been announced. "Qwicap ("Quick Web Interface for Conventional Applications") is a Java web application development API based on Servlet, XHTML, and CSS2 technologies. It greatly simplifies development by dispensing with the usual hit-run-exit model of web applications, automates a variety of best-, or pretty-good-, practice behaviors, and provides a powerful XML "templating" engine to avoid mixing code and content. After more than two years of development, Qwicap has simultaneously reached version 1.3, and has been open-sourced under the LGPL." See the changes file for more information on this release.
scgi 1.7 releasedVersion 1.7 of scgi has been released. A bug fix for Apache2 mod_scgi and other changes are included.
Desktop Applications Audio Applications Ecasound 2.4.3 releasedVersion 2.4.3 of Ecasound, a multi-track command line audio processing utility, is out. Here are the changes: "Support for the ALSA sequencer API has been added. A few bugs related to .ewf file processing have been fixed. A serious problem in the disk i/o subsystem, which caused system freezes in some conditions, has been fixed. Disk subsystem performance has also improved slighly in this release."
snd-ls 0.9.5.1 releasedVersion 0.9.5.1 of Snd-ls is out with many changes. "Snd-ls is a distribution of the sound editor Snd. Its target is people that don't know scheme very well, and don't want to spend too much time configuring Snd. It can also serve as a quick introduction to Snd and how it can be set up."
Sweep 0.8.4 ReleasedVersion 0.8.4 of Sweep, an audio editor and playback tool, is out. Changes include ALSA 1.0 support, translation work, and more.
Calendar Software pcal 4.9.0 releasedVersion 4.9.0 of `pcal', a program which generates PostScript- or HTML-format monthly/yearly calendars, has been announced. Changes include support for several new languages (and improved support for existing languages), ability to delete specific events, improved EPS image support, a Perl script for HTML/CGI access, additional sample calendar event files, additional sample character encoding/font test files, and various bug fixes. (Thanks to Bill Marr.)
Desktop Environments GNOME's Project RidleyThe GTK+ developers have announced a new initiative called "Project Ridley." The idea is to get rid of a number of the small libraries which follow GNOME applications around, merging their functionality into the core GTK+ toolkit. The end result will likely be the GTK+-3.0 release. More information can be found in the announcement (click below) or on the Project Ridley wiki page.
The story of two SVG libraries (GnomeDesktop)GnomeDesktop.org covers the merging of the librsvg and libsvg SVG library projects. "The teams working on librsvg and libsvg have decided to join forces around the CVS version of librsvg. Thanks to the work of the librsvg team, mostly Caleb Moore, librsvg now can support multiple rendering backends, with libart and Cairo backends implemented."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Electronics GerbMerge 1.0 released (OpenCollector)Version 1.0 of GerbMerge, a panelizer for Gerber RS274X and Excellon files, has been announced. "New features include handling simple aperture macros, more than 99 apertures in input files, trimming Gerber/Excellon data to the board extents, configurable output filenames, better documentation, and panel margins to allow for extra space for tooling."
GUI Packages Trolltech Releases Qt 4.0.1 (KDE.News)KDE.News covers the release of Qt 4.0.1. "Among the over 450 bug fixes and optimizations are numerous improvements to raster engine, X11 engine and QPainterPath, significantly speeding a range of drawing processes and introduction of top-level window transparency on X11."
Music Applications Mondrian Project announcedThe Mondrian Project has been launched by Peter Brinkmann. "I would like to announce the Mondrian Project. Mondrian is an attempt to create a text-based setting for writing and performing music." Mondrian includes plugins for vi and emacs that turn your favorite text editor into a musical instrument.
Web Browsers Mozilla SVG Presentation at SVG Open 2005 (MozillaZine)MozillaZine covers a talk on Mozilla SVG developments. "The Mozilla Scalable Vector Graphics Project team gave a presentation entitled Past, Present, and Future of Mozilla SVG at the SVG Open 2005 conference in the Netherlands today. As well as detailing the current status of SVG in Mozilla, the talk also discussed the history of the Mozilla SVG project and some of the implementation problems the team faced. Future plans were also covered and the presentation included a demonstration of the SVG-powered MozMapEditor application."
Word Processors AbiWord 2.3.5 released (GnomeDesktop)AbiWord v2.3.5, aka AbiWord 2.4 beta 2, has been released. "This release is virtually identical to what will become AbiWord 2.4, but still contains some bugs that might the speed up the greenhouse effect or cause your house to fall over."
Miscellaneous PenguinTV 0.75 Released (GnomeDesktop)Version 0.75 of PenguinTV has been announced. "PenguinTV is a full-featured RSS, podcast, and video blog reading tool written in Python. It can be used by itself to download and view media, or you can copy the media files and a ready-made playlist to a portable mp3 player."
Languages and Tools Caml Caml Weekly NewsThe August 16-23, 2005 edition of the Caml Weekly News is online with the latest Caml language articles.
Haskell Haskell Weekly NewsThe August 23, 2005 edition of the Haskell Weekly News is online with the latest Haskell news. Topics covered this week include the new ghc-src project, Oracle on Haskell, The Monad.Reader, and how Linus/git impact darcs.
Java Introduction to the ASM 2.0 Bytecode Framework (O'ReillyNet)Eugene Kuleshov introduces the ASM 2.0 Bytecode Framework on O'Reilly. "J2SE 5.0 made major changes to the language, and version 2.0 of the ASM bytecode manipulation toolkit is well-suited to handle them. In this article, Eugene Kuleshov shows how ASM 2.0 makes working with bytecode easier, and even offers an example of how to map the external dependencies in an arbitrary .jar file."
HiveMind Utilities 0.4.5 released (SourceForge)Version 0.4.5 of HiveMind Utilities, a set of modules for the HiveMind lightweight container, is available. "The HiveMind Utilities project team announces the release of "HiveMind Utilities 0.4.5", which mainly is improving poor performance of gzip related features introduced in version 0.4.4."
Internationalization, Part 1 (O'Reilly)David Flanagan discusses Java internationalization issues in an O'Reilly book excerpt. "In this excerpt from Chapter 8 of Java Examples in a Nutshell, 3rd Edition, author David Flanagan offers real-world programming examples covering the three steps to internationalization in Java. This week, he covers how to use Unicode character encoding and how to handle local customs. Next week's excerpt will cover the third step: localizing user-visible messages."
JPasswords 0-1-0 Released (SourceForge)Version 0-1-0 of JPasswords has been released. "JPasswords offers a compact but proficient and user-friendly, Java Swing based application to store and manage passwords on encrypted files. - I am happy to announce the first edition of JPasswords. It brings a complete security password management tool in advanced maturity state. The program makes full compatible use of Password Safe files (CounterPane). Among its striking features are its platform-independence and the astounding compactness of only 188 KB."
OVal 0.1.0 alpha released (SourceForge)Version 0.1.0 alpha of OVal has been announced. "OVal is a generic Java 5 based object validation framework that uses annotations to express constraints and AspectJ to handle automatic validation. It supports validation of class fields as well as constructor and method parameters."
Lisp First public release of ContextLThe initial release of ContextL, a Common Lisp CLOS extension for Context-oriented programming, is out.
wxCL 1.0.0 Alpha releasedwxCL 1.0.0 Alpha is available. "The first public release of wxCL, version 1.0.0 Alpha, has been announced. wxCL is a portable Common Lisp GUI library based on the C++ wxWidgets library."
Perl This Week in Perl 6 (O'Reilly)The August 18 edition of O'Reilly's This Week in Perl 6 is out with the week's Perl 6 development news.
Python Dr. Dobb's Python-URL!The August 18, 2005 edition of Dr. Dobb's Python-URL! is online with the latest Python language article links.
python-dev SummaryThe July 16-31, 2005 edition of the python-dev Summary is online with coverage of the python-dev mailing list activity.
Ruby Ruby Weekly NewsThe August 21, 2005 edition of the Ruby Weekly News summarizes the latest discussions on the ruby-talk mailing list.
Scheme Schemer's GazetteIssue #8 of the Schemer's Gazette is online with the latest Scheme language discussions.
Tcl/Tk Dr. Dobb's Tcl-URL!The August 19, 2005 edition of Dr. Dobb's Tcl-URL! is online with the weekly collection of Tcl/Tk articles.
Version Control Mercurial v0.6c released!Version 0.6c of Mercurial, a source code management system, is out with numerous new capabilities.
Miscellaneous Deskzilla Desktop Bugzilla Client Beta (MozillaZine)MozillaZine looks at Deskzilla, a Java-based Bugzilla client application. "Deskzilla is an alternative, desktop client application for the Bugzilla bug-tracking system, created by an independent software vendor. Deskzilla is free for open-source projects. "Deskzilla introduces several new features and helps to do routine bug tracking, yet it cannot be viewed as a full replacement for the vast Bugzilla web interface. The goal of the Deskzilla project is to explore possibilities for unique bug-tracking features that are open for a desktop application.""
Page editor: Forrest Cook Linux in the news Recommended Reading The worm that didn't turn up (Guardian)Here's a column in the Guardian from a writer who had no trouble with the latest worm episode. "How have I achieved this blissful freedom? Simple: by using only computers running Apple or Linux software. No special geeky skills required - just common sense and a desire to avoid pain. For six years, I have enjoyed all the benefits of networked computing without experiencing any of the downsides."
Tim Berners-Lee Sends a Letter to the US Copyright Office (Groklaw)Groklaw reports that Tim Berners-Lee, director of the W3C and inventor of the Web, has responded to a call for comments from the US Copyright Office. "He mentions security issues , which can and have arisen in connection with all browsers. As it happens, there was one yesterday involving IE, and some responded to the fact that there is currently no patch for it by suggesting that you use a different browser at least temporarily."
Apache hopes to encourage female coders (News.com)News.com has a short article on the Apache Foundation's efforts to encourage participation from women. "Debian, the free Linux distribution, set up a group last year to encourage the participation of women. Helen Faulkner, a member of Debian Women, told ZDNet UK last year that the group offers advice to women on a variety of topics from how to install Debian to how to write a bug report. It is also encouraging Debian to become more welcoming to women by flagging instances of sexism."
Companies Open-source Mambo project faces rift (News.com)News.com reports on a split in the Mambo project. "On one side of the clash is Miro International and the Mambo Foundation. Miro is the company that originally released Mambo as open-source software, and it helped establish the foundation earlier this month to govern the software as an open-source project. On the other side is the entire team of Mambo developers."
Asia to show Linux-based system (CNN)Here's a brief CNN article on the upcoming release of Asianux 2.0, a distribution put together by Miracle Linux (mostly owned by Oracle), Red Flag Software, and Haansoft. "Miracle Linux President Takeshi Sato said in January 2004 that the group hoped Asianux will be prevalent in server systems for regional businesses and governments within three years."
Sun launches open-source digital rights plan (ZDNet)According to this ZDNet article, Sun is pushing into the digital restrictions management (DRM) area. "Sun also believes it can bypass corporate powers though use of open-source software. 'Now it's no longer simply about engaging a few corporate interests. The open-source community is all about engaging the planet,' Schwartz said, including individuals who might want to sell their own digital content over peer-to-peer networks."
Linux at Work Can Linux Put PalmSource Back On Top? (InformationWeek)InformationWeek examines the increasing use of Linux on PDA and cell phone platforms. "These vendors cite a variety of advantages to adopting an open source platform over a proprietary one. Interestingly, the lack of licensing royalties appears to be the least important advantage to most of them. Motorola, for example, which continues to ship Windows and Symbian phones but divested its ownership stake in Symbian two years ago, notes the advantage of choosing launch dates based on the company's own preferences rather than being tied to the OS developer's next major OS release. Korean Linux phone pioneer E28 points to another benefit: the fact that closed, monolithic platforms often impose proprietary standards that restrict a company's freedom to differentiate itself from its competitors."
Interviews Looking at Real Time for Linux, PowerPC, and Cell (developerWorks)developerWorks talks with Paul McKenney about processors, computer history, time slices, games, physics, and Linux. "Paul E. McKenney is a Distinguished Engineer at the IBM Linux Technology Center. He has worked on SMP, NUMA, and RCU algorithms since he came to IBM in the early 1990s. Prior to that, he worked on locking and parallel operating-system algorithms at Sequent Computer Systems. He has also worked on packet-radio and Internet protocols (even before the Internet became popular), system administration, real-time systems, and business applications."
Interview with Aaron Seigo (Linux Magazine)Linux Magazine interviews Aaron Seigo about his Trolltech sponsored work on KDE. "We also sat back and went, "you know it'd be really nice if we could really show what X, the X modern protocol, especially from X.org, is capable of these days. Cause it's got a bad reputation or has a crude one largely because development was so stagnant for so many years, but X.org has really picked up again and we're starting to see some exciting capabilities on the X.11 platform. We also have Q4 coming out from Trolltech, that's got, I was playing around with the new painting facilities that were there yesterday, and was really happy with how much more progressed Q4 is over Q3 for what we can do eye-candy wise."
Interview with Roberto Cappuccio (Tuxmachines)Tuxmachines talks with Roberto Cappuccio about KAT. "Kat Desktop Search Environment is an open source framework designed to allow KDE applications to index and retrieve files; loosely speaking, a search tool. Tuxmachines has had the rare opportunity to speak with Roberto Cappuccio, wonderfully talented developer of KAT." (Found on KDE.News)
3 Questions: Patent Commons Protection (ITBusinessEdge)ITBusinessEdge talks with OSDL general counsel Diane Peters about the patent commons project. "With increasing frequency, institutions, companies and inventors want to formally signal to open source developers, distributors and users that software patents they hold are not a threat or inhibitor to the development or use of open source. The patent commons gives them a forum in which to do so. As for patent holders who assign their patents to OSDL, they are relieved of the administrative burdens associated with licensing their patents to various players in the open source community."
Resources Open Source Power management - Gnome Power Manager (MYOSS)MYOSS magazine is running an article on the Gnome Power Manager by lead developer Richard Hughes. "Power management in Linux sucks. Depending if you are running a PPC or i386 PC the different power management facilities are vastly different. To get your machine to suspend on lid press is already possible, but is difficult to know what config files to modify. To get your LCD screen brightness set to 50% when you remove the AC Adapter of your laptop is probably possible with a clever little Perl script, but is not something that comes ready configured on a standard Linux distro. Any of these things need the user to become the super-user to do the action. This needs to change before Linux is accepted as a contender for the corporate desktop."
A Video Card Upgrade HOWTO (Linux Journal)Colin McGregor walks through the process of upgrading a video card on a Linux system. "Given the many dozens of video cards on the market, how to choose? The first step is to take a look at your motherboard manual to answer the question "what video cards could my computer support?" All other things being equal, you want the fastest data transfer between the computer and the video card. The upper limit as to how fast data can transfer from the computer to the video card is the bus connector between the card and the motherboard. In decreasing order of performance, the video card bus arrangements are PCIexpress, AGP 8x, AGP 4x, AGP 2x, AGP and PCI."
The Eclipse Voice Tools Project (developerWorks)This developerWorks article introduces the Eclipse Voice Tools Project. "The Voice Tools Project (VTP) was formed to take advantage of the Web Tools Project by extending its base of Web-development tools into the voice-recognition world. This allows the Voice Tools Project to provide a great Web-development experience for voice applications out of the box and allows users to development their voice applications using the same tools they would use to develop their visual applications. For companies that use the Voice Tools Project as a base for their own tools, it means that all the tasks users come to expect from a modern Web-oriented Integrated Development Environment (IDE) are provided without any additional effort."
Reviews amaroK 1.3 'Airborne' takes off (KDE.News)KDE.News reviews version 1.3 of the amaroK audio player. "amaroK is one of the first applications to integrate live information from the free encyclopedia, providing useful facts about the music you are currently listening to. Discography of an artist, biography and even photos are just a mouseclick away with the new Wikipedia tab."
FreeBSD 6.0 to target wireless devices (News.com)News.com looks at FreeBSD 6.0. "FreeBSD developer Scott Long said on Thursday that the next version of the open-source BSD-based operating system, planned for release in September, includes support for "a lot more" wireless cards and for wireless security standards such as the Wi-Fi Protected Access (WPA)."
Kino makes video editing simple (NewsForge)Ben McGrath likes Kino for video editing, on NewsForge. "Kino takes video to the disk in AVI and raw DV format. When you finish editing a video, Kino lets you export it in a number of formats, such as MPEG and MP3. Kino also features incredible support for IEEE-1394, otherwise known as FireWire, which allows it to communicate with different video hardware, and also supports most USB drive input. Kino has easy tools for filters, general effects, and video transition, ranging from kaleidescope to a general background generator. Kino also comes equipped with audio tools, such as filters and audio transitions, which include useful "fade in/out" and "mix" features."
A Comparison of Linux Performance Tuning Books (Linux Journal)Linux Journal has a mini-review of two performance tuning books. "I've recently had the opportunity to read two books on the topic: Optimizing Linux Performance, written by Phillip G. Ezolt and part of the HP Professional Books imprint, and Performance Tuning for Linux Servers, edited by Sandra K. Johnson and published by IBM Press. As both of these titles came out of large companies that are throwing a lot of support behind Linux, I thought it would be worthwhile to compare the two books."
Linux for Video Production (O'ReillyNet)Jono Bacon examines the present and future of video production with Linux and open source software, on O'ReillyNet. "At the GNOME User And Developers European Conference (GUADEC) in Stuttgart, Germany, PiTiVi was one of the most promising applications demonstrated. Currently being developed by French-born Edward Hervey, PiTiVi offers a refreshing outlook for video production on Linux. Hervey's goals for PiTiVi have been clear from the beginning. His intention was to create a simple, intuitive, and powerful editor that can be useful for both home and professional needs."
Page editor: Forrest Cook Announcements Non-Commercial announcements A couple of Linux trademark notesSome parts of the net have recently discovered that changes have been made to how the "Linux" trademark is managed. We can't resist pointing out that LWN subscribers read about the whole thing last June. The current discussion, however, has drawn a response from Linus Torvalds as well: "Finally, just to make it clear: not only do I not get a cent of the trademark money, but even LMI (who actually administers the mark) has so far historically always lost money on it. That's not a way to sustain a trademark, so they're trying to at least become self-sufficient, but so far I can tell that lawyers fees to _give_ that protection that commercial companies want have been higher than the license fees."Software patent opponent Florian Mueller has issued a statement supporting the Linux trademark. Mr. Mueller is concerned that opposition to trademarks could hurt the legitimacy of the anti-patent campaign; he also criticizes those who are defending the bnetd developers.
Formulating a national government strategy on Free SoftwareMark Shuttleworth has sent out a call for help to the Ubuntu community. "This is a mail to the global Ubuntu community, to ask for your help in formulating a national government strategy on Free Software for South Africa. We hope this work will also be used as a model for many countries world wide. We are participating in a task force that is considering how South Africa should lead the adoption of Free Software in government, in the private sector and in civil society. It is a unique gathering of people who would like to create the most effective possible strategy for the country, building on the great ideas that have already been implemented elsewhere."
Commercial announcements Astaro Protects Customers From WormsAstaro Corporation has sent out a press release regarding worm protection from its gateway appliances. "Astaro Security Gateway appliances and other systems running its Astaro Security Linux V6 software are now protecting customers from worms that exploit a flaw in Windows 2000 systems. The worms can steal information, cause severe performance degradation on infected systems, delete files, and launch denial of service attacks against web servers."
Eclipse Foundation Announces CDT 3.0The Eclipse Foundation has announced the next generation of the Eclipse CDT platform, a platform for building C/C++ development tools. "Developed under the leadership of QNX Software, CDT 3.0 delivers improved scalability, performance, and extensibility to developers targeting embedded systems and Linux environments. CDT has been adopted as the C/C++ tools platform for major embedded and Linux vendors, including IBM, Intel, MontaVista, Novell SUSE, PalmSource, QNX, Tensilica, Texas Instruments, and TimeSys."
H-ITT releases version 1.8 of classroom response systemH-ITT has announced version 1.8 of their cross-platform classroom response system. "Hyper-Interactive Teaching Technology (H-ITT), a leader in hand-held remote technology for the classroom, today announced the release of version 1.8 of their Windows, Mac OSX, and Linux software for use with their classroom response system. Numerous new features and enhancements have been added to both the Acquisition program which collects responses from the students in class and the Analyzer which grades the responses after class."
IBM Launches New Initiative to Help Developers Build Skills and Open Standards SolutionsIBM has announced a new initiative to help start-up companies in emerging markets -- China, India, Russia, Brazil -- more quickly and easily develop solutions based on open standards technology.
Novell Announces Novell ZENworks 7 SuiteNovell, Inc. has announced the ZENworks 7 Suite. "Novell today announced the worldwide availability of Novell(R) ZENworks(R) 7 Suite, the first systems management solution that automates the complete lifecycle of Linux* systems and allows organizations to manage their Windows* workstations from a Linux platform. Novell ZENworks automates and enforces business and IT management processes across the lifecycle of desktops, laptops, servers and handheld devices. As a result, organizations can control costs, ensure security and compliance and get the most from their IT asset investments."
SOA Vendors Lead Synapse Project for Apache Software FoundationWSO2 has announced (click below) the creation of Synapse, a new project tasked with creating a Web service mediation framework. The project proposal has been submitted to the Apache Software Foundation "incubator" under the Web Services project. Additional detail are included in the proposal.
New Books Linux in a Nutshell, Fifth Edition - O'Reilly's Latest ReleaseO'Reilly has published the book Linux in a Nutshell, Fifth Edition by Ellen Siever, Aaron Weber, Stephen Figgins, Robert Love, and Arnold Robbins.
Prentice Hall PTR publishes "Peter van der Linden's Guide to Linux"Prentice Hall PTR has published the book Peter van der Linden's Guide to Linux by Peter van der Linden.
Prentice Hall PTR Publishes Samba-3 BooksPrentice Hall PTR has published the second editions of the books The Official Samba-3 HOWTO and Reference Guide and Samba-3 by Example: Practical Exercises to Successful Deployment.
Contests and Awards GNOME 2.12 Splash Screen Contest (GnomeDesktop)GnomeDesktop.org has an announcement for a new GNOME Splash Screen Contest. "With the imminent release of the GNOME 2.12, the time has come to find the ideal splash screen to go with it. Now is your chance to join the ranks of the precious few who have had their artwork associated with a major release of GNOME!" Submissions are due by September 4.
Event Reports KDE Previews 3.5 Release at LinuxWorldExpo (KDE.News)KDE.News covers the action at the KDE booth during the recent LinuxWorld Conference and Expo. "The K Desktop Environment was pleased to see its users recently at the LinuxWorld Conference and Expo. Users were excited to learn about KDE 4.0, some of the hot new stuff in KDE 3.5, and thousands of Linux users got out of the house for a change! Guests to our booth had questions like "So, when is KDE 4.0 going to be released?" Some also wondered what kind of new features it would have."
Upcoming Events Linux Installfest workshops in Davis, CAThe Linux Users' Group of Davis has announced the next "Linux Installfest" workshop, the event will be held in Davis, California on Saturday, August 27, 2005.
CMP Media Announces Embedded Systems ConferenceCMP Media has announced the next Embedded Systems Conference. The event will take place in Boston, Mass. on September 12-15, 2005.
FSF Seminar on The GPL and Legal Aspects of Free Software Development (Groklaw)Groklaw has announced a seminar on: "The GPL and Legal Aspects of Free Software Development". "I've written often of my experience at the GPL seminar I attended a couple of years ago, and I've always been very glad I went. For those of you in the New York area, there will be a one-day course at Columbia Law School on September 28, "The GPL and Legal Aspects of Free Software Development": The course will comprise an exploration of the most widely used free software copyright license, the GNU GPL, and will give lawyers, software developers, managers and business people the knowledge necessary to use the GPL (and GPL'ed software) successfully, with safety and predictability, both in businesses new to free software and in existing enterprises."
The Ubuntu Below Zero ConferenceThere is another big Ubuntu developers' gathering in the works. This one is happening in Montreal from October 30 to November 10. See the announcement (click below) for the details.
Events: August 25 - October 20, 2005
Web sites LQ ISO Linux Download Site Reaches One Million DownloadsLinuxQuestions.org has announced the one Million ISO image download milestone. ""We're glad to be able to help users easily find a fast local mirror to download their favorite Linux distro from. Being able to hit 1,000,000 downloads in only a year was a great milestone", said LinuxQuestions.org founder Jeremy Garcia."
Page editor: Forrest Cook Letters to the editor Letter to Editor: Response to Florian Mueller's Release re: "Anti-IP"
On August 22, 2005, Florian Mueller distributed a press release (Linux trademark issue: EU anti-swpat campaigner supports Linus, is concerned over anti-IP positioning of open source) on behalf of nosoftwarepatents.com critiquing what he considered to be "anti-intellectual property positions" in the open source/free software movement. Among those criticized was EFF's defense of the BNETD project, which was sued in U.S. courts by Blizzard entertainment for creating an open source interoperable server that worked with Blizzard games. Mr. Mueller chides the EFF for rushing to the aid of "piracy-enablers" and making it look like software patent critics are "against copyright." In the interest of correcting the record and full disclosure, we'd like to note two things. First, the Blizzard v. BNETD case is anything but "against copyright." The defense of the case is based entirely on the right to reverse engineer and create interoperable software embodied in the Fair Use Doctrine of U.S. copyright law under Title 17, Section 107 and Section 1201(f) of the Copyright Act. It is hard to understand how one could be "against copyright" when one is relying on the Copyright Act as the defense to Blizzard lawsuit. Second, it is also worth noting that Mr. Mueller is anything but a disinterested party in this fight. In fact, he has extensive ties to Blizzard Entertainment and is listed as a contributor to numerous Blizzard games including Starcraft, Diablo, and WarCraft II: Tides of Darkness. While EFF applauds Mr. Mueller's work on software patent policy, his failure to disclose these facts and failure to accurately describe the Blizzard v. BNETD case must call into question his credibility on this issue. Sincerely,
Jason Schultz
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Sylpheed]](/images/ns/sylpheed.png){kind=small}
Sylpheed