LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
Recent Features
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for September 28, 2006Much ado over licensesSelling a new license to the kernel developers was always going to be an uphill battle. They are a large and strong-minded crowd, occasionally suspicious of the Free Software Foundation and its attitude toward Linux, and happy with the licensing that they have now. Given the immense practical difficulties involved in changing licenses, there would have to be a strong incentive to get the developers to even try.The odds of a license change fell even further earlier this year, when Linus Torvalds made his opposition to the anti-DRM provisions of the GPLv3 draft known. For some time, it appeared that Linus was alone in that position, however; few other developers had made public statements on the license. Even Linus wondered about it:
The reason the poll and the whitepaper got started was that I've
obviously not been all that happy with the GPLv3, and while I was
pretty sure I was not alone in that opinion, I also realize that
_everybody_ thinks that they are right, and that they are supported
by all other right-thinking people. That's just how people work. We
all think we're better than average.
So while I personally thought it was pretty clear that the GPLv2 was the better license for the kernel, I didn't want to just depend on my own personal opinion, but I wanted to feel that I had actually made my best to ask people. So he put together a quick discussion list involving the top 30 or so kernel developers (see the message quoted above for the the exact selection criteria) and held an informal poll. The results were as clear as it gets: none of the developers polled was positive about the license, and most were strongly negative. Among this crowd of most active kernel developers, nobody is prepared to say that moving to GPLv3 would be a good thing for the kernel project to do. A subset of these developers put their names onto a separate position statement. Some of the positions taken in that statement are quite strong (see Rusty Russell's take), to the point that not all were willing to support it. It also appears that, while the anti-DRM provisions are almost unanimously opposed, a number of developers are sympathetic to the patent-related terms in GPLv3. The anti-DRM clauses are, indeed, at the heart of the problem. The GPLv3 draft requires that, if somebody ships you a device which runs GPLv3-licensed code, they must also provide you with everything required to rebuild and reinstall that code - including encryption keys if the hardware requires them. Those who support this language see it as a fundamental guarantee of the freedom that comes with free software - the freedom to replace that software if need be. In particular, these people want to be able to replace software which implements unpleasant DRM schemes or other user-hostile behavior. In the discussions that have followed, it is hard to find kernel developers who support locking up content and abridging fair-use rights with DRM schemes - though some do see situations where locking down a system's software makes sense. But they see the language in the GPLv3 draft as restricting the possible uses of their software, and they don't like it. The cure seems worse than the disease. The core question behind this whole debate, perhaps, is this: what, exactly, do we want to accomplish with our licenses? Just as there is disagreement over what kinds of problems can be solved by passing laws, there is no consensus on which problems can be addressed with license terms. One can argue that oppressive DRM is a societal or legal problem, and that it should be addressed at those levels through a reaffirmation of what fair-use rights should really be rather than by adopting a license which tries to keep specific software from being used to implement DRM. A license can be a hefty hammer, but not every problem is a nail. Regardless of the reasoning, the fact is that the GPLv3 draft is currently in a difficult spot. There appears to be no way it will be adopted for the kernel in its current form; there has also been quite a bit of speculation that a number of other important projects will either resist the new license or, possibly, fork into GPLv2 and GPLv3 versions. GPL-licensed libraries are of particular concern. The prospect of having to carry around two versions of the C library - one for each version of the GPL - is not particularly appealing. This is the scenario that some of the kernel developers warn about in their position statement; anybody who dismisses it should have a good reason for believing that it will not come about. There are a lot of good things in the GPLv3 draft. The updating of the language for worldwide applicability is something we will almost certainly want, sooner or later. The software patent provisions have the potential to deter patent attacks against free software users - an important protection in the absence of a real fix for the patent problem. The "this code is not a technical protection measure" clause may offer similar protection from some attacks based on DMCA-like laws. All of this, and more, is worth having - but only if the new license can find acceptance from those who have so wholeheartedly adopted GPLv2. The Free Software Foundation is going to have to make a difficult decision over the next few months: it can keep the controversial terms and risk the consequences, or increase the chances of a successful GPLv3 by dropping terms that, in its opinion, are of fundamental importance. [Other things to see: the FSF's response to the position statement and Linus Torvalds's Ode to GPLv2. There is also the announcement of the first discussion draft of the GNU Free Documentation License, version 2, which almost appears to have gotten lost in the noise.]
The return of IceweaselBack in January, 2005, LWN ran an article about Debian and Mozilla's trademarks. In particular, the Mozilla trademark policy places strict requirements on where names like "Firefox" can be used, some of these requirements do not mix well with the Debian Free Software Guidelines. Recent events now warrant a new look at the issue.Any distribution of Mozilla software which diverges from the official tarballs must use a different name unless specific approval has been obtained from Mozilla. Debian's version does indeed differ in a number of ways. The project could seek approval from Mozilla to call its version of the browser "Firefox," but that approval does not help others who may wish to redistribute the software after receiving it from Debian. Also, the Debian Firefox build omits the official logos, since they carry a non-free license; that is another change which runs afoul of the trademark rules. In the 2005 discussion, the Debian Project had seemingly come to a resolution with the Mozilla Foundation, as represented by Gervase Markham, where Debian would be trusted to make reasonable changes and the omission of the logos was condoned. All seemed well, and Debian has been shipping Firefox under this understanding for over a year. In February of this year, however, Mike Connor from Mozilla Corporation posted a bug report with the Debian project. This bug, marked "serious," stated that shipping a browser called "Firefox" was a trademark violation:
Firefox (the name) is equally protected and controlled by the same
trademark policy and legal requirements as the Firefox logo.
You're free to use any other name for the browser bits, but calling
the browser Firefox requires the same approvals as are required for
using the logo and other artwork.
Under the previous understanding, the Mozilla Foundation had seemingly concluded that it could trust Debian to be judicious in its patches to Firefox. The Mozilla Corporation, instead, is taking a harder line:
To my knowledge, each patchset that deviates from what we ship
should be run by whoever is doing licensing approvals (this is in
progress with various distributions already). Its hard, if not
impossible, to define a set of guidelines that is crystal clear and
doesn't need human oversight. Novell and Red Hat already do this.
The conversation then lapsed until September 18, when Mr. Connor restarted it. His position has not softened:
In that light, you should consider this, as I previously said,
notice that your usage of the trademark is not permitted in this
way, and we are expecting a resolution. If your choice is to cease
usage of the trademark rather than bend the DFSG a little, that is
your decision to make.
Anybody familiar with the Debian Project will know that asking it to "bend the DFSG a little" tends not to go over very well. Mozilla's immediate complaint is about the omission of the official logo, a change which had seemingly been approved back in 2005. But Mr. Connor is also taking issue with a number of the other patches shipped by Debian, and has repeatedly said that every patch that the distribution applies must be approved by the Mozilla Corporation ahead of time. So what happened to the previous understanding? It appears that the shift to the Mozilla Corporation has brought a new approach to trademark policies - and new people into the trademark enforcement role. Meanwhile, the understanding that the Debian Project thought it had was never really codified onto a piece of paper with the requisite signatures - and, as a result, it is easy for the Mozilla Corporation to change. A cardinal rule for dealing with corporations is to always assume that the people you are dealing with will soon be replaced by others with a much more hostile attitude; that would appear to be what has happened here. With regard to the logo:
Fair enough, [Gervase Markham] did make that statement. At the
time, we obviously weren't taking that part seriously. We are now,
and we're saying its not ok.
The Debian developers have no intention of going against Mozilla's wishes. Eric Dorland, one of the Debian Firefox maintainers, did ask for some time, however:
If this isn't possible, could we at least get a stay of execution?
Etch is going into deep freeze in less than a month. Would it be
possible to resolve this after the release?
The response was not particularly sympathetic:
I would think it makes much more sense to resolve this before you
put another long-lived release into the wild, unless your aim is to
delay compliance. Ignoring the logo issue entirely, I have grave
concerns around the nature and quality of some of the changes the
patchset contains, and I would like to see the changes as a set of
specific patches before I could make any recommendation as to
whether we should continue to allow use of the trademark. If we
were forced to revoke your permission to use the trademark, freeze
state would not matter, you would be required to change all
affected packages as soon as possible. Its not a nice thing to do,
but we would do it if necessary, and we have done so before.
Eric also asked for clarification on the patch review policy, wondering if it applied even to security updates. The answer was clear:
Yes, if you are shipping a browser called Firefox, we should be
signing off on every deviation from what we ship. Yes, its time
consuming, and yes, I can find more entertaining ways to spend my
time, but its a necessary evil.
As for your straw man about security bugs, what security bugs would you be fixing with your own patches? If there are security bugs, they should be fixed upstream, not in your own tree. Many people do not consider security to be a "straw man," however. Debian stable currently includes Firefox 1.0.4, which is no longer supported by the Mozilla developers. So Debian must backport its own security fixes, and may not want to wait for the Mozilla bureaucracy to review those fixes before putting them out. The Mozilla response here is that users should simply be force-upgraded to a supported version; that is, indeed, what a number of distributors do, but people are not always happy about it. There are not many other projects which force upgrades in this manner. The end result of all this, as expressed by Steve Langasek:
Given your subsequent comments indicating that the Mozilla
Foundation reserves the right to revoke trademark grants for
released versions of Debian, I don't see that we have any choice
but to discontinue our use of the marks.
Eric Dorland has stated that he will be changing the name of the browser soon. Previously, this scenario has been described as the "Iceweasel" approach - but Eric has not said what name he will be using. He has asked if Debian sarge can continue to ship "firefox," or whether the name will have to be changed in the stable distribution; that question has not yet been answered. Debian is not the only project to express some frustration with Mozilla; consider this message sent to the Fedora advisory board in August on why Firefox security updates tend to be slow in coming:
Also you have to take into account that firefox.org doesn't care
about Linux. They produce "updates" that are first Windows
precompiled binaries. Their Linux stuff is still in CVS, not even
tarball released yet, so we have to try and take a CVS snapshot or
troll through CVS logs to find the right patch. They also don't
seem to care about vendorsec, or if they do its a token notice and
nonsensical embargo dates. The last one I noticed was set to be
released in the middle of a global holiday (Easter).
See also this message from last June on problems the Ubuntu developers have had in keeping Firefox secure in their distribution. The Mozilla project has, mainly via the Firefox browser, changed the way people work with the web. It has brought millions of people into the community of free software users and ended the destructive domination of a single, proprietary browser. Firefox is good stuff, and we are far richer for its existence. One cannot help wondering, however, if the Mozilla Corporation, now one year old, isn't losing touch with the free software community it is ostensibly part of. Releasing software under a free license means losing control over what happens to it, but Mozilla appears to be having a hard time letting go. The result makes life harder for Linux distributors, and for Linux users as well. Nobody really wants to fork Firefox. The Mozilla Corporation, however, would appear to be requiring distributors to do exactly that, whether they want to or not. No distributor has any interest in shipping Iceweasel, but it appears that a number of us will be using it anyway - or, perhaps, looking harder at some of the other free browsers out there.
Highlights from Linux KongressThe 13th annual International Linux System Technology Conference, also known as Linux Kongress, took place September 5 - 8 in Nürnberg, Germany. As a technical Linux event Linux Kongress is smaller in scale than the Ottawa Linux Symposium and linux.conf.au. Still the conference sessions and tutorials included a number of quality talks from familiar members of the Linux and open source communities such as Heinz Mauelshagen, Lars Mueller, Theodore Ts'o, Volker Lendecke, Alan Robertson, and Daniel Phillips. A few of the talks stood out. One such talk was Felix von Leitner's presentation titled "Benchmarking, round 2: I/O Performance", in which he tested file system performance on Linux, Windows, OpenSolaris, NetBSD, FreeBSD, and OpenBSD in order to better understand the scalability of different operating systems and IP stack throughput. Based on von Leitner's benchmarking methodology Linux has the fastest file system - reiser4. The testing theme continued with Poornima Bangalore, whose presentation was on the topic of "Best Practices in Linux Kernel Testing." Her talk detailed many of the key differences between traditional and open source testing. She pointed out that mainline kernel testing is more challenging than testing many other open source projects because of the rapid development and the different sub trees in the kernel: the stable kernels are released every 6 weeks or so, release candidate (-rc) kernels are available every week, and experimental (-mm) kernels are available every few days. Poornima shared best practices regarding kernel configuration, hardware configuration, test automation, test coverage, and first failure data capture. Heinz Mauelshagen gave a talk on device-mapper architecture features and the related target feature set. In the talk "Linux as a Hypervisor," Jeff Dike discussed the evolution of the hypervisor support in the Linux kernel and how capabilities such as ptrace, AIO and O_DIRECT make a difference to virtual machines. He also talked about the implications of FUSE (filesystems in userspace) and the manageability benefits of exporting a UML filesystem to the host. Lars Marowsky-Bree's presentation on Heartbeat 2 and Xen explored Heartbeat's ability to manage Xen guests. He expanded on Heartbeat's architecture and its integration with Xen to enable resource reallocation, globally ordered recovery actions, and data center automation policies using the Cluster Resource Manager (CRM). Mattias Rechenburg's presentation on "Using Enterprise Data Centers with OpenQRM" showcased the state of OpenQRM an open source project to achieve high-availability, scalability, and deployment, service and server virtualization on a variety of operation system. In spite of OpenQRM's pluggable architecture, the audience focused on the fact that it depends on a binary module which requires support from Qlusters. The general sentiment from the audience was they were not interested if they couldn't get support from Red Hat, IBM, Hewlett-Packard etc. In "Real-Time Approaches to Linux," Ted Ts'o shared his perspective on enterprise real-time computing and how it differs from so-called traditional real-time computing. He emphasized the changing requirements in enterprise software and how high throughput is not enough because customers increasingly also require latency guarantees, especially in particular military applications and trading systems. It was interesting to hear about the benefits and tradeoffs of different approaches to enterprise real-time including RTAI and Ingo Molnar's CONFIG_PREEMPT_RT. Ted suggested that guidelines outlined by his colleague Paul McKenney can be used to evaluate the different approaches to enterprise real-time. This includes quality of service, the amount of code inspection required when a new feature is added, the API provided to applications, the relative complexity, fault isolation, and supported hardware and software configurations. Although IBM presently has only one customer that plans to deploy enterprise real-time computing, the ability to support large SMP systems, TCP/IP, commercially available middleware, and databases makes it an area to watch in the future. Ted also elaborated on the features of IBM's real-time JVM/SDK (aka IBM Websphere Real-Time v1.0) such as RTSJ (Real-time specification for Java), the Metronome real-time garbage collector, and AOT (Ahead of Time Compilation). The talk emphasized that there are many new applications for real-time operating systems, and in particular enterprise real-time Linux. Maddog provided the final keynote on having fun with open source in his own inimitable way.
Security Searching for InsecurityGoogle and other search engines provide an invaluable service for people looking for web-based information, but, as several automatic teller machine (ATM) vendors found out recently, search engines can also be useful for people looking for information that might better stay hidden. Google searches have recently turned up operator manuals for several ATM models which include information on how to enter maintenance mode, along with default administrative passwords. This information was promptly put to use in ways not intended by the manufacturers. ATM manufacturers are not the only folks who should be concerned about this, search engines store a wealth of sensitive information and for those with malicious intent, they are a gold mine. Two weeks ago, a news report about someone reprogramming an ATM led a security researcher to see what information was available about the ATM model shown in a CNN report. It turns out that it was not difficult to come up with information that could be used to make the ATM believe that it was handing out $5 bills when it was really providing $20 bills. Neither the researcher (nor, presumably, the unknown ATM reprogrammer) confirmed that it was a web search that led to the information, but a subsequent report makes it clear that the manual was available via a simple Google query. Other ATM vendors' products were then targeted with the same results. The major security issue in these cases appears to be the well known 'default password' vulnerability. The default administrative passwords were listed in the operator's manual, which is not unreasonable, but, like default passwords everywhere, they were not routinely changed as part of the installation. This kind of vulnerability is not at all specific to ATM machines; various kinds of hardware (routers, servers, PBX systems, etc.) have been or are susceptible. Of course, it is not just hardware that suffers from well known or easily discovered default passwords, many software packages have exactly the same problem. Finding vulnerable installations of those packages has been made a great deal easier with search engines, particularly Google with its rich set of searching operators. Many software packages, especially web-based packages, show that they have been installed correctly by displaying a default page. The Apache web server on many Linux distributions installs a page that indicates its presence (and its version, which may come in handy the next time an Apache vulnerability is discovered) and the fact that it has not been completely configured. Searching for these default pages, especially for packages (like portals, blogs, picture galleries, etc.) that have a default administrative password, will generate a list of sites that may not have done anything more than install the package. This is a pretty good place to start trying default passwords. Web searching can also generate lists of sites that are vulnerable to known exploits simply by looking for sites displaying 'VulnerableApp v0.0.1'. In many cases, the applications were installed at one point and then orphaned but not removed and the administrator has completely forgotten about their presence. It can be difficult to keep up with security updates for an application that one has forgotten is even installed. This just scratches the surface of the kinds of information, useful to those with malicious intent, that can be found via search engines. Johnny Long has done various conference presentations and written a book, Google Hacking for Penetration Testers describing these techniques. His homepage has a great deal of information on using Google to find interesting things on the web. Using these techniques against your own site is one of the best ways to determine how vulnerable you are. Finding web applications that were forgotten or were never completely configured is just one step in the right direction. These techniques could also find directories that provide indexes or publicly exposed documents that were believed to be secure. It is almost always an eye opening experience to find out how much information the search engines have about one's site.
New vulnerabilities openssh: remote denial of service
TikiWiki: arbitrary command execution
webmin: cross-site scripting
Updated vulnerabilities apache: cross-site scripting
bind: denial of service
binutils: buffer overflow
bomberclone: information disclosure and denial of service
busybox: insecure password generation
bzip2: race condition and infinite loop
capi4hylafax: missing input sanitizing
cheesetracker: buffer overflow
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dokuwiki: arbitrary command execution
ffmpeg: buffer overflows
flash-plugin: arbitrary code execution
freeradius: several vulnerabilities
freetype: integer overflows
gcc: file overwrite vulnerability
gdb: buffer overflow
gdm: improper file permissions
gedit: format string vulnerability
gnutls: signature forge vulnerability
grip: buffer overflow
gzip: multiple vulnerabilities
gzip: arbitrary command execution
ImageMagick: buffer overflows
kdelibs: kate backup file permission leak
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
krb5: local privilege escalation
libgadu: memory alignment bug
libgd2: denial of service
libmms: buffer overflows
libmusicbrainz: buffer overflows
libpam-ldap: authentication bypass
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libvncserver: authentication bypass
libwmf: integer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lynx: arbitrary command execution
mailman: several vulnerabilities
firefox: multiple vulnerabilities
mutt: IMAP namespace buffer overflow
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nbd: arbitrary code execution
ncompress: buffer underflow
nss: signature forgery vulnerability
openoffice.org: several vulnerabilities
openssl: insufficient signature checking
php: several vulnerabilities
php: arbitrary code execution
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
phpMyAdmin: multiple vulnerabilities
postgresql: SQL injection
quake: buffer overflow
sendmail: denial of service
shadow-utils: mailbox creation vulnerability
squirrelmail: insecure permissions
texinfo: temporary file vulnerability
tin: buffer overflow
unzip: long file name buffer overflow
usermin: programming error
w3c-libwww: possible stack overflow
wireshark: several vulnerabilities
xine-lib: buffer overflow
xine-lib: buffer overflow
xine-ui: format string vulnerabilities
X.org: local privilege escalations
X.Org: buffer overflow
xorg-x11: privilege escalation
xpdf: buffer overflow
xpdf: integer overflows
zope2.7: information disclosure
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current stable kernel remains 2.6.18. The 2.6.19 merge window has opened and, as of this writing, just over 2000 patches have landed in the mainline git repository - see the separate article, below, for a summary.The current -mm tree is 2.6.18-mm1. Recent changes to -mm include an xpad dance pad driver, a new version of the SLIM security module, and a number of fixes. The -mm tree is shrinking quickly as patches move into the mainline. Adrian Bunk has released the first 2.6.16.30 prepatch. Along with the usual fixes, this prepatch adds a few new drivers, which has caused some observers to wonder about criteria for patches in the long-term 2.6.16 tree. It appears that 2.6.16, going into the future, will be a bit more open to new code than the regular -stable tree.
Kernel development news Quotes of the week
I don't guarantee that I
always change my mind, but I _can_ guarantee that if most of the people I
trust tell me I'm a dick-head, I'll at least give it a passing thought.
[ Chorus: "You're a dick-head, Linus" ]
Ultimately, we need to recognize that Linux is a 15-year-old kernel
and that there will be another technical development to supersede
it eventually. I can't say what that will be, but I think the best
chance of mobilizing individual contribution to it would be to use
GPL 3.
-- Bruce Perens
The 2.6.19 process beginsThe 2.6.19 merge window has opened, and the flood of patches into the mainline has begun. As of this writing, it has only begun - the 2000 or so patches which have been merged after 2.6.18 are likely to be outnumbered by those that remain. Here's what has found its way in so far, starting with the user-visible changes:
Changes visible to kernel developers include:
For anybody who is curious about what else is likely to be merged, Andrew Morton's 2.6.19 -mm merge plans document is worth a look. Highlights include another set of memory patches (with ongoing discussion over whether making ZONE_DMA optional makes sense), a rework of the network time protocol code, the vectored AIO patch set (maybe), a long list of NFS improvements, eCryptfs (though there is some opposition here), various device mapper and RAID improvements, and a number of changes to the generic IRQ layer. Additionally, Andrew plans to merge a couple of container-oriented patches: virtualization for the utsname and IPC namespaces. Says Andrew:
This doesn't really make sense on its own, so there's an act of
faith here - it assumes that Linux will eventually have full-on
virtualisation of the various namespaces with sufficient coverage
to actually be useful to userspace.
Normally I'd just buffer all the functionality into -mm until it's ready to go and is actually useful to userspace. But for this work that would mean just too many patches held for too long. So I'll start moving little pieces like this into mainline. One thing which is not likely to go in is reiser4, which is still held up on various needed fixes. So this filesystem looks like it will wait for yet another development cycle.
Driver core API changes for 2.6.19The Linux driver core subsystem continues to evolve at a high rate. The set of patches for 2.6.19 continues this process with a number of improvements - and a number of API changes. This time around, however, the changes appear to be additive, and thus should not break any existing drivers.Linux boot time is an ongoing sore point - there are few users who wish that their systems would take longer to come up. There are many things which happen during the boot process, and many possible ways of speeding things up. Most of the opportunities for improving boot time lie in user space, but, on the kernel side, probing for devices can take a lot of time. Each device must be located, initialized, and hooked into the system; this process can involve waiting for peripheral processors to boot, firmware loads, and, perhaps, even physical processes like spinning up disks. As a result, much of the kernel time spent bringing up devices is idle time, waiting for the device to do its part. One obvious idea for improving this process is to probe devices in parallel. That way, when the kernel is waiting for one device to respond, it can be setting up another; the kernel would also be able to make full use of multiprocessor systems. The 2.6.19 device core will, at last, have the ability to operate in this mode. The changes start by adding a flag (multithread_probe) to the device_driver structure. At probe time, if a driver has set that flag, the actual work of setting up the device will be pushed into a separate kernel thread which can run in parallel with all the others. At the end of the initialization process, the kernel waits for all outstanding probe threads to finish before mounting the root filesystem and starting up user space. On uniprocessor systems, this change leads to a relatively small reduction of bootstrap time. Drivers typically do not yield the processor during the probe process, so there is relatively little opportunity for parallelism, even during times when the kernel has to wait for a bit. On multiprocessor systems, however, the effect can be rather more pronounced - each CPU can be probing devices in parallel with all the others. So this change will be most useful on large systems with lots of attached devices. At least, it will be useful once it's enabled; this feature is currently marked "experimental" and carries a number of warnings. Even when it is turned on, it only applies to PCI devices. Not all drivers are written with parallel probing in mind, so they may not have the right sort of locking in place. There can be problems with power drain - turning on too many devices simultaneously can cause a high demand for power over a short period of time; if this demand exceeds what the power supply can deliver, the resulting conflagration could slow the boot process considerably. The order of device enumeration is likely to become less deterministic. And so on. Still, this feature, over time, should lead to faster system boots, especially on systems (such as embedded applications) where the mix of hardware is well understood and static. On a separate front, the API for handling suspend and resume has been filled out somewhat. The class mechanism now has its own hooks, found in struct class:
int (*suspend)(struct device *dev, pm_message_t state);
int (*resume)(struct device *dev);
The new suspend() method is called relatively early in the suspend process, and is expected to handle any class-specific tasks. These might include quieting the device and stopping higher-level processing. The resume() method is called toward the end of the resume process and should finish the job of getting devices in the class ready to operate again. Most of the suspend/resume processing is still handled through the bus subsystem, however. That portion of the API has been filled out with three new struct bus_type methods:
int (*suspend_prepare)(struct device *dev, pm_message_t state);
int (*suspend_late)(struct device *dev, pm_message_t state);
int (*resume_early)(struct device *dev);
All of these methods just add more places for the bus code to hook into the process and do whatever work needs to be done. So suspend_prepare() is called early on, while the system is still in an operational state. The suspend() method is unchanged from prior kernels: it is called after tasks have been frozen, and is allowed to sleep if need be. The new suspend_late() method, instead, is called very late, with interrupts disabled and only a single processor running. At resume time, resume_early() is called, once again, with interrupts and SMP disabled, and the old resume() method is called later. The PCI subsystem makes this new functionality available via three new methods in the pci_driver structure:
int (*suspend_prepare) (struct pci_dev *dev, pm_message_t state);
int (*suspend_late) (struct pci_dev *dev, pm_message_t state);
int (*resume_early) (struct pci_dev *dev);
There are no drivers actually using these new methods in the mainline, as of this writing. Finally, the class subsystem continues to migrate toward the eventual removal of the class_device structure. To that end, struct class has picked up another pair of methods:
int (*dev_uevent)(struct device *dev, char **envp, int num_envp,
char *buffer, int buffer_size);
void (*dev_release)(struct device *dev);
These methods provide similar functionality as the uevent() and release methods in struct class_device. Also as part of this migration, a couple of new helper functions have been added:
int device_create_bin_file(struct device *dev,
struct bin_attribute *attr);
void device_remove_bin_file(struct device *dev,
struct bin_attribute *attr);
This methods will let drivers create binary attributes in sysfs without having to deal with the sysfs code directly.
Read-copy-update for realtimeThe developers working on realtime response for Linux have stated their intent to merge many of their remaining changes into 2.6.19. One of those changes is a reworking of the read-copy-update mechanism for lower latencies; this work appears likely to go in regardless of the fate of the rest of the realtime code. So it's worth a look.RCU, remember, is a mechanism which allows certain types of data structure to be updated without requiring locking between readers and writers. It works by splitting the update process into two steps: (1) replacing a pointer to old data with a pointer to the updated version, and (2) deferring the removal of the old data structure until it is known that no kernel code holds any references to that structure. The part about knowing that no references are held is handled by (1) requiring all code which references RCU-protected data structures to be atomic, and (2) waiting until all processors have scheduled once. Since a processor which schedules is not running atomic code, it cannot hold any references to RCU-protected data structures from before the call to schedule(). This mechanism works well for most systems, but it presents a problem in realtime environments. The requirement that references to RCU-protected data structures be handled by atomic code means that any such code cannot be preempted. That, in turn, increases latencies, which is just what the realtime code is trying to avoid. So another solution had to be found. A couple of ideas have been pursued, one of which is now advanced to the point that it will likely find its way into 2.6.19. Here we'll take a superficial look at how realtime RCU works; anybody interested in the details is advised to have a look at the realtime RCU paper [PDF] from the 2006 Ottawa Linux Symposium. Fixing the RCU latency problem means ending the requirement that RCU-protected code be non-preemptible. And that, in turn, means that RCU can no longer count on a processor rescheduling meaning that no references to RCU-protected structures exist on that processor. So the accounting must be done in a more explicit manner. The realtime RCU code handles this accounting with two sequence numbers, two per-CPU counters and three linked lists. The sequence numbers track the specific batches of RCU callbacks to process; for added confusion value, both are named "completed," though they live in two different global structures. The value rcu_ctrlblk.completed is the current batch number, which is accumulating new callbacks to process; rcu_data.completed, instead, is the number of the last batch of callbacks to have been processed. Within any given RCU batch, one of the per-CPU counters tracks the number of kernel threads which are currently executing within RCU critical sections. During this batch, any RCU callbacks queued (with call_rcu()) will be appended to the first of the linked lists: rcu_data.nextlist. Whenever code calls rcu_read_lock(), the appropriate counter is incremented; a pointer to that counter is also stored so that, should the thread change processors before calling rcu_read_unlock(), the right counter will be decremented. Another reason for storing a pointer to the counter has to do with the batch "flip" logic. When the RCU code decides that it is time to start a new batch, it increments rcu_ctrlblk.completed; that, in turn, will cause rcu_read_lock() to switch to the second per-CPU counter, which will start out at zero. Any new entries into RCU critical sections will increment the new counter. Meanwhile, any code which was in such a section when the flip happened retains a pointer to the old counter. So, when that code calls rcu_read_unlock(), the older counter will be decremented. When all of the counters from the old batch reach zero, the kernel knows that all references to RCU-protected data from the old batch are gone, and the corresponding RCU callbacks can be called. Also at flip time, the set of RCU callbacks in rcu_data.nextlist is moved over to rcu_data.waitlist, since those callbacks are now waiting for any possible remaining references to go away. When all of the counters for that batch drop to zero, these callbacks are moved to the third list (rcu_data.donelist) so that they can be invoked whenever the kernel decides to get around to it. That work currently happens in a tasklet, but there is another patch queued for 2.6.19 which moves that work over to a separate software interrupt handler. With this code in place, code within an RCU critical section can be preempted and it will still be possible to know when all references to protected data structures are gone. RCU critical sections still cannot sleep, of course, or they could delay the batch flip indefinitely. But they can be pushed out of the way temporarily if a higher-priority process needs to run. The overall overhead of the new mechanism is higher, however, since it must maintain all of those counters. For this reason, it is unlikely to ever be the default RCU on most systems. Instead, the plan is to ship two RCU implementations, "classic" and "preempt," and allow the person configuring the kernel to choose between them.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Debian + Dunc-Tank.org = dissentLast week's announcement of Dunc-Tank.org set off flame wars and controversy on Debian mailing lists including a rash of general resolutions and a post from the Project Secretary on the procedure for proposing and sponsoring General resolutions. It even had Linux-Watching wondering, 'Is Debian is dying?'.The Dunc-Tank.org is described as "fund-raising experiment" with the initial goal of raising funds to pay Debian release managers Steve Langasek and Andreas Barth to work full time on the Debian Etch release, for a period of one month each. This project is independent of the Debian Project, however the Dunc board is made up of prominent Debian Developers including current Debian Project Leader Anthony Towns and his assistant DPL Steve McIntyre. Therein comes the controversy. If the DPL is involved, doesn't that make it a Debian Project? Can the DPL remain objective and unbiased while working on Debian and an organization. Should Debian Developers be paid to do work on Debian? The goal is to release Etch on schedule, which is December 4, 2006. The Debian Project and the Dunc-Tank share that goal. People will argue about how that should be achieved, but there's general agreement on the goal. If independent companies share that goal and want to help out in some fashion their assistance should be appreciated. The DPL should ensure that any help accepted from independent companies does not somehow compromise Debian. If the DPL is also the CEO of the independent company that is offering its assistance, there could be a conflict of interest. In this case Anthony has started an organization that he hopes will be able to help Debian. Dunc-Tank is an experiment which may or may not be effective. If Etch is released on schedule and Dunc-Tank helps with that goal, then every one should be can be happy about achieving that goal. If it fails Dunc-Tank won't have much of a future. Should Debian Developers, who are all volunteers, ever be paid to work on Debian? In fact many Debian Developers have found gainful employment that allows them to work on Debian as part of their job. Companies who use Debian internally or have based their products on Debian, such as HP, Canonical, Progeny, etc., employ Debian Developers and expect them to work on Debian during company time. For the most part DDs who find such employment are encouraged, applauded, and occasionally envied, but are generally not accused of having a conflict of interest. If the release managers don't have to worry about making a living while devoting their time to the Etch release it just might help Etch go out on time. In spite of the resolution calling for the recall of Anthony Towns as DPL, it would seem that Anthony has a fair amount of support from the developers. Anthony has offered to step down if that's what people really want, but having him step down at this point won't help Etch release on time and it may ensure that the release is hopelessly delayed. The recall proposal would require two weeks of discussion followed by another two weeks of voting. If the resolution passed another project leader election would start immediately with nine weeks of nominating, campaigning and voting. Could Etch still be released on time with that going on? Maybe, I think most DDs would rather concentrate on the release. If Dunc-Tank proves an absysmal failure then there will still be time to oust Anthony before his term as DPL is over.
New Releases BLAG50002 ReleasedBLAG50002 (mendoza) has been released. BLAG Linux and GNU is a 100% Free Software distribution, the 50000 series is based on Fedora Core 5. BLAG is a single-cd with everything desktop users "expect" from a desktop, plus a collection of nice server apps. Click below for download information.
Release of Cross-LFS 1.0.0The Cross Linux From Scratch development team has announced the final release of CLFS-1.0.0, code-name "Bender". "This release features Glibc 2.4, GCC 4.1.1, Binutils 2.17, and supports the x86, x86-64, sparc, powerpc, ppc64, mips, mips64, and alpha, including multilib on those arch's that support it. Cross-building is also supported, even from non-Linux host systems such as Solaris, *BSD, and OS X."
FreeBSD 6.2-BETA1 AvailableThe first beta for FreeBSD 6.2 has been announced. "If the release cycle goes as planned it is the first of two BETAs, which will be followed by two Release Candidates (RCs) and then the final release. If events warrant as the release cycle progresses we'll adjust the plans so there might be more test builds than we are currently planning for."
Mandriva Linux 2007 announcedMandriva has announced Mandriva Linux 2007. "This new version of the operating system was designed to be an even better fit for the needs and expectations all users, from the beginner to the SOHO user.The key innovation of Mandriva Linux 2007 is the spectacular AIGLX and Xgl 3D-accelerated desktop. Mandriva is the only distribution to provide both technologies, making it compatible with the widest range of hardware; a special tool features auto-detection of the best 3D solution for your hardware. Mandriva is particularly happy to have achieved this major breakthrough in desktop appearance."
Distribution News Debian announcementsChristian Aichinger introduces a plan to get rid of unnecessary package dependencies. "[U]nnecessary dependencies cause lots of problems, as they make transitions bigger then they need to be. The root cause are unnecessary libraries on the linker commandline, which get stored in the resulting binary and which dpkg-shlibdeps happily turns into inter-package dependencies."The results for the Constitutional General Resolution concerning the handlings of assets has been approved. "At the end of voting, with 344 Ballots resulting in 266 votes from 266 developers, "Constitutional Amendment General Resolution: Handling assets for the project" has carried the day."
Fedora announcementsA new Fedora mailing list has been announced, for the discussion of SE Linux. "The list is for users and developers posting bug reports, avc messages, support questions & answers, patches etc."The release notes for Fedora Core 6 are now frozen. "Content will be unfrozen following the XML conversion and release to the Translation Project. At that time, you may again make changes to the wiki, but these changes will *NOT* be in the ISO or FC6 final release."
NetBSD Bugathon: Not quite deadNetBSD is scheduling a Bugathon for October 7-8, 2006. "Keep in mind it'll be a great time to discuss live about features you want to see, stuff that you'd like changed, problems you're seeing, etc., or even your own set of "pet PRs" you'd *finally* like to see resolved!" (Thanks to Daniel de Kok)
Ubuntu announcementsThe edgy beta freeze is now officially in effect. Certain fixes will still be accepted, particularly those concerning the CD build process or the CD environment.The first implementation of the "Provide debug symbols for all packages" specification has been announced. "A while ago I wrote the package 'pkg-create-dbgsym' which automatically creates -dbgsym .ddebs (debug symbol debs) at package build. This package has been installed in the edgy buildd chroots for quite some time."
New Distributions Linux XP Desktop project debuts English version (DesktopLinux)DesktopLinux introduces the first English edition of Linux XP Desktop. "Linux XP Desktop 2006, a Russian-language Linux distribution that mimics Windows XP, on Sept. 21 introduced its first English-language version. The Russia-based project claims that its distribution provides "extensive" compatibility with Windows XP, including an XP-like theme and icons, plus the ability to run thousands of Windows applications."
WENDYXWENDYX hails from Chile. It's a Knoppix-based distribution for the desktop with Open Office, Kolourpaint, Gimp, Gaim, Kaffeine, Xmms, K3b, Firefox, Thunderbird, and much more. Version 1.0 was released September 22, 2006. (Thanks to Enrique Herrera Noya)
Distribution Newsletters Debian Weekly NewsThe Debian Weekly News for September 26, 2006 covers a bug squashing party in Utrecht, The Netherlands, Filibustering General Resolutions, City of Munich migrates to Debian, Debian experiments with funding, the DWN author experiments with spending less time on Debian, and several other topics.
Ubuntu Weekly News #15The Ubuntu Weekly Newsletter for the week of September 17 - 23, 2006 is out. "This issue is all about Scott James Remnant. If you see a sentence without his name, report it as a typo. You may notice the occasional word about someone or something other than Scott or Upstart, such as the LTSP Hackfest, rest assured that these are probably known typos, but feel free to report them anyway."
DistroWatch Weekly, Issue 170The DistroWatch Weekly for September 25, 2006 is out. "With Mandriva Linux 2007 and Slackware Linux 11.0 expected any time now, and Ubuntu 6.10 beta also scheduled for release later this week, the next few days are likely to provide enough excitement to keep all "distro watchers" busy with brand new products. But will Debian GNU/Linux 4.0 "etch" be on time too? A highly controversial way of making that happen has stirred the Debian developer community to the point that some of them are calling for the removal of the project's elected leader! In other news, we report about a new init system for Fedora Core, a graphical Xgl/Compiz configuration tool for openSUSE, and a new distribution designed for those who just can't leave their previous desktop interface behind. A "First Look" section featuring SabayonLinux 3.0 is then followed by several statistical reports indicating that your interest in DistroWatch and open source operating systems have been increasing at a rather phenomenal rate."
Package updates Fedora updatesUpdates for Fedora Core 5: audit (update and bug fixes), ImageMagick (fix ImageMagick-perl), sane-backends (clean up), tetex (bug fix and clean up), evolution-connector (bug fixes), samba (upgrade to 3.0.23c), guile (bug fixes).
rPath updatesUpdates for rPath Linux 1: conary, conary-build, conary-repository (Conary 1.0.32 maintenance release).
Slackware updatesSlackware remains at Slackware 11.0 rc5 with many bug fixes going on in the current branch. The change log has the details.
Ubuntu updatesUpdates for Ubuntu 6.06 LTS: flashplugin-nonfree_7.0.68~ubuntu2~dapper1.
Newsletters and articles of interest Desktop Linux distributions -- from A to Z (DesktopLinux)DesktopLinux takes a quick look at some easy to use Linux desktop distributions. "There are hundreds of Linux distributions. This handy reference guide includes the ones we think are especially interesting for desktop Linux users -- from Arch Linux to Zenwalk -- and we plan to update the list on an ongoing basis."
Kubuntu 6.06 LTS Installation with Screenshots (Debian Admin)Debian Admin has a how-to article covering the installation of Kubuntu. "Kubuntu is a user friendly operating system based on KDE, the K Desktop Environment. With a predictable 6 month release cycle and part of the Ubuntu project, Kubuntu is the GNU/Linux distribution for everyone."
Distribution reviews Free Agent: The Latest Free Linux (PC World)PC World reviews the Freespire distribution. "But unfortunately, nothing in the Freespire package will entice me to abandon Ubuntu Linux--nor do I find anything in Freespire that will make it rise above Fedora or openSUSE in the scrum of free Linuxes. Nothing about Freespire 1.0 is particularly deficient (and as far as I could tell, nothing major is broken), but it has a lot of growing to do before it truly sets itself apart from its competition."
Page editor: Rebecca Sobol Development XCB: the X Protocol C BindingThe XCB project aims to replace the Xlib interface to the X Window System:
The X protocol C-language Binding (XCB) is a replacement for Xlib featuring a small footprint, latency hiding, direct access to the protocol, improved threading support, and extensibility.
Bart Massey and Jamey Sharp originally described XCB in a 2001 paper entitled: An X Protocol C Binding [PDF]. The XCB project history gives a look at some important project milestones and lists the tasks that have been completed to date. The XCB project aims to improve on a number of Xlib weaknesses. Some of the XCB features include:
We have provided this candidate release to allow for more widespread
review and testing before XCB 1.0. As of version 1.0, libxcb will
provide a stable API and ABI; future changes will consist only of
additions, and applications compiled against XCB 1.0 or newer will work
with all future versions of XCB. Barring discovery of serious issues
with the API, we do not anticipate any API changes between this release
and the 1.0 release.
We would greatly appreciate API review in this final release candidate
period.
Other changes in this release include: a new API naming convention, new include directory conventions, an improved error handling plan, a more resilient connection error handling system, removal of deprecated functions, a split of the GIT repository, and bug fixes. For more information on XCB, see the XCB API definition, the XCB Tutorial, the XCB Developer's Guide and other publications on XCB.
System Applications Database Software Berkeley DB 4.5 availableOracle has announced the availability of Berkeley DB 4.5, now rebranded with the Oracle name. "Oracle Berkeley DB Release 4.5 now supports multi-version concurrency control, non-stop upgrades for replicated environments and a pre-built replication framework to simplify development of highly available applications."
LDAP Software LAT 1.2.0 releasedStable version 1.2.0 of LAT, the LDAP Administration Tool, is out. "The main improvements of this release are: Multiple servers from single window, View and attribute viewer plugins, Added support for binary attributes, Find available servers via Avahi, Support for NetworkManager to better handle changes to network, connectivity, Enhanced schema browser, New help manual and Minor UI enhancements."
Networking Tools rsplib-2.0.0 RSerPool Implementation ReleaseVersion 2.0.0 of rsplib, an open-source prototype implementation of the Reliable Server Pooling (RSerPool) protocol suite, is out.
Printing CUPS 1.2.4 releasedVersion 1.2.4 of CUPS, the Common UNIX Printing System, has been announced. "CUPS 1.2.4 fixes a number of web interface, scheduler, and CUPS API issues."
Web Site Development Zope 3.3.0 releasedVersion 3.3.0 of the Zope web development platform has been announced. "There were no changes since the 3.3.0 release candidate. Zope 3 is the next major Zope release and has been written from scratch based on the latest software design patterns and the experiences of Zope 2. Cleanup of the Zope 3 packages has continued to ensure a flexible and scalable platform. We continued the work on making the transition from Zope 2 to Zope 3 by making Zope 2.10 use even more of the Zope 3 packages. But the transition is far from complete yet."
Desktop Applications Audio Applications eSpeak 1.14 releasedVersion 1.14 of eSpeak, a speech synthesizer, is available. The changes in this release include improvements to numeric output, German and Italian language improvements, new intonation options and more.
XMMS2 DrGonzo ReleasedA new release of XMMS2, the replacement for the XMMS music player, is out. "This release incorporates code from our Google Summer of Code program. The DAAP streaming plugin made by Cole Thompson is already streaming music for us. Other interesting features are that Ma Xuan has added Monkeys Audio support and we have added a framework for handling cover art. For all new features and bugfixes read the full release notes at our wiki: http://wiki.xmms2.xmms.se/index.php/".
Desktop Environments Plans for gnome-vfs replacement (GnomeDesktop)GnomeDesktop follows a thread by Alexander Larsson concerning a gnome-vfs overhaul. "Recently there has been a lot of discussions about the gnome platform and the correct stacking order and quality of the modules. Gnome-vfs is a clear problem in this discussion. Having spent the last 4 years as the gnome-vfs maintainer, and even longer as the primary gnome-vfs user (in Nautilus) I'm well aware of the problems it has. I think that we've reached a point where the problems in the gnome-vfs architecture and its position in the stack are now ranking as one of the most problematic aspects of the gnome platform, especially considering the enhancements and quality improvements seen in other parts of the platform."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit-Digest (KDE.News)KDE.News has announced the September 24, 2006 edition of the KDE Commit-Digest. "In this week's KDE Commit-Digest: The KDE World Conference, Akademy 2006, kicks off in Dublin. A rewritten version of KTurtle, an educational programming tool, is imported into KDE SVN. ThreadWeaver is moved into kdelibs. Hebrew sounds are added to KLettres to add learning support for the language. Improvements in the OpenDocument format and XML Paper Specification format support in okular. Support for GPS metadata synchronisation in kipiplugins, on which Digikam and KPhotoAlbum depend. Support for calculations containing non-integer numbers (ie. numbers with decimal points) in the minicli (Alt-F2). Modifications made to support using Compiz as a window manager. More work in Memory Monitoring and Network Management in Solid."
Desktop Publishing LyX 1.4.3 is relelasedVersion 1.4.3 of LyX, a GUI front-end to the TeX typesetting system, is out. "This is a bug fix release that improves stability and MS Windows support."
Electronics Electric 8.04 releasedVersion 8.04 of the Electric VLSI Design System has been announced. "This release includes many improvements and bug fixes. It requires Java 1.5 to run (earlier versions ran on 1.4)."
Gnucap 0.35 announcedStable version 0.35 of Gnucap, the GNU Circuit Analysis Package, has been announced, it adds a number of new capabilities.
Games WorldForge Meeting SummaryA new meeting summary is out from the WorldForge game developers. "In an effort to keep tri-weekly meetings a meeting was held (on IRC) saturday 2006-09-23, the meeting summary can be found below. The main point on the agenda was how easy it is for newcomers to join. Website, editing/content toolchain and coordination was discussed."In other WorldForge news, the project has added movement to the virtual world. "This would seem like a basic feature that would have been present years ago, but for some reason it never made it into the code. But now its finally there."
Music Applications Rosegarden 1.4.0 releasedVersion 1.4.0 of Rosegarden, an audio and MIDI sequencer and musical notation editor, is out. "This is a particularly exciting release for the Rosegarden project. It includes a number of interesting new features, many of which we expect to build upon further in future releases. It also contains significant code contributions from a greater number of people than any previous Rosegarden release, including D. Michael McIntyre, Pedro Lopez-Cabanillas, Heikki Junes, Stephen Torri, Magnus Johansson, Vince Negri and Martin Shepherd as well as Chris Cannam, Guillaume Laurent, and a number of active translators."
Office Suites OpenOffice.org NewsletterThe September, 2006 edition of the OpenOffice.org Newsletter is online with the latest OO.o news, events and resources.
Languages and Tools Caml Caml Weekly NewsThe September 26, 2006 edition of the Caml Weekly News is out with new Caml language articles.
Lisp Maxima 5.10.0 releasedVersion 5.10.0 of Maxima, a cross-platform computer algebra system written in Common Lisp, is out. "This version features better documentation, an improved Windows installer, improvements to the Xmaxima user interface, faster integer factorization, and several new add-on packages."
Perl Weekly Perl 6 mailing list summaryThe September 17-23, 2006 edition of the Weekly Perl 6 mailing list summary is out with the latest Perl 6 news.
Python Dr. Dobb's Python-URL!The September 27, 2006 edition of Dr. Dobb's Python-URL! is online with a new collection of Python article links.
python-dev summaryThe python-dev summary for August 1-15, 2006 is out with coverage of the python-dev mailing list.
Tcl/Tk Dr. Dobb's Tcl-URL!The September 20, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
Dr. Dobb's Tcl-URL!The September 26, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
Profilers OProfile 0.9.2 releasedVersion 0.9.2 of OProfile has been announced. "This release has support for a number of new processor implementations."
Miscellaneous The Linux binutils 2.17.50.0.4 is releasedVersion 2.17.50.0.4 of the Linux binutils is out. "This is the beta release of binutils 2.17.50.0.4 for Linux, which is based on binutils 2006 0924 in CVS on sources.redhat.com plus various changes. It is purely for Linux. Starting from the 2.17.50.0.4 release, the default output section LMA (load memory address) has changed for allocatable sections from being equal to VMA (virtual memory address), to keeping the difference between LMA and VMA the same as the previous output section in the same region."
Page editor: Forrest Cook Linux in the news Recommended Reading Rediscovering Bluetooth (O'ReillyNet)O'ReillyNet looks at Bluetooth on Linux. "This article shows you how to play with Bluetooth, not buzzwords. If you are not familiar with Bluetooth, I hope to introduce you to such a nifty technology, and guide you through my wonderful world of Bluetooth, with wireless gizmos everywhere!"
Why Torvalds is sitting out the GPLv3 process (Linux.com)Linux.com talks with Linus Torvalds about GPLv3. "Why isn't Linus Torvalds involved with the drafting of the third version of the GNU General Public License (GPL)? Torvalds has frequently criticized the process and the drafts of the GPLv3, and recently voted against the license in an informal poll of kernel developers, so it seems obvious to question why he chose to sit out the process. Torvalds gives his reasons as a dislike of committees, an inability to contribute in his preferred way, and philosophical differences with the Free Software Foundation (FSF), which he suggests is trying to absorb other licenses under the GPL."
Trade Shows and Conferences aKademy 2006 Kicked Off (KDE.News)KDE.News covers the start of the aKademy 2006 conference. "aKademy 2006 has been kicked off at the Trinity College in Dublin. The first two days consist of the contributors conference with a fully packed programme of presentations on aspects such as the community, KDE 4, cross-desktop collaboration and KDE & the Free Desktop in Asian countries."
The future of the Linux Terminal Server Project (Linux.com)Linux.com covers a recent meeting to discuss the Linux Terminal Server Project. "Distributed development makes open source tick, but sometimes you just have to get people together in a room -- which is what the Linux Terminal Server Project did last weekend. Members of the project, and developers for several distributions, gathered in Clarkston, Michigan last weekend to plot the future of LTSP -- and it looks good."
The SCO Problem IBM Asks the Court to Throw Out SCO's Entire Case (Groklaw)Groklaw reports that September 25 was the last day for summary judgment motions in SCO v. IBM, and that both companies filed a few of them. "What does that mean? That if IBM were to prevail on all its motions (of course that is a rare event indeed) then the only thing left to bring to a jury would be IBM's counterclaims. That has to be SCO's worst nightmare. That would mean the only questions for the jury to decide, if they found for IBM on the rest of IBM's counterclaims, would be how bad was SCO and how much do they owe IBM?"
Linux Adoption Linux Spreads its Wings in India (BusinessWeek)BusinessWeek looks at Linux adoption in India. "Although Kerala is the first to introduce such a program statewide, 18 of India's 28 states either are using Linux or have pilot projects for its use in various government departments and schools. The education ministries in most states, and in Delhi the federal ministries of defense, transport, communication, and health, are all using the software on server computers. And eight state governments have put their treasury operations on Linux, while the western state of Maharashtra is using it to revamp health-care systems."
Legal Microsoft sues over source code theft (News.com)According to this News.com article, Microsoft has taken a new approach to dealing with the ongoing cracks of its DRM system: claim that the developer stole Microsoft's code and launch a lawsuit. "'Our own intellectual property was stolen from us and used to create this tool,' said Bonnie MacNaughton, a senior attorney in Microsoft's legal and corporate affairs division. 'They obviously had a leg up on any of the other hackers that might be creating circumvention tools from scratch." How this theft is said to have happened is not made particularly clear.
What Would You Like to Ask Open Invention Network CEO Jerry Rosenthal? (Groklaw)Groklaw is looking for a few good questions. "A lot of legal brainpower has been going into trying to figure out solutions to the patent threat hanging in the air. We all assume that Microsoft will kill Linux if it can ever find a way, and heaven only knows Steve Ballmer has made veiled threats about using patents. Lawyers on the Linux side understand that language and some real creativity has gone into devising some ways to block, such as the OSDL's patent commons and FOSS search engine project to make it easier for the USPTO to find FOSS prior art and NYU's Open Source prior art project. I believe these are helpful projects. One of the most creative ideas, in my view, is the Open Invention Network, which launched in November of 2005. I know some of you have issues with any strategy that involves patents, so I asked OIN'S CEO Jerry Rosenthal if he would answer your questions, and he has agreed. It's an opportunity to get a firm grasp of what the strategy is, how it is working or not, and what the future might be."
Europe's software patent war ignites again (ZDNet)ZDNet covers the latest developments in the European patent debate. "Three political groups in the European Parliament have warned that the possibility of introducing software patents is re-emerging. Last year, the Parliament derailed a proposed directive that, critics argued, would have legitimized software patents in Europe. On Thursday the PES, Greens/EFA and GUE/NGL parliamentary groups said that a measure facing a parliamentary vote on Oct. 11 or 12 could take up where the failed software patent directive left off. Internal market commissioner Charlie McCreevy plans to deliver a speech next week promoting the measure, called the European Patent Litigation Agreement."
Interviews Interview: Elizabeth Krumbach of LinuxChix (KDE.News)KDE.News has an interview with Elizabeth Krumbach. "As women become more involved with open source communities, it's important that their voices be heard. The dot is beginning a new series of interviews with women who contribute to F/OSS. Our first interviewee is Elizabeth Krumbach, who is the coordinator for the Philadelphia area LinuxChix chapter. Read on to find out how she became involved with computers, why she likes to buy equipment online, and her advice for women contemplating involved in open source communities."
Interview with Ryan Loebs (ObsidianMusic) (LinuxInterviews.com)LinuxInterviews.com has an interview with Ryan Loebs, creator of ObsidianMusic. "ObsidianMusic (formerly Amarok Web Frontend) is a script written in PHP that reads entries from a database connected to Amarok and displays the results in a web page for online viewing. The generated webpage allows browsing the albums, artists and song that Amarok has stored in its playlist, displays cover art, allows streaming and downloading if MP3/OGG files."
Free Software's True Believer (Red Herring)Red Herring interviews Richard Stallman. "The biggest problem in the world of free software is the tendency to introduce non-free programs in the GNU operating system, which defeats the purpose. The whole point was so that we can use the computers and have freedom. If you install the non-free program, then you give up the freedom."
Interview: NIIBE Yutaka, Chairman, Free Software Initiative of Japan (Linux.com)Linux.com has an interview with NIIBE Yutaka, chairman of the Free Software Initiative of Japan (FSIJ). "NY: FSIJ is the Free Software Initiative of Japan, a non-profit organization, registered with Tokyo-metropolitan Government. It is run by individual members (about 40 members) along with the help of cooperate members. Although it is a legal entity, there are no employees, and all activities are by volunteers. FSIJ promotes the Free Software movement in Japan and Asia. FSIJ activities include organizing CodeFest, a 24-hour hacker gathering event, playing the role of mentor organization to Google Summer of Code, hosting monthly meetings, etc."
Resources OpenOffice plug-in plan set for debut (ZDNet)ZDNet looks at plug-in extensions for OpenOffice.org. "The current OpenOffice software can accept some extensions, but the upcoming 2.0.4 version will have new extension format, OXT. That format can accommodate extensions written in a variety of programming languages, Charles Schultz, who leads the effort to adapt OpenOffice to numerous local languages, said in his blog. It also will become easier to choose, manage and configure extensions, he added."
Open source search technology goes beyond keywords (NewsForge)NewsForge looks at search technology. "For several years a group of academic researchers has been quietly working on a new kind of search engine -- one that recognizes the semantic meaning of a query instead of only taking input as a keyword to be literally matched. The technology is licensed under the GPL, and a desktop version is imminent."
A survey of open source cluster management systems (Linux.com)Linux.com explores five open-source cluster management systems. "In computing world, the term "cluster" refers to a group of independent computers combined through software and networking, which is often used to run highly compute-intensive jobs. With a cluster, you can build a high-speed supercomputer out of hundreds or even thousands of relatively low-speed systems. Cluster management software offers an easy-to-use interface for managing clusters, and automates the process of queuing jobs, matching the requirements of a job and the resources available to the cluster, and migrating jobs across the cluster. Here's an introduction to five open source CMS applications."
The New Wish Book: IBM's Linux Migration Guide (ComputerWorld)David DeJean looks at IBM's Linux Client Migration Cookbook, Version 2 in a ComputerWorld blog. "I must own half a dozen volumes devoted to leaving Microsoft operating systems behind and converting to Linux. For me it's the same sort of fantasy as people who buy travel guides and dream of moving to Bali. Someday, I keep promising myself, I'm really going to do it. The latest book in my collection is the biggest yet. In fact, if it were printed it would probably outweigh an old Sears wish book. Fortunately, it's a PDF file, but at 339 pages its still a tome. But I mean that in a good way.""
Reviews Website Review: The Family Guide to Digital Freedom (Linux Journal)Bruce Byfield reviews the Family Guide to Digital Freedom website. "The Family Guide to Digital Freedom is a website and an accompanying book created by Marco Fioretti, a part-time journalist who writes about free and open source software (FOSS). The site is interesting for its attempt to do things at once: to provide a guide for non-technically inclined computers users to the advantages of open standards and free software, and a critique of the FOSS communities. Both goals are overdue for widespread attention, although they sometimes sit uncomfortably beside each other on Fioretti's site."
Good bits in GNOME 2.16 (Linux.com)Linux.com reviews GNOME 2.16. "The GNOME Project recently released GNOME 2.16. While the latest release doesn't offer any breakthrough features, it does include a wealth of minor tweaks and improvements. Ironically, the most intriguing improvement is the one you probably won't notice, unless you explicitly enable it. Metacity, GNOME's default window manager, now features several 3-D extensions to its composite engine. These extensions allow you to add some eye candy to your desktop by enabling window effects and different types of transparency. This feature is not enabled by default, though, and you have to compile Metacity with the --enable-compositor option to get it to work. For the time being, the new compositing effects can only be used with a handful of graphics cards."
Review: Mesk Audio Player 0.2.1 (polishlinux.org)polishlinux.org reviews the Mesk Audio Player. "There are numerous audio players designed especially for GNOME. Single GnomeFiles repository lists over 60 of them. However, the problem lays in quality rather than quantity. Recently Ive been looking for an audio player that would resemble the famous Windows player called Foobar 2000. I have found a lot of clones, and just a few original applications. Mesk audio player was among the latter."
First look: Scalix 11 Community Edition messaging server (Linux.com)Linux.com previews the new open source Scalix 11 Community Edition messaging server. "While the release of the new open source Scalix 11 Community Edition messaging server is still a few months away, the binaries have been brought out in a preview package that is, according to the license that comes with it, "pre-release software with known issues and is not suitable for production use." We tried it out, just to see where Scalix is heading. The good news -- it's heading in the right direction for small and medium-sized businesses."
Smalltalk for Everyone Else (O'ReillyNet)Keith Fieldhouse takes a look at Smalltalk and Squeak on O'ReillyNet. "Smalltalk, an influential language with deep roots in software development practice, offers an outstanding opportunity for stretching your mind and exercising your development muscles. The only drawback is that once you try it, you may never go back. This article will help you get started."
Page editor: Forrest Cook Announcements Non-Commercial announcements Another GPL win in GermanyThe gpl-violations.org project has announced that it has won a court case against D-Link in Germany. "On September 6, 2006 the district court issued its judgement, confirming the claims by gpl-violations.org, specifically its rights on the subject-matter source code, the violation of the GNU GPL by D-Link, the validity of the GPL under German law, and D-Link's obligation to reimburse gpl-violations.org for legal expenses, test purchase and cost of re-engineering." (Thanks to Atul Chitnis).
An update from One Laptop Per ChildChristopher Blizzard, who heads up Red Hat's contributions to the One Laptop Per Child project, has posted an update on the status of the project. "One of the areas that's under heavy discussion right now is around the use of crypto on the laptop. This includes the use of signing for messages between the laptops and signing of software itself. We have neither made choices about what libraries we want or what the exact role will be for all these bits, but we are exploring the goals for which crypto plays a role." (Thanks to Rahul Sundaram).
Commercial announcements Eric Raymond Joins FreespireEric Raymond's remarks on support for proprietary codecs has led a number of people to suggest that he should be working with Linspire instead of a fully-free distribution. He appears to have heard: Linspire has announced that Mr. Raymond has joined the "Freespire leadership board." "In recent weeks, Raymond has surprised many by speaking publicly about the 'necessary compromise' that open source advocates must be willing to make, by providing for an easy way for open source software to work with key proprietary technologies for which there are not yet adequate open source alternatives. Freespire is the most prominent desktop Linux distribution to embrace this concept."
InfiniBand Trade Association Ratifies iSER Storage ProtocolThe InfiniBand Trade Association has ratified the iSER (iSCSI RDMA) Storage Protocol for InfiniBand. "The InfiniBand Trade Association today announced that it has released a new annex to the specification providing support for iSER over Infiniband. The iSER annex extends InfiniBand's support for high performance storage. At 10-20 Gbps bitrates, InfiniBand's performance is now more than triple that of FibreChannel, and at only half the cost. Subsequently, InfiniBand has six times the price performance advantage of FibreChannel. iSER is a new IETF standard extension to iSCSI that includes support for RDMA-enabled networks such as InfiniBand; the new annex closes the loop by mapping the iSER extensions onto InfiniBand."
Link Linux Shares to Trade PubliclyLink Linux Inc. has announced: "its intention to initiate public trading in the near future. The Company filed a form 211 application on August 1st, 2006, has responded to NASD comments, and is preparing for public trading upon the expected NASD approval. Link Linux is expected to trade initially on the pink sheets, under the symbol LLNXF.PK."
MontaVista releases Mobilinux 4.1MontaVista Software has announced a new release of Mobilinux. "Mobilinux includes tools to help reduce footprint, saving on RAM and Flash. Mobilinux 4.1 incorporates technologies such as uClibc, squashfs and DirectFB and developer tools focused on memory analysis, which allow for significantly reduced total memory footprint."
Novell gets a delisting noticeNovell has announced that it has received a notice of delisting from the NASDAQ market. The company is behind on its quarterly filings because it is having to go back and figure out how to cope with its "stock-based compensation practices" problems. One of Novell's lenders has also declared Novell to be in default on its loan as a result of this delay.
Novell shipping Xen with SLES 10 ServerNovell has sent out a press release proclaiming that it is now shipping Xen with SLES 10 Server. It is interesting to see the market they are targeting: "Novell will support Red Hat Enterprise Linux 4 running on SUSE Linux Enterprise Server 10 with Intel Virtualization Technology, up through and including Level 3 (or core engineering) support. That means Novell will provide technical support for the Xen hypervisor if a customer uncovers an issue running a virtual instance of Red Hat Linux and that issue is not reproducible in a native, or non-virtualized, environment."
Nuxeo switches to Java EENuxeo has announced a switch to Java EE on its ECM platform. "Nuxeo, the leader of open source ECM, today announced that the next version of its ECM platform, currently known as "Nuxeo CPS", will be based on open source Java technologies and renamed "Nuxeo 5". Nuxeo 5, which will be released on November 15, is a complete ECM plaform enabling the management of the full document lifecycle, either in "web client" mode or in "rich client" mode. The Nuxeo 5 platform is the answer to the business process efficiency and compliance needs that western companies are facing today."
SGI Altix XE Cluster Solution Offers Simplicity, Advanced Software EnvironmentSGI has announced enhancements to its recently debuted SGI Altix XE cluster offering. "With the SGI(R) Altix(R) XE 1200 Cluster Solution, SGI makes it easier than ever to select, deploy and manage Linux clusters."
Virtual Bridges announces WIN4BSD productVirtual Bridges has announced the availability of Win4BSD. "Virtual Bridges, a provider of enterprise and SMB solutions using virtualization for business, announced today the release of Win4BSD Pro Desktop Win4BSD Pro Desktop runs as a FreeBSD/PC-BSD application and allows users to run Windows Applications and Desktops with seamless ease on the BSD platform."
Xi Graphics, Inc. Releases Graphics Drivers for ATI FireMV CardsXi Graphics, Inc. has announced the availability of Linux drivers for several ATI video cards. "Xi Graphics, Inc. announced today that it has added Linux and Solaris X Window System ("X") graphics driver support for ATI's FireMV 2400 and FireMV 2200 graphics cards to its Accelerated-X(TM) Summit Series product line. Both PCI and PCIe versions of the cards, as well as 32-bit and 64-bit x86 computer platforms, are supported."
New Books How to Cheat at Managing Information Security--latest from SyngressSyngress has published the book How to Cheat at Managing Information Security by Mark Osborne.
Programming Python, Third Edition - New from O'ReillyO'Reilly has published the book Programming Python, Third Edition by Mark Lutz.
Building a VoIP Network--latest from SyngressSyngress has published the book Building a VoIP Network by Larry Chaffin.
Addison-Wesley requesting help on new C++ CDAddison-Wesley is requesting help on a new CD. "With the successful publication of "Effective C++, Third Edition Scott Meyers and Addison-Wesley Professional are now planning to revise the CD based on that work. To begin, we wish to survey both users and non-users to understand your needs and desires for any new version."
Resources First draft of the GNU Free Documentation License v2The Free Software Foundation has announced the availability of the first discussion draft for version 2 of the Free Documentation License. There is also a variant called the "Simpler FDL" available for comment; both versions can be found on the FSF site.
British Library releases manifesto on IP and DRMThe British Library has released a manifesto [PDF] on intellectual property and digital rights management. "This paper outlines the issues that the UK faces and the British Library's recommendations in support of a healthy and innovative knowledge economy." (Thanks to Giacomo A. Catenazzi.)
RFID reader design available under Free Software / Open Source licenseThe OpenPCD.org project has announced the availability of a 13.56MHz RFID reader featuring a free hardware design and entirely Free Software for firmware and drivers. "OpenPCD supports many popular 13.56MHz based RFID standards such as ISO 14443 type A and B, ISO 15693 and Philips(R) Mifare(TM), among others. It interfaces with a host PC using USB. As opposed to existing RFID reader vendors in the market, OpenPCD.org gives full access to all its hardware and software design to anyone, for free."
Contests and Awards Akademy Award Winners (KDE.News)KDE.News has announced the winners of the Akademy Awards Ceremony. "Day Two of Akademy 2006 and the speakers conference was brought to a close with the Akademy Awards Ceremony. And the Winners are: Boudewijn Rempt, Alexander Neundorf, and Laurent Montel."
Call for nominations for 2006 Free Software Award for Projects of Social BenefitThe Free Software Foundation has sent out a call for nominations for the 2006 Free Software Award for Projects of Social Benefit. "This award is presented to the project or team responsible for applying free software, or the ideas of the free software movement, in a project that intentionally and significantly benefits society in other aspects of life. We look to recognize projects or teams that encourage collaboration to accomplish social tasks. A long-term commitment to one's project (or the potential for a long-term commitment) is crucial to this end." Nominations are due by October 31.
OO.o Template and Clipart Contest announcedA new OpenOffice.org Template & Clipart Contest has been announced. "The Documentation Project is holding a competition for templates and clipart, and there is *prize money.* The goal is to increase our trove. Frankly, we don't have enough; users are feeling deprived. That means over 50 million people. You can help change that... and also maybe win some money. Worldlabel.com (www.worldlabel.com), which has been long a strong champion of OpenOffice.org, has set aside USD 5,000 for prizes. Winners will also have the option of including their winning entries in the OpenOffice.org installation sets available from the site."
Python Game Programming Challenge winners announcedThe winners of the third PyWeek Python Game Programming Challenge have been announced. Winning games are: Bouncy the Hungry Rabbit and Typus Pocus.
Taleo Wins 2006 Enterprise All-Star AwardTaleo Corporation has announced the winning of the Network World Magazine All-Star Award. "Taleo Corporation (Nasdaq: TLEO), the leading provider of on demand talent management solutions, today announced they were named a recipient of the 2006 Enterprise All-Star award. Presented by Network World magazine, the annual award program recognizes the exceptional use of network technology to further business objectives. Taleo's migration of its core data IT infrastructure from UNIX to Linux and resulting improvements in business performance was recognized by editors at Network World magazine."
Education and Certification SugarCRM Introduces Sugar UniversitySugarCRM Inc. has announced Sugar University. "Sugar University offers online, self-paced training as well as personalized, instructor-led web-based learning sessions. Sugar University is available today and can be found at http://university.sugarcrm.com."
Calls for Presentations FOSS.IN 2006 call for participationA call for participation has gone out for FOSS.IN 2006. The event takes place in Bangalore, India on November 24-26, 2006, submissions are due by October 8.The speaker and talk registration for the event has also been announced.
PyCon 2007 submission now openSubmissions are open for PyCon 2007. "The deadline for submitting a proposal is October 31st. For more information, see the Call For Proposals at http://us.pycon.org/TX2007/CallForProposals. We're also accepting proposals for three-hour tutorials for the day before the conference." PyCon 2007 will be held on February 23-25, 2007 in Addison, Texas.
Upcoming Events Third Desktop Architects Meeting, PortlandThe Third Desktop Architects Meeting will be held at the OSDL facility in Portland, Oregon on December 7-8, 2006.
First International Meeting of the Fellowship of FSFE in Bolzano, ItalyThe first international Meeting of the Fellowship of FSFE will take place in Bolzano, Italy on November 11, 2006. "Following up on an idea proposed by the Fellows themselves, and organised in part by the Fellowship of FSFE, Fellows from all over Europe will be coming together in the afternoon of 11 November 2006 in Bolzano, Italy, to discuss issues of digital freedom in general, and the work of FSFE and the Fellowship in particular."
GNOME plans October Boston summit (DesktopLinux.com)DesktopLinux.com has an announcement for the Boston GNOME Summit. "The GNOME development will host its sixth Boston Summit Oct. 7-9 at the MIT Media Lab. The Boston Summit is a three-day "hackfest" for GNOME developers and contributors, the team said on its website."
linux.conf.au 2007 updateThe Linux.conf.au event will take place in Sydney, Australia on January 15-20, 2007. "linux.conf.au 2007 meets demand by extending the official conference period to a full week, and broadening the scope and number of community organised streams, called "miniconfs". "linux.conf.au is regarded as one of the world's best events for Linux and Open Source developers - this year, we have received more responses to our Call for Participation than ever before", says Jeff Waugh, lead organiser, "Our audience demands quality and diversity, so for 2007, we are extending the main conference period to six days, promoting our much-loved miniconfs and adding fresh ideas such as Open Day.""
Events: October 5, 2006 to December 4, 2006The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Web sites The Family Guide To Digital FreedomA new web site has been launched. "The Family Guide to Digital Freedom will explain, in one place and in normal language, what everybody should know about software and other digital technologies, and above all the real reasons why they should care: in this modern world, our rights and quality of life heavily depend from how software is being used around us."
portal.linuxaudio.org launchedThe new LinuxAudio.org portal has been launched. "In an ongoing effort to consolidate online Linux audio resources, Linuxaudio.org has launched a new portal which encapsulates all sub-domains hosted under the linuxaudio.org umbrella."
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||