LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for November 2, 2006Pre-testing Emacs 22Some projects produce major releases more quickly than others, but, even when placed at the slow end of the scale, GNU Emacs is exceptional. Current Emacs users are running version 21, first released on October 22, 2001. Occasional minor releases have happened since, but, for all practical purposes, Emacs has stood still for the last five years.At least, the officially-released version of Emacs has stood still. Meanwhile, the development community has been busy working toward Emacs 22. Richard Stallman - who still keeps a firm hand on the direction of Emacs development - has never been inclined to give dates for upcoming software releases. So, after five years, we still don't know when Emacs 22 might be released, but we do know that it is getting closer: the first pre-test release of GNU Emacs 22 is, at long last, available. The project has reached the point where the desired features are in place and stabilization is an increasingly high priority. Your editor grabbed the pre-test release, and has been working with it for a couple of days - it is being used to type this article. At first blush, the new version of Emacs does not look all that much different. The windows look the same, most of the keystrokes are the same, and your editor has not yet encountered any elisp code which fails to work properly - even the brutal elisp hacks which connect Emacs to the LWN article database work without changes. The Emacs developers have seemingly done a good job of maintaining compatibility over five years of development. The new GNU Emacs does feel a little faster and more responsive, somehow. There are also various little things one notices over time. For example, a command to open a new file generates a prompt like this:
![[modeline]](/images/ns/grumpy/modeline1.png){kind=small}
The prompt includes the directory where the file is expected to be found. Emacs has always allowed the user to simply type a new path, starting with "/" or "~"; the new version, however, makes the resulting action (ignoring the previous path in the prompt) clear:
![[modeline]](/images/ns/grumpy/modeline2.png){kind=small}
It's little things like this which make an interface more pleasant and easy to use. On the other hand, the new policy of requiring a keystroke to get past the "one component of the GNU/Linux operating system" screen is obnoxious - but this behavior can be disabled. Of course, there's plenty of bigger things in this new release, once one goes looking. Support for internationalization and encodings has been significantly improved. Also improved is window system support: Emacs now understands mouse wheels without special instructions and will do the right thing when files are "dropped" into it. One can turn on "focus follows mouse" behavior even within Emacs frames. The addition of an IRC client would have been useful, but this is Emacs, so they added two different ones. There is a new "calc" mode which is truly scary in the things it can do. "Org mode" is a Tomboy-like notes-taking application, but with an order of magnitude more features. There is a built-in spreadsheet with all the usual features and some unusual ones - like the ability to enter cell formulas in Lisp. Flymake mode performs on-the-fly syntax checking of source code as it is being entered. There is a new, fancier printing mechanism built into the editor. And so on. The current NEWS file gives a lengthy overview of the changes - though somehow it omits the important addition of a Tetris game. When LWN first posted the pre-test announcement, the result was an immediate mini-flamewar on the merits of Emacs relative to vi. One can only expect that, as the Emacs 22 release gets closer and draws more attention, we will see more of this sort of debate. Your editor must confess that he has never quite understood what motivates these battles; one person's choice of editor should not really be a problem for somebody else. More to the point, though, your editor is one of those rare, strange people who actually uses both editors over the course of a normal day. They both have their strengths and weaknesses, and each fits your editor's working style at different times.
The end result of all the above is that your editor tends to use Emacs for most day-to-day work, including the editing of articles and source code. When working as root and editing system configuration files, however, he tends to switch to vi. And, seeing advantages in both tools, your editor sees no real reason for intense discussions about which is better. Such discussions will certainly come about, however, as the Emacs development cycle heads toward its conclusion. The new release seems unlikely to tempt many vi users to make a switch, but Emacs users will have something to celebrate. After all this time, there will be a significant update for this venerable tool (the first thing released by the GNU project). Just don't ask RMS when to expect it.
Oracle's repackaged RHELFor weeks the rumor mill has been full of guesses about what Oracle's big Linux news, if any, might be. None of them, however, were correct. In the end, Oracle has announced a competing support program for Red Hat Linux. It will be most interesting to see how things will evolve from here. At least nobody is complaining anymore that you can't get support for Linux.Oracle's program is easy to understand:
Oracle starts with Red Hat Linux, removes Red Hat trademarks, and
then adds Linux bug fixes... Every time Red Hat distributes a new
version we will resynchronize with their code. All we add are bug
fixes, which are immediately available to Red Hat and the rest of
the community.
Essentially, Oracle is offering a version of Red Hat Enterprise Linux (RHEL) with the serial numbers filed off. To maintain compatibility, Oracle also promises to file the serial numbers off of future RHEL releases and distribute them as well. All for rather less money than Red Hat charges. If that's not enough to entice customers to switch, Oracle also tosses in a bit of old-fashioned SCO FUD as a bonus. One cannot help but wonder just what Oracle is thinking here. Rather than (as some had guessed) offering its own Linux distribution, it is reaffirming the primacy of a competitor's offering. The added value claimed by Oracle - the bug fixes that, says Oracle, Red Hat is failing to provide to its customers - will, by Oracle's own admission, be immediately available for Red Hat to incorporate back into its offerings as well. Meanwhile Oracle is openly hitching a free ride on Red Hat's work with the clear intent of cutting off the revenue stream which supports that work. If Oracle is successful, it will kill the goose laying the golden eggs that it is selling. There are reasons to believe that Oracle might not be as successful as the stock market evidently fears. Oracle claims Linux expertise, and it has hired a few developers and made some real contributions. But Oracle's contributions and expertise are both tiny compared to Red Hat's; customers who are paying attention will understand that. Oracle will always be a little behind Red Hat, following Red Hat's lead. The quality of Oracle's support is not always praised by all of its customers, and the challenge of dealing with Oracle's lawyers is legendary. It is hard to imagine why people who are concerned about the quality of the support they are paying for would not go directly to the source. So what is Oracle up to? One line of reasoning says that Oracle is simply trying to lower Red Hat's stock price to make an eventual acquisition cheaper. Certainly people seem to have no problem believing that Oracle would be willing to use this sort of tactic. If Oracle is truly trying to soften up the competition through a sort of shock and awe campaign, however, it is hard to see that there would be a whole lot worth acquiring by the end. Many of the core developers who make Red Hat what it is might find themselves unwilling to go along with the new Oracle overlords; quite a few of them may try to find another place to be. What Oracle might be trying to do, instead, is to begin building up its Linux expertise and the beginnings of a customer base in preparation for an eventual fork of RHEL into its own distribution. The "bug fixes" could grow over time until a point arrives where moving from Oracle's Linux back to RHEL is no longer an easy thing to do. Perhaps a few proprietary pieces would help to solidify the lock-in. If this plan went well, customers and engineers would drift in Oracle's direction with no acquisition effort required. Rather than jumping into the distribution business from the beginning, Oracle could be dipping some toes into the water to see what happens. The arrival of free-riders in the commercial Linux world was always inevitable, even if few people expected one the size of Oracle. In a way, we are all free riders; even the heaviest contributor to the free software community gets far more back than they could ever put in. Companies like Red Hat and Oracle are not selling the software; they are selling the quality of the service they provide. As long as customers pay attention to what they are really buying and do not allow vendors to try to lock them into a specific distribution, we should all come out ahead. (See also: Red Hat's "Unfakeable Linux" response to Oracle's announcement).
Full disclosure and exploit tools in the wider worldOpinions on how to handle security vulnerabilities vary quite a bit. It is probably safe, to say, however, that a majority of people who have studied security issues are in favor of some form of disclosure. Hiding security problems reduces awareness of the issues and reduces the chance that those problems will be fixed in a timely manner - without actually making anybody more secure. There is a rather smaller group that favors the release of exploit tools, however. Sharing information is one thing, but empowering groups of script kiddies is seen differently; the majority point of view here, arguably, is that the release of exploit tools just increases the damage from security problems without getting things fixed any more quickly.The recent, short-lived creation of a web site which can print fake boarding passes would appear to be a classic example of the difference in how information and tools are seen. In the U.S., and other places as well, the security gauntlet which must be run to get onto an airliner includes an identification check: each passenger must produce some sort of identification which matches the name printed on their boarding pass. The weakness of this check has been well known for years; boarding passes printed by passengers on their own printers are accepted as valid with no verification. So it has always been true that anybody with minimal skills could print up a boarding pass, under any name, which would pass this check. In this case, disclosure of the vulnerability did little to inspire any sort of fix, however. So Christopher Soghoian put together his web site. In response, the FBI raided his house and took his computers, and a U.S. Congressman publicly called for his arrest (though he later reconsidered that position). The web site got pulled down in a hurry. Mr. Soghoian has taken a storm of criticism, and is now facing an uncertain legal situation. Many of the people who have criticized the creation of the boarding pass generator are normally in favor of the disclosure of security problems. The boarding pass site, however, has been deemed to be an exploit tool, and is thus beyond the pale. Mr. Soghoian, they say, should have found a more responsible way of making his point about the security of the boarding pass checks. This despite the fact that people have been "responsibly" making that point for years. Would the site have had the same impact had it, for example, printed "VOID" on its output? The boarding pass generator was not released as free software, so it was easy to pull off the net. But there will be many readers of this site who could reproduce this tool in the time it takes to work one's way through the security lines in some airports. It would not be surprising to see such a tool show up on the net somewhere before too long. It is simply too easy to do. Anybody contemplating such an action may want to take care to post the result anonymously. Mr. Soghoian may well avoid serious legal problems, assuming that, as he claims, he never actually used a fake boarding pass to get through a security line. Had he distributed his code, however, there is little doubt that rather more effort would be put into finding some crime to charge him with. When we talk about software freedom, we often pass over a freedom so fundamental that we accept it implicitly: the freedom to write programs in the first place. But there are clearly limits on what we can really write. Authors of encryption tools, game servers, DVD decoders, electronic book liberators, and, now, boarding pass generators have found themselves in legal hot water. This will not be the last such episode, and the next one may affect the free software community more directly. There are programs that we are not supposed to write.
Security Extended validation certificatesA new 'security' feature being touted by Microsoft and Verisign has raised a number of red flags for the open source community, but it appears that the new "Extended Validation" (EV) SSL certificates are not some kind of attempt to squeeze out the competition. Neither of those two companies are known for their ability to play well with competitors, so any collaboration between the two requires some close scrutiny to try and ensure a level playing field. In this case, the field seems level, but the security provided by the new feature is somewhat dubious. SSL certificates are used by the HTTPS protocol for encrypted traffic between a web browser and the web server; they are issued by various certificate authorities (CAs) such as Verisign. An SSL certificate is generated for the domain at which it resides and then signed by a CA after it does some verification of the entity requesting the signature. Because CAs have traditionally done very little in the way of validation, a signed SSL certificate does not tell you very much about the identity of the domain; it essentially just verifies that the domain owner was willing to spend $50-100 to get the signature. When presented with a certificate, a web browser attempts to verify any signature using a set of public keys for the CAs that the browser developers have decided to trust. Verisign has generated a new set of keys to sign the EV certificates and Microsoft has already incorporated that public key into IE7. In addition, when presented with a properly signed EV certificate, IE will turn the address bar green to indicate some purported higher level of security. For browsers that do not support EV, Verisign will presumably still sign EV certificates with their current key and those browsers will still display the padlock icon. So, what does it take for a site to get this EV certificate? One would guess that more money would be involved and that is certainly the case. One would hope that more investigation of the entity requesting the signature would be part of it as well and that seems to be the case, but the actual requirements are, as yet, unspecified. The Verisign FAQ indicates that the requirements are soon to be released by the CA/Browser Forum. This organization (which appears to have no website) is a group of CAs and browser developers that is said to include both Microsoft and Mozilla (as well as Opera and KDE) and has been working on EV certificates for 18 months or so. The two big concerns about all of this are that either Verisign will monopolize the EV certificate generation or that Microsoft will monopolize the verification of them. Neither appears to be the case as Verisign clearly states that other CAs will be able to generate EV certificates and other browsers will be able to validate them and, presumably, turn their address bars green too. Mozilla has EV on its radar and it is listed as a feature to be added, but Verisign and Microsoft are the first to market. An article in The Register was the first to alert most people to the new feature; it quoted Tim Callan, a marketing director at Verisign, bemoaning the slow pace of adoption by Mozilla. Callan has since clarified his statements and says that he did not indicate any displeasure with the pace of adoption by the Mozilla Foundation. Commercial browser developers can move more quickly on adopting new CA keys because there is a financial motive, whereas open source browsers need to ensure that they have consistent policies about adopting new CAs and keys. It is interesting to note that the perceived inadequacies of current SSL certificates are a problem that the CAs created for themselves. Because they were willing to sign any certificate with extremely minimal verification of anything other than the credit card charge to pay for it, they made SSL certificates and the padlock icon relatively meaningless for anything other than an indication that the traffic is encrypted. Unless the verification of the entity is extremely thorough (which would be very costly), it is unclear that EV certificates will really do anything to change that. Even then, few people actually look at the name attached to an SSL certificate, and many might be surprised at the names that show up if they did. The end result is that anyone wanting to abuse HTTPS will figure out a way to get a signed EV certificate and, one day, the green address bar will be no more trusted for identity verification than the padlock icon is today. Identity verification is a hard problem and EV certificates are just a quick fix, the problem will need to be addressed again; perhaps we will see 'Super Extended Validation' certificates somewhere down the road.
New vulnerabilities ImageMagick: buffer overflows
mutt: race conditions
ruby: denial of service
screen: denial of service
WordPress: multiple vulnerabilities
xsupplicant: stack overflow
Updated vulnerabilities apache: cross-site scripting
asterisk: arbitrary code execution
bind: denial of service
busybox: insecure password generation
bzip2: race condition and infinite loop
cheesetracker: buffer overflow
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
drupal: cross-site scripting, privilege escalation
ffmpeg: buffer overflows
freeradius: several vulnerabilities
freetype: integer overflows
gcc: file overwrite vulnerability
gdb: buffer overflow
gdm: improper file permissions
gedit: format string vulnerability
grip: buffer overflow
gzip: multiple vulnerabilities
gzip: arbitrary command execution
kdelibs: integer overflow
kdelibs: kate backup file permission leak
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
krb5: local privilege escalation
libgadu: memory alignment bug
libgd2: denial of service
libmms: buffer overflows
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libvncserver: authentication bypass
libwmf: integer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lynx: arbitrary command execution
mod_tcl: format string vulnerability
mono: symlink vulnerability
firefox: multiple vulnerabilities
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nbd: arbitrary code execution
ncompress: buffer underflow
openldap: security bypass
openoffice.org: several vulnerabilities
OpenSSH: denial of service
openssh: remote denial of service
openssl: insufficient signature checking
openssl: multiple vulnerabilities
php: several vulnerabilities
php: integer overflow
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
phpMyAdmin: multiple vulnerabilities
pike: SQL injection vulnerability
postgresql: SQL injection
python: arbitrary code execution
qt: pixmap image handling vulnerability
quake: buffer overflow
sendmail: denial of service
shadow-utils: mailbox creation vulnerability
texinfo: temporary file vulnerability
tin: buffer overflow
unzip: long file name buffer overflow
w3c-libwww: possible stack overflow
wireshark: several vulnerabilities
xine-lib: code execution
xine-lib: buffer overflow
xine-ui: format string vulnerabilities
xinit: race condition
X.org: local privilege escalations
X.Org: buffer overflow
xorg-x11: privilege escalation
xpdf: buffer overflow
xpdf: integer overflows
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.19-rc4, released by Linus on October 30. The changelog notes that this kernel is "not scary," but it does contain a problem in the block layer resulting from a missed warning (see below). Quite a few fixes made it into this release, including a fix for the change that broke ndiswrapper. The long-format changelog has all the details.Patches continue to accumulate in the mainline git repository; post -rc4 changes include some networking fixes, some eCryptfs changes, and a few large architecture updates. Adrian Bunk continues to maintain a list of known regressions in the current 2.6 prepatches. The current -mm tree is 2.6.19-rc4-mm1. Recent changes to -mm include the dropping of the ACPI and driver core trees due to various problems and some i386 paravirtualization support patches.n
Kernel development news Quote of the week
How many times have you seen some code coming out of a "GPL code
release" from one of the many (mostly embedded) vendors that was
actually useful to be contributed back to an existing Free Software
project, or even that spawned a new Free Software project? I for my
part am certain to say: Zero. The actual number might be close to
zero, but very small anyways.
-- Harald Welte
Buried in warningsThe 2.6.19-rc4 prepatch release did not go quite as well as the developers might have liked; some confusion over the return type for an internal function led to an undesirable mixing of pointer and integer types in the depths of the block layer. As it turns out, gcc noticed this problem and duly issued warnings about it, but nobody saw them before the mistaken patch was merged and the resulting kernel shipped. This is, in other words, a problem which should have been easily avoidable.Linus responded this way:
And I have SYSFS enabled, so I should have seen this warning.
But I've become innoculated against warnings, just because we have too many of the totally useless noise about deprecation and crud, and ppc has it's own set of bogus compiler-and-linker-generated warnings.. At some point we should get rid of all the "politeness" warnings, just because they can end up hiding the _real_ ones. A few kernel developers were doubtless wondering just why it took so long to reach this point - there have been complaints about excessive warnings for some time now. There is a lot of support for having the computer find problems whenever possible, and that has led to an increasing number of "must check" annotations and other changes which cause warnings to be issued whenever something looks suspicious. On top of that, gcc generates a fair number of warnings in situations where no real problems exist. The end result is that warnings which refer to real problems tend to get lost in the flood. Patches which address many of the spurious "this variable might not be initialized before being used" warnings have been circulating for some time. There is resistance to applying them, however; some developers resent cluttering up the code (and bloating the kernel) with unneeded initializations to deal with what they see as a gcc bug. There is no real sign that this latest episode has changed the thinking on that score; the initialization patches may well continue to languish. A different approach has been taken by Al Viro. He has developed a little tool called "remapper" which tracks how blocks of code move around from one kernel version to the next. Using the generated information, a set of compiler warnings from an old kernel can be remapped to their line numbers in a newer kernel. Then, a tool like diff can be used to compare the output from old and new compiles; the end result is a listing of the warnings which first appear in the new kernel - and only those. With this filtered output, developers can quickly find places where the compiler has pointed out real problems. Remapper can be had via git from:
git://git.kernel.org/pub/scm/linux/kernel/git/viro/remapper.git
Dave Jones also makes daily snapshots available. Use of remapper is relatively straightforward: after building the remap-log tool, one starts with a command like this:
diff-remap-data 2.6.19-rc2 2.6.19-rc3 > 2-to-3.map
The resulting "map" file is full of file names and numbers; they simply map line numbers from the old directory tree to the new one - and mark blocks of code which were removed altogether. There is another tool (git-remap-data) which performs the same task for two commits in a git repository; in this case, file renames can be handled properly as well. The remap-log tool can then be used to move old compile logs into the present:
remap-log 2-to-3.map < 2.6.19-rc2.log > 2.6.19-rc2-remapped.log
If the new log is then compared to the output from a 2.6.19-rc3 build with diff, the only output will be any warnings (or errors) which have appeared or disappeared between the two kernel versions. Those which have only moved due to changes elsewhere in the file will be filtered out. The short documentation file packaged with the code offers some other potential uses, such as carrying forward annotated grep output as an ongoing "to do" list. Some developers swear by this tool. Jeff Garzik, however, is not entirely pleased; in an earlier discussion he said:
I think it's both sad, and telling, that the high level of build
noise has trained kernel hackers to tune out warnings, and/or build
tools of ever-increasing sophistication just to pick out the useful
messages from all the noise.
Jeff has, instead, put together a separate kernel tree with many of the bogus warnings silenced. It is a labor-intensive task - each warning must be investigated and shown to be spurious before being quieted. This work is not intended for merging; instead, it's meant to help create a development platform in which the useful warnings can actually be seen. This set of changes has been part of the -mm tree since 2.6.18-mm3. Yet another approach to the "may be uninitialized" warnings was floated last May; it introduces a special macro which "initializes" a variable without actually doing anything. That silences the warning without adding to the size of the kernel. The macro is only supposed to be used in cases where the code paths have been audited. The objection that was raised at the time was that, while the current use of a variable might be correct, future changes to the code could introduce a path where that variable is, indeed, used without initialization. The warning would still be suppressed, however, and the bug might not be caught until much later. So the patch was never merged. Compiler bugs can, perhaps, eventually be fixed. But the increasing interest in the use of automated tools to find potential bugs all but guarantees that there will continue to be a stream of spurious warnings for developers to deal with. If those automated warnings are to lead to real fixes - before somebody gets burned - ways of keeping the noise level down will have to be found.
Upcoming API change: struct pathThe file structure, representing an open file, is passed into the vast majority of filesystem and driver-oriented operations. It contains a couple of useful fields:
struct dentry *f_dentry; struct vfsmount *f_vfsmnt; Josef Sipek recently noticed that in fs/namei.c there is a similar-looking structure defined:
struct path {
struct vfsmount *mnt;
struct dentry *dentry;
};
He then decided that struct path deserved wider circulation; the result was a series of patches moving struct path into <linux/namei.h> and changing struct file to use struct path in place of the two separate fields listed above. Of course, there is a certain amount of code in the kernel which is used to struct file in its older configuration; in particular, the f_dentry field is widely used. So this move is an internal API change, which takes a bit of work to fix up. So, when the whole patch set went into 2.6.19-rc3-mm1, Andrew Morton annotated them as "102 patches to do something rather pointless." So what is the point? When asked, Josef explained it like this:
It's little cleaner than having two pointers. In general, there is
a number of users of dentry-vfsmount pairs in the kernel, and
struct path nicely wraps it
"A little cleaner" tends to be fairly faint praise for a patch which touches this many files and will affect a lot of out-of-tree code as well. It has made it as far as -mm, however, suggesting that it has a good chance of getting into 2.6.20. Pointless or not, struct path appears to be coming.
Video4Linux2 part 3: Basic ioctl() handling
Traditionally, video drivers have included ioctl() functions of approximately the same length as a Neal Stephenson novel; while the functions often come to more satisfying conclusions than the novels, they do tend to drag a lot in the middle. So the V4L2 API was changed in 2.6.18; the interminable ioctl() function has been replaced with a large set of callbacks which implement the individual ioctl() functions. There are, in fact, 79 of them in 2.6.19-rc3. Fortunately, most drivers need not implement all - or even most - of the possible callbacks. What has really happened is that the long ioctl() function has been moved into drivers/media/video/videodev.c. This code handles the movement of data between user and kernel space and dispatches individual ioctl() calls to the driver. To use it, the driver need only use video_ioctl2() as its ioctl() method in the video_device structure. Actually, most drivers should be able to use it as unlocked_ioctl() instead; the locking within the Video4Linux2 layer can handle it, and drivers should have proper locking in place as well. The first callback your driver is likely to implement is:
int (*vidioc_querycap)(struct file *file, void *priv,
struct v4l2_capability *cap);
This function handles the VIDIOC_QUERYCAP ioctl(), which asks a simple "who are you and what can you do?" question. Implementing it is mandatory for V4L2 drivers. In this function, as with all other V4L2 callbacks, the priv argument is the contents of file->private_data field; the usual practice is to point it at the driver's internal structure representing the device at open() time. The driver should respond by filling in the structure cap and returning the usual "zero or negative error code" value. On successful return, the V4L2 layer will take care of copying the response back into user space. The v4l2_capability structure (defined in <linux/videodev2.h>) looks like this:
struct v4l2_capability
{
__u8 driver[16]; /* i.e. "bttv" */
__u8 card[32]; /* i.e. "Hauppauge WinTV" */
__u8 bus_info[32]; /* "PCI:" + pci_name(pci_dev) */
__u32 version; /* should use KERNEL_VERSION() */
__u32 capabilities; /* Device capabilities */
__u32 reserved[4];
};
The driver field should be filled in with the name of the device driver, while the card field should have a description of the hardware behind this particular device. Not all drivers bother with the bus_info field; those that do usually use something like:
sprintf(cap->bus_info, "PCI:%s", pci_name(&my_dev));
The version field holds a version number for the driver. The capabilities field is a bitmask describing various things that the driver can do:
The final field (reserved) should be left alone. The V4L2 specification requires that reserved be set to zero, but, since video_ioctl2() sets the entire structure to zero, that is nicely taken care of. A fairly typical implementation can be found in the "vivi" driver:
static int vidioc_querycap (struct file *file, void *priv,
struct v4l2_capability *cap)
{
strcpy(cap->driver, "vivi");
strcpy(cap->card, "vivi");
cap->version = VIVI_VERSION;
cap->capabilities = V4L2_CAP_VIDEO_CAPTURE |
V4L2_CAP_STREAMING |
V4L2_CAP_READWRITE;
return 0;
}
Given the presence of this call, one would expect that applications would use it and avoid asking specific devices to perform functions that they are not capable of. In your editor's limited experience, however, applications tend not to pay much attention to the VIDIOC_QUERYCAP call. Another callback, which is optional and not often implemented, is:
int (*vidioc_log_status) (struct file *file, void *priv);
This function, implementing VIDIOC_LOG_STATUS, is intended to be a debugging aid for video application writers. When called, it should print information describing the current status of the driver and its hardware. This information should be sufficiently verbose to help a confused application developer figure out why the video display is coming up blank. Your editor would also recommend, however, that it be moderated with a call to printk_ratelimit() to keep it from being used to slow the system and fill the logfiles with junk. The next installment will start in on the remaining 77 callbacks. In particular, we will begin to look at the long process of negotiating a set of operating modes with the hardware.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Security-related
Virtualization and containers
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials The Edgy Efts swim to a mirror near youThe family of Ubuntu 6.10 ("Edgy Eft") final releases showed up soon after the first release candidate. Separate announcements were made for Ubuntu, Kubuntu, Edubuntu and Xubuntu version 6.10. Ubuntu 6.10 can be installed as a desktop or a server, although we would expect most Ubuntu servers to stick with the 6.06 LTS release which will still be supported after 6.10 reaches it's end-of-life eighteen months from now.In the 6.10 releases Upstart replaces init and under the hood you'll find GCC 4.1, Glibc 2.4, Xorg 7.1 and Linux 2.6.17. The Ubuntu desktop features Tomboy for note taking, F-Spot for photo management, GNOME 2.16, Firefox 2.0, Evolution 2.8.0, plus new translations, a new Edgy theme and much more. There are still a few known issues, so check out the release notes before installing or upgrading. Kubuntu 6.10 comes with K Desktop Environment 3.5.5, Digikam for photo management, a new power management applet which uses HAL, a Hardware Database Client allows you to profile your system and upload the details to the Ubuntu Hardware Database for better bug reporting, new laptop buttons work on most laptops, Zeroconf and print sharing and more. You should look at the known problems in Kubuntu before getting started. The Edubuntu release features the KDEedu suite in version 3.5.5, Gcompris 7.4, Schooltool 0.11, the tux4kids applications and lots more educational software. The Edubuntu classroom server ships with a pre-release of the upcoming LTSP-5 (Linux Terminal Server Project). Here are the Edubuntu release notes. The Xubuntu release features Xfce 4.4 RC1, new artwork for the boot splash, login screen and wallpaper, the gxine media player, a new printer GUI, a calculator application and a dictionary panel plugin, better support for users with motor disabilities, plus newer versions of Firefox, abiword, gnumeric and more. The Xubuntu website has been recently relaunched and has pointers to download information. Take note of current issues with upgrading from Dapper to Edgy. The next Ubuntu release has been codenamed the "Feisty Fawn". Beginning next Sunday you will find the Ubuntu developers meeting in Mountain View California for some Feisty workshops.
New Releases Gentoo/FreeBSD available for Sparc64The first Gentoo/FreeBSD/Sparc64 release is ready for testing. "There are a few rough edges, namely you have to compile all kernel stuff you need into the kernel as loading modules causes a kernel panic. This is probably a gcc related error as upstream uses gcc-3.4.x by default."
OpenBSD 4.0 releasedOpenBSD 4.0 is out, right on schedule. "We remain proud of OpenBSD's record of ten years with only a single remote hole in the default install. As in our previous releases, 4.0 provides significant improvements, including new features, in nearly all areas of the system."
openSUSE 10.2 Beta1 availableThe first beta for openSUSE 10.2 is available for i386 and x86-64. The PowerPC edition is also available. The 10.2 release features Linux Kernel 2.6.18.1, glibc 2.5, Firefox 2.0, GNOME 2.16.1, KDE 3.5.5, X11 R7.2 RC, and much more.
Ramdisk Rescue 0.6.4 releasedRamdisk Rescue 0.6.4 has been released. "Ramdisk Rescue allows Linux to be installed to a flash card (SD, MMC or CF) using a handheld, without requiring a separate computer to format the card. In other words, Ramdisk Rescue is an automated installer for Familiar Linux, which works just like the installer for your desktop distribution. Maintenance and kernel testing are also possible, including the ability to diagnose and filesystem problems, check board/device versions and test audio+LED support."
rPath Linux 1.0.4 available for x86 and x86_64rPath has released an update to rPath Linux 1. "New in rPath Linux 1.0.4 is support for the Xen 3.0.3 hypervisor, including Xen installation media."
New version of xfld - Xfce live demoThe company os-cillation has released version 0.3 of Xfld. This is a live CD with a preview of Xfce 4.4. The CD contains plenty of other desktop applications like OpenOffice.org, Gimp, Firefox and Thunderbird.
Distribution News Fedora Core 6 common issuesThe Fedora developers have put up a page describing common issues which have come up with Fedora Core 6, along with workarounds. It is refreshingly short. Definitely worth a look before installing FC6 or asking questions about problems.
Cooperative Bug Isolation for Fedora Core 6The Cooperative Bug Isolation Project has announced support for Fedora Core 6. "CBI is an ongoing research effort to find and fix bugs in the real world. We distribute specially modified versions of popular open source software packages. These special versions monitor their own behavior while they run, and report back how they work (or how they fail to work) in the hands of real users like you."Here's how CBI differs from other bug tracking efforts: "The software in our downloads area has been augmented with extra instrumentation: special code that runs along side the application to monitor its behavior. The specific behavior we monitor varies depending on how the application was built. In general, we are looking at data values and decisions within the application, and testing them to see if they show unusual patterns. If monitoring picks up something unusual, and the application also crashes, then we may have isolated the cause of a bug."
Announcing the ubuntu-directory teamThe ubuntu-directory team has been formed to bring Active Directory or similar technology to Ubuntu, as both client and server.
Debian: First call for votesIn this post to debian-project Anthony Towns stated his intent to withdraw the "Package Policy Committee" delegation made by Branden Robinson in June last year. This ballot offers Choice 1: The DPL's withdrawal of the delegation remains on hold pending a vote or Choice 2: The DPL's withdrawal of the delegation stands until a vote. This vote ends November 3, 2006.
Debian etch release adjustmentsThe full final freeze of Etch has been delayed a bit although the final release date is still set for December.
Debian BSP Marathon continuesJoin the Debian Bug Squashing Party in Helsinki, Finland on the weekend of November 11 - 12, 2006. Click below to sign up or get more information.
DebConf7 next JuneDebConf7 is set for June 17 - 23, 2007 in Edinburgh, Scotland. DebConf will be preceded by DebCamp, June 10 to 15, a smaller, less formal event giving an opportunity for group work on Debian projects. DebianDay, a short conference aimed and users and other interested parties, will take place June 16.
Distribution Newsletters Fedora Weekly News Issue 64This edition of the Fedora Weekly News covers Fedora Core 6 (Zod) announcement, Fedora Core 6 (Zod) Live-Spins Released, Third Party FC6 Repositories Announcements, Phoronix: Fedora Core 6 Review, Lunarpark6: Fedora Core 6 Review, LinuxForm: Fedora Core 6 Review, J_K9@Linux: Fedora Core 6 Review, O'Reily OnLamp: Fedora Core 6 Review, and more.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for October 23, 2006 looks at Gentoo Linux on Sun T1000/T2000, forums and mailing list summaries, and much more.
Ubuntu Weekly News #19The Ubuntu Weekly Newsletter for October 21, 2006 covers Ubuntu 6.10 release candidate out, Mark Shuttleworth's announcement naming Ubuntu 7.04, A feel-good "Thank You!" for Edubuntu, Edgy Changes, Oracle relationship speculation, Mark's BBC interview, and several other topics.
DistroWatch Weekly, Issue 175The DistroWatch Weekly for October 30, 2006 is out. "The long awaited Fedora Core 6 and Ubuntu 6.10 are finally here! Amid all the usual excitement accompanying any major new release, reports from around the web suggest that Ubuntu's latest version might suffer from upgrade issues as many users find themselves unable to boot into "Edgy" despite following the standard upgrade procedure. After months of media speculation, Oracle's entry into the Linux distribution market was finally announced late last week - with a re-branded Red Hat Enterprise Linux and heavily discounted support costs. Also in this issue: update on Yellow Dog Linux 5.0, a link to an excellent audio interview with Slackware's Patrick Volkerding, and a contributed review of Elive 0.5. Finally, don't miss ArtistX, a new live DVD for audio, video and 2D/3D graphics artists."
Package updates Fedora updatesUpdates for Fedora Core 6: bluez-gnome (update to bluez-gnome 0.6), pygobject2 (update to 2.12.2), eclipse-changelog (enhanced functionality), fonts-japanese (bug fix), wpa_supplicant (update to 0.4.9), libxml2 (upstream release 2.6.27), hardlink (update docs), systemtap (current upstream version), eject (apply upstream patch), tsclient (bug fix), kdeaccessibility (KDE 3.5.5 release), kdeedu (KDE 3.5.5 release), libvte-java (new build of Frysk), libgconf-java (new build of Frysk).Updates for Fedora Core 5: bash (patchlevel 17), initscripts (bug fixes), libsepol (bump for FC5), audit (bug fixes), fonts-japanese (bug fix), wpa_supplicant (update to 0.4.9), hardlink (update docs), systemtap (current upstream version), arts (KDE 3.5.5 release), kdelibs (KDE 3.5.5 release), kdeaccessibility (KDE 3.5.5 release), kdeaddons (KDE 3.5.5 release), kdeadmin (KDE 3.5.5 release), kdeartwork (KDE 3.5.5 release), kdebase (KDE 3.5.5 release), kdebindings (KDE 3.5.5 release), kdeedu (KDE 3.5.5 release), kdegames (KDE 3.5.5 release), kdegraphics (KDE 3.5.5 release), kdemultimeda (KDE 3.5.5 release), kdenetwork (KDE 3.5.5 release), kdepim (KDE 3.5.5 release), kdesdk (KDE 3.5.5 release), kdeutils (KDE 3.5.5 release), kdevelop (KDE 3.5.5 release), kdewebdev (KDE 3.5.5 release), libvirt (bug fix), libvte-java (bug fixes), libgtk-java (bug fixes), libgconf-java (bug fixes).
rPath updatesUpdates for rPath Linux 1: conary, conary-build, conary-repository (Conary 1.0.37 maintenance release), info-rmake, info-rmake-chroot, rmake (add the rMake build tool).
Trustix updatesUpdates for Trustix Secure Linux 2.2 & 3.0: libgpg-error, libksba, net-snmp, nss_ldap (various bug fixes).
Newsletters and articles of interest How To Install VMware Server On Debian Sarge (HowtoForge)HowtoForge covers the installation of VMware on a Debian Sarge system. "VMware has just released version 1.0 of its free VMware Server. With VMware Server you can create and run guest operating systems ("virtual machines") such as Linux, Windows, FreeBSD, etc. under a host operating system. This has the benefit that you can run multiple operating systems on the same hardware which saves a lot of money, and you can move virtual machines from one VMware Server to the next one (or to a system that has the VMware Player which is also free). In this article we use Debian Sarge (3.1) as the host operating system."
OpenBSD 4.0: Pufferix's Adventures (O'ReillyNet)O'ReillyNet interviews several BSD developers about the OpenBSD 4.0 release. "On October 18th, OpenBSD celebrated its 11th birthday and ten years of punctual biannual releases. Now it's time for OpenBSD version 4.0, which includes tons of new drivers for wireless, network, and storage chips. Discover what's new and what battles developers must face daily to access documentation and support new hardware."
MythTV Ubuntu Installation GuideThe MythTV Ubuntu Installation Guide is a howto article covering the setup of MythTV on Ubuntu's Edgy Eft release. "With the release of Ubuntu 6.10 (Edgy Eft), installing MythTV is now easier than ever. Ubuntu is a great basis for a general purpose MythTV box and now comes with the latest version of MythTV (0.20) in its standard packages."
The Perfect Setup - Ubuntu 6.10 Server (Edgy Eft) (HowtoForge)HowtoForge provides a detailed description for setting up a server on Ubuntu 6.10. "This is a detailed description about how to set up a Ubuntu 6.10 (Edgy Eft) based server that offers all services needed by ISPs and hosters: Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and TLS, DNS server, FTP server, MySQL server, POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the 32-bit version of Ubuntu Edgy Eft, but should apply to the 64-bit version with very little modifications as well."
Distribution reviews Fedora Core 6 Innovates Unabated (eWeek)eWeek reviews Fedora Core 6. "During tests, Fedora Core 6 impressed eWEEK Labs with the progress it has made toward making Security-Enhanced Linuxand the dramatically improved security protections that SELinux helps affordmore palatable. We also liked the look of Fedora Core's new graphical and command-line tools for managing Xen virtual machines, although, as with every Xen product we've yet tested, plenty of rough spots remain."
Mandriva 2007: Back in the race (Linux.com)Linux.com reviews Mandriva 2007. "Beginning with an easy-to-use installer and booting into a well-thought-out desktop, Mandriva 2007 provides an environment that is aesthetically consistent and makes new users feel at home. Where Mandriva 2006 failed to provide an appropriate level of support for more advanced users, Mandriva 2007 includes prominently displayed tools for configuration from the desktop. Although these tools are marred by sluggish package management and an unhelpful security rating system, as well as instability on some machines, overall Mandriva 2007 re-establishes the distribution as one of the most advanced desktop experiences in GNU/Linux."
Page editor: Rebecca Sobol Development Unmaintained free softwareOne of the great advantages of free software is that, should a program's maintainer get bored and cease working on it, somebody else can always step in and keep things going. But what if nobody else steps in? Sometimes unmaintained software will languish because nobody has any interest in it anymore; in such cases, it should be allowed to fade away. But, at other times, the problem is just a lack of information. The people who might be interested in taking over a project simply do not know that the need exists.One effort which is trying to help in this regard is the unmaintained free software wiki. This site lists free software which is currently in need of a maintainer, helpfully categorized and with a search engine to help those searching for a project to help out. As of this writing, there are 73 projects listed, the most recently added being Fontutils, a2ps, and rpm. Unfortunately, this project itself looks like it could benefit from a bit of maintenance. Only seven projects have been added since the beginning of the year, and only two (Gnome Commander and khtml2png) are listed as having been adopted. Perhaps the problem is simply one of awareness; If relatively few people even know that this site exists, few are unlikely to make use of it. If that is the case, then, hopefully, this article will help a bit. Certainly it seems like there should be a place for a facility like this. Projects do go unmaintained over time, and there is not always somebody standing by ready to take over. There are also developers who are in search of ways to contribute to the community, but who are unclear on where their efforts might best be put. Connecting the two can only be a good thing to do. The infrastructure is there to do a good job of joining projects in need with developers; we just need people to make more use of it.
System Applications Database Software MySQL Community Server 5.0.27 and MySQL Enterprise Server 5.0.28Version 5.0.27 of the MySQL Community Server dbms and version 5.0.28 of MySQL Enterprise Server (commercial) have been announced. "MySQL 5.0.27 is an important bugfix release for the 5.0.26 release, which introduced an ABI incompatibility with earlier releases in the MySQL 5.0 production family".
Time to Test PostgreSQL 8.2 Beta 2Version 8.2 of the PostgreSQL dbms is available for testing. "Thanks to all the testing, feedback and bug reports you've put into the first beta of version 8.2, we now have a second beta out. Please download and re-test to make sure that the issues you raised are fixed."
PostgreSQL Weekly NewsThe October 29, 2006 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL dbms information and resources.
Embedded Systems BusyBox 1.2.2 releasedStable version 1.2.2 of BusyBox, a collection of command line utilities for embedded systems, is out with a long list of bug fixes: "This release has dozens of fixes backported from the ongoing development branch. There are a couple of bugfixes to sed, two fixes to documentation generation (BusyBox.html shouldn't have USE() macros in it anymore), fix umount to report the right errno on failure and to umount block devices by name with newer kernels, fix mount to handle symlinks properly, make mdev delete device nodes when called for hotplug remove,...".
Libraries libassuan 1.0.0 releasedVersion 1.0.0 of libassuan is available. "To prepare the GnuPG 2.0 release, Libassuan 1.0.0 has been released today. Libassuan is the IPC library used by GnuPG 1.9 and a couple of other packages. It used to be included with the these packages but we decided to make your life not too easy and separated it out to a stand alone library."
Networking Tools OpenBGPD 4.0 releasedVersion 4.0 of OpenBGPD is out with lots of new features and bug fixes. "OpenBGPD is a fairly complete implementation of the Border Gateway Protocol, Version 4, as described in RFC 1771. BGP is a protocol used by routers to exchange routing information, and is one of the core protocols of the Internet."
Security Sussen 0.32 releasedVersion 0.32 of Sussen, a vulnerabilities and configuration checker, is available with new capabilities and bug fixes.
Desktop Applications Audio Applications Ardour 2.0 beta 6.2 releasedVersion 2.0 beta 6.2 of Ardour, a multi-track digital audio workstation application, is out with this note: "A frustrating error required the release of beta6.2 in order to fix a crashing bug inadvertently introduced in beta6.1."
Audacity 1.3.2 and 1.2.5 ReleasedTwo new versions of the Audacity audio editor have been released. "The Audacity developers have been busy with many new features over the past year. We're pleased to announce Audacity 1.3.2 (beta), which contains dozens of new features and capabilities. Because it is a work in progress and does not yet come with complete documentation or translations into foreign languages, it is recommended for more advanced users. For all users, Audacity 1.2.5 is a minor bug-fix update that addresses some problems with Audacity 1.2.4, but does not add any significant new features. It is complete and fully documented."
Vmwaredspjack 1.3, Snd-ls 0.9.7.6 and Jack_capture V0.3.8A triple release of the audio applications Vmwaredspjack 1.3, Snd-ls 0.9.7.6 and Jack_capture 0.3.8 has been announced. Vmwaredspjack makes vmware work with esd or arts, Snd-ls is a distribution of the SND sound editor and jack_capture allows JACK audio streams to be sent to a file.
Desktop Environments GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit-Digest (KDE.News)The October 29, 2006 edition of the KDE Commit-Digest has been announced. The content summary says: "In this week's KDE Commit-Digest: Work on Decibel and the KDE-based NEPOMUK components accelerates. The Unity web rendering engine experiment is removed from KDE SVN, due to a change in the circumstances that prompted its creation. KTabEdit, a guitar tablature editor is imported into the KDE SVN playground. A branch of kde-pim for improvements in future 3.5 releases shows promise with the introduction of several new features. QMA, an experimental email client, continues to mature and is renamed Mailody. Usability and file format support refinements in Amarok. Speed optimisations in KViewShell and KFTPGrabber. More improvements in the state of games in KDE 4."
Games Pengupop 2.1.9 releasedStable version 2.1.9 of Pengupop has been announced. "Pengupop is an online multiplayer clone of Frozen-Bubble/Bust a Move. The purpose of the game is to shoot colored balls so they form groups and thus fall down. Any balls that fall down will reappear on your opponent's playfield as a side-effect."
PyChess 0.4 released (GnomeDesktop)The second stable edition (version 0.4) of PyChess has been announced, it adds a new game storage format, hints and tips, game evaluation, support for CECP engines and more.
WorldForge meeting notesThe meeting notes from the October 28, 2006 WorldForge game project are online with the latest WorldForge game progress.
GUI Packages wxPython 2.7.1.3 announcedVersion 2.7.1.3 of wxPython, a GUI toolkit for the Python programming language, has been announced. "This release is a yet another quick-turnaround bugfix release designed to solve some problems, plust some minor enhancements. This will likely be the last 2.7.1.x release."
Imaging Applications Free Image Manipulator 0.2.2 releasedVersion 0.2.2 of Free Image Manipulator has been announced, it adds new drag and drop capabilities as well as some bug fixes. "With FIM you can easily manipulate whole set of images at once. You are able to resize all images from the set to the same size and convert between the most popular file types like png, jpeg, gif. You can also add text with background to them with given opacity level and color or even paste your logo. "
Krita Team Seeking Artwork for User Gallery (KDE.News)KDE.News has announced an effort to collect artwork for Krita, a painting and image editing application for KOffice. "With Krita's recent 1.6 release enhancing its usability for professional artwork, the Krita team is looking into creating a gallery where Krita users can contribute their art made with it. Any decent gallery needs to be seeded with some initial artwork. So we are asking any Krita user who might want to show his painting skills, to consider making us a pretty painting."
Instant Messaging Concluding the KDE PIM Bug Triage (KDE.News)KDE.News covers the recent KDE PIM Bug Triage. "Last weekend, a second bout of KDE bug triage took place in the #kde-bugs IRC channel on Freenode. This round was dedicated to the KDE PIM module, with key applications Kontact, KMail and KOrganizer. All these applications have seen a drop in bug count, thanks to many people who joined the bug squad. During the weekend more than 180 bugs were confirmed, closed, some even fixed right away. That's a huge amount of bugs less to worry about for the KDE PIM developers. But there's still plenty to be done! Read on to learn how."
Interoperability Wine 0.9.24 releasedVersion 0.9.24 of Wine has been announced. Changes include: support for multiple monitors using Xinerama, various MSI fixes and improvements, a ton of memory leaks fixed, many common controls fixes, and lots of bug fixes.
Office Suites OpenOffice.org NewsletterThe October, 2006 edition of the OpenOffice.org Newsletter is out with the latest OO.o office suite articles and events.
Science GRASS 6.2.0 releasedVersion 6.2.0 of the GRASS geographical information system has been released. "This new release improves the integration and functionality of the raster and vector engines, and greatly enhances 3D raster volume (voxel) support. Additionally, this release debuts a new graphical GIS manager and menu system, while an improved version of the old GUI display manager has been retained for legacy support. The NVIZ visualization tool has been enhanced to display 3D vector data and voxel volumes, and now supports the creation of on-the-fly MPEG animations."
Languages and Tools C The GlobalGCC project launchesAn announcement has gone out proclaiming the launch of the "Global gcc" project. This is a European-funded effort to improve gcc through the addition of whole-program compilation and static analysis capabilities. "As a result of that, it is expected that GGCC be more resource consuming (e.g., it could run 10 times slower than the GCC4 compiler). In return for that speed loss, more program bugs are expected to be pinpointed, and programmers will be able to state properties to be met in their code."
Haskell Haskell Weekly NewsThe October 31, 2006 edition of the Haskell Weekly News is online. This week we see a number of community documentation and maintenance efforts, and the appearance of indexed data types in GHC.
HTML Vilistextum 2.6.9 releasedStable version 2.6.9 of Vilistextum is available. "Vilistextum is a small, fast HTML to text converter. It is quite fault-tolerant and deals well with badly-formed or otherwise quirky HTML. It has full support for different character sets (e.g. Unicode). It can optimize for ebook reading, collapse multiple blank lines, and create footnotes out of links. A GUI frontend using 'kaptain' is included."
Perl Weekly Perl 6 mailing list summary (O'Reilly)The October 22-28, 2006 edition of the Weekly Perl 6 mailing list summary has been published. Take a look for the latest Perl 6 discussions.
PHP JanRain PHP OpenID 1.2.0 releasedVersion 1.2.0 of the JanRain PHP OpenID library is available. "This release comes with lots of fixes, most of which are related to Windows testing and compatibility. This release includes a critical bug fix, so please upgrade."
Python Python 2.3.6 releasedPython version 2.3.6 has been released. "Python 2.3.6 is a security bug-fix release. While Python 2.5 is the latest version of Python, we're making this release for people who are still running Python 2.3. Unlike the recently released 2.4.4, this release only contains a small handful of security-related bugfixes."
Tcl/Tk Dr. Dobb's Tcl-URL!The October 25, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
Dr. Dobb's Tcl-URL!The October 31, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
IDEs SPE 0.8.3.c Python IDE editor announcedVersion 0.8.3.c of SPE, a Python IDE, has been announced. "This is a maintenance release (mostly bug fixing) to prove that SPE is alive and well! In case you are using wxPython2.7 you'll need to upgrade to this release. Submitted patches will be reviewed and included if approved for next release."
Test Suites STAF V3.2.0 is now available (SourceForge)Version 3.2.0 of STAF, the Software Testing Automation Framework, has been announced. There are some Windows platform improvements and: "There are also many bug fixes in this version. In particular, note that the libstdc++ and libgcc libraries are no longer packaged in the Linux and Solaris STAF installers."
Page editor: Forrest Cook Linux in the news Recommended Reading Where ODF stands in the EU (NewsForge)Tom Chance looks at the state of EU Open Document Format adoption in a NewsForge article. "A key presentation on the ODF day came from Dr. Barbara Held, who is the Enterprise and Industry Directorate-General of the European Commission Program for Interoperable Delivery of pan-European eGovernment Services to Public Administrations, Businesses and Citizens (IDABC). Got that? Right. The IDABC basically exists to smooth over the technical problems within the European Union caused by the 25 member states exchanging data. The existence of multiple, incompatible file formats poses a formidable problem for the EU, so the IDABC was tasked with developing a strategy to overcome this."
Interview with Bernard Leach (iPodLinux) (LinuxInterviews.com)LinuxInterviews.com talks with Bernard Leach about the iPodLinux project. "Nowadays, having an iPod is like having a car. Everybody has one. You can see them on the street: those cute little white headphones, mouth muttering the words of a song, head moving on the rythm of the tune. But who sais iPods are stuck with proprietary firmware? The iPodLinux Project is offering an alternative: run Linux on your iPod. Run games, movies on a Nano or turn older generation iPods into... something more. Let's take a look at what iPodLinux can do and what the main developer (Bernard Leach) has to say in this interview."
Companies Oracle's Red Hat rip-off (Linux-Watch)Linux-Watch considers the effects of Oracle's Unbreakable Linux distribution on Red Hat. "Oracle, however, can afford to undercut Red Hat's support prices, which puts the Linux giant in a very precarious position. The lion's share of Red Hat's business is far from just the enterprise database customers that make Oracle its billions, but the enterprise has increasingly been an important part of Red Hat's income. In short, this move hurts Red Hat a lot. In fact, I think Red Hat would have been better off if Oracle had started its own Linux, or bought Ubuntu or some other company. In either case, Oracle would have had to fight to win Linux market share even from its own customers. With this move, Oracle simply rips off Red Hat's mind-share, while promising a cheaper price."
With friends like these.... (InfoWorld)Here's an InfoWorld weblog entry reacting to Oracle's announcements. "Oracle, longtime partner to Red Hat, is rolling out the next phase of its Unbreakable Linux program, designed to kill Red Hat and Novell. With partners like Oracle, who needs competitors?" Included are a few of Larry Ellison's slides; it is interesting to see that he is using the SCO lawsuit as a reason to worry about the lack of indemnification from Linux vendors.
Mark Shuttleworth on OracleThe 451 CAOS Theory weblog talked with Mark Shuttleworth about Oracle's Red Hat support announcement. "Fundamentally, though, this is still free software in a proprietary wrapper. The pricing may be different, but its still old-school thinking. I dont think anybody who will consider jumping to Ubuntu from Red Hat will pause very long on the Oracle option."
Linux at Work Tapping Linux as an application framework for consumer electronics (EDN)Benoit Schillings writes about the advantages of using Linux for a consumer electronics platform in an EDN article. "Independent research company Venture Development Corp has forecast that the market for embedded-software services for Linux-based devices will continue on an upward trend through 2007. In a recent report, VDC notes several factors, including demand from developers for access to and control of source code, which the open-source software model permits, helping to drive demand for Linux in the embedded-system market. VDC also notes developers' demand for royalty-free runtime software."
Interviews People Behind KDE: Hamish Rodda (KDE.News)KDE.News has announced the latest interview in its People Behind KDE series. "Tonight in the People Behind KDE series of interviews we feature an Australian core hacker. He is very motivated in programming but his social life is as important. He focuses mainly on programming tools but works for core parts like kdeui too. We are talking about KDE star Hamish Rodda."
Linux start-up takes path to profits (ZDNet)ZDNet interviews Mark Shuttleworth. "Ubuntu has been a phenomenon in the desktop Linux niche. But Canonical Chief Executive Mark Shuttleworth, who founded the project, has his eyes on the more lucrative server market. Despite abundant rivals, Ubuntu has risen to prominence within the Linux niche, but that's just a means to an end. Canonical plans to become profitable by 2008 by extracting revenue from the same server market that Linux leaders Red Hat and Novell specialize in."
Resources CLI Magic: Command-line contact management (Linux.com)Linux.com looks at setting up a simple address book. "There's an ancient Unix practice of keeping a system-wide phone directory in /usr/share/ with one-line entries containing name, location, and number, and a shell script named something like phone or tel that calls grep to output lines that match whatever arguments you give. You can improve on that method to create a personal contact manager with surprising speed and power."
How to install Linux on an eMac (Linux.com)Linux.com looks at installing Linux on an eMac. "The eMac is a fine machine, but it has always been a little slow, due primarily to the fact that it has only 128MB of RAM. That shortage of RAM kept me from upgrading to a later version of OS X several months ago: the latest version would install only on machines with 256MB. I didn't want to give Jack a machine that he would immediately need to spend several hundred dollars on in order to bring its operating system up to snuff, so I decided to see if I could install Linux on it."
LDAP Series Part III - The Historical Secrets (Linux Journal)Linux Journal looks at the origins of LDAP. "The origins of LDAP begin with the International Telecommunication Union (ITU) based in Geneva. ITU began setting email standards which required a directory of names (and other information) that could be accessed across networks in a hierarchical fashion not dissimilar to DNS. The result of their work resulted in the X.500 series of standards which defined DAP (Directory Access Protocol), the protocol for accessing a networked directory service."
Manipulating lists in OpenOffice.org Calc (Linux Journal)Linux Journal covers list manipulation using OpenOffice.org Calc. "When asked to explain the purpose of spreadsheets, most people think of calculations first. And it's true that spreadsheets like Calcs have hundreds of different functions for performing calculations. However, probably the most common tasks in spreadsheets is manipulating lists."
Pointers and memory leaks in C (developerWorks)IBM developersWorks covers pointers and memory leaks in C. "Ask anybody working with C what bothers them the most about C, and many of them will probably answer Pointers and memory leaks. These are truly the items that consume most of the debugging time for developers. Pointers and memory leaks might seem to be deterrents to some programmers but, once you understand the fundamentals of pointers and associated memory operations, they will be the most powerful tool you posses in C."
More on Ruby Implementations (Linux Journal)Pat Eyler's Ruby blog has lots of pointers to Ruby implementations. ""Rubinius is a project to watch", so says Charles Nutter in his post Rite, Rubinius, and Everything -- I think he's right. Evan is hard at work making things work better in rubinius. He's now got continuations working (I think this makes him the first alternative implementation of Ruby to do so), and says he should have serializable continuations soon."
Reviews Lightweight fnord serves HTTP admirably (Linux.com)Linux.com reviews fnord. "I was looking for a lightweight Web server to run on my ARM-based Linksys NSLU2 network storage device in order to share a few custom packages I've built for Debian and Arch Linux among the systems on my home network. After playing around with Apache, LightTPD, and thttpd, I tried fnord and never looked back."
Krita 1.6: State of the art (Linux.com)Linux.com reviews Krita. "The KOffice raster image editor Krita reached version 1.6 along with the rest of the office suite earlier this month. But don't be misled; although Krita comes bundled with KOffice, it is not a second-tier productivity accessory like Microsoft Office Picture Manager. Krita is a fully-loaded raster graphics workhorse that stands on its own."
A comparative look at the GIMP and Krita (Linux.com)Linux.com has run a comparison of Krita 1.6 and GIMP 2.2. "Adding another wrinkle to the difficult task of a direct comparison are two readily available incarnations of the GIMP with additional features. CinePaint forked from the GIMP several stable releases ago, and supports high bit-depth images and color management. If you need to retouch high dynamic range photos, neither Krita 1.6 nor the GIMP 2.2 has the magic combo of 16-bit-per-channel color and dodge/burn tools, but CinePaint does."
Doing it for the kids, man: Children's laptop inspires open source projects (LinuxWorld)LinuxWorld looks at the CM1 and the software it will run. "A network of developers who work on much of the most commonly used software on Linux is passing up multi-core monsters with gigabytes of RAM to target their code to a design of which only 500 prototype boards now exist: the "Children's Machine 1" from the One Laptop Per Child project. OLPC aims to put machines that function as a textbook collection and as a writing, drawing and music tool into the hands of schoolchildren, through large sales to national ministries of education."
What's New in Python 2.5 (O'ReillyNet)O'ReillyNet looks at Python 2.5. "This article provides a rundown of the new and important features of Python 2.5. I assume that you're familiar with Python and aren't looking for an introductory tutorial, although in some cases I do introduce some of the material, such as generators."
Visualization of Ruby's GrammarNick Sieger looks at Ruby's grammar on his blog. "As part of the momentum surrounding the Ruby implementer's summit, I have decided to take on a pet project to understand Ruby's grammar better, with the goal of contributing to an implementation-independent specification of the grammar. Matz mentioned during his keynote how parse.y was one of the uglier parts of Ruby, but just how ugly?" (Found on Linux Journal)
SUSE Linux goes 'real time' (Linux-Watch)Linux-Watch takes a look at Novell's SUSE Linux Enterprise Real Time (SLERT). "SLERT enables the use of Linux for real-time applications such as online stock trading, process control and operation, and telecommunications. SLERT does this by adding real-time technology from Concurrent Computer Corporation to SLES (SUSE Linux Enterprise Server) 10. SLERT offers support for 32-bit and 64-bit processor architectures, including AMD Opteron and Intel Xeon, predictable interrupt response time of less than 30 microseconds, high-resolution timer support for enhanced scheduling, user-level control of simultaneous multithreading, and processor shielding."
Zotero: A seriously useful research tool (Linux.com)Linux.com reviews Zotero. "If you spend most of your time doing research on the Web, you need Zotero, a Firefox extension that helps you manage research sources. With Zotero installed, Firefox is not confined to the Web, and you can use it as a standalone application for all sorts of online and offline research."
Miscellaneous Brazilian government faces challenge over proprietary tax software (NewsForge)NewsForge covers a campaign in Brazil, spearheaded by the Free Software Foundation - Latin America. " The Free Software Foundation - Latin America (FSFLA) is campaigning against the Brazilian government's regulations that some citizens must use non-free software for paying taxes. Referring to the software as "Softwares Impostos," a term that puns in Portuguese on "taxes" and "imposed," FSFLA has launched a letter-writing campaign against the requirement, arguing that it is both contrary to current social policies and a violation of the Brazilian constitution."
Geekcorps: A Peace Corps for the rest of us (NewsForge)NewsForge takes a look at the Geekcorps. "Freelance software consultant Renaud Gaudin longed to parlay his passion for free and open source software into something that would help developing countries access and use technology. In March, he joined Geekcorps. Now he brings information and communication technology (ICT) into communities, helps them get hardware and software up and running, and then teaches local users the technical skills they need to sustain their new equipment for the long-term."
Page editor: Forrest Cook Announcements Non-Commercial announcements New Creative Commons 3.0 license drafts postedThe Creative Commons Project has announced a new set of drafts of the upcoming version 3.0 licenses. "The issue of the DRM parallel distribution language was debated in earnest. Ultimately, however, the general sentiment on the list does not seem to favor implementation of the DRM parallel distribution language at this stage."
EFF: Self-Help Group Bullies Net CriticsElectronic Frontier Foundation has sent out a press release involving a DMCA issue with a company called Landmark Education. "San Francisco-based Landmark Education, known for its Landmark Forum motivational workshops, is trying to suppress an investigative television news piece critical of its methods. Landmark contends that the documentary infringes its copyright in the Forum course, while citing to copyright registration of the Forum leader's manual. Using the alleged copyright violation as a pretext, Landmark subpoenaed three websites hosting the video -- the Internet Archive, Google Video, and YouTube -- seeking the identities of the anonymous uploaders. The Digital Millennium Copyright Act (DMCA) allows a content owner to issue a subpoena for the identity of an alleged infringer without first filing an actual lawsuit."
Linuxaudio.org introduces a dedicated IRC channelLinuxaudio.org has announced a new IRC channel. "With the help of consortium's new staff member Cezar Halmagean, the Linuxaudio.org now offers a dedicated IRC channel for its members as well as a resource for the entire Linux audio community."
SQO-OSS Project Launched with KDE (KDE.News)KDE.News covers the launch of SQO-OSS (Software Quality Observatory for Open Source Software). "KDE together with the Athens University of Economics and Business and the Aristotle University of Thessaloniki and other partners has launched SQO-OSS. This is a two-year multi-million euro project that aims to develop new tools and techniques for measuring Open Source quality."
Commercial announcements ACCESS to Release Application Framework to Open Source CommunityACCESS CO., LTD. has announced its plans to release its open-source Linux Application Framework for development of mobile applications. "Developed as part of the ACCESS Linux Platform, the Application Framework has been designed specifically to meet the requirements of mobile phones and devices. In addition to providing a set of services to install and manage applications, the Application Framework from ACCESS can integrate communication between applications, enabling a seamless user experience for music, messaging and other advanced features."
CodeSourcery Joins MIPS Alliance ProgramCodeSourcery, Inc has announced its joining of the MIPS Alliance Program. "CodeSourcery, Inc. announced today that the company has joined the MIPS(R) Alliance Program and has added support for the MIPS architecture to the GNU/Linux prelinker. The GNU/Linux prelinker substantially reduces application startup time. For example, when running on a MIPS32(R) 24K(R) platform, a prelinked version of the Firefox web browser starts 44% faster. CodeSourcery's version of the MIPS GNU/Linux prelinker can be used by developers working on either Microsoft Windows or GNU/Linux."
Motorola to develop a free Java Micro Edition stackMotorola has announced its intention to create a Java Micro Edition stack under version 2 of the Apache license. "Aided by Apache's established success with production ready software such as Apache Tomcat Server and new projects such as Apache Harmony, we hope to help developers create and quickly deliver innovative applications to market."
Novell Appoints Maarten Koster as President, Novell Asia PacificNovell, Inc. has announced the appointment of Maarten Koster as president of Novell Asia Pacific. "Formerly director of Tivoli Asia Pacific for IBM, Koster brings to Novell deep experience in both enterprise software and the Asia-Pacific region, an area of increasing focus for Novell. Koster will be responsible for the full range of Novell's sales and consulting business across Asia-Pacific, including in China and India, two markets witnessing significant interest in Linux and open source."
Nuxeo Releases Nuxeo Core 1.0Nuxeo has announced the release of Nuxeo Core 1.0, an open-source embeddable document management core for Java EE and rich client enterprise content management applications. "Nuxeo Core provides all the core services and functionalities needed to build a complete ECM product".
OpenClovis Launches New Application Open Source ProjectsOpenClovis, Inc. has announced their plans to release high availability and carrier grade capabilities for open-source telephony and enterprise applications. "The enterprise projects would develop integrations and provide linkages to incorporate open source enterprise applications with the OpenClovis Application Service Platform (ASP), an open source, carrier grade, high availability management software platform. Applications could include solidDB for MySQL, which combines the strength of the MySQL Server and solidDB into a robust online transaction processing (OLTP) database that allows businesses to use an open source relational database for mission-critical applications."
Oracle and Intel to Collaborate on Enterprise ComputingOracle Corporation has announced a collaborative effort with Intel. "Oracle and Intel Corporation today announced a joint effort to help accelerate deployment of solutions based on Oracle and Intel technology. This effort builds on a longstanding enterprise computing relationship and is expected to deliver a new level of performance and reliability to customers using Oracle solutions running on industry-leading Intel(R) Core(R) microarchitecture-based Linux servers."
The Sage Group partners with MySQL ABMySQL AB has announced a Global Partnership with the Sage Group. "The Sage Group plc has signed a global agreement with MySQL AB which enables Sage to embed MySQL database technology into its world-wide product portfolio. Sage intends to introduce MySQL into its small business range over the coming months as part of ongoing product development and upgrade activity."
Sun Microsystems Reports Results for 1Q Fiscal Year 2007Sun Microsystems, Inc. has announced its fiscal year 2007 first quarter financial results. "Revenues for the first quarter of fiscal 2007 were $3.189 billion, an increase of 17 percent as compared with $2.726 billion for the first quarter of fiscal 2006. Year over year revenue increase resulted from both acquisitions and increasing acceptance of the Solaris(TM) 10 Operating System, as well as growth in the services business. Computer Systems Products revenues increased 15 percent year over year, the third consecutive quarter of year over year revenue increase."
New Books Django book pre-releaseA pre-release of a book on the Django web platform has been announced. "Starting today, The Django book is available at djangobook.com. We'll be unveiling one or two chapters each week until the whole book is available. The first two chapters are available now. This is a pre-release, which means we're actively looking for comments, typo fixes, corrections and other suggestions from readers like you, all around the world. We'll try to incorporate your suggestions into the final product, which will be published by Apress early next year."
HTML and XHTML: The Definitive Guide, Sixth Edition - O'Reilly's Latest ReleaseO'Reilly has published the book HTML & XHTML: The Definitive Guide, Sixth Edition by Chuck Musciano and Bill Kennedy.
Network Security Hacks, Second Edition--O'Reilly's Latest ReleaseO'Reilly has published the book Network Security Hacks, Second Edition by Andrew Lockhart.
Syngress Publishing Releases "Scripting VMware Power Tools"Syngress has published the book Scripting VMware Power Tools by Al Muller.
Resources EFF Releases Bloggers' Guide for Investigating Government AgenciesThe Electronic Frontier Foundation has announced some new resources for Bloggers. "Bloggers across the Internet have shown that you don't have to be part of the mainstream media to uncover an important story and tell it to the world. But how do you start investigating a big story for your blog? Today, the Electronic Frontier Foundation (EFF) has released tips for bloggers who want the inside story on government agencies. The Bloggers' FAQ on the Freedom of Information Act (FOIA) outlines how to use open government laws to get access to records kept by federal agencies like the Federal Bureau of Investigation (FBI), the Environmental Protection Agency (EPA), or the Food and Drug Administration (FDA)."
Education and Certification LPI offers discounted certification exams at LinuxWorld CologneThe Linux Professional Institute will be holding discounted Linux certification exams at the LinuxWorld Cologne conference on November 14-16, 2006. "Exams will be available in German and English and include all LPIC-1 (101 and 102) and LPIC-2 (201 and 202) exams, both MySQL 5.0 certification exams (administrator and developer) and the Ubuntu Professional exam. This will be the first time that the Ubuntu Professional exam will be offered at a LinuxWorld event in Germany."
Calls for Presentations php|tek call for papersA call for papers has gone out for the next php|tek conference. The event takes place in Chicago, IL on May 16-18, 2007, submissions are due by November 20.
Upcoming Events linux.conf.au 2007 registration and programThe linux.conf.au 2007 organizers have announced that registration is open for next January's event. Discounts are available for those who register before November 15. The conference program has also been released, and it looks like an exercise in pain: there are a lot of interesting talks, and choosing between them is going to hurt.
Announcing GNOME.conf.au, January 2007GNOME.conf.au will take place in Sydney, Australia during Linux.conf.au in January, 2007. "This year, GNOME.conf.au is running over two days. With presenters including Andrew Cowie (Java-GNOME), Trent Lloyd (Avahi), Jono Bacon (Jokosher), Andy Fitzsimon (Art), David Zeuthen (HAL) and Nigel Tao (Deskbar). GNOME.conf.au is free to all linux.conf.au attendees, and being held on the Monday and Tuesday of Linux.conf.au."
LinuxWorld Mexico 2007LinuxWorld Conference & Expo México will take place from February 27 to March 2, 2007 in Mexico City, Mexico.
USENIX Large Installation System Administration ConferenceThe USENIX Association has announced the next Large Installation System Administration Conference (LISA). The event takes place on December 3-8, 2006 in Washington, D.C. "This year's keynote, "Hollywood's Secret War on Your NOC," delivered by science fiction author Cory Doctorow, promises to be insightful and entertaining. Doctorow, co-editor of Boing Boing and former Director of European Affairs for the Electronic Frontier Foundation, examines Hollywood's efforts in banning new technology."
Openlab3 Exhibition and 2 Events, LondonThe OpenLab3 Exhibition will take place in London, England on November 4-11, 2006. "OpenLab is delighted to present OpenLab3, an group exhibition with an opening and closing event featuring musical performances by more than 20 artists and musicians of the OpenLab collective. OpenLab engages in the aesthetics and politics of Free Open Source Software Culture."
Events: November 9, 2006 to January 8, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Web sites The Nepomuk-KDE Wiki opensSebastian Trueg has announced the Nepomuk-KDE Wiki. "I would like to (once again) officially announce the Nepomuk-KDE project which aims to provide a full implementation of the standards and APIs defined in Nepomuk on the KDE Desktop. As a sub-project of Nepomuk the two main issues are the maintenance and intensive usage of metadata throughout the desktop and powerful peer-to-peer collaboration techiques. In the first phase of the NEPOMUK-KDE project the focus lies on the metadata part."
Audio and Video programs The Linux Action Show on KDE 4 and PlasmaNew audio interviews are available at The Linux Action Show. "The Linux Action Show interviews KDE developer Aaron Seigo and asks him the question on every ones mind, "just what is Plasma?". Then they get the low down on some of the slick new features coming for KDE 4."
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||