LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for January 12, 2006The coming Debian GFDL collisionThe Debian Project's discomfort with the GNU Free Documentation License (GFDL) has been clear for some time. To Debian developers (and many others), the GFDL is not a free license for a few reasons:
See the Debian position statement on the GFDL for more information on why the project objects to this license. Debian developer Anthony Towns recently circulated a proposal for a general resolution (since updated) on the GFDL. The resolution would reiterate the project's objections to the license, and generally bring the issue back into the foreground. Previously, the developers had agreed to let GFDL-licensed documentation slide so as to not delay the Sarge release. That release is now out, and the Etch release is planned for December of this year. As things stand now, the project will not be able to release Etch until all non-free documentation has been removed - and that situation is unlikely to change. The Debian folks would like to see this problem solved by the FSF, which could make it vanish by releasing an updated version of the GFDL. The transparent copy and DRM items seem amenable to easy fixes, leaving only invariant sections to worry about. Even in the absence of a change of heart on invariant sections, fixing the other issues would make documents which lack such sections free. Tweaking the GFDL to allow the removal of invariant sections would solve the problem completely. Given that version 3 of the GPL is due to be unveiled (in draft form) on January 16, it is probably safe to assume that the FSF is not devoting a great deal of attention to tweaking the GFDL at this time. The FSF has, in fact, proved quite resistant to making any changes to that license even when there weren't other things going on. So a new GFDL before the scheduled Etch release seems unlikely. So, it is probable that there will be a mass purge of GFDL-licensed documentation from the core Debian distribution. That documentation will then languish in the non-free area, where Debian folks will routinely sneer at it. This purge will affect any free software project whose code is shipped by Debian, and which has documentation licensed under the GFDL. As it happens, there are a couple of smallish projects which fit that description, called KDE and GNOME. Both of these projects will have to find a way to address Debian's concerns, or see its code shipped without the accompanying documentation. The projects are starting to think about this issue. Recently, Jordi Mallach posted a call for discussion on the GNOME desktop-devel list, and Isaac Clerencia posted a very similar message to kde-devel. In fact, the messages are so similar that one must conclude that the level of cooperation between the two projects is higher than generally imagined. In both cases, two options are presented: (1) create new documentation-free tarballs, or (2) relicense or dual-license the existing manuals so that Debian will see them as being free. The dual-licensing idea is the one which is recommended. The initial response in both projects has been somewhat unsympathetic to the Debian project's position. It seems fair to say that quite a few developers (and authors) don't really see a problem in need of a solution - especially since neither project makes use of invariant sections. A GNOME developer suggested that it was up to the Debian project to either get the GFDL changed or to deal with every author to get the licensing changed on their works. A KDE developer has flat-out refused to consider dual-licensing his work. There are people in both camps who have problems with the GFDL, but it appears that bringing about a licensing change will be hard to do. So there does not appear to be an immediate solution at hand, and the chances are good that Etch will ship without a great deal of documentation. Debian Etch users will have to get their GNOME and KDE manuals at the same time they stock up on MP3 encoders, libdvdcss, and that Flash plugin they swear they never use. It's not the end of the world; that documentation remains readily available. But it is an example of what can happen when we are not sufficiently careful in our choice of licenses. Picking the wrong license can lead to trouble down the road, and it can be a hard choice to change. This episode could also have been avoided if the FSF had been a bit more responsive to the feedback it sought when the GFDL was released in draft form. Most of the objections one hears now were voiced then, but they had no effect on the final wording of the license. One can only hope that the GPLv3 project, which begins next week, will produce a more generally-acceptable final result. The stakes in that case are significantly higher.
Flash players for LinuxOne of the places where the Linux desktop tends to fall short of the proprietary alternatives is its support for the Shockwave Flash media format. The world is full of deprived Linux users who are unable to enjoy the full benefits of singing, dancing advertisements on web pages. These users are also deprived of cheesy games, delightful product demos, and more. Clearly Linux will never be ready for the desktop as long as this situation persists.The truth of the matter is that the ability to deal with Flash is occasionally useful. There is a place in the world for cheesy games. So a free Flash player would be a nice addition to the Linux desktop. That player may have just gotten a bit closer with the Free Software Foundation's announcement of Gnash, a GPL-licensed Flash player. According to the announcement:
Gnash is a project to build a SWF version 7 compliant flash player
with high-quality imaging. It is the most advanced free flash
player that currently exists, and an important addition to the GNU
project. The release of Gnash represents the achievement of one of
the free software movement's high priority projects.
It was quickly pointed out, however, that the FSF may have gotten a little ahead of itself with this announcement. Gnash, as it stands now, is prone to frequent crashes, does not work on 64-bit systems, and is generally not ready for prime time. It is, however, at a point where it could benefit from contributions from a wider group of developers, and attracting those contributions is certainly what the FSF is really trying to do at this point. Others pointed out that Gnash is not the only free Flash player out there, and that it might not even be the "most advanced" one. In particular, swfdec has been releasing for some time now, with version 0.3.6 hitting the net on January 10. Swfdec comes with a mozilla plugin (as does Gnash), and GStreamer integration as well. One important difference between these two projects was pointed out by Christian Schaller: Gnash is licensed under the GPL, while swfdec uses the LGPL. This difference could matter to a significant subset of potential users. Much of what is found in Flash files, including MP3 audio and various video formats, is covered by patents in some parts of the world. The LGPL allows swfdec to be distributed alongside patent-encumbered code; such distribution, instead, is not possible with Gnash. This restriction will not matter to people who aren't interested in running code with patent issues. But people who are less fussy about such issues, and who want a Flash player that actually plays the Flash files they encounter on the net, may care quite a bit. Choice is a good thing, and the free software community may well benefit from having multiple Flash players out there. But it is also probably true that there is not a surplus of developers with time to contribute to this sort of project. So it might benefit the community to have a discussion about the relative importance of GPL licensing and the ability to distribute non-free decoders. It is a choice with unfortunate consequences either way.
Publicly funded free software security auditsThe static analysis tool once known as the "Stanford Checker" has occasionally shown up here on LWN. The Checker has often been applied to the Linux kernel code base, resulting in the detection (and fixing) of hundreds of bugs before they created trouble on production systems. It is clearly a powerful tool, and it has often been hoped that the Checker would be released as free software. That was not to be, however; instead, it evolved into a proprietary product called "Prevent," offered by a company called Coverity.The Coverity folks have occasionally posted information on problems found with their software, and those bug reports have been appreciated. It now looks like that stream of information is about to increase; Coverity has announced that it (along with Stanford University) has received a grant from the U.S. Department of Homeland Security to help improve the security of free software. To that end, Coverity Prevent will be run against some 40 free software projects (the release lists the kernel, Apache, MySQL, PostgreSQL, Sendmail, FreeBSD, Mozilla, and GTK) and the results will go into a publicly-available bug database. The project is described as "multi-year"; an initial availability date for the bug database was not provided. Some people who have yet to fully understand free software have been heard to wonder what benefits come from access to the source. These people may not be programmers, and have no clue what they would ever do with that code. Here is a clear example of why free software is better. All users of the packages analyzed by Coverity Prevent will benefit in a number of ways:
Proprietary software simply is not available for third-party auditing in this manner. Most of this is not new; the auditing (and fixing) of free software is an ongoing process. The free software community does not, yet, have tools which are as good as Prevent, however, so its regular application to free source should be a good thing. And the bug database should be full of interesting information which will help potential users judge the relative security of the covered projects. One could argue that the Department's funds would have been better applied to the creation of free tools which perform detailed static analysis of code. Then all projects could benefit from the results. Still, direct government support for free software is rare in the U.S. (especially outside of scientific funding agencies), so this grant looks like a step in the right direction. There are risks involved in an effort like this. If developers are not responsive to the bugs reported by Prevent, the bug database could become an easy shopping list for malware authors. The bug database also offers some FUD possibilities: similar databases do not exist for proprietary software products. But we should not fear public disclosure of our bugs; it makes us stronger in the end. This project, if it lives up to its potential, will result in a higher-quality, more secure code base for all free software users.
Security The CERT vulnerability listIt's all over the mainstream media: the CERT 2005 vulnerabilities list shows that "Unix/Linux" had three times as many vulnerabilities as Windows. The security battle is over, and Windows has won. Of course, if one actually looks at the list, the story no longer seems so clear.Let's examine a few entries:
One could go on for some time, but your editor chose to stop before finishing with the letter "A". The point should be clear anyway: drawing any conclusions from the length of this list makes no sense at all. One might make a reasonable Linux vulnerabilities list by (1) removing the large numbers of entries for BSD and proprietary Unix systems, (2) removing duplicates, and (3) removing proprietary products and other packages not normally shipped or installed with Linux distributions. The resulting list would certainly be less than 20% of the size of the version posted by CERT. One might also be tempted to look at CERT's advisory list for 2005. Of the alleged thousands of "Unix/Linux" vulnerabilities, exactly one (the Snort Back Orifice buffer overflow) merited an advisory from CERT. Every other alert sent out in 2005 was for Windows and other proprietary products. It might have been nice for CERT to mention this when it put up its list of vulnerabilities. One can also point out that most of the vulnerabilities were found as the result of active auditing efforts; they were fixed before anybody exploited them. Many of them are theoretical in nature, and many of them are only exploitable by local users. All vulnerabilities are not created equal. In the end, however, one fact remains: even a list which is 10% as long as CERT's is too long. We can argue relative security all we want (and we should dispute the outright silliness that results from CERT's list), but Linux still is not as secure as we need it to be. When the length of that list gets rather closer to zero, we'll be in a position to brag about the security of Linux.
Brief items Novell releases AppArmorNovell has announced that it has released AppArmor as free software. AppArmor was developed by Immunix (which was acquired by Novell); it is a Linux security module which can be used to precisely control what specific applications can do. It looks somewhat similar to SELinux, but simpler and less ambitious in scope. The OpenSUSE AppArmor detail page has more information, including an example configuration file.
New vulnerabilities auth_ldap: format string vulnerability
blender: integer overflow
bogofilter: buffer overflow
ethereal: denial of service
HylaFAX: input validation vulnerability
mod_auth_pgsql: format string flaws
nbd: arbitrary code execution
petris: buffer overflow
pound: HTTP Request Smuggling Attack
smstools: format string attack
VMware: arbitrary code execution
xpdf: heap overflows
xpdf: integer overflows
Updated vulnerabilities apache: cross-site scripting
bzip2: race condition and infinite loop
ktools: buffer overflow
cpio: arbitrary code execution
curl: buffer overflow
cyrus-imapd: buffer overflows
dhis-tools-dns: insecure temporary file
dia: missing input sanitizing
emacs21: format string vulnerability in "movemail"
enscript: arbitrary code execution
ethereal: buffer overflow
ethereal: multiple vulnerabilities
evolution: format string issues
fetchmail: multidrop bug
ffmpeg: buffer overflow
firefox: multiple vulnerabilities
Foomatic: Arbitrary command execution in foomatic-rip
FUSE: mtab corruption through fusermount
gaim: buffer overflow
gdb: multiple vulnerabilities
gdk-pixbuf: multiple vulnerabilities
gedit: format string vulnerability
gettext: Insecure temporary file handling
grip: buffer overflow
groff: insecure temporary directory
gzip: arbitrary command execution
htdig: cross site scripting
imap: buffer overflow in c-client
ipsec-tools: denial of service
kdebase: local root vulnerability
kdelibs: kate backup file permission leak
kernel: multiple vulnerabilities
kernel: key rebinding
kernel: multiple vulnerabilities
ketm: arbitrary code execution
libconvert-uulib-perl: arbitrary code execution
libdbi-perl: insecure temporary file
libgadu: memory alignment bug
libgd2: buffer overflows in PNG handling
libnet-ssleay-perl: weakened cryptographic operations
libpam-ldap: authentication bypass
libTIFF: buffer overflow
libungif: memory corruption
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
libXpm: new buffer overflows
lynx: arbitrary command execution
mailman: denial of service
mod_python: remote access vulnerability
mysql: buffer overflow
mysql: low-impact security fix
nbd: arbitrary code execution
ncpfs: multiple vulnerabilities
nfs-utils: arbitrary code execution
ntp: uses wrong gid
openmotif: buffer overflows
openssh: GSSAPI credential disclosure
otrs: multiple vulnerabilities
pcre3: arbitrary code execution
perl: setuid vulnerabilities
perl: symlink vulnerability
perl: integer overflow
php: CRLF injection vulnerability
phpbb2: multiple vulnerabilities
phpMyAdmin: multiple vulnerabilities
pinentry: local privilege escalation
poppler: arbitrary code execution
postgresql: database initialization errors
Pound: buffer overflow
printer-filters-utils: privilege escalation
pstotext: remote execution of arbitrary code
Py2Play: remote execution of arbitrary Python code
rssh: privilege escalation
scorched3d: multiple vulnerabilities
scponly: privilege escalation
spamassassin: denial of service
squid: authentication handling
sudo: vulnerability via scripts
sudo: missing input sanitizing
sudo: race condition
sylpheed: buffer overflow
File overwrite vulnerability in tar and unzip
tcpdump: multiple DoS issues
texinfo: temporary file vulnerability
tkdiff: insecure temporary file
ucd-snmp: denial of service
udev: insecure files in /dev/input
unzip: race condition
up-imapproxy: format string vulnerabilities
uw-imap: buffer overflow
vixie-cron: crontab allows any user to read another users crontabs
w3c-libwww: possible stack overflow
xine-lib: buffer overflows
xine-ui - insecure temporary file creation
xloadimage: buffer overflows
xnview: privilege escalation
xorg-x11: heap overflow
xpdf: buffer overflow
xpdf: arbitrary code execution
xpdf: denial of service
zlib: buffer overflow
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current stable 2.6 kernel is 2.6.14.6, released on January 7. It contains a small number of fixes, a couple of which address potential security issues. Chances are this will be the last update for the 2.6.14 kernel.There is no 2.6.16 prepatch yet. Well over 2000 patches have been merged into the mainline git repository, however. See the separate article (below) for a list of the most significant changes. The current -mm tree is 2.6.15-mm3. Recent changes to -mm include a big x86-64 update, sysfs support in the parallel port driver, John Stultz's core time subsystem patches, the removal of several old USB audio drivers, the openat() system call and friends, a new direct migration patch set, and multi-block allocation for the ext3 filesystem. Despite all that new stuff, -mm has thinned considerably over the last week as patches have moved into the mainline.
Kernel development news Quotes of the week
This kernel seems to have been a bit of a disaster - too much
eggnog or something
-- Andrew Morton
It's things like this which make me consider a career in
carpentry.
-- Andrew Morton
Looking forward to 2.6.16As of this writing, well over 2000 patches have been merged for the upcoming 2.6.16 kernel. The following list covers some of the more important or user-visible patches; it is not exhaustive by any means. Links to LWN articles describing the patches have been provided where available.The 2.6.16 merge window will remain open for some time yet, so expect some more big changes before it is done.
User-visible changes
Internal API changes
As noted above, more changes are likely; stay tuned. Remember that API changes will eventually find their way onto the LWN 2.6 API Changes Page.
The mutex APIThe mutex code may well have set a record for the shortest time spent in -mm for such a fundamental patch. It would not have been surprising for mutexes to sit in -mm through at least one kernel cycle, which would have had them being merged in or after 2.6.17. But the mutex code appeared in exactly one -mm release (2.6.15-mm2, released on January 7) before being merged into the mainline on January 9.The actual mutex type (minus debugging fields) is quite simple:
struct mutex {
atomic_t count;
spinlock_t wait_lock;
struct list_head wait_list;
};
Unlike semaphores, mutexes have one definition which is used on all architectures. Some of the actual locking and unlocking code can be overridden if it can be made to perform better on a specific architecture, but the core data structure remains the same. The count field contains the state of the mutex. A value of one indicates that it is available, zero means locked, and a negative value means that it is locked and processes might be waiting. Separating the two "locked" cases is worthwhile: in the (usual) case where nobody is waiting for the mutex, there is no need to go through the process of seeing if anybody needs to be waked up. wait_lock controls access to wait_list, which is a simple list of processes waiting on the mutex. The mutex API (obtained through <linux/mutex.h>) is simple. Every mutex must first be initialized either at declaration time with:
DEFINE_MUTEX(name);
Or at run time with:
mutex_init(struct mutex *lock);
Once a mutex has been initialized, it can be locked with any of:
void mutex_lock(struct mutex *lock);
int mutex_lock_interruptible(struct mutex *lock);
int mutex_trylock(struct mutex *lock);
A call to mutex_lock() will lock the mutex, putting the calling process into an uninterruptible wait if need be. mutex_lock_interruptible() uses an interruptible sleep; if the lock is obtained, it will return zero. A return value of -EINTR means that the locking attempt was interrupted by a signal and the caller should act accordingly. Finally, mutex_trylock() will attempt to obtain the lock, but will not sleep; unlike mutex_lock_interruptible(), it returns zero on failure (the lock was unavailable) and one if the lock is acquired. In all cases, the mutex must eventually be freed (by the same process which acquired it) through a call to:
void mutex_unlock(struct mutex *lock);
Note that mutex_unlock() cannot be called from interrupt context. This restriction appears to have more to do with keeping mutexes from ever being used as completions than a fundamental restriction caused by the mutex design itself. Note also that a mutex can only be locked once - locking calls do not nest. Finally, there is a function for querying the state of a mutex:
int mutex_is_locked(struct mutex *lock);
This function will return a boolean value indicating whether the mutex is locked or not, but will not change the state of the lock. Now that this code has been merged, the semaphore type can officially be considered to be on its way out. New code should not use semaphores, and old code which uses semaphores as mutexes should be converted over when an opportunity presents itself. The reader/writer semaphore type (rwsem) is a different beast, and is not affected by this patch. There is a debugging option which can be configured into development kernels which may help with the transition; with this option enabled, quite a few types of errors will be detected. At this point, code which uses the counting feature of semaphores lacks a migration path. There is evidently a plan to introduce a new, architecture-independent type for these users, but that code has not yet put in an appearance. Once that step has been taken, the path will be clear for the eventual removal of semaphores from the kernel entirely.
Linux and wireless networkingJeff Garzik's recent State of the Union: Wireless posting came right to the point:
Another banner year has passed, with Linux once again proving its
superiority in the area of crappy wireless (WiFi) support. Linux
oldsters love the current state of wireless, because it hearkens
back to the heady days of Yuri Gagarin, Sputnik and Linux kernel
0.99, when getting hardware to work under Linux required either
engineering knowledge or luck (or both).
Jeff went on to discuss a few of the challenges facing the Linux wireless implementation. This is, indeed, one area where some real progress is needed. Proprietary chipsets are just the beginning of the issues which must be dealt with - free software developers are actually beginning to catch up in that area. But before all the resulting drivers can be merged into a coherent whole, a few other things will have to be worked out. One of those has to do with the 802.11 stack used by the kernel. As was discussed here last December, there is a fair amount of unhappiness with the in-kernel stack, which, among other things, has no "softmac" support, needed for adapters which do not perform MAC functions in hardware. A number of out-of-tree wireless stacks do provide that support, and there have been a lot of suggestions that one of those (usually the DeviceScape stack) be merged. Those suggestions have been strongly resisted by the networking maintainers. They would rather see work go into fixing up the stack which is in the kernel now than replace it wholesale or - even worse - having two independent 802.11 stacks to maintain. Replacing the current stack would involve significant disruption in the networking subsystem, and would be hard to do without breaking the drivers which use the old stack. The two-stack solution, instead, would bloat the kernel and increase the amount of work required to maintain the networking subsystem into the future. So it is not surprising that there is a strong interest in evolving the current stack toward the desired functionality rather than bringing in a whole new implementation. Still, the pressure to switch over to the DeviceScape stack appears to be growing. Jeff's posting seems to recognize this fact, and asks that, in the end, the developers at least pick a single stack which they can live with. And, says Jeff, regardless of which stack is chosen in the end:
It is currently fashionable to laud DeviceScape and trash in-kernel
ieee80211, but outside of the cheerleading, BOTH have real
technical issues that need addressing. IOW, no matter what code is
chosen, _somebody_ is on the hook for a fair amount of work. A
switch is not without its costs.
Another issue has to do with the management interface for wireless adapters. Wired network adapters are relatively simple; set a few options on media access, give them an address, and they are ready to go. The wireless world is rather more complicated. To deal with the extra configuration required by wireless adapters, the "wireless extensions" interface - essentially a big set of ioctl() commands for querying and setting adapter parameters - was developed. There seems to be a consensus that the wireless extensions have reached their expiration date, and need to be replaced with something else. Most developers would appear to favor a new (not yet specified) interface built on the netlink mechanism. User-space management code could then be rewritten to speak the new management protocol over netlink sockets. This approach may seem strange, given the emphasis which has been placed on sysfs and the creation of scriptable, plain-text interfaces. Sysfs does seem like a poor match for wireless configuration, however. Wireless adapters have a large number of parameters, and it is often necessary to change several of them simultaneously. Sysfs, with its one-value-per-file rules, provides no means for this sort of atomic, multi-parameter update; a netlink interface could, instead, be designed with these needs in mind from the beginning. Of the other issues mentioned, perhaps this one is the most significant: there is no wireless maintainer. The lack of a developer who is specifically interested in this area of networking and who will work to push it forward has clearly hurt. Fortunately, it appears that this era may be at an end: John Linville has stepped forward to take on this responsibility. John has a fair amount of work ahead of him; quite a few developers have to be brought together and made to agree on the way forward. To that end, a wireless networking summit has been scheduled for early April in Portland. If the attendees at that meeting (which looks to include both kernel and user space developers) can produce a viable plan, Linux may just lose its "superiority in the area of crappy wireless support" before too long.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Testing out the Xen live CDLinux had always lacked a open source virtualization technology in the same league as Solaris Containers or a commercial product like VMware. That was until Xen came into the picture. Xen is an open source virtual machine monitor for x86 that supports execution of multiple guest operating systems. Xen is released under the GPL and can easily be used to run operating systems as diverse as different Linux distributions, BSDs and even Windows XP (though Windows port is not available because of licensing restrictions). Virtualization technologies are nothing new, what with VMware, User-mode Linux and others available. But Xen is relevant here because of the support for it from Red Hat, its GPL license, and also its active development. Strictly speaking, Xen does not do full virtualization like that being done by commercial ventures like VMware. But it presents a virtual machine abstraction that is similar - but not identical - to the underlying hardware. This type of semi virtualization is dubbed by the makers of Xen as para-virtualization. The benefits of using para-virtualization over full virtualization are the improved performance and strong resource isolation on uncooperative machine architectures like x86. Of course, there is a down side to it too in that you need a specially compiled Linux kernel to successfully run Xen on Linux. A comparison of Xen over other virtualization technologies (like VMware and Usermode Linux) has already been published. Xen Live CD - A ReviewRecently, a Live CD was released to showcase the power of Xen virtualization. I had downloaded the Xen Demo Live CD ISO image (503 MB) from their website and burned it on to a CD in order to give it a trial run. What follows below are my experiences in trying out this very promising virtualization technology.
The Xen Live CD comes with two images: Debian Etch and CentOS 4.1.
When I booted using the Live CD, I was presented with the GRUB boot loader
which gave me a choice of booting either of the two systems.
I selected Debian Etch and the booting proceeded without
any problem. It took around 3 minutes to present the GUI login screen. Xen
live CD uses GDM as the display manager and loads the Xfce desktop.
When the gdm (Gnome display manager) was fully loaded, you are presented
with the login screen where you are prompted to log in as user
Next I decided to create a virtual machine for the CentOS Linux
distribution inside the Debian etch distribution. For achieving this, you
have a command line utility called # xm create -c /root/centos-conf name=centos_1 It gave an error, saying that it couldn't find enough memory to load CentOS and that it needed at least 96 MB for the same when there was only 17 MB available. The machine on which I tested Xen is a Pentium IV 256 MB RAM machine. At this point I realized that almost all the memory on my machine was allocated to Debian. I figured out that one can reduce amount of memory allocated to the virtual OSes by using the same xm utility. For that you have to find the domain ID of the virtual OS whose memory allocation you want to change. # xm domid Debian_os1 0Now that I got the domain id of the Debian etch virtual os, I reduced the memory allocated to it to 98 MB as follows : # xm mem-set 0 98 The above command reduces the memory allocated to the domain ID 0 to 98 MB. Thus I succeeded in reducing the memory allocated to the Debian etch os to just 98 MB. Which meant at least 100 MB memory was freed in the process. After that I again tried creating the CentOS virtual system. The previous low memory error was rectified but CentOS started in the paused state and I set about figuring out how to unpause it - which was quite simple as finding the domain id of the centos_1 image and then unpausing it using the universal xm command.# xm domid centos_1 2 # xm unpause 2
Of course, if I have enough memory, I can start any number of these virtual OSes following the above methods. Xen uses VNC to display the virtual OS. So if you are starting say 10 virtual OSes, each will have its own VNC window. You can even start Xen on a server and then access a complete independent OS using a VNC client from a remote machine. Uses of Xen VirtualizationHere are a few ways I figured out how Xen could be put to good use.
New Releases Terra Soft Launches Most Polished Yellow Dog to DateTerra Soft Solutions has released Yellow Dog Linux 4.1 with beta support for Apple G5 PowerMacs with dual core CPUs, basic 64-bit development and runtime support, and much more. Click below to see the entire press release.
Damn Small Linux Releases Version 2.1Damn Small Linux has released v2.1 with many improvements. See the change log for details. (Found on DebianPlanet)
Distribution News Mono added to Fedora CoreThe January 10 Rawhide report (click below for the full text) includes some interesting changes. It seems that Mono, beagle, f-spot, and tomboy have been added to the distribution. Mono (and applications based on it) have long been left out as a result of patent concerns; there has been no official word on why things have changed.
Debian xlibs-dev Mass Bug FilingXorg 6.9 is now in Debian unstable. "With this upload, the xlibs-dev metapackage is no longer built. I mailed debian-devel-announce about this back in November including the rationale for this decision. What this means right now is that a very large part of the archive that build-depends on xlibs-dev will FTBFS, and as such we have a lot of new RC bugs on our hands."
Fedora-netdev FC4: kernel-2.6.14-1.1656_FC4.netdev.7 is now availableThe latest Fedora-netdev kernel is available. Click below for the full change log, or check out the diff file.
latest -git kernels available for GentooGreg Kroah-Hartman has made it easy for Gentoo users to access the latest kernel -git tree. "Well, now there is a kernel package called 'git-sources' that you can install that will provide this. It should be updated every morning (my time zone, not necessarily yours), with the latest nightly -git kernel snapshot."
Debconf6 Talks AnnouncedThe annual Debian Developers Conference (DebConf) for 2006 will be held in Oaxtepec, Mexico from May 14th to May 22th 2006. Its target audience is mainly Debian Developers and contributors to the project, although Debian users are welcome to attend as well. The talks that will be held during the conference have already been selected and are listed here.
New Distributions IBLSIBLS (Itty Bitty Linux Server) is a compact, easy to use webserver that you can run from a live CD, even on older hardware. It will run on a P133 with 32MB RAM, or possibly less. IBLS got its start in the UK, using Damn Small Linux as a base. It has since been rebuilt from scratch by an international community of developers. IBLS is modular and uses its own package management system, designed to run from the CD or from a hard drive. IBLS was updated December 31, 2005 to use the 2.6.14.5 kernel. Click below for more recent changes.
Distribution Newsletters Debian Weekly NewsThe January 10 issue of the Debian Weekly News is out. This week's topics include the status of non-free firmware, changes on the technical committee, integration of the amd64 port, and more.
Fedora Weekly News Issue 28This week Fedora Weekly News covers Fedora Community Survey Results, Long-term plan for Fedora logo usage, Looking for Fedora LiveCD Developers, RFC: kernel-modules in Fedora Extras, Interview with kde-redhat Project Leader, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of January 9, 2006 covers the upcoming FOSDEM conference, Lithuanian translators needed, a portrait of Andrea Barisani, and more.
Ubuntu's 11th MOTU Report AvailableThe 11th issue of the Ubuntu Masters Of The Universe Report is available, with a look at what's new in the Ubuntu Universe. (Found on DebianPlanet)
DistroWatch Weekly, Issue 133The DistroWatch Weekly for January 9, 2006 is out. "We had a quiet week, only disturbed by new releases from Arch Linux and DragonFly BSD. We'll take a critical look at the latter, especially from the perspective of a desktop user, but don't expect much praise for the new version. In other news, the Fedora project has started testing its new rescue CD, Gentoo has published a HOWTO on creating a Gentoo LiveUSB, and Puppy is preparing for the launch of Puppy2, a major update. Among the distributions newly included on DistroWatch we have three live CDs: ArcheOS for archaeologists, Arudius for penetration testers, and Xenoppix for the fans of the Xen technology."
Package updates Fedora updatesFedora Core 4 updates: gimp (update to v2.2.10), util-linux (bug fixes), ruby (new upstream release), openoffice.org (2.0.1 for FC4), gnucash (update to v1.8.12), eclipse (bug fixes), tzdata (prepare for 2007 DST changes), less (update to less-394), dhcp (bug fix), lftp (bug fixes), xterm (bug fixes), postgresql (update to PostgreSQL 8.0.6), system-config-bind (bug fixes, Serbian translations), hplip (bug fixes).Fedora Core 3 updates: ruby (new upstream release), less (update to less-394), postgresql (update to PostgreSQL 7.4.11), system-config-bind (bug fixes, Serbian translations).
Mandriva updatesUpdates for Mandriva Linux: hal (2006.0 - improves card reader handling), libpaper1 (Corporate Desktop 3.0 - include library), kat (2006.0 - bug fixes).
Trustix updatesVarious bug fixes are available for Trustix Secure Linux 3.0 and 2.2: spamassassin (3.0 only), kernel, perl and apache, mailman, nmap and samba.
Newsletters and articles of interest All About Secure Apt (DebianPlanet)DebianPlanet reports the existence of a how-to document for secure apt in Debian. This document explains the use of strong crypto in Debian's unstable and testing branches.
Building Binary PC-BSD Packages (O'ReillyNet)O'ReillyNet covers the process of adding extra packages (PBIs) to a PC-BSD system, assuming that the desired package is not currently included in the available Ports. "While casual users won't be making their own PBIs, you don't have to be a programmer to do so. If you have basic Unix skills, are comfortable with the FreeBSD packages collection, and have a meticulous nature, you can easily create your first PBI in the space of an afternoon. This article assumes that you are working on an existing PC-BSD system."
Interview with Vincenzo Ciaglia, author of Netwosix Linux (OSSblog.it)Here's an interview with Vincenzo Ciaglia, author and main developer of Netwosix. "Is Netwosix derived from some already existing distro or is it built from scratch? Vincenzo Ciaglia: The 1.x Branch is completely built from scratch. Branch 2.x, however, is partially based on Crux Linux, a lightweight and versatile distro, intended for desktop systems."
My desktop OS: Xandros (NewsForge)NewsForge hears from a Xandros fan. " About a year ago I installed Linux on my desktop at work. I am a database administrator for a PeopleSoft and Oracle shop and I spend a lot of my time remotely logged in to our servers. I decided to try Linux because I had become frustrated with Windows not being able to things like multiple desktops, forwarding the display of a remote server onto your box to run apps remotely, and connecting with SSH. Fortunately, my management is far more interested in having happy, productive employees than what operating system people use so they were willing to let me experiment. Today, with Xandros, I have a good solid desktop, and I don't worry about viruses, spyware, and adware."
Linux newbies get a helping hand (ZDNet)ZDNet takes a look at a Linux Distribution Chooser that aims to help newcomers choose a Linux distribution.
Page editor: Rebecca Sobol Development Release 2.40 of Blender 3D GraphicsBlender: "is the open source software for 3D modeling, animation, rendering, post-production, interactive creation and playback. Available for all major operating systems under the GNU General Public License."![[Blender 2.40]](/images/ns/blender2.40.jpg)
Version 2.40 of Blender animation suite was announced recently. (Thanks to Tom Musgrove.) "Blender has had another long development cycle resulting in a release packed with rewrites, new features and improvements. The major additions this release are the Character Animation rewrite, the added Fluid Dynamics system, improved editing and rendering of Particle Based Hair, and the Modifier Stack." Blender is a fairly complicated application, the documentation for just the changes in this release is quite voluminous. One can get a good idea of the capabilities of the system by looking over the change list. Some of the interesting new features include:
Blender has an active community, as shown by the recent Blender Conference 2005. A number of interesting demo animations were produced for the event. Blender can definitely be counted as one of the more complicated Linux-based power tools. We look forward to the production of some interesting animation clips.
System Applications Database Software PostgreSQL patch versions 8.1.2, 8.0.6, 7.4.11 and 7.3.13Four new patch versions of the PostgreSQL have been announced, The main change is a fix for a Windows-based denial of service security vulnerability, a number of other fixes are also included.
PostgreSQL Weekly NewsThe January 8, 2006 edition of the PostgreSQL Weekly News is online. Take a look for new articles about the PostgreSQL database and related topics.
ZODB 3.6.0 final releasedVersion 3.6.0 final of ZODB, the Zope Object DataBase, is out. "ZODB 3.6 adds a few new features, and incorporates all the bugfixes made to date in the ZODB 3.4 and 3.5 lines. Note that this is the first public release of ZODB 3.6 as a standalone package; 10 internal releases were made since last September to support ongoing Zope 2.9 and 3.2 development."
Telecom ooh323c 0.8.1 released (SourceForge)Version 0.8.1 of the Objective Systems H.323 telecommunications stack has been announced, it features bug features and some new capabilities.
Web Site Development Zope 3.2.0 and 2.9.0 releasedVersion 3.2.0 of the Zope web development platform is available. "It is our opinion that Zope 3 is more than ready for production use, which is why we decided to drop the 'X' for experimental from the name. We will also continue to work on making the transition between Zope 2 and Zope 3 as smooth as possible." Zope 2.9.0 was also announced this week.
Standards DWARF Debugging Standard Version 3 ReleasedVersion 3 of the DWARF Debugging Standard has been announced. "The DWARF Workgroup of The Free Standards Group is pleased to announce the availability of Version 3 of the DWARF Debugging Format Standard. The DWARF Debugging Format allows programming tools developers to create compilers and debuggers which make it easier for programmers to develop, test and debug programs."
Desktop Applications Audio Applications Rivendell version 0.9.64 is outVersion 0.9.64 of Rivendell, a radio automation system, has been announced. Changes include bug fixes, SuSE Professional 10.0 support, and: "Waveform Visualization Optimization. Major work has been done on decreasing the time required to open a cart in RDLibrary's Marker Editor, for both PCM16 and MPEG formatted audio."
Desktop Environments GNOME 2.13.4 is releasedVersion 2.13.4 of the GNOME desktop is out. "This is the last release in the 2.13 development series before API freeze. Starting now, all GUI and string changes must be notified to the documenters and translators, respectively. Be there or be square."
GARNOME 2.13.4 releasedVersion 2.13.4 of GARNOME, the bleeding-edge GNOME distribution, is out. "This release includes all of GNOME 2.13.4 plus a lot of tweaked build-magic. It is for anyone who wants to get his hands dirty on the development branch."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Electronics KTechlab 0.3 announcedVersion 0.3 of KTechlab, a development and simulation environment for microcontrollers and electronic circuits, has been announced. "KTechlab 0.3 is the most polished, bug free release yet."
XCircuit 3.4.11 releasedVersion 3.4.11 of XCircuit, an electronic schematic drawing package, is available, it features a bug fix.
Financial Applications SQL-Ledger 2.6.5 releasedVersion 2.6.5 of SQL-Ledger, a web-based double entry accounting package, is out with new features, bug fixes, and translation updates. See the what's new document for more information.
GUI Packages wxPython 2.6.2.1 has been releasedVersion 2.6.2.1 of wxPython, a cross-platform Python GUI toolkit, is out. The recent changes document lists what's new.
GTK+ fundamentals, Part 2 (IBM developerWorks)Part two of an IBM developerWorks series on using GTK+ is available. "This article, the second in a three-part series titled "GTK+ fundamentals," introduces you to programming with GTK+. It analyzes a sample GTK+ application written in C, then shows that same application written in Python and C#. Finally, it discusses some useful tools that can help you develop better applications faster with GTK+."
Interoperability Wine 0.9.5 releasedVersion 0.9.5 of Wine is available. Changes include: A number of MSI fixes, More improvements to the IDL compiler and Lots of bug fixes.
Office Suites OOo Label Templates 1.0 ReleasedVersion 1.0 of the OOo Label Templates are available from WorldLabel, a label sheet manufacturer. "The collection includes CD, DVD, mailing and other types of labels and sizes. Making your own labels with OOo Writer using these templates is easy and the set up time is quick."
Languages and Tools Caml Caml Weekly NewsThe January 3-10, 2006 edition of the Caml Weekly News is out with the latest Caml language discussions.
Java Retrotranslator 0.9.6 released! (SourceForge)Version 0.9.6 of Retrotranslator is available with multiple new features. "Retrotranslator is a Java bytecode transformer that translates Java classes compiled with JDK 5.0 into classes that can be run on JVM 1.4. Retrotranslator is a free, open-source software. Features supported: generics, annotations, generics and annotations reflection, enums, autoboxing, for-each loop, varargs, static import, concurrency utilities, collections framework enhancements."
Using Dependency Injection in Java EE 5.0 (O'ReillyNet)Debu Panda covers dependency injection in Java EE 5.0 on O'Reilly. "Dependency injection, also known as inversion of control, is a programming technique being adopted by many programmers and frameworks, including the popular Spring framework. But using it in J2EE 1.4 requires a burdensome deployment-descriptor-based approach. Debu Panda shows how Java EE 5.0 provides relief in the form of annotations-based dependency injection."
Perl This Week on perl5-portersThe December 26, 2005 - January 1, 2006 edition of This Week on perl5-porters is available with a new collection of Perl 5 articles.
PHP PEL Version 0.9 Released (SourceForge)Version 0.9 of PEL is available. "The PHP Exif Library (PEL) is written in pure PHP and makes it easy to read and write all Exif headers found in JPEG and TIFF images. Added full support for GPS information (this breaks API compatibility with version 0.8), JPEG comments, the Gamma tag, and Windows XP specific title, comment, author, keywords, and subject tags. Implemented a non-strict mode for broken images where most errors wont result in visible exceptions. The edit-description.php example now correctly deals with images with no previous Exif data. A partial Polish translation was added. The API documentation was updated with details about the constrains on format and number of components for each tag."
uniLETIM version 0.9.3 released (SourceForge)Version 0.9.3 of UniLETIM is available. "UniLETIM is a web-based environment for complementary currency systems such as Local Exchange Trading System (LETS) or TimeBank/TimeDollars. It is written in PHP/MySQL. Release 0.9.1 includes new Portuguese translation, new pager and some changes on expiration of old announces."
Python Cheetah 2.0b3 released (SourceForge)Version 2.0b3 of Cheetah, a Python-powered template engine and code generator, has been announced. "We've made the system much more flexible, added a ton of new features, and fixed several old annoyances."
Python Status UpdatePython creator Guido van Rossum presents a Python Status Update, and discusses his new job at Google in a blog posting. "And did I mention that I get to spend 50% of my time on Python? No strings attached. Of course I get to spend the other 50% on Python too, but that's in a corporate setting. Fortunately it's easy to separate the two. If it uses two-space indents, it's corporate code; if it uses four-space indents, it's open source. (If it uses tabs, I didn't write it! :-)"
Dr. Dobb's Python-URL!The January 10, 2006 edition of Dr. Dobb's Python-URL! is online with a new collection of Python article links.
Ruby Ruby Weekly NewsThe January 8th, 2006 edition of the Ruby Weekly News looks at the latest discussions from the ruby-talk mailing list.
Tcl/Tk Dr. Dobb's Tcl-URL!The January 10, 2005 edition of Dr. Dobb's Tcl-URL! is out with the latest Tcl/Tk articles and resources.
Page editor: Forrest Cook Linux in the news Recommended Reading Ed Felten's 2006 predictionsEd Felten has put up a set of 2006 predictions on the Freedom to Tinker site. "(19) A name-brand database vendor will go bust, unable to compete against open source."
Trends and Predictions for 2006 (IT-Director)Robin Bloor has posted some 2006 predictions on IT-Director.com. "One thing to note about Open Source is that the vast majority of Open Source products fail commercially, just as the vast majority of proprietary products also fail. All Open Source business models that are viable depend upon widespread adoption - and for that, compelling software is a necessity. The Linux desktop is not yet compelling. The resurgence of Apple has taken the wind out of its sails and I now doubt whether it can prosper except as a thin client, an educational platform and a third-world computer platform. (These are significant markets but not ones that lead to dominance)."
Winning the Linux Wars (MCP)Microsoft Certified Professional has put up an article on winning against Linux for Windows-based providers. "Some businesses view Linux as a way to reduce their dependence on Microsoft, but Hollinger reminds his clients that there are advantages to working with a company that has such deep pockets. 'Microsoft invests north of $6 billion a year on R&D. There is nobody in the Linux world' that does that, he says."
Trade Shows and Conferences EuroBSDCon 2005 (NewsForge)NewsForge has this report from EuroBSDCon 2005. "One presentation that stood out from the crowd was on "Building Robust Firewalls with OpenBSD and PF," by Ryan McBride. McBride talked about how to use CARP between two OpenBSD PF firewalls. To show that no traffic was dropped when one of the firewalls was rebooted, he played a song from a PC outside of the firewall. After rebooting and pulling cables to show the redundancy, McBride took the demonstration one step further. He asked someone from the audience to select a numbers of cables. He then took an axe from under the table and started to hack the selected cables -- giving the word "hacking" a whole new meaning. The song didn't miss a single beat, and the 200+ audience members applauded loudly."
Companies Linux firm MontaVista seeks new CEO (ZDNet)ZDNet reports that embedded Linux provider MontaVista is looking for a new CEO. "Jim Ready, the founder of embedded Linux specialist MontaVista Software, will step down as chief executive to become the company's top technologist. Ready made the move for personal reasons, Peder Ulander, vice president of marketing, said Friday. He'll remain CEO until the company's board finds a replacement, Ulander said, at which point Ready will become chief technology officer."
Texas Instruments, MontaVista Linux promise device interoperability (NewsForge)NewsForge investigates a recent partnership between Texas Instruments (TI) and MontaVista Software. "Texas Instruments (TI) and MontaVista Software announced in December they would pair TI's DaVinci technology-based products with embedded Linux, part of an attempt to more tightly integrate hardware and software in digital media, as the electronics industry looks to make the gadgets in users' lives more interoperable. The companies expect the series of products to provide a platform for companies to integrate more of the products they sell, so that users' desktop computers can communicate with their digital video recorder (DVR) set-top boxes, portable MP3 players, and other devices, said Huy Pham of TI's digital signal processor (DSP) system-on-chip (SOC) product marketing team."
Ingres: Is this the dark horse of the enterprise software pack? (ZDNet)Here's a ZDNet weblog entry looking at the business case for free Ingres. "Another key factor that could favor Ingres is the integrity of its intellectual property, compared with MySQL. In October of 2005, Oracle bought Innobase, a Finnish company, whose technology is key to MySQL. That purchase provides Oracle with several business strategy options if MySQL starts to eat into Oracle sales. That would be an opportunity for Ingres to snag some of the MySQL market too."
Legal 3 Initiatives to Improve the Patent Mess Announced (Groklaw)Groklaw covers new initiatives aimed at fixing the US patent system. "IBM, OSDL, the USPTO, Red Hat, Novell, New York Law School, Sourceforge, among others, have decided to do something about the software patent mess, particularly as it impacts on Linux and the FOSS community. They are asking for your input. There is a role you can play in the three initiatives being announced, if you wish to."
Microsoft's file system patent upheld (News.com)News.com reports that the U.S. patent office has reversed itself and ruled that Microsoft's FAT filesystem patents are valid. "In their latest action, filed last week, the examiners concluded that the company's File Allocation Table (FAT) file system is, in fact, 'novel and non-obvious,' entitling it to patentability."
Interviews Interview with the team leader of the Ubuntu Server Project (Oss blog.it)Oss blog.it interviews Fabio Massimo Di Nitto, team leader of the Ubuntu Server Project. "Q:Why an Ubuntu server version? Fabio Massimo Di Nitto: There's much confusion about it, and many rumors that don't have much to do with the reality of Ubuntu "Server". The first thing of note is that all Ubuntu-offered software comes from one repository. There are no desktop and server-specific repositories. For example, the desktop and server version share the installer."
Interview with Synfig's Robert Quattlebaum (OSnews)OSnews interviews Robert Quattlebaum, the developer behind Synfig. "A powerful 2D animation product, Synfig, was open sourced recently under the GPL after the company behind it failed in the market place. The application is still actively maintained by its original author, Robert B. Quattlebaum..." (Found on GnomeDesktop)
Resources Creating/Manipulating Images with gd (Linux Journal)Linux Journal uses gd, an open source library, to create and manipulate images. "It lets you open images in formats such as JPEG, PNG, XPM and a few more. gd works something like this: it opens images in different formats and converts them to generic bit-mapped images in memory. It then lets you do graphical operations, such as drawing lines, arcs, ellipses or rectangles on that image, and stores the resulting image in any of the earlier-mentioned formats. For example, you could write a simple command-line program that converts a given file in JPEG format to PNG using gd. gd also can change colors in the image and copy, cut, merge or rotate it."
OOo Off the Wall: Find and Replace (Linux Journal)Bruce Byfield explores the OpenOffice.org find and replace capabilities in a Linux Journal article. "In long documents, a strong search-and-replace tool is essential for editing duties. Although many users confine themselves to simple text searches, OpenOffice.org's various searches are a match for any rival's. They also are remarkably consistent throughout Writer, Calc, Draw and Impress, the four main OOo applications."
Alternative input devices under Linux (Linux.com)Linux.com examines alternate input devices. "I tested the Handkey Twiddler 2, Monster Gecko's PistolMouse, KeyBowl's orbiTouch, and StreamZap's wireless computing remote. I tested each of the devices on Ubuntu Hoary and Ubuntu Breezy, and some also on Gentoo Linux."
The Daemon, the GNU and the Penguin - Ch. 23, by Dr. Peter H. Salus (Groklaw)Groklaw has another chapter from The Daemon, the GNU and the Penguin. "When Gene Amdahl coined the word "FUD" (for fear, uncertainty and doubt) in the mid-1970s, his ire was aimed at Frank Cary, chairman of the Board at IBM, who was waging a no-holds-barred attack on Amdahl, Itel, Control Data, and the other small companies that were selling machines that competed with the IBM 360/168."
Discover Python, Part 8: Reading and writing data (developerWorks)developerWorks presents another chapter of Discover Python. "In this article, you learn how to work with files. First, we review a simple way to output data in Python, using the print statement, then learn about the file object, which is used by Python programs to read and write data to a file. The different modes with which a file can be opened are demonstrated, and the article concludes by showing how to read and write a binary file."
Analyzing Web traffic with phpMyVisites (Linux.com)Linux.com takes a look at phpMyVisites. "Any Web site owner knows the value of traffic statistics, but finding the right Web statistics package is not as easy as it may seem. Of course, there are excellent packages such as AWStats, Modlogan, and Webalizer, but these applications are overkill for people running smaller Web sites. Moreover, you can't install them if your Web hosting provider doesn't allow you to use custom scripts. If you are in the market for an easy-to-use program that provides essential Web traffic information, you might want to take a closer look at phpMyVisites."
Reviews ISPConfig: A Hosting Control Panel (NewsForge)NewsForge takes a look at ISPConfig. "After trying a few packages, I chose ISPConfig. I liked the system for a number of reasons, including the above-mentioned ones (such as the developers' knee-jerk recommendation for users to run Debian, even though ISPConfig supports many Linux distributions), but what really impressed me was its polished nature. ISPConfig is a free software version (Apache license) of the 42go commercial hosting control panel. This itself gives users the option of commercial support for ISPConfig from the developers."
Book Review of Karl Fogel's "Producing Open Source Software" (Groklaw)Groklaw is running a review of the book Producing Open Source Software by Karl Fogel. The book focuses on the social environment of open-source project development. "Groklaw regulars may feel some familiarity in the situation described in this quote from Chapter 6: The really difficult cases are people who are not overtly rude, but who manipulate or abuse the project's processes in a way that ends up costing other people time and energy, yet do not bring any benefit to the project. Such people often look for wedge points in the project's procedures, to give themselves more influence than they might otherwise have. This is much more insidious than mere rudeness, because neither the behavior nor the damage it causes is apparent to casual observers."
SeaMonkey Project picks up where halted Mozilla Suite left off (NewsForge)NewsForge looks at the upcoming SeaMonkey 1.0 release. "Although SeaMonkey version 1.0 will not deviate much from the last Mozilla supported version of the suite, the development team behind the project is looking to add many of the features currently available in Firefox and Thunderbird -- as well as some that are not. The council has rough plans for a version 1.1 later this year, and version 1.5 potentially sometime in 2007, said Christopher Thomas, release engineer for the project and a member of the Council. Like 1.0, version 1.1 will be based on Gecko 1.8.x, he said, with 1.5 expected to be based on Gecko 1.9, which is currently under development."
WordPress 2.0 is better than ever (NewsForge)Joe 'Zonker' Brockmeier reviews WordPress 2.0 on NewsForge. "WordPress 2.0 is out, and it brings a slew of improvements and new features, including WYSIWYG editing, user roles, easy database backups, and more. The WordPress home page describes the software as "state-of-the-art semantic personal publishing platform," but when you boil it down, WordPress is just damn good blogging software. WordPress is written in PHP, requires a MySQL database, and is available under the GPL. It's easy to use and fairly powerful."
Page editor: Forrest Cook Announcements Non-Commercial announcements OpenVZ Project Releases Templates To Create Debian Virtual Private ServersThe OpenVZ project has released pre-built Debian 3.1 (Sarge) Virtual Private Server (VPS) templates, enabling real-time provisioning of servers and giving Debian users full use of Debian applications in the open source operating system virtualization project.
Commercial announcements Comprehensive AJAX Platform Released as Open SourceClearNova has announced the release of ThinkCAP JX, a rapid application development (RAD) platform for building Internet applications. ThinkCAP JX is dual licensed under the GNU GPL or a commercial license.
Contact Center Monitoring and Reporting for AsteriskSignate has announced a new Contact Center Monitoring and Reporting package for the Asterisk open-source telephony platform. "QueueMetrics is call center monitoring software for telephone systems, such as Signate's contact center solution, that incorporate the open source Asterisk PBX. QueueMetrics provides contact center managers with the information they need to set agent staffing levels, optimize call-handling procedures, and improve customer satisfaction."
Announcing CrossOver Office version 5.0.1CodeWeavers has announced the release of version 5.0.1 of CrossOver Office. "This version is a bug fix release from version 5.0.0. We had a number of minor glitches that we felt were important to release to our customers. These include fixes for Notes (bouncing windows), fixes for Office install issues (e.g. spellchecker), and a lot of other minor problems that bothered us".
ESP Print Pro 4.5.10 releasedVersion 4.5.10 of ESP Print Pro, a commercial cross-platform printing environment, has been announced. "ESP Print Pro 4.5.10 fixes another duplicate printer problem and allows active printers to be stopped immediately. The new release is a free upgrade for current users of ESP Print Pro and can be downloaded at: http://www.easysw.com/printpro/software.php."
Grisoft Introduces AVG Free for Linux Virus ProtectionGrisoft, Inc. tells us that virus and malware authors will target Linux in greater numbers over the the next year. They have also released AVG Free for Linux, an anti-virus product developed for free home use. "Although Linux systems are among the most resistant to virus attacks, experts agree that all computer users should take precautionary measures by installing an anti-virus program to address potential threats. AVG Free for Linux can be used on a single computer and is intended for private, non-commercial use only."
Medsphere Systems Corporation Acquires CIAIMedsphere Systems Corporation has announced its acquisition of Clinical Informatics Associates Incorporated (CIAI). "Based in Indianapolis, Indiana, CIAI is a provider of modular VistA(R)-based EHR software solutions to its established base of customers within the ambulatory and acute care markets."
New Books Sams publishes MySQL Crash CourseSams publishing has published the book MySQL Crash Course by Ben Forta.
SQL Cookbook - O'Reilly's Latest ReleaseO'Reilly has published the book SQL Cookbook by Anthony Molinaro.
VoIP Hacks - O'Reilly's Latest ReleaseO'Reilly has published the book VoIP Hacks by Ted Wallingford.
Resources Advantages of Free Software and Open Source in embedded systemsFree Electrons has announced the availability of a presentation on the reasons for choosing Linux for embedded systems. "It should help people in weighing the pros and cons of both proprietary and Free Software solutions. Or at least, it should be helpful to people looking for arguments to convince decision makers to adopt a penguin in 2006!"
FSF Europe NewsletterThe January 9, 2006 edition of the Free Software Foundation Europe Newsletter is online.
Linux Gazette #122 is out!The January 2006 edition of Linux Gazette is available. Articles include: A New Windoze Notebook # Now What? Knoppix!, Benchmarking Filesystems Part II, /dev/fanout : A One-To-Many Multiplexer, Stepper motor driver for your Linux Computer, plus the usual features.
Experts: Open Source Gaining Ground in Federal IT SectorLarstan Business Reports has announced the availability of a webcast of a panel discussion about Linux use within the US government. "All three panelists agreed that there's an enduring notion among end users that Linux is less safe than proprietary systems, but they dismissed this idea as a myth. They noted that open source software provides more transparency and control, allowing users to detect and fix security vulnerabilities in real time, as opposed to waiting for proprietary vendors to fix the chinks in the armor."
Contests and Awards An Award for Groklaw (Groklaw)Groklaw received an award. "The 2005 ConsortiumInfo.org News Sources of the Year Awards have just been announced, and there is a new category, for best Community Site or Blog (NonProfit). The winner for 2005 in that category is Groklaw."
GUADEC logo and web theme contest (GnomeDesktop)GnomeDesktop mentions a new GUADEC logo contest. "The GUADEC committee is launching a logo and web theme contest (see details). We have recently adopted Drupal as the platform of the GUADEC website (currently in a fully funtional beta version). The deadline for submissions is 31/jan/06 and the winner will get 2 GUADEC vip passes, 2 return tickets to Vilanova (Catalonia, Spain) and one week accommodation for both participants. GUADEC is the main event of the GNOME community, celebrated once a year."
eWEEK Names VMware Workstation a Top Product of 2005VMware, Inc. has announced its VMware Workstation 5 has won an eWEEK Top Product of 2005 award.
Surveys Small Survey: Blackberry Server on LinuxRon Gage has announced a survey on Blackberry Enterprise Server services under Linux. "I am currently conducting a short survey regarding a project I am contemplating for providing Blackberry Enterprise Server services under Linux. If you would, please visit http://www.rongage.org/survey and take this very short survey, I would really appreciate it."
Upcoming Events Red Hat's Matthew J. Szulik to Deliver Keynote Address at C3C3 has announced a keynote by Matthew J. Szulik. "C3, the Corporate Channel and Computing Expo, announced today that Red Hat (Nasdaq: RHAT), CEO and Chairman Matthew J. Szulik will deliver the keynote address at the second annual exhibition and conference taking place June 27 - 29, 2006 at Jacob Javits Convention Center in New York City."
Join the KDE Developers at FOSDEM 2006 (KDE.News)The KDE events at FOSDEM 2006 (Brussels, Belgium February 26 and 26) are being planned. "KDE has reserved a devroom to serve as a central meeting point for the KDE crowd. We will be holding our own talks which so far include Raphael Langerhorst on KOffice 1.5 and Jonathan Riddell on Kubuntu. KDE's presence at FOSDEM 2006 is being organised by KDE-NL and will be coordinated via the kde-events-benelux mailing list. There is also a KDE FOSDEM 2006 wiki page where you can add your name if you plan to attend."
O'Reilly OSCON Call for ParticipationA Call for Participation has gone out for the 2006 O'Reilly Open Source Convention. "This year's OSCON happens July 24-28, returning to Portland, Oregon for the third year in a row. The Call for Participation deadline is February 13th."
Ottawa Linux Symposium - Call for PapersThe Ottawa Linux Symposium has issued a call for papers for the July 2006 conference.
PyCon: Plone, Python, BitTorrent keynotesThe PyCon 2006 keynote speeches have been announced. Speakers include Guido van Rossum, Bram Cohen, Alan Runyan and Alexander Limi. The conference takes place in Addison, TX on February 24-26.
Aaron Seigo to Speak at SCALE 4x (KDE.News)Aaron Seigo will speak at the 2006 Southern California Linux Expo in Los Angeles, CA on February 11-12. "His presentation will cover the next KDE release and how the Plasma project is looking to reinvigorate the desktop experience by centering the desktop on workflow-centric interfaces."
Events: January 12 - March 9, 2006
Web sites Qt Centre Community Site Launched (KDE.News)KDE.News covers the launch of the new Qt Centre web site. "With the support of Trolltech, Witold and former Qt Forum administrators, moderators and fans Axel Jaeger, Daniel Kish, Kevin Krammer, Johan Thelin, Jacek Piotrowski and Michael Goettsche have banded together to form the new site after learning that the Qt Forum as well as KDE-Forum.org had been hijacked for the purposes of boosting the Google Page Rank of unrelated external sites and have otherwise become neglected."
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
