LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for September 14, 2006Democracy player 0.9Last February, the Participatory Culture Foundation announced its existence with the launch of the "Democracy" player, billed as "the world's first comprehensive open source Internet TV system." Many Linux users may be excused for not trying out the program at that time; despite being a GPL-licensed program, Democracy had not been ported to the Linux platform.That situation has now changed; on September 11, Democracy 0.9 was announced. It runs on Linux, and packages for Debian, Fedora Core, Gentoo, and Ubuntu are provided; the source is available for everybody else. Beyond the Linux port, this version promises a polished user interface, a new playlist capability, Flash video support, and more. Your editor clearly had no choice; a tool like this simply must be tried out. Unfortunately, the Democracy experience is still rather spotty at best. It requires the installation of a number of proprietary codecs (which is not particularly surprising, once one thinks about it - the Democracy developers will have no magic solutions there). The system can be sluggish to respond, and your editor never was able to get it to display a video in its own window. It also would not explain why it failed to display anything, so there was little to be done about it. But your editor was able to get far enough to realize one important thing: video display is not really what Democracy is about in the first place. This tool is really a sort of video feed aggregator for free video content; it has all the required features for sorting feeds into categories, collecting votes for interesting videos, using BitTorrent to download videos in a provider-friendly way, and more. There is also significant support for people who want to create their own video feeds. What Democracy and its supporting foundation are trying to do is to get as many people as possible into the business of creating and distributing interesting content. The term "Internet TV" is somewhat off the mark - Democracy will suit couch potatoes just fine, but its real purpose is to get them off their couches and participating in the process. It is trying to create a world where video content is free, universal, and compelling - so it has tools for finding and distributing videos but a distinct lack of DRM support. This is an important goal - television is too important to leave to the TV companies. If the Democracy system can help to bring more free content into existence, it will have done a good thing. Some progress in that direction has been made: there are, it is said, some 600 channels of free content available now, and, doubtless, more to come. The current code has real promise; it looks like a capable system for discovering, distributing, and managing interesting video content. If they can get past the remaining troublesome issues, the Democracy hackers will have created a valuable tool indeed.
cdrecord - how the distributors are respondingOne month ago, LWN ran an article about the cdrtools license change and resulting controversy. The biggest issue remains the distribution of binary versions of the mkisofs utility. This tool is licensed under the GPL, and has copyrights held by a number of authors. The current version, however, requires the libscg library - which is now distributed under Sun's CDDL license. Since the GPL and the CDDL are mutually incompatible, it is hard to see how mkisofs can be distributed legally.That situation has not changed in the last month; cdrtools author Jörg Schilling appears to be determined to go forward with the license change. What has happened, however, is that a number of distributors have responded to the change - though not all have responded in the same way. Here is a summary of what the distributors are doing:
The overall picture that results is that, while a number of distributors are taking overt action in response to the cdrtools licensing issues, others appear to be waiting until things settle - and a final 2.01.01 release is made. Only one of the distributors listed above (Mandriva) looks set, at the moment, to distribute a version of cdrtools released under the new license. For years, there has been occasional talk of forking the cdrtools package. It has remained talk, however; CD burning can be a tricky task, and, as a result, cdrtools is not a trivial package to take on. It now appears likely that this fork will happen at last; the licensing changes have given the distributors (at least those most concerned with these issues) little choice. The real remaining question, then, would be: just how many forks will result? No distributor has an interest in taking on the full maintenance of a package like this, so the incentives should be in place to bring everybody together on a single CD burning utility.
Where have all the reviewers gone?One of the often-proclaimed advantages of the free software development model is that of peer review. Our code, we claim, is better because it has been reviewed and improved by a variety of people beyond the original author(s). Reviewers, with their unique perspective, will find bugs and generally help new code fit properly into an existing project. This review process is seen as being so important that a number of projects will not accept code until it has been picked over by other developers.So reviewers are a fundamental part of the process. They are also, it seems, somewhat scarce. Consider a couple of examples:
If we truly believe that code review is a crucial part of the free software process (and, for the most part, it is likely that we do believe this), then the idea that projects are being slowed by the lack of reviewers is a bit worrying. At best, a reviewer shortage will be a bottleneck in the process; a worse possibility is that some projects will simply decide to do without. Reviewers serve a number of purposes. They can often immediately spot that bug that the developer has stared at for hours without finding. If the code is hard to understand, the reviewers will be the first to notice. If the associated documentation is incorrect or (as is more often the case) absent, the reviewers will notice that as well. When code appears to have been written using some sort of specialized, non-public knowledge, reviewers can inquire as to its provenance. Coding style issues, API misuse, inefficient algorithms, use of outdated interfaces, and more can be caught in the review process before the code hits the project's mainline. Reviewers really do increase a project's code quality and long-term maintainability. The problem is that code review can be a difficult, tiring, and thankless job. Human nature being what it is, people will often show less than the appropriate amount of gratitude when a reviewer points out their mistakes in public. This is especially true if the code has problems which will require significant amounts of work to fix. The reviewer did not create these problems, he or she is simply the messenger with the bad news. So reviewers tend to get grumpy, especially when they see the same mistakes being made over and over again. Developers get credit for their work, in various forms. It is a rare project release, however, which publicly acknowledges those who reviewed the code. Given that writing code is not only a more visible activity, but it also tends to be more fun than reviewing code written by others, it is not surprising that many developers choose to concentrate on their own work. Finally, reviewing code can be intimidating - especially if the patch of interest has a Big Name behind it. Many potential reviewers may feel that they simply do not have the standing to poke at other peoples' work. The fact is, however, that even people with a relatively small amount of experience can provide useful reviews, and learn from the process. From Greg's OLS keynote:
When you are learning to play an instrument, you don't start out
writing full symphonies on your own, you spend years reading other
peoples scores, and learning how things are put together and work
and interact. Only later do you start writing your own music, small
tunes, and then, if you want, working up to bigger pieces. The same
goes for programming. You can learn a lot from reading and
understanding other people's code. Study the things posted, and ask
why things are done specific ways, and point out problems that you
have noticed.
If we want to create the best free systems we can, we must ensure that the review portion of the process does not get slighted. To that end, people who have the requisite skills would do well to dedicate a bit of their time to reviewing code in a project that interests them. Buy a reviewer a beer, and forgive them if they tell you, in front of hundreds or thousands of developers, that your work is best suited for a place in the project's "bad examples" repository. Listen to what the reviewers say, respond to it, and thank them. The result will be better software for all of us.
Security Brief items Syndicated MalwareSyndicated content, from blogs, news sites and the like is a popular way to track these websites, but also provides a vector for malware. Really Simple Syndication (RSS) and Atom are the two formats used to provide syndicated content and there are a variety of web-based and standalone clients that can read RSS/Atom feeds and display them to users. These clients often do not have proper filtering of the content provided and can be susceptible to various attacks.Both RSS and Atom are XML-based formats that contain various elements of the content that is being syndicated -- title, description, story link, etc. A client program, often known as an 'aggregator' allows the user to subscribe to various feeds and will check periodically for new content. The aggregator then displays that information and the user can choose content items to look at more closely. Because much of the content is from websites, aggregators typically interpret HTML content in the feed data for display. This provides the means for attacks. Malicious content, for cross-site scripting (XSS) or cross-site request forgery (XSRF) can be inserted into one of the textual portions of the feed data. If the aggregator does not sufficiently filter the received data, it may expose the user to the malware. Web-based aggregators are particularly susceptible as they run in a browser with all of the normal browser capabilities, but standalone clients often include browser-like rendering or will start a browser to follow feed links. While it is certainly possible, it is probably unlikely that feed providers will directly put malware in their feeds; it is too easy to track them down. A much more likely scenario is feeds that syndicate user generated content, like comment feeds on blogs or sites like LWN (syndication information here). Depending on the filtering that the site does, it may be able to propagate malware within its syndication content. A malicious user could, anonymously at many sites, post a comment that contained malware and effectively co-opt that site into spreading it. A popular site could potentially spread this malware very widely, even if only a small percentage of its users' aggregators were affected. In addition, many popular sites are 're-syndicated', their feeds are included in the feeds of aggregation sites. A security site, for instance, might display the feeds of several other security sites and include that content in their own feed. This provides for a virus-like propagation where a malicious user can inject content once and have it start showing up in multiple feeds. Some sites will also collect up mailing list entries or descriptions of new content available on peer-to-peer networks and add them to their syndication feed. This provides even more ways for someone to anonymously inject malware. Bob Auger presented his findings (PDF) on this subject at Black Hat 2006 conference. He provides several examples of plausible malware attack scenarios as well as examples of RSS and Atom data that demonstrate these techniques. The potential for malicious content in any data that originates from elsewhere really cannot be overstated. The tools we use on a day to day basis need to be aware of this potential and act appropriately. It may seem like security articles tediously repeat the same 'filter input data' mantra over and over, but, here is yet another place where proper filtering has been overlooked.
New vulnerabilities bind: denial of service
flash-plugin: arbitrary code execution
isakmpd: programming error
mailman: several vulnerabilities
php: several vulnerabilities
xorg-x11: privilege escalation
Updated vulnerabilities AlsaPlayer: multiple buffer overflows
apache: cross-site scripting
audacious: buffer overflow
binutils: buffer overflow
busybox: insecure password generation
bzip2: race condition and infinite loop
capi4hylafax: missing input sanitizing
cheesetracker: buffer overflow
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
mozilla: multiple vulnerabilities
freeradius: several vulnerabilities
freetype: integer overflows
gcc: file overwrite vulnerability
gdm: improper file permissions
gedit: format string vulnerability
grip: buffer overflow
gtetrinet: buffer overflows
gzip: arbitrary command execution
ImageMagick: buffer overflows
kdelibs: kate backup file permission leak
kernel: denial of service by memory consumption
kernel: denial of service
krb5: local privilege escalation
libgadu: memory alignment bug
libgd2: denial of service
libmms: buffer overflows
libmusicbrainz: buffer overflows
libpam-ldap: authentication bypass
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libvncserver: authentication bypass
libwmf: integer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lynx: arbitrary command execution
mutt: IMAP namespace buffer overflow
mysql: format string bug
MySQL: privilege violations
MySQL: denial of service
MySQL: logging bypass
nbd: arbitrary code execution
ncompress: buffer underflow
openoffice.org: several vulnerabilities
openssl: insufficient signature checking
openttd: denial of service
php: arbitrary code execution
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
phpMyAdmin: multiple vulnerabilities
postgresql: SQL injection
Py2Play: remote execution of arbitrary Python code
quake: buffer overflow
sendmail: denial of service
sendmail: denial of service
shadow-utils: mailbox creation vulnerability
squirrelmail: insecure permissions
streamripper: buffer overflow
texinfo: temporary file vulnerability
tin: buffer overflow
unzip: long file name buffer overflow
w3c-libwww: possible stack overflow
wireshark: several vulnerabilities
xine-lib: buffer overflow
xine-lib: buffer overflow
xine-ui: format string vulnerabilities
X.org: local privilege escalations
X.Org: buffer overflow
xpdf: buffer overflow
xpdf: integer overflows
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current stable 2.6 release is 2.6.17.13, released on September 8, several minutes after the rather abortive 2.6.17.12 release. Quite a few important fixes have made it into these releases, though none of them have vulnerability numbers attached.On the 2.6.16 front, Adrian Bunk has released 2.6.16.29-rc1 and 2.6.18.29-rc2 with another set of fixes. The current 2.6 prepatch is 2.6.18-rc7, announced by Linus on September 13. "Ok, ok, don't rub it in. I know I thought -rc6 would be the last one, but I just feel more comfy doing an -rc7, even if most of the changes are pretty minor." Expect the final release before too long. The current -mm tree is 2.6.18-rc6-mm2. Recent changes to -mm include some USB API changes, a big x86-64 patch (including stack protection support), access control lists for tmpfs, and a patch which may reorder PCI device enumeration on some systems. There are currently 1915 patches in -mm, the largest number ever.
Kernel development news Quotes of the week
The road to 2.6.19-rc1 is going to be rough - there's an unusually
large amount of work pending, and there is an unusual (although
still small) amount of overlap between the subsystem trees which
people will need to sort out. Because of this I expect it will
take us more than the nominal two weeks to reach -rc1.
We are very sorry for for the mistakes that happened with the .12
release, and those responsible have been sacked.
Memory-mapped I/O barriersPaul Mackerras recently reported a subtle bug. The tg3 Ethernet driver, like many other network drivers, operates on a set of buffer descriptors stored in the host system's memory. These descriptors describe the buffers which are available for incoming network packets; when a packet arrives, the interface picks the next descriptor on the list, stuffs the data there, then tells the processor that the packet is available. The reported bug works like this: the processor makes some changes to this descriptor data structure, then does a write to a memory-mapped I/O (MMIO) register to tell the device to start I/O. The device, however, receives this MMIO write before the data written to main memory arrives at its final destination, and thus operates on old data. When this happens, correct operation is, to say the least, unlikely.Bugs resulting from the reordering of memory operations can be some of the most subtle and difficult-to-find problems. A developer can stare at the code for hours without realizing that what is actually happening, deep down within the system's hardware, does not quite match the code as it appears to be written. The incorrect behavior can happen infrequently and be impossible to reproduce in any easy way. The solution for this kind of problem is usually to add some sort of memory barrier in situations where the ordering of operations matters. The sort of barrier most familiar to device driver writers may well be the classic rule: MMIO writes to I/O memory hosted on a PCI bus cannot be considered to be complete until a read has been done from that memory range. So drivers often have a pattern where many registers are set with values describing an I/O operation, but a read is done before the final write which sets the "go" bit. Without that read, which functions as a sort of MMIO barrier, the device could take off using older values and make a mess of things. The tg3 bug illustrates a slightly different sort of problem, however: there is no guaranteed ordering between writes to regular memory and writes to a memory-mapped I/O range. So Paul's question was: should an MMIO write be redefined to be strictly ordered with respect to preceding writes to regular memory? On a number of architectures (including the i386), the hardware orders things nicely now, but on others (Paul is working with PowerPC64), there are no such guarantees. Redefining the MMIO write operations (iowrite32(), writel(), etc.) to add the necessary barriers on the relevant architectures could make a number of potential bugs go away. Linus didn't like the idea, stating that it was too expensive. Memory barriers can stall the processor for long periods of time, so it is nice to leave them out when they are not truly needed. So, Linus says, the preferred approach is to require the programmer to put in an explicit barrier operation when one is needed. There are some problems with this approach, however. One of those is that the kernel does not currently implement a barrier designed to force ordering between regular and MMIO memory operations. There is mmiowb(), but its real purpose is to enforce ordering between MMIO operations only. So Linus mentioned the possibility of creating new barriers with names like mem_to_io_barrier() to bring about the desired ordering in this situation. Alternatively, the MMIO operations could be redefined to contain a barrier before the MMIO access happens. That would fix the tg3 bug without adding any extra cost, but it would come at the cost of removing the barrier that is currently placed after the operation. This is the solution that Paul favors:
I suspect the best thing at this point is to move the sync in
writeX() before the store, as you suggest, and add an "eieio"
before the load in readX(). That does mean that we are then
relying on driver writers putting in the mmiowb() between a
writeX() and a spin_unlock, but at least that is documented.
This approach brought out a different objection from David Miller (and others), however:
Driver authors will not get these memory barriers right, you can
say they will because it will be "documented" but that does not
change reality which is that driver folks will get simple
interfaces right but these memory barriers are relatively advanced
concepts, which they thus will get wrong half the time
David would rather see things work correctly in the simple scenario, even if the run-time expense is higher. As others have mentioned, one can always implement no-barrier versions of the MMIO primitives for performance-minded developers who (think they) know what they are doing. The case mentioned by Paul above - putting in a call to mmiowb() between the last MMIO write operation and a spin_unlock() call - would be the biggest concern. Spinlocks are used to keep multiple processors (or, in a preemptive scenario, multiple processes on a single processor) from mixing up operations to the same device. But a spinlock lives in regular memory, so it is possible that the unlock operation could succeed (allowing another process to access the MMIO region) before the previous process's MMIO writes complete. That is why mmiowb() is called for - but it does look like the sort of thing that driver authors will have a hard time remembering. An alternative suggested by Alan Cox is the creation of a new pair of spinlock operations: spin_lock_io() and spin_unlock_io(). They would be explicitly defined to protect operations on MMIO regions, and would contain the requisite barriers. If device drivers could be trained to use these locking operations (and driver writers often can be trained - just feed them beer when they do something right), they would not have to remember to insert barriers. There's a couple of problems here too, however. There are already a number of variations on the spin_lock() operation; adding another option will expand the number of locking calls considerably. Code which calls functions while holding locks must already be aware of the called functions' locking needs, and that awareness will be made more complicated as well. So Linus would much rather avoid this approach and just require the use of explicit barriers. Yet another approach - the one which might just be adopted in the end - is to redefine and expand the set of MMIO accessor functions. In this scenario, as described by Benjamin Herrenschmidt, the existing functions (writel(), etc.) would be made fully ordered - even though that might well slow them down some. All drivers using those functions would continue to work - and some might have rare, subtle bugs fixed in the process. For most drivers, the above functions will be adequate - memory barriers around MMIO operations will not materially affect performance most of the time. There are exceptions, however. For situations where the barriers are unnecessary and hurtful, a new set of accessors with names like __writel() or __iowrite32() would be defined. These functions would ensure that MMIO operations are seen by the peripheral device in the order issued by the processor, but no other guarantees would be made. When these primitives are used, the programmer is responsible for inserting barriers in cases where ordering between MMIO and regular memory operations is important. Finally, for developers who truly want to live on the edge, a set of functions with names like __raw_writel() has been proposed. These accessors would provide no ordering guarantees at all and would not concern themselves with issues like byte swapping. They are one small step above issuing I/O operations directly in assembly. Benjamin's proposal also brings back the idea of creating a new set of memory barriers for specific situations. Thus, io_to_io_barrier() would ensure ordering between MMIO operations; it would be useful in conjunction with the "raw" operations described above. Other barriers would deal with ordering between MMIO and regular memory operations in various ways; see Benjamin's post for the full set. There have been a number of suggestions for changes to this proposal, but no real opposition to the general idea. So, in the end, that may be just how it works out - though expect this discussion to return in the future. When the topic is one of the trickiest areas of kernel programming on contemporary hardware, easy and final solutions will likely be hard to come by.
A bid to resurrect Linux capabilitiesBack in 1998, as the 2.1 kernel went into yet another feature freeze, the capabilities feature was merged. Capabilities split the power of the root account into a set of privileges, each of which can be granted or withheld independently of the others. A process which needs to be able to bind to a privileged port number, for example, could be given that ability without simultaneously enabling it to override file permissions, kill other processes, or exceed resource limits. Proponents of capabilities have long seen a world where the root account no longer exists and all tasks have the minimum level of privilege they need to get their jobs done. A system organized in this way, it is thought, would be more secure.The world is full of Linux distributions, many of which are oriented toward higher levels of security. But, to your editor's knowledge, nobody has ever put together a successful, capability-based distribution. There are many reasons for this lack of implementations, including the fact that nobody has really figured out a way to administer a system with a couple dozen more security-related bits attached to every executable file. But one should also not overlook the fact that, from the 2.1.x days to now, there has never been a Linux kernel where capabilities actually worked as intended. Part of the problem is an incomplete implementation: no patch which attaches capability masks to files has ever been merged. But the kernel has also never implemented capability inheritance - what happens to the capability bits when a process executes a new program - in a correct manner. For some time now, in fact, capability inheritance has been disabled completely. Without inheritance, the full capability model cannot work. So the use of capabilities in Linux systems has been limited to a very small number of programs which have been coded to drop the capabilities they do not need. David Madore has set out to change that state of affairs with a set of patches to fix up capability support. This patch set does a few things, the first of which being to expand the capability set from 32 to 64 bits. Current kernels have 31 capabilities defined, so it is not especially hard to imagine needing more in the future. That need could become pressing if anybody ever gets serious about splitting the catch-all CAP_SYS_ADMIN capability into several smaller privileges. This patch uses some of those new bits from the outset for a set of "regular capabilities" which all processes are normally expected to have. These capabilities include the ability to use fork() or exec(), the ability to open files and to write to files, the ability to use ptrace(), and the ability to increase privilege by running a setuid program. The idea here is that processes running in security-relevant settings can drop those capabilities if they are not needed, making it harder to exploit any vulnerabilities in those processes. The core of the patch, however, is the implementation of capability inheritance. Understanding this part requires just a bit of background. As it happens, while one can talk about the capabilities possessed by a process, each process in Linux has three separate capability masks. The permitted set is all of the capabilities that the process is allowed to have. But capabilities cannot be used unless they are set in the effective set, is a subset of the permitted set. Finally, each process has an inheritable set, listing the capabilities (again, a subset of the permitted set) which can be passed on to any program run with exec(). Processes can adjust the effective and inheritable sets at any time (within the bounds of the permitted set), but the permitted set cannot be expanded. In a capability-based system, executable files also have a set of three capability masks. Those masks have the same names as the process masks, and their function is almost the same. The file's inherited mask, however, will limit the capabilities which can be inherited from any other process. David's patch set includes a patch (by Serge Hallyn) which adds support for capability masks to the filesystem layer. When a process runs a new executable, the masks are combined as follows:
These equations are taken directly from David's "new capabilities" page, which has much more detail on all of this work. What they say, in English, is something like this:
For the most part, these rules match the usual understanding of how capability-based systems are supposed to work. Capabilities, in such a system, are assigned to programs, not to users; the normal permissions bits can then come into play to control which programs specific users can run. David's patch differs from the usual idea of capability-based systems in one important regard, however: how it handles programs with no capability sets defined. On most systems, that will be almost every executable file there is. By the rules, such programs should be treated as having an empty inherited set, which, by the rules above, would cause them to be run with no capabilities at all. David's patch, instead, causes these programs to be run with the same capabilities the process had before - though the presence of things like setuid bits can obviously change that calculation. This interpretation breaks the classic capability-based model, but it has the advantage of actually working on current systems. Ted T'so, however, complains that this compromise fundamentally weakens the security of the capability-based model. He has suggested that the behavior be configurable, with each filesystem having a flag describing how capabilities should be handled in the absence of a set per-file masks. A set of default capabilities for new files could be part of this change as well. The other complaint which has been heard is fairly predictable: why, it is asked, should we bother with capabilities when SELinux can do all of the same things and more? In fact, SELinux does something vaguely similar, but with a level of indirection; it attaches labels to files, then associates capabilities with the labels through the policy mechanism. Anybody who has ever gotten that cheery Fedora "your filesystem must be relabeled, please wait for a very long time" boot message knows that keeping files and labels properly synchronized is a difficult task. There is no real reason to believe that keeping capability masks in a correct state would be any easier. That fact alone may continue to limit the real usage of capabilities well into the future.
KHB: Dynamic Instrumentation of Production Systems (a.k.a. DTrace)The ProblemKernel developers have written many wonderful and useful tools for debugging and observing system behavior, such as slab allocation debugging, lock dependency tracking, and scheduler statistics. However, few of these tools can be used in production systems (those are computers used to do actual work as opposed to what I use them for, which is compiling and testing my latest kernel patches) because of the overhead they create, even when disabled. Whenever Dave Jones is trying to track down a memory allocation bug in Rawhide and turns on slab debugging, he's inundated with complaints about sluggish systems until he turns it back off again. We also lack decent tools to do system-wide analysis - analysis spanning the operating system and all running processes - since most tools are built around either a single process (e.g., strace) or a single kernel subsystem (e.g., SCSI logging). When it comes down to root-causing a performance problem on a production system, our hands are pretty much tied if we can't boot into a kernel compiled with support for debugging and tracing - and often we can't reboot, either due to downtime restrictions or rules about certification of software on production systems. Today, performance analysis on production Linux systems usually ends up being a jumble of iostat, top, sysrq-t, random /proc entries, and unreliable oprofile results (if we're lucky enough to have oprofile). Recently, one of my friends with extensive Linux experience upgraded his business's production system (a computer used to do actual work) to a more recent Linux kernel and found that performance had suddenly dropped to an unusable level. Once he had figured out that many Apache processes were spending a lot of time in iowait, he had no idea where to go next and had to revert to the old kernel without root-causing the problem. Unfortunately, the problem is only reproducible on a system in production use - and so must be investigated using only tools suitable for a production system. System-wide performance analysis on present-day Linux systems remains a black art.
The SolutionThe ideal tracing system would cause zero performance degradation when it is disabled, would be dynamically enabled as needed, could collect data over an entire system, and would be safe to use on a production system. The paper describing DTrace, Dynamic Instrumentation of Production Systems, published in the USENIX 2004 Annual Technical Conference, earns itself a place on the Kernel Hacker's Bookshelf for describing the first system that lives up to this ideal.DTrace was originally written for Solaris on both SPARC and x86, and has recently been ported to Mac OS X. I used DTrace extensively while I was working on Solaris and got used to being able to answer any question I had about a system with a few minutes of script writing. When I went back to work on Linux and could no longer use DTrace, I felt like I went from wielding a sharp steel katana to fumbling with dull flint tools. The only tool for Linux that comes close is SystemTap, which has improved significantly in the last year, though it still remains out of the mainline kernel. I'm not the only person who thinks DTrace is ground-breaking. DTrace won the top award in the Wall Street Journal's 2006 Technology Awards. MIT's Technology Review named DTrace's lead engineer, Bryan Cantrill, as one of their 2005 TR35 winners, their list of top innovators under the age of 35. Any company with a half-decent marketing group can generate hype, but DTrace has garnered praise from both industry leaders and the people knuckling down to do the real work.
The PaperThe DTrace paper begins with the motivation for DTrace. For many years, Solaris developers, like Linux developers, focused on writing tools to help them in a kernel development environment. Then they began venturing out into the field to analyze real-world systems - and discovered that much of their toolkit was useless. Besides being impossible to use on production systems, their tools were designed to analyze processes or the kernel in isolation. They began to design a dynamic tracing system intended from its inception for use in production systems. It needed to be completely safe, have zero probe effect, aggregate data over the whole system, lose a minimum of trace data, and allow arbitrary instrumentation of any part of the system.The architecture they came up with divides up the work of tracing into several modular components. The first is DTrace providers. These are kernel modules that know how to create and enable a particular class of DTrace probes. DTrace providers include things like function boundary tracing and virtual memory info tracing. When enabled, each DTrace probe has one or more series of actions associated with it that are executed by the DTrace framework (another kernel module) each time the probe fires, such as "Record the timestamp" or "Get the user stack of this thread." Actions can have predicates - conditions that must be met for the the action to be taken. This is one way to cut down on the amount of data that would otherwise be laboriously copied out of the kernel, only to be thrown away in post-processing. A useful predicate might be "Only if the pid is 7893" or "Only if the first argument is non-zero." Probes are enabled by DTrace consumers - processes which tell the DTrace framework what probe points and actions they want to use. Probes can have multiple consumers. Each consumer has its own set of per-CPU buffers for transferring trace data out of the kernel, which is done is such a way that data is never corrupted, and the consumer is notified if data is lost. Many tracing systems silently drop data, which can lead to serious errors in analysis when an event is significantly under-sampled. The most interesting and controversial part of DTrace is the scripting language, "D", and its conversion to the D Intermediate Format, DIF. Many developers don't understand why C and native machine code aren't preferable - after all, we already know C, and we have plenty of tools for compiling C into runnable machine code. Why reinvent the wheel? The answer comes in two parts. First, D was invented to quickly form questions about a running system. A quote from the paper: "Our experience showed that D programs were rapidly developed and edited and often written directly on the dtrace(1M) command line." As such, it lends itself to a script-like language that is friendly to rapid prototyping. It is also intended primarily to gather and process data, and as such an awk or python-like structure was more appropriate. The language used to specify probe actions should be specialized for the task at hand, rather than simply reusing a language designed for generic system programming. At the same time, D is very similar to C (the paper describes D as "a companion language to C") and C programmers can quickly learn D. Second, some level of emulation is needed for safety. Not all program errors can be caught in an initial pass; things like illegal dereferences must be caught and handled on the fly. The in-kernel DIF emulator is vital for the level of safety needed to use DTrace on a production system. When explaining to Linux developers the need to prevent buggy scripts from crashing the system, often the response is, "Well, don't do that." But imagine for a minute that you are debugging with SystemTap on your friend's production Linux server. When they ask you if it could possibly crash their system (which will cost them many thousands of dollars in lost business), you don't want to say, "Well, only if I have a bug in the scripts I am writing... on the fly... without code review... Um, how many thousands of dollars did you say?" A tracing system that can still cause the system to crash in some situations will be limited to kernel developers, students, and other people with the luxury of unscheduled downtime. Two major components of DTrace remain: aggregations and speculative tracing, two methods of reducing trace data at the source, allowing far greater flexibility of tracing. The traditional method of tracing involves generating vast quantities of data, shoveling it out to user space as fast as possible, and then sifting through the detritus with post-processing scripts. The downsides of this approach are data loss (there is a limit to how quickly data can be copied out of the kernel), limitations on what we can trace (without excessive data loss), and expensive post-processing times. If we instead throw away or coalesce trace data at the source, our tracing is cheaper and more flexible. One method of data pruning is aggregations, which coalesce a set of data into a useful summary. For example, with only a few lines of D, you can create an aggregation that collects a frequency distribution of the size of mmap function calls across all processes on the system. The alternative is copying out the entire set of trace data for each mmap call on the system, then writing a script to extract the sizes and calculate the distribution - which is slower, more error-prone, and has a much higher probe effect. Speculative tracing is even more interesting; it allows a script to collect trace data and then decide whether to throw it away or pass it back up to user space. This is vital for collecting data for a common event, of which only a few events are judged "interesting" later on. For example, if you want to trace the entire call path of all system calls that result in a particular error code, you can speculatively trace each system call, but throw away the data for all system calls except the ones with the interesting error code. If you don't have much time to read the DTrace paper, be sure to at least read Section 9, which describes a session root-causing a mysterious performance problem on a large server with hundreds of users. In the end, 6 instances of a stock ticker applet were putting so much load on the X server that killing them resulted in an increase in system idle time of 15% (!!!). More DTrace examples are available, linked to from the DTrace OpenSolaris web site.
What does this mean for Linux?Hopefully anyone who saw Dave Jones' Why Userspace Sucks talk at OLS 2006 will already be excited about using SystemTap to track down problems. SystemTap is the current state of the art dynamic tracing system for Linux. It has little or no probe effect - performance degradation when it is disabled - and it can trace events across the system. However, it still has some way to go in the areas of safety, early data processing, and general usability. Understanding the DTrace paper will help people understand why these areas are important. More importantly, understanding the DTrace paper will help people understand how they can use SystemTap to solve interesting problems.Bored? Lonely? Download SystemTap and start investigating performance problems today! If you're running FC4, you can even install SystemTap using yum.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials A look at Mandriva 2007The first release candidate for Mandriva 2007 is available in a variety of different editions. Some include GNOME, some KDE. Each edition supports several languages, but not all languages are supported in every edition. Some editions include non-free software, so look for "free" in the filename for an edition with 100% free software.What's new since Mandriva 2006? According to the release notes there's GNOME 2.16 and KDE 3.5.4, 3D desktop support with AIGLX and Xgl, the 2.6.17 kernel is based on 2.6.17.11, with ALSA 1.0.12 final and i965 support. There is a new 'Ia Ora' Mandriva theme and new configuration tools for VPN, 3D and firewalls. There are still a few known issues with this release candidate including a couple of issues for those running under KDE or using bluetooth. The most notable involve rpmdrake not uninstalling packages correctly and the text-based install not working. Overall, Mandriva 2007 is shaping up to be a nice release. The final version should be out soon according to the schedule.
New Releases The first RHEL5 betaRed Hat has released the first beta version of Red Hat Enterprise Linux 5. "This is the first Red Hat Enterprise Linux release that includes Xen based open source virtualization technology. The Red Hat Enterprise Linux 5 Beta 1 release contains virtualization on the i386 and x86_64 architectures as well as a technology preview for IA64. We are particularly interested in your feedback on the Xen technology."
openSUSE 10.2 Alpha4 ReleaseThe fourth alpha release of openSUSE 10.2 is available. The release features a 2.6.18rc5 SMP kernel with all kernel module packages (kmp) and the Xen packages, GNOME 2.16 Beta, openSUSE branding and more.
Distribution News Debian newsSteve McIntyre presents Bits from the 2IC covering Summer of Code projects, Sarge r3 and the third d-i beta release, Debian popularity growing Latin America, Etch release, GR vote, DebConf 7, Debian presentation at La Laguna University in Tenerife, and a planned BSP marathon. Steve also covers some news, some plans and a plea for help regarding CD/DVD builds.The first call for votes has gone out on a constitutional amendment to address the procedures related to handling assets for the project.
openSUSE newsA new mailing list called opensuse-project has been announced for discussion about the openSUSE project. The openSUSE-bugs mailing list has also been announced. This one broadcasts all changes that are being made to bugs related to openSUSE.The openSUSE project is looking for translators. "Check the translation statistics page for the current language support in our openSUSE distribution and help to improve it for 10.2."
Discontinued SUSE Linux Distribution: 9.2SUSE Security has announced that SUSE Linux 9.2 will be discontinued soon. "Having provided security-relevant fixes for more than two years, vulnerabilities found in SUSE Linux 9.2 after October 15th 2006 will not be fixed any more for this product. We expect to release the last updates around October 31st 2006."
Ubuntu Edgy newsUbuntu Community Manager Jono Bacon has announced a Ubuntu Developer Summit in Mountain View, California November 5 - 10, 2006. "UDS Mountain View is open for anyone to attend, but remember it is very developer focused, so probably unsuitable for those without an interest in participating in Ubuntu."Tollef Fog Heen reports that main is frozen in preparation for the Knot 3 release. Matthias Klose reports that packages for OpenOffice.org 2.0.4 release candidate 1 are available for testing. These packages include many bug fixes, additional translations, support for audio and video files in presentations and native packages for the amd64 platform.
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for September 12, 2006 looks at Debian at the Wizards of OS conference, 16 core MIPS server with Debian pre-installed, key management for APT, an Alioth incident report, a CD/DVD creation report, the call for votes on a constitutional amendment on asset handling, using the BTS for license issues, the status of the Internet superserver, the first Colombian Mini DebConf, a stable release update, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for September 4, 2006 covers multiple package removals, UK Linux Awards, Free Linux Disk project fundraiser, GWN seeking writers and other topics.
Ubuntu Weekly News #13The Ubuntu Weekly News for September 9, 2006 covers Scott James Remnant's init-replacement upstart going live, Edgy getting GNOME 2.16 and KDE 4 alpha packages, Melissa Draper's interview with the Sydney Morning Herald in Australia and much more.
DistroWatch Weekly, Issue 168The DistroWatch Weekly for September 11, 2006 is out. "With many of the major distributions in the final stages of their development work, this is possibly the most exciting period of the year. It shouldn't be long before the new versions from Slackware and Mandriva are released, with Fedora, openSUSE and Debian following shortly. Mandriva Linux 2007 is now starting to look really good, while Debian GNU/Linux 4.0 "etch" is shaping up to be a real breakthrough for the largest Linux distribution project. Fedora Core is also getting a complete makeover - at least in the look and feel department. This issue is devoted to all the upcoming new releases, with further news covering the availability of KDE 4 packages for Kubuntu, a new major version of GParted LiveCD, and an interesting interview with the developers of PC-BSD. In our latest book review, we'll take a quick look at Ubuntu Linux For Non-Geeks by Rickfort Grant."
Minor distribution updates Foresight Linux 0.9.8, with GNOME 2.16 (GnomeDesktop)GnomeDesktop introduces the release of Foresight Desktop Linux 0.9.8, with GNOME 2.16, Conary 1.1.3 and more.
LFS LiveCD x86-6.2-3The Linux From Scratch (LFS) LiveCD Team has announced the release of the x86-6.2-3 version of the LFS LiveCD. "This version is built using LFS 6.2 and many BLFS packages from the SVN branch. Source packages for LFS 6.2, and the LFS book itself, are included on the LiveCD. The CD is also suitable as a host for building x86 and x86_64 CLFS systems."
OpenLab beta releasedOpenLab has announced the release of OpenLab 4.Zbeta. "Now for the changes since alpha. Some major changes are prevalent - for starters we've fixed all the reported bugs from alpha, implemented every single feature request and updated virtually every core package. Check out the complete changelog here!"
Package updates Fedora updatesUpdates for Fedora Core 5: db4 (bug fix), tar (fix tar-debuginfo package), gnome-screensaver (remove xscreensaver migration cruft), iproute (bug fixes), xscreensaver (gnome-screensaver compatibility), libbonobo (bug fixes), at-spi (bug fix for 64bit systems), vixie-cron (add patch for compatibility with RFC3834), imlib (fix dependency issue), frysk (new upstream version).
Mandriva updatesUpdates for Mandriva Linux Corporate 3.0 & Multi Network Firewall 2.0: squidGuard (fix a typo in the logrotate script).
rPath updatesUpdates for rPath Linux 1: stunnel (resolve a segmentation violation).
Slackware updatesSlackware-current has seen quite a few changes this week, mostly bug fixes and cleanups in preparation for Slackware 11. There are new linux-2.6.17.13 packages in extra. See the full changelog for details.
Ubuntu updatesUpdates for Ubuntu 6.06 LTS: gftp_2.0.18-14ubuntu1~dapper1, clamav_0.88.4-1ubuntu1~dapper1, nmap_4.10-1~dapper1, rtorrent_0.5.3-1~dapper1, knetworkmanager_0.1~svn-r575138-0ubuntu2~dapper1, darcs_1.0.8-1~dapper1, libtorrent_0.9.3-1~dapper1.
Newsletters and articles of interest Debian Etch Beta3 Graphical-mode installation With screenshots (Debian Admin)Debian Admin has step-by-step instructions for installing Debian Etch. "Etch is the codename for the upcoming release of Debian, which will also be known as Debian GNU/Linux 4.0. Etch has been the testing "release" of the Debian distribution since the release of the current stable version, 3.1 (codenamed Sarge), on June 6th 2005. The project is currently aiming at a December 4 2006 release date. I have created easy debian etch installation process with nearly 50 images."
Distribution reviews DesktopBSD 1.0: FreeBSD for the desktop (NewsForge)NewsForge reviews DesktopBSD. "DesktopBSD is version of FreeBSD customized for the desktop. Building upon FreeBSD 5.5-PRERELEASE, DesktopBSD 1.0 comes packed with desktop-oriented features such as KDE 3.5.1 and the DesktopBSD Tools, which include a graphical interface to the FreeBSD ports system. Underneath the familiar KDE desktop, DesktopBSD is still FreeBSD; in fact, you will find more references to "FreeBSD" than "DesktopBSD" throughout the system. That's because, as the DesktopBSD FAQ says, "DesktopBSD isn't a 'fork' [of FreeBSD] -- it's a customized FreeBSD installation that mainly consists of the DesktopBSD Tools and a collection of configuration files and software for desktop use.""
Puppy Linux 2.02 Review (MadPenguin)MadPenguin reviews Puppy Linux 2.02. "When we first started using Puppy, we were convinced it was simply a good distribution for those looking to revive older computers. After a few days with it, we simply cannot get over how friendly it is. For once, we have a distribution designed for older hardware that is actually utilizing new technology, not simply revamping what Knoppix provides. In short, it does not feel like another stripped down version of Knoppix. Another item that really "wows" us is the ability to run this distribution our way. Flash drives, CDs, or hard drive installation - it's all here. And thanks to a working wireless connection and a wide selection of software, we plan on running Puppy side-by-side with Ubuntu for a very long time."
Page editor: Rebecca Sobol Development A survey of the DocBook landscapeIntroductionThe OpenDocument Format, developed under OASIS (Organization for the Advancement of Structured Information Standards), has been getting quite a bit of attention lately. ODF is an Open Standard and it serves as an important vehicle for the Free Software community and this community's information; the Software Freedom Law Center recently confirmed that ODF is safe from patent claims from its OASIS Technical Committee members. Version 1.0 of the format was ratified in May of 2005 by this TC, and ODF recently arrived at one of the last stages in its process towards ISO/IEC adoption as ISO/IEC 26300. The state of Massachusetts underwent a grueling and well-scrutinized process last year in which it decided to use ODF for its official documents; at least one vendor strongly opposed this decision, but even this vendor has recently announced work on interoperability with ODF. All this attention is well-deserved, for ODF intends to provide the structure for many of the documents that store many users' information: "office" documents. The basic purpose of a format for office documents is to encode the presentation of information. Most commonly, office documents encode how to present page-based sequential documents in print, spreadsheets in various media, and slides in interactive display and various other media. One alternative approach to authoring content focuses on the semantics of the information; this approach requires more discipline but can provide some advantages, particularly where it comes to reusing the information. In addition to ODF, OASIS also oversees the development of DocBook, which takes this alternative approach. Several significant events in DocBook development warrant some attention in that direction. DocBook was originally developed as an SGML application and has been modernized to simultaneously support SGML and XML; it focuses on the semantics of software and hardware documentation. DocBook also provides a clear and rich representation of the semantics of general-purpose documentation, including detailed structures for bibliographic information, glossaries, and a variety of contextual devices such as footnotes. Many free software projects make use of DocBook (or a variant), including KDE, GNOME, and OpenDarwin. Not surprisingly, The Linux Documentation Project makes heavy use of DocBook. What can you do to read a DocBook file if you (unexpectedly) receive
one? Perhaps the easiest approach is to use the DocBook XSL stylesheets
to format the file as HTML, then view it with your favorite web browser.
The The DocBook language: present and futureThe DocBook 4 development line currently produces the stable version of DocBook: DocBook 4.4. The current "OASIS Standard" version of DocBook, however, is DocBook 4.1, which is why you often see projects using DocBook 4.1.2the latest bug-fix version of DocBook 4.1. DocBook 4.5 is nearly completed, and has also been submitted for approval as an OASIS Standard. Release Candidate 3 (released in June) will likely become the newest stable version; RC2 was itself almost accepted as an OASIS Standard until a small bug in the specification forced the version bump. As a matter of DocBook project policy, individual DocBook minor versions within a major version are backwards compatible with previous minor versions in the same major version. For example, all documents written in DocBook 4.1.2 are valid DocBook 4.4 documents and all DocBook 4.4 documents will be valid DocBook 4.5 documents when that version is available. These minor versions of DocBook 4 have subtly added to its expressiveness in addition to adding completely new elements, such as user-requested markup for describing tasks. A new major version of DocBook, version 5, is rapidly approaching. DocBook 5 explicitly breaks backwards compatibility in order to move in some new directions, which largely have to do with aspects of the underlying technology. The naming and semantics of markup in DocBook 5, on the other hand, strongly reflect DocBook 4. DocBook 5 makes a break from its SGML roots, moving to aspects of XML technology that are not represented in the SGML model. The most prominent of the architectural changes is that DocBook 5 now uses an XML namespace for its element set. This namespace will be used by the stable version when it is released so users will not need to migrate to a different namespace once DocBook 5 stabilizes. The use of an XML namespace allows DocBook to more cleanly take advantage of other XML dialects such as SVG and MathML; it also allows other languages to more easily integrate DocBook, or subsets of DocBook, in places where they want to express prose documentation. Validation and new featuresDocument validation is an important tool for supporting document interoperability. Through version 4, DocBook has primarily provided a Document Type Definition (DTD) for assessing document validity. DTDs are well supported and built into the core XML specification, but they are not able to deal with XML Namespaces and they are not as expressive as more modern tools. For these and other reasons, DocBook 5 (like ODF) provides a RELAX NG schema as its basis for validation. RELAX NG is more context-aware, which means that in several places certain DocBook constructs have been simplified or merged, and a number of previously unenforceable constraints are now enforced. The DocBook 5 schema in RELAX NG is also highly modular, which means that anyone interested in modifying the language can easily pick and choose from small components to build their custom language. If needed, users can also use less accurate, monolithic DTDs or W3C XML Schemas that are generated from the RELAX NG schema. In addition to RELAX NG, the DocBook 5 schema uses a set of optional Schematron assertions to help validate those hard-to-reach places. DocBook 5 also sports new and improved facilities for expressing
content. Instead of native hypertext markup, it uses XLink for hypertext references.
Interestingly, in DocBook 5 almost every element can serve as a hyperlink:
if DocBook 5 continues to use XInclude to support transclusion. In addition to many fixes, the removal of several obsolete components, and a number of small adjustments, it also introduces elements designed to support new features, such as a general mechanism for annotating content and a structure for noting the correspondence between a term and its definition. Practical considerationsDocBook 5 will likely have a stable release soon. Norman Walsh, the main hacker, er, lead architect of DocBook 5, published his first experiments with the new language in May of 2003 and the first official beta of DocBook 5 was published in October of 2005. It is currently at beta 7, and there will be several release candidates before the Technical Committee applies the official DocBook 5.0 seal of approval. Many of the tools for processing DocBook have gained DocBook 5 support as DocBook 5 has developed. Many users take advantage of the (previously mentioned) DocBook XSL stylesheets for converting DocBook to other formats for publication, such as HTML and XSL-FO (an intermediate step toward producing PDF). The stable version of the DocBook XSL stylesheets is 1.70.1, and it includes support for DocBook 5.0; the next testing version of these stylesheets, version 1.71.0, was released recently. Work has also begun on a rewrite of the DocBook XSL stylesheets using XSLT 2; these are unsurprisingly called the DocBook XSL 2 stylesheets. Developers of some DocBook editors and other tools have worked to integrate support for DocBook 5. Jirka Kosek, card-carrying member of the DocBook illuminati, has written and currently maintains DocBook V5.0: The Transition Guide, which covers the above DocBook 5 issues in more detail and which will be very useful to anyone interested in migrating from DocBook 4 to DocBook 5. DocBook offers authors a powerful level of expressiveness, and both the stable version 4 and the new version 5 will soon reach important milestones. DocBook 5 is a refactoring, intended to better integrate with XML technologies and to be easier to use by authors and users who need to customize the language itself. It is written with the intention of avoiding major disruptions of patterns of authoring that exist with DocBook 4. New versions of both DocBook 4 and DocBook 5 continue to offer enhancements that allow authors to better express their thoughts and convey information.
System Applications Audio Projects Rivendell 0.9.73 announcedVersion 0.9.73 of the Rivendell radio automation system is out with new features and bug fixes. "Rivendell is a full-featured radio automation system targeted for use in professional broadcast environments. It is available under the GNU General Public License."
LDAP Software LAT 1.1.90 announcedVersion 1.1.90 of LAT, the LDAP Administration Tool is available. "This is the first beta for the 1.2 release. Check it out. If you find any bugs, please report them."
Security Sussen 0.29 announcedVersion 0.29 of Sussen, a vulnerability and configuration scanner, is out with bug fixes.
Web Site Development ccHost 3.0 releasedVersion 3.0 of ccHost has been announced. "Creative Commons, a nonprofit organization that provides flexible copyright licenses for authors and artists along with the Creative Commons Developer Community released the ccHost 3.0 today. ccHost is an Open Source web-based media sharing software. This major feature release comes on the heals of winning the Linux Journal Linux World Expo Award for "Best Open Source Solution" and combines approximately five months of development, usage, and testing into packages that anyone may download, install, and use to empower on-line media sharing communities."
Plone 2.5.1 and 2.1.4 releasedTwo new releases of Plone, a web content management system, have been announced. "We have prepared two new releases of the 2.5.x and 2.1.x series with default policy improvements to counter the spam attacks that some Plone sites have been a victim of lately. This is a required upgrade for all Plone sites, please be a responsible administrator and update your sites as soon as possible."
Zope NewsThe August 16-31, 2006 edition of Zope News is available with coverage of the Zope content management system.
Web Services Separation of Concerns in Web Service Implementations (O'ReillyNet)Tieu Luu discusses the separation of concerns in web service implementations in an O'Reilly article. "Separation of concerns is a core principle of Service-Oriented Architectures. Unfortunately, this principle is often lost when it comes to the implementations of SOA services. All too often we see a big implementation class with multiple concerns such as security, transaction management, and logging all mixed in with the business logic. Using the Spring Framework and principles of Aspect Oriented Programming (AOP), we can drive the separation of concerns down into the implementation of services. In this article, we show how to develop a Web service using Apache Axis and Spring, and secure it with Acegi Security--all while keeping the concerns nicely separated."
Desktop Applications Accessibility Accessibility Test SuiteRodney Dawes has posted an update on a GNOME accessibility test suite that he is working on, testers are needed. "Lately, I've been working on some tools to help us improve the level of accessibility support in our desktop. In doing so, I ended up creating a python module to minimize the code duplication between scripts, as each application being tested, needs its own script. The module itself does a little initialization and shutdown stuff, and writes out an HTML file to present a nice tabular report of missing Name and Description identifiers on accessible widgets, using LDTP."
Audio Applications What to expect in Ardour2A new article about the Ardour multi-track audio editor package entitled What to expect in Ardour2 is out, it describes the plans for the next version in detail. New features will include: GTK2 support, a control surface architecture, OSC Support, a redone sound file browser/importer, saved undo, a revamped UI, destructive recording, support for 64-bit sound formats and more. (Thanks to Taybin Rutkin.)
Desktop Environments Desktop memory usage comparisonLubos Lunak has documented a comparison of memory usage with four popular desktop environments running a variety of applications. "These memory benchmarks are meant to measure various cases of desktop configuration and compare KDE to some other desktop environments. Specifically, I compared against Xfce 4.2.2 (as shipped with SUSE Linux 10.0) as the so-called lightweight desktop, WindowMaker 0.92.0 as a plain window manager and GNOME. GNOME, built using GARNOME, was originally version 2.12.2, later redoing it with 2.14.0 (without actually measuring noticeable difference in these specific cases, despite 2.14 release notes claiming performance improvements). As I no longer have the same setup I cannot redo it with the very recent 2.16 unfortunately. Simply consider this to be a bit old. The others are for comparison anyway :). KDE itself was KDE 3.5.2 with my performance patches, all of which are already upstream by now." (Thanks to Alexander Neundorf.)
GARNOME 2.16.0 releasedVersion 2.16.0 of GARNOME, the bleeding-edge GNOME distribution, is out. "This release incorporates the GNOME 2.16.0 Desktop and Developer Platform, fine-tuned with love by the GARNOME Team. It includes updates and fixes after the GNOME 2.16.0 freeze, together with a host of third-party GNOME packages, Bindings and the Mono(tm) Platform -- this release is the first of a new stable GNOME branch and ships with the latest and greatest releases."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit-Digest (KDE.News)The September 10, 2006 edition of the KDE Commit-Digest has been announced. The content summary says: "Work begins on Ruby language support in KDevelop 4. Work continues in the KReversi code rewrite. Kalzium gets functionality to visually show the country an element was discovered in. Automatic regression testing for Kate. Mimetype and metadata support for the XML Paper Specification format. Strigi can now use outside applications to index files outside its core scope, such as PDF files. KJots gets greatly improved find and replace functionality. Many improvements in supporting different archive formats in KArchiver."
Electronics gEDA/gaf 20060906 announcedVersion 20060906 of gEDA/gaf, a collection of electronic design tools, has been announced. "This is primarily a bug fix release. Hopefully all of the autosave bugs have been squashed along with a few other annoying bugs fixed. This release also includes Peter Brett's new print dialog which is a vast improvement over the Ales' "piece of something" print dialog box that was part of gschem since almost the beginning. I *highly* recommend that everybody upgrade to this release, especially if you are experiencing random crashes."
Financial Applications SQL-Ledger 2.6.19 releasedVersion 2.6.19 of SQL-Ledger, a web-based accounting package, has been announced, it features several bug fixes.
GUI Packages Qt 4.2 Release Candidate Issued (KDE.News)KDE.News notes the availability of a Qt 4.2 release candidate. "Trolltech has issued a release candidate of Qt 4.2 under an evaluation licence. This version features CSS-like widget styling capability, a new 2D canvas class called QGraphicsView, text completion, new calendar and font selection widgets, and new desktop integration features."
Music Applications Amuc 1.3 announcedVersion 1.3 of Amuc, the Amsterdam Music Composer, is out. "This version has quite some modifications, and now also can import MIDI files."
Office Suites KOffice 1.6 Beta 1 Released (KDE.News)KDE.News reports the release of KOffice 1.6 beta1. "This release incorporates a number of new features, mainly from the Google Summer of Code projects, as well as a great number of bug fixes. It also signals the start of the feature freeze that always preceeds a release of a major new version, thus giving the developers exactly a month to fix outstanding bugs. We urge everybody that is interested in KOffice to install and test this version to make sure that the final 1.6 has a high quality." More details are available in the announcement and the full changelog.
Languages and Tools Caml Caml Weekly NewsThe September 12, 2006 edition of the Caml Weekly News is out with new Caml language articles.
Perl Weekly Perl 6 mailing list summary (O'Reilly)The September 2-9, 2006 edition of the Weekly Perl 6 mailing list summary is out with coverage of the Perl 6 mailing lists.
Ruby Ruby Weekly NewsThe September 10th, 2006 edition of the Ruby Weekly News looks at the latest discussions on the ruby-talk mailing list and comp.lang.ruby newsgroup.
Tcl/Tk Dr. Dobb's Tcl-URL!The September 12, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
Page editor: Forrest Cook Linux in the news Recommended Reading Windows will beat Linux threat, say academics (TechWorld)TechWorld covers a study authored by two Harvard faculty members. "The two based their research on a simplified economic model attempting to recreate the dynamics of Windows' competition with Linux, where Windows has market share and profitability on its side, while Linux benefits from a faster development cycle and lower cost. Casadesus-Masanell and Ghemawat found, to their surprise, that Linux's advantages by themselves didn't mean Linux would ultimately oust Windows, because of Windows' initially dominant market share."
What you should (and shouldn't) expect from 64-bit Linux (Linux.com)Linux.com looks at the pros and cons of running 64-bit Linux. "So you just bought and assembled a brand-new AMD64 workstation. The only decision that remains is whether to install a 64-bit Linux distribution, or stick with comfortable, tried-and-true IA-32. If you are seeking an easy answer to that question, I can't help you. Running 64-bit Linux has its pros and cons. Unfortunately, a lot of the cons are out of your hands -- but they're not really Linux's fault, either."
Trade Shows and Conferences Ohio LinuxFest 2006: Plans, presentations, and penguins (Linux.com)Linux.com looks forward to the Ohio LinuxFest. "Linux and open source software users in the Buckeye State who want to network with several hundred of their colleagues will get the chance when Ohio LinuxFest 2006 gets underway later this month. The one-day conference, to be held on Saturday, September 30, at the Greater Columbus Convention Center in downtown Columbus, features presentations, exhibits, an after-conference party, and a special appearance by some live penguins."
YAPC::EU 2006 - Day 3 (O'Reilly)O'Reilly covers day three of the YAPC::EU 2006 Perl conference. "Another early start of course, and I could definitely see a dilemma in the eyes of some attendees. On one hand the previous nights conference dinner and the subsequent late night drinking session was encouraging them to stay in bed and miss the first couple of talks. But on the other hand, the first talk in the morning was Tatsuhiko Miyagawa talking about Plagger. Ive raved about Plagger here before, but for those who dont know, its a fully modular system for dealing with web feeds. "
The SCO Problem SCO's red ink disgorge persists (Linux-Watch)Linux-Watch looks at SCO's 3rd quarter financial results. "Revenue for the third quarter of fiscal year 2006 was $7,421,000 as compared to $9,353,000 for the comparable quarter of the prior year. The net loss for the third quarter was just over $3.5 million or 17 cents per diluted common share, as compared to a net loss of just over $2.3 million or 13 cents per diluted common share, for 2005's comparable quarter. "The decrease in revenue and increase in net loss were primarily attributable to continued competitive pressures on SCO's Unix products and services from Linux," SCO CFO Bert Young said in a conference call."
Companies IBM wins hybrid supercomputer deal (ZDNet)ZDNet reports that IBM has won a contract with the Los Alamos National Laboratory to build a Linux-based 16,000 processor supercomputer that will boast a performance of around 1 petaflop. "the machine, dubbed Roadrunner, uses a hybrid approach that combines a conventional cluster of Opteron servers with Cell chips that handle some of the calculating grunt work. Each Cell chip, originally designed by IBM, Sony and Toshiba for the Sony PlayStation 3 video game console, includes eight special-purpose engines that can rapidly perform physics calculations."
Sun, Ruby, and Java: An Interesting Turn of Events (Linux Journal)Pat Eyler covers Sun's new JRuby hires. "Wow! Sun has hired Charles Nutter and Thomas Enebo to work on JRuby full time. This is a pretty momentus event, and is already sending shockwaves around the Ruby world."
XenSource, anyone? (Linux-Watch)Linux-Watch covers the release of XenEnterprise 3.0 from XenSource. "For all of our talk about Xen virtualization and Red Hat and SUSE, we've been overlooking that one of XenSource's goal was to create a standalone virtualization program. Well, we don't have to wait any longer. XenEnterprise 3.0 is finally here."
Interviews Jim Bublitz Talks About PyKDE (KDE.News)KDE.News interviews PyKDE maintainer Jim Bublitz. "PyKDE allows you to access most of the essential classes and methods of kdelibs from Python. I use it myself because it allows me to develop good-looking graphical applications that are KDE compatible, and allows me to do it from Python, which I find to be a much quicker and easier development environment than C++."
Richard Stallman on Kerela's desktop Linux adoption (DesktopLinux.com)DesktopLinux.com interviews Richard Stallman about the migration to Linux in India's Kerela state schools. "Q: Was it difficult to convince them to make the change, or were they already leaning in that direction? A:The previous government gave lukewarm support to free software; they began a partial migration, but had not made a firm decision to take it all the way. FSF India has worked for several years with both the main parties, and won the firm support of the (then) opposition leader. He is now the chief minister (equivalent to the governor of a state in the U.S.), and we both spoke at a free software event in Trivandrum two weeks ago. So I think the FSF India people deserve some of the credit for building the support that made this decision happen."
Resources Tip of the Trade: Bastille Linux (ServerWatch)ServerWatch looks at using Bastille Linux for hardening a Linux system. "Every wise old system and network administrator knows that security is a multilayer process. You have your firewalls and other border security, perhaps some internal network segmentation, and application and operating system security. However, locking down the operating system is probably the most crucial link in this chain. An excellent utility to help you probe, assess, and harden your Linux system is Bastille Linux."
Create your own book cover art with open source software (Linux.com)Dmitri Popov shows how to create a book cover with open-source tools. "Print-on-demand sites like Lulu allow you to create and publish your own book. If you're primarily a writer, you might be tempted to hire a professional designer to create a cover for your book. Before you do that, consider creating a simple yet elegant book cover using the open source Kooka scanning software and the Inkspace vector drawing application."
Open scientific software (Linux.com)Linux.com looks at a few scientific programs of general utility. "Linux is used on supercomputing clusters, embedded scientific equipment, as a programming environment for scientific programming and a myriad of other uses. Scientific Linux is a clone of the Red Hat Enterprise Linux distribution and is a baseline Linux distribution for a variety of physics laboratories around the world."
How To Fight Spam Using Your Postfix Configuration (HowtoForge)HowtoForge has a tutorial on spam filtering with the Postfix MTA. "In this guide you will learn how to tweak your virtual Postfix setup to better combat SPAM by stopping the mail before it hits SpamAssassin, using RBL (Realtime Blacklists) and RHBL (slightly different), greylistings and Helo Checks."
Tracking and charging for printing with PyKota (Linux.com)Frank Tuzi shows how to install PyKota in a Linux.com article. "PyKota is a robust Linux-based open source print quota and print accounting system that runs via LDAP, MySQL, or PostgreSQL on the back end and CUPS and Samba on the front end. At our school, we have found it to be a powerful application capable of managing printers, users, groups, and accounting information using any currency."
Making wireless work in Ubuntu (Linux.com)Linux.com presents an excerpt from The Official Ubuntu Book. "One of the greatest new features for laptop users in Ubuntu is network-manager. With this shiny new application it is finally easy to connect your Ubuntu system to any wireless network. Where previously you had to jump through hoops to do WPA or 802.1x authentication, network manager makes this completely transparent."
Unit Testing Your Documentation (O'ReillyNet)Leonard Richardson writes about testing the recipes in the Ruby Cookbook. "Thanks to the test framework, on a good day I could proofread, debug, and verify the correctness of 30 recipes. I worked faster and with greater confidence than I could doing everything by hand. I was also able to incorporate the test results into the general "confidence score" calculated for each recipe on my unofficial Ruby Cookbook homepage: a visible, though somewhat vague, metric of quality."
Reviews A review of the Glom graphical database front-end (Xaprb)Xaprb.com has a review of Glom. "Glom is an interesting graphical database front-end Ive been meaning to try out for some time. Someone asked about graphical database front-ends on the #mysql IRC channel recently, and that prompted me to install Glom and learn how to use it. My overall impressions? It lands squarely in the middle of its target audiences needs, but still has a quirk here and there. With a bit of polish it will be a fine product, and its already a winner over Microsoft Access and Filemaker, two similar programs with which you might be familiar. In this article Ill walk through installing and configuring Glom, a simple database design, a quick peek under the hood, an archaeologists experiences using it, and give my opinions about Glom in detail."
CLI Magic: Kismet sniffs out Wi-Fi access (Linux.com)Linux.com looks at Kismet for discovering access points and diagnosing problems. "For example, while configuring your own access point, you can use Kismet to see which channels are being used in your area. Start Kismet and let it run for a few minutes with channel-hopping enabled, so Kismet can scan the entire range of Wi-Fi channels, and it will find all the access points within range. You can then set your access point to an unused channel, thereby minimizing potential interference from all the other ones. Once your wireless network is configured, Kismet can check that you're on your chosen channel and that encryption is working."
The Linux killer app: KDE's Konqueror (DesktopLinux)DesktopLinux takes a look at Konqueror. "One of Konqueror's curious and powerful traits is that it is at once both a file manager and a web browser. You could think of it as a computer navigation device. It will quickly take you to any folder and file on your hard drive, or to anywhere on the Internet. It does either one, or both of those, so seamlessly that I marvel at how the KDE people did it."
Review: Linspire Mini Koobox (Linux.com)Linux.com reviews a Linspire powered Koobox. "A few weeks ago, I finally got my hands on a Linux-based Koobox Mini PCs. The Mini is a full PC in a very small, quiet package, and well worth a look. Linspire sent me the top-of-the-line Koobox, which includes a Pentium M 725 1.6GHz CPU, 512MB of RAM, slot-loading DVD/CD-RW drive, two USB 2.0 ports, one IEEE 1394 (FireWire) port, a 60GB hard drive, DVI video out, and 10/100 Ethernet. The video and chipset is an Intel 915GM that uses 8MB of shared memory, so you actually have 504MB of dedicated system memory. The sound chipset is also from Intel, and the system has one line-in and one line-out port for audio -- so the system sound is OK, but you're not going to have surround sound or anything like that."
Linux4Kids: Tools and toys for all ages (Linux.com)Linux.com covers Linux4Kids. "Linux4Kids is a collection of more than 80 GPL-licensed "edutainment" games and educational software available to download for free from the FileGate File Distribution Network. Linux4Kids applications include flashcard creators, basic and scientific calculators, typing tutors, and an assortment of other useful programs. VBuilder, a vocabulary skills testing tool, is ideal for students learning a new language, while Wikindx is a browser-based index card system useful for organizing research notes and bibliographic information."
Miscellaneous FreeDOS finally hits 1.0 milestone (ZDNet)ZDNet covers the release of FreeDOS version 1.0. ""FreeDOS 1.0 is a major milestone that has finally been released. By now, we have a stable and viable MS-DOS replacement," the project team said this week. Recent improvements to the package include long file name support in several applications, including a free CD-ROM driver, FAT32 file system support within the kernel and most other applications, and improved stability within the HIMEM device driver and EMM386 memory manager."
Page editor: Forrest Cook Announcements Non-Commercial announcements EFF: Industry and Public Interest Groups Fight Overbroad Broadcast TreatyThe Electronic Frontier Foundation has sent out a press release concerning a proposed U.S. broadcast treaty. "Dozens of companies from the technology and telecommunications sector, public interest groups, and library associations have banded together with the Electronic Frontier Foundation (EFF) to fight a proposed treaty that would grant broadcasters and cablecasters a new 50-year intellectual property right in their transmissions, regardless of whether they own the copyright in the content being transmitted. The treaty would radically change U.S. law, create liability concerns for Internet service providers and device manufacturers, interfere with the rollout of broadband and home networking services, and restrict citizens' access to information and public domain material."
S1 Core 0.1 announced (OpenCollector)OpenCollector covers the release of the Simply RISC S1 Core CPU. "Simply RISC has shipped the S1 Core, a 64-bit Wishbone-compliant CPU Core based upon the OpenSPARC T1 microprocessor released by Sun Microsystems few months ago. The S1 Core is released under the same license of the T1, the GNU General Public License (GPL); the design is freely downloadable from the Simply RISC website at www.srisc.com and no registration is required."
Commercial announcements Former SUSE/Novell Exec Seibt Joins Collax BoardCollax, Inc. has announced its newest board member, Richard Seibt. "Collax offers SMBs a suite of simple, cost-effective open source solutions for security, networking, and communication -- with no Linux knowledge required. "What impresses me about Collax is the concept -- open source-based technology that can be operated without Linux know-how, and which integrates 'best-of-breed' open source software and applications," said Seibt. "It's a product ideally suited to SMBs and, frankly, the next big wave of Linux adoption.""
Continuent Ships New uni/cluster for MySQLContinuent, Inc. has announced Continuent uni/cluster for MySQL. "Continuent uni/cluster for MySQL is part of a suite of Continuent products that deliver high availability for virtually any database environment. This newest version of Continuent's uni/cluster software provides the highest levels of availability and scalability for applications built using the MySQL database, and includes support for MySQL 4.1 and MySQL 5.0 on all platforms."
Continuent Ships New uni/cluster for PostgreSQLContinuent, Inc. has announced Continuent uni/cluster for PostgreSQL. "Continuent uni/cluster for PostgreSQL is part of a suite of Continuent products that deliver high availability for virtually any database environment. This newest version of Continuent's uni/cluster software provides the highest levels of availability and scalability for applications built using the PostgreSQL database, and includes support for PostgreSQL 7.4, and PostgreSQL 8.x on most platforms."
KnowledgeTree exceeds 200,000 downloadsKnowledgeTree has announced the passing of the 200,000 download mark. "KnowledgeTree(tm), the world's leading Open Source document management system, has been downloaded over 200,000 times from the premier Open Source portal, SourceForge.Net, a significant milestone for the project." A commercially supported version of KnowledgeTree is also available.
PIKA Technologies Connects Skype to AsteriskPIKA Technologies has announced PIKA Connect for Asterisk. "The second generation PIKA Connect for Asterisk is a channel driver for the popular open source Linux-based Asterisk PBX, enabling connectivity to Skype. This release of PIKA Connect for Asterisk, available in November, allows Asterisk-based applications to use Skype to receive incoming and/or make outgoing calls, provides access to the calling Skype ID profile information (caller ID), and has touch tone (DTMF) detection capabilities."
Rackspace Announces Q2 and Half-Year FinancialsRackspace Managed Hosting has announced its second quarter and first half of the year results for 2006. "The company's revenue was $52.0 million in the second quarter of 2006 and $97.8 million for the first half of the year. This represents a 59.5 percent increase over the second quarter of 2005 and a 58.8 percent increase over revenues in the first half of 2005. Rackspace also reported positive net income for both the second quarter of 2006 and the first half of the year. The company has experienced 30 consecutive quarters of revenue growth since its inception."
A letter from Terra Soft's CEO, "One year later ..."Terra Soft CEO Kai Staats looks at how business has been for Yellow Dog Linux. "In retrospect, we enjoyed our position as a unique Apple Proprietary Solutions Provider, Value Added Reseller. In the same respect, I realize now we had become comfortable there, not pursuing our full potential as an HPC Linux engineering firm. Through a number of introspective team meetings, we redefined our core competencies, rediscovered what we enjoy doing, and then determined how best to profit from the marriage of these two. As such, we are moving ahead with focus on Board Support Packages, provision of Integrated Solutions, and application development."
Trolltech Greenphone AvailableTrolltech has announced the pricing and availability of Qtopia Greenphone, the first open Linux mobile device for application developers.
WIN Enterprises Announces WIN CAPTWIN Enterprises has announced WIN CAPT, a Linux and Asterisk-based telephone PBX system. WIN Enterprises "... announces WIN CAP, a Converged Application Platform for IP PBX and other converged applications, Built on standards-based IntelR building blocks, the Converged Application Platform is based on an IntelR reference design that Intel developed with WIN Enterprises."
New Books Prentice Hall publishes AJAX: Creating Web Pages with Asynchronous JavaScript and XMLPrentice Hall has published the book AJAX: Creating Web Pages with Asynchronous JavaScript and XML by Edmond Woychowsky.
Prentice Hall publishes Understanding AJAX: Using JavaScript to Create Rich Internet ApplicationsPrentice Hall has published the book Understanding AJAX: Using JavaScript to Create Rich Internet Applications by Joshua Eichorn.
The Family Guide To Digital FreedomDigifreedom.Net has announced the upcoming publication of the book The Family Guide To Digital Freedom. "In this modern world, our rights and quality of life heavily depend from which software is being used AROUND us: this is true even for people who don't care at all about computers and don't use them yet, including children. The Family Guide to Digital Freedom is a book which explains, in one place and in normal language, what everybody should know about software and other digital technologies, and above all the REAL reasons why they should care."
PHP Cookbook, Second Edition - New from O'ReillyO'Reilly has published the book PHP Cookbook, Second Edition by Adam Trachtenberg and David Sklar.
New book publishes Open Life: The Philosophy of Open SourceNew book has published the book Open Life: The Philosophy of Open Source by Henrik Ingo.
Resources EFF's Six Tips to Protect Your Online Search PrivacyThe Electronic Frontier Foundation has published a list of six tips to protect your online search privacy. "AOL's recent disclosure of its users' search logs exposed the private lives of more than a half-million customers. But all the major search engines -- not just AOL -- record search queries and maintain massive databases that reach into the most intimate details of users' lives. When revealed to others, these details can be embarrassing and even cause great harm."
FSFE NewsletterThe September 8, 2006 edition of the Free Software Foundation Europe newsletter is out. Topics include: Moving forward in the GPLv3 public consultation process, SELF project issues call for material, New office in Sweden, School of Art and Design Zürich donates hosting services to FSFE, Giacomo Poderi ends his internship and Alex Antener joins the core team.
Contests and Awards Funambol Announces Bounties for its Community Code Sniper ProgramFunambol is running reward program for writers of plug-in software. "Funambol, the mobile open source software company, today announced it will pay up to $2,000 to open source community members who develop specific open source connectors and plug-ins that extend the mobile functionality of the communitys most desired applications. The Funambol Community Code Sniper Program will focus development efforts on the most desired projects stated by the mobile open source community, broaden interoperability of the Funambol code base and reward developers who do the work."
Education and Certification TimeSys Expands Embedded Linux Webinar SeriesTimeSys Corporation has announced new Linux Webinar events through September and October, 2006. "This series covers a variety of topics appealing to a wide range of embedded Linux developers, from overcoming common board bring-up issues to an overview of real-time Linux to understanding how services from TimeSys can make them more productive."
Calls for Presentations linux.conf.au 2007 Call For Participation - Five days to go!There are only five days left to submit your proposal for linux.conf.au 2007. "Heed our words, procrastinators -- your time has come! Remember to check the 'travel assistance' box if you can't get to Australia under your own steam... If your submission rocks, we'll sort that out for you. :-)"
MySQL Conference and Expo CFPA call for participation has gone out for the MySQL Conference & Expo. The event will take place in Santa Clara, California on April 23-26, 2007, submissions are due by November 7.
Upcoming Events Technical program for Gelato ICE: Itanium(r) Conference and ExpoThe technical program for the Gelato ICE: Itanium(r) Conference & Expo in Singapore has been announced. "International Itanium architecture experts will deliver 40 presentations, including keynotes by Steve Geary (HP), Cameron McNairy, (Intel), and Jeff Adie (SGI and Itanium(r) Solutions Alliance)."
International PHP ConferenceThe next International PHP Conference will take place in Frankfurt, Germany on November 5-8, 2006. "The Power Workshops and sessions will pass on concentrated knowledge on the current PHP topics such as security, databases, business processes, web service strategies and general topics. This year the conference focuses on PHP security and features an exclusive choice of sessions giving you tips and tricks on how to develop PHP applications more safely. However, we have also integrated new topics in the conference program, i.e. Ajax and Web 2.0 for PHP as usual with first-class technical information given to you by renowned speakers of the PHP-Community."
Linux Users' Group of Davis announces Linux DemoThe Linux Users' Group of Davis will hold a hands-on Linux demonstration on September 16, 2006 in Davis, CA.
Pike Conference 2006, LatviaThe Pike Conference 2006 will take place in Riga, Latvia on October 18-22, 2006. "Users and developers of all levels of experience are invited to beautiful Riga, Latvia to attend the year's biggest Pike event. Presentation and workshop topics will include the Caudium, Open sTeam and Roxen web servers, LPC and many other Pike-related tools. This year's conference will feature a daily Beginner's Tutorial and the unveiling of the new book, "Pike: An Introduction." The book's editors, H. William Welliver III and Martin Bähr, will be on hand to sign copies and answer questions."
Text Layout Workshop at GNOME SummitA free desktop Text Layout and Font Handling workshop has been announced. "I am happy to announce that at October 7 and 8 a free desktop Text Layout and Font Handling workshop / BOF / summit will be held as part of the Boston Gnome Summit."
Events: September 21, 2006 to November 20, 2006The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Web sites Advogato is going offlineAdvogato, a community resource for free software developers, is shutting down. "With considerable sadness, I have decided to take Advogato offline. It has filled its purpose of demonstrating the trust metric ideas, which was the original purpose of the site. It has also served as a congenial virtual home for free software developers. That role, I think, is being subsumed by a new generation of blogging tools and aggregators, particularly the "planets"." (Thanks to Paul Smith.)
Audio and Video programs Open Source On The Air audio programsThe LocalFOSS site is offering a weekly online radio program called Open Source On The Air. "The focus of this programme is the Australian and regional FOSS community, however we do often interview international guests and people who would be considered "names" in the international FOSS community. Our most recent show included an interview with Egil Moller about the political organisation, the Pirate Party. We cover their plans for copyright reform and how they would affect Free and Open Source Software developers."
Page editor: Forrest Cook Letters to the editor The Blackboard Patent: Where's Waldo?
LWN,
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||