LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for December 7, 2006Firefox and Linux distributorsThe Mozilla Foundation is a valuable contributor to the free software community; it has, among other things, provided us with a free browser which has restored the notion of standards to the World Wide Web. The relationship between the Foundation and Linux distributors has occasionally been a little bumpy, however. Mozilla's trademark policies have created stress for distributors, a few of whom have decided to leave the trademarked names behind altogether. The Foundation's security update and maintenance policies have also made life harder, sometimes having the effect of force-upgrading users to newer versions in otherwise stable distributions. To some, it seems that Mozilla's main interest is now its Windows users, with Linux support relegated to second-tier status.At the recent Firefox summit, the Foundation got together with representatives from Red Hat and Novell and faced the problem directly:
Historically, there has been a great deal of tension between
mozilla.org and the Linux distros, notably over maintenance of
branches, divergence between distros, and lack of sustained
communication between the groups. All seemed in agreement that
closer cooperation and dividing responsibilities appropriately
would benefit everyone involved. A number of changes were proposed
that have general consensus among the stakeholders.
What came out of this meeting was an agreement on a number of changes which, going forward, should improve the relationship between Mozilla and the distributors; it should also make life better for Linux-based Mozilla users. A new group of maintainers - representing Linux distributors - will be pulled together "in the Firefox 3 timeline." These maintainers will have a much bigger say on what goes into the Linux builds of Firefox and will be able to help ensure that the browser integrates better with Linux. They will also have the explicit goal of moving many of the patches currently carried by distributors into the Firefox mainline, decreasing their divergence from the mainline (and from each other). Another advantage of pushing the patches up, evidently, is that it will make compliance with the Firefox trademark rules easier, since there will be fewer patches to get rubber-stamped. These maintainers will also have a bigger role in the long-term upkeep of Firefox releases. Red Hat's Christopher Aillon notes that this group will be maintaining Firefox 1.5 past the date when the Mozilla Foundation plans to let it go. This work should help the distributors keep that version secure into the future, with the result that they need not push their users to the 2.0 release before they want to go there. The Mozilla Foundation has also recognized that most Linux users run versions of Firefox built by their distributors rather than the official Mozilla builds. In the future, distributor packages will be available directly from the Mozilla web pages. That, too, should make life easier for the user community. Overall, this new cooperation seems like a step in the right direction; having Mozilla more tightly tied to the free software community can only be a good thing. These changes are unlikely to bring Debian back into the Firefox camp, however, since they will still see the trademark policy as not being DFSG-free. Debian's policy of shipping "iceweasel" will almost certainly continue. But there is an interesting conversation going on about how iceweasel is shipped as well. The issue is this: on a Debian system, it is still possible to type:
apt-get install firefox
What the packaging system will do, however, is install iceweasel. Given that the driving force behind the switch in the first place was trademark usage, it seems unlikely that the Mozilla people will be amused by this behavior - though they have made no public statements on it as of this writing. Moving away from Firefox as a result of disagreement with the rules attached to that name is arguably a reasonable thing to do. But, once that decision is made, the right thing is almost certainly to move away from the "firefox" name altogether - before the next round of "cease and desist" letters shows up.
The Free Ryzom CampaignRyzom is a multi-player online game operated by a company called Nevrax. It has a dedicated following, but has never reached anything close to the level of popularity seen by some of its competitors. In fact, it has not reached a sufficient level of popularity![[Ryzom]](http://www.ryzom.com/multimedia/screenshots/tryker-lakeland/tryker_lakeland_cliff.jpg/image_view_fullscreen)
to keep Nevrax alive; that company has found its way into French bankruptcy
court. The future of this game is currently in doubt.
Interestingly, Ryzom has some free software roots. Just over six years ago, LWN's Development Page carried a notice about the release of NeL, Nevrax's GPL-licensed library for the creation of online games. Richard Stallman once visited the company's office. It would appear, however, that Nevrax, once it started accepting venture capital, lost interest in free software. The GPL releases slowed; instead, Nevrax started offering closed-source versions of its code. Whether Nevrax would have succeeded had it maintained its free software approach will never be known; the proprietary plan has visibly failed to work, however. Some of the original developers have not lost interest in the code, however, and they have a number of friends. Together they have founded the Free Ryzom Campaign. The plan is to raise enough money to buy Nevrax's assets in bankruptcy court, release the code under the GPL, and take the game into the future. The inspiration is clearly the Blender project, whose code was bought through donations in a very similar way back in 2002. The Free Blender project surprised everybody by raising €100,000 in less than two months. If the Blender folks can do it, the reasoning goes, why not online game supporters? Those people, after all, are already accustomed to paying for their experience.
The first step is to sell this plan to the bankruptcy court. The Free
Ryzom folks have not yet been able to release their proposal publicly, but
the core
concepts have been posted. There will be a non-profit organization
allied with the for-profit company Mekensleep and Valentin Lacambre. With
this combination, the project hopes to convince the court that it has the
If the plan is accepted by the court, Mekensleep will end up owning the code, along with the artwork, trademarks, and so on. There is some sentiment in the Free Ryzom community for transferring the copyrights to the non-profit group, but it seems that this decision has not yet been made. What is clear is that all of the code would be immediately released under the GNU General Public License (with the "any later version" language). From there, the code would be managed under the terms of the project's social contract, which is based on the Debian social contract. Among other things, it says that players own their avatars and other objects, and should be able to transfer them from one server to another. The plans call for there to be multiple servers. The current Nevrax servers would continue to be run - on a paid membership basis - as they have been until now. But the (Linux-based) server code would be free, so anybody with an interest could set up their own world and allow access in whatever way pleases them best. According to the Free Ryzom folks (who kindly talked with your editor about the project), multiple worlds were a part of the plan from the very beginning. One of the long-term goals is to revise that vision, creating the prospect of a community-driven metaverse of cooperating game servers.
In the near future, however, a number of other problems need to be solved.
There is, for example, no Linux client for Ryzom; one assumes that, once
the source becomes available, that little problem could be taken care of.
Some players are concerned about the
security implications of opening up the source; in particular, they
would hate to see the gameplay ruined by a proliferation of robots. There
Before work can begin on any of those issues, however, a more immediate problem must be overcome: the project must convince the bankruptcy court that it is the best custodian for the code. The proposal was considered on December 5, along with proposals from other interested parties. The current word is that some sort of decision will be announced sometime after December 12. Should the project prevail in court, it must then collect enough donations to complete the purchase. To that end, the project is now asking for donation pledges; at this time, all that is needed is to promise to give some money. Should the project go ahead, donors will be expected to follow through with cash. The list of pledges is quite long; if all of those people are serious, the project will be off to a good start. The free software community has accomplished a great many things in recent years, but the creation of a high-quality online multiplayer game is not among them. This is an important area, even for those of us who lack the time or interest for gaming; the sorts of virtual worlds being created for gamers can only become more prevalent and important in coming years. They may be the only place where we'll be able to find our children. Clearly, we need some good, free virtual world infrastructure. It would be nice if we could develop it entirely ourselves, but the fact is that software cast off from corporate failures has long been an important source of code. Perhaps this particular corporate disaster could yet yield benefits for the free software community. [The images all come from the Ryzom screenshots gallery, which has many more.]
What the desktop architects are talking aboutThe third Desktop Architects' Meeting (DAM3) is being held on December 7 and 8 at OSDL's offices in Portland. Despite some rumors to the contrary, there will still be a few people in those offices, and the meeting is going ahead as planned. LWN, unfortunately, will not be represented there. Happily, most of the attendees have posted their slides ahead of the event, so it is possible to get a sense for what some of the common themes will be.Outsiders like to criticize Linux for its proliferation of distributions, desktops, and more. Within the community, we recognize this diversity as a form of wealth. The variety of Linux distributions encourages experimentation with different approaches, with the resulting lessons being learned by the community as a whole. They also ensure that we will never be locked into a single source for our software; switching distributions is an easy thing to do. Similarly, the competition between free desktop projects has inspired them all to identify their users and give them the best experience they can. There are few people who would wish for a world with a single distribution and a single desktop. Some of those who might wish for that world, however, may well be at DAM3. Diversity is good for the community, but it does make life harder for those who would support binary applications on Linux. Having to deal with a range of desktops, packaging systems, library versions, encoding choices, etc. creates a lot of work for application vendors. Someday, maybe, the free software community will be so rich that nobody will ever wish for a proprietary application for their Linux systems. Until that time, we will either have to make life easier for those vendors or simply write off a large subset of potential desktop Linux users. Some other old complaints have been raised: lack of support for proprietary codecs and DVD playback, for example. Most of the people involved seem to understand why Linux has these limitations. But they can still wish for a world where more things just worked. Hardware support also shows up in a few sets of slides. This is an area where things are getting better quickly - most wireless network adapters should be supported before too long, for example. But video adapters are still a problem. A certain amount of slide space was reserved for complaints about sound support under Linux. At the driver level, things seem to work, but not everybody likes the ALSA API. Above that, there seems to be no consensus on which sound server should be used. Without a consistent and reliable way to make noise, many desktop applications will remain hard to support. Printing also, apparently, remains a sore point, despite the great progress that has been made in recent years. One initiative which may go forward soon is the certification of printers which are well supported under Linux. Beyond that, it appears that the Portland Project is going to try to create a unified structure for print dialogs. This mechanism would try to present a consistent interface to printing which would make it easier to export - and use - printer-specific features. Desktop-specific dialogs would still do the actual user interaction, but they would be using the Portland mechanism underneath. Perhaps the most interesting thing to be seen from the slides, however, is the expanded view of the "desktop" being taken by the group. Mobile and embedded systems - from the OLPC to the Nokia 770 and telephones - are clearly seen as a sort of desktop system. Many of the issues are the same, but the incorporation of mobile applications brings new pressures. One can, with little effort, find plenty of evidence that the desktop projects have not, so far, been overly concerned with memory use and overall bloat. Small systems are forcing people to reconsider their priorities, however, and there is likely to be an increase in the amount of development time which goes into making things smaller. A few of the participants note that better tools for memory profiling would be most helpful in this task. Overall, there appears to be nobody who is willing to predict total World Desktop Domination anytime in the near future. There is, however, a clear level of interest in the Linux desktop, especially when one considers desktops which fit in a shirt pocket. Interesting things are going to happen in this area.
Security Keeping current with SpamAssassin rulesAnyone who pays attention to their spam knows that its character changes frequently; spammers are always adding new tricks to try and evade spam filters. There is an arms race of sorts going on; the filters get better at recognizing the latest evasion attempts and so the spammers come up with new ones and the cycle repeats. To reduce the effectiveness of this spam evolution, frequent updates of the filter rulesets are needed. For users of SpamAssassin (SA), the sa-update tool makes it very easy to pick up the latest ruleset and keep that unwanted spam out of the inbox. Before sa-update, official SA rulesets updates were only available by installing an updated version of SA. Because the release cycle was often lengthy (measured in months), the developers added the ability to easily update the rulesets over the internet. At its core, sa-update communicates with a server or servers picking up rule and score files and installs them in a directory that SA uses for its updates. SA will immediately start using the new rules, though restarting spamd will be required if SA is configured that way. sa-update is configured by default to use the official 'channel' (updates.spamassassin.org), but that can be altered to tune into other SA rules repositories. The SpamAssassin Rules Emporium (SARE) is one collection of rules and scores that sa-update can use. There are multiple channels available each of which handles a different type of spam and one can mix and match the rulesets to tune the filter for the kinds of spam being seen. There are some security implications to consider: injecting bad rules or scores could lead to worse spam filtering, for example. More worrisome, however, is the fact that the update mechanism allows for plugins to be distributed, leading to potential arbitrary code execution. SA plugins are arbitrary Perl code that will be run by the filter; because it generally runs as root or another privileged user, that can be quite dangerous. sa-update uses GPG signatures on the updates to reduce this hazard, as long as the signer is really trustworthy (and the recent GPG security problem has been patched). The official channel will not distribute plugins, thereby eliminating that problem. The rulesets available change frequently and automating the sa-update process via cron can bring the system up to date on a daily or weekly basis. Another tool, rule-get is available which uses the update mechanism and provides a command line syntax based on apt-get. This is an excellent tool for helping to reduce the ever-evolving spam problem. As long as one is careful about which GPG keys to trust, it should be secure as well. Spammers are, no doubt, taking advantage of this tool to tune their spam to avoid the new rules, but using it can reduce the false negatives from the older evasion schemes or from those who have yet to test their stock scam email with the latest rules. More information and additional channels are available from the SA wiki, a good starting point is here.
Brief items A severe, remotely-exploitable GnuPG vulnerabilityThe GnuPG developers have sent out an advisory regarding a rather unpleasant vulnerability which has surfaced: "Using malformed OpenPGP packets an attacker is able to modify and dereference a function pointer in GnuPG. This is a remotely exploitable bug and affects any use of GnuPG where an attacker can control the data processed by GnuPG. It is not necessary limited to encrypted data, also signed data may be affected." It would be prudent to be very careful about feeding messages to gpg until you have a fix installed.
New vulnerabilities gnupg: buffer overflow
kernel: bridging code buffer overflow
koffice: integer overflow
libgsf: heap buffer overflow
xine-lib: buffer overflow
Updated vulnerabilities apache: cross-site scripting
apache-mod_auth_kerb: off-by-one error
asterisk: arbitrary code execution
avahi: sender id check
bind: denial of service
bugzilla: multiple vulnerabilities
busybox: insecure password generation
bzip2: race condition and infinite loop
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dovecot: index cache file handling error
elinks: arbitrary file access
ffmpeg: buffer overflows
freeradius: several vulnerabilities
freetype: integer overflows
ftpd: privilege escalation
fvwm: fvwm-menu-directory command injection
gcc: file overwrite vulnerability
gdb: buffer overflow
gdm: improper file permissions
gedit: format string vulnerability
grip: buffer overflow
gv: stack-based buffer overflow
gzip: multiple vulnerabilities
gzip: arbitrary command execution
imagemagick: buffer overflows
ImageMagick: buffer overflows
imlib2: arbitrary code execution
jbossas: arbitrary code execution
kdelibs: integer overflow
kdelibs: kate backup file permission leak
kernel: denial of service
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
kernel: denial of service
krb5: local privilege escalation
libgadu: memory alignment bug
libgd2: denial of service
libmms: buffer overflows
libpam-ldap: insecure password control
libpng: denial of service
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libvncserver: authentication bypass
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
linux-restricted-modules: nVidia driver vulnerability
lynx: arbitrary command execution
mono: symlink vulnerability
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nbd: arbitrary code execution
ncompress: buffer underflow
openldap: denial of service
openldap: security bypass
openoffice.org: several vulnerabilities
OpenSSH: denial of service
openssh: privilege separation issue
openssh: remote denial of service
openssl: multiple vulnerabilities
php: several vulnerabilities
php: buffer overflows
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
phpMyAdmin: several vulnerabilities
postgresql: SQL injection
proftpd: denial of service
pstotext: insecure file name quoting
quake: buffer overflow
rpm: arbitrary code execution
ruby: denial of service
shadow-utils: mailbox creation vulnerability
tar: symlink vulnerability
thttpd: insecure temporary files
Mozilla products: multiple vulnerabilities
trac: cross-site request forgery
unzip: long file name buffer overflow
w3c-libwww: possible stack overflow
wv: integer overflow
xine-lib: buffer overflow
xine-ui: format string vulnerabilities
xinit: race condition
X.org: local privilege escalations
X.Org: buffer overflow
xorg-x11: privilege escalation
xpdf: buffer overflow
xpdf: integer overflows
Resources Sourcefire launches free security tool to protect Microsoft Office applicationsSourcefire has announced the availability of the free "OfficeCat" tool, which scans Microsoft Office files for hostile content.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 kernel remains 2.6.19. The 2.6.20 merge window has opened, and the first pile of patches has been merged (see below); it will probably be at least another week before 2.6.20-rc1 comes out, however.There have also been no -mm releases over the last week. Andrew Morton has posted the -mm merge plan for 2.6.20, however, so one can see how -mm is expected to shrink as patches move to the mainline. Older release news: 2.6.18.5 was released on December 1. It contains a couple dozen important fixes. Adrian Bunk has released 2.6.16.35-rc1; it contains a rather long list of fixes. Willy Tarreau has announced 2.4.34-rc1 with one security update and a relatively small number of other fixes.
Kernel development news Quote of the week
-static void stli_dohangup(void *arg)
+static void stli_dohangup(struct work_struct *ugly_api)
{
- stliport_t *portp = (stliport_t *) arg;
+ stliport_t *portp = container_of(ugly_api, stliport_t, tqhangup);
The 2.6.20 cycle beginsToward the end of the 2.6.19 cycle, there was a brief linux-kernel discussion on whether 2.6.20 should be a bugfix-only release. Just in case anybody thought that might actually happen, the patches merged for 2.6.20 will make the situation clear. There will be a lot of new stuff in the next stable kernel release.That said, the rate of patches into the kernel has been lower than in some previous cycles. It may be that the workqueue patches have created some conflicts which are slowing things down. As of this writing, the user-visible changes merged include:
Changes visible to kernel developers include:
The merge window should stay open for another week or so, so there's plenty of time for more stuff to be added. Those who can't wait might want to take a look at Andrew Morton's -mm merge plan posting for some previews of what's coming.
The timer API: size or type safety?The timer API allows kernel code to request that a function be called at some point in the future. At its core is the timer_list structure, which contains a few fields of interest:
struct timer_list {
unsigned long expires;
void (*function)(unsigned long);
unsigned long data;
/* ... */
};
To request an action in the future, a kernel function places a relative expiration time (expressed in jiffies) in expires and some sort of useful private value in data. function() is a pointer to a routine which will be called after (at least) the requested number of jiffies have passed; data will be its only parameter. After the timer_list structure has been set up, a call to add_timer() puts the request into the system. This API has not changed much in some time; as a result, the description of timers in Chapter 7 of Linux Device Drivers is still useful for those wanting details. It may, in fact, be the only part of LDD3 which is not yet thoroughly obsolete. That situation may change soon, however, as there are developers with their eyes on this interface. Interestingly, there are two very different ideas of how the timer API should be changed. The conversation was started by Al Viro who, for some time now, has been working on improving the type safety of the kernel API. He notes that the unsigned long argument to timer functions is, in fact, almost always a pointer value. So there is a lot of code in the kernel which is busily casting pointers to unsigned long values and back - or engaging in lazy trickery to avoid having to do those casts. Casts like this make compile-time type checking almost impossible, so every one is an opportunity to introduce hard-to-find bugs. Al would like to fix this problem by creating a more type-safe interface to the kernel timer subsystem. His approach involves changing the type of the timer function argument to void *, reflecting the fact that it's usually a pointer type. He then has a SETUP_TIMER() macro which involves the following bit of code:
typeof(*data) *p = data;
timer->function = (void (*)(void *)) func;
timer->data = (void *) p;
(void)(0 && (func(p), 0));
The middle two lines are simply initializing the relevant fields of the timer_list structure. What the last line is doing, however, is creating a call to the timer function with the provided argument; if there is a type mismatch between that argument and the function's prototype, the compiler will complain. The call is written in such a way that it will be optimized out, so that call does not make it through to the kernel image. But, in the running kernel, it will be known that the timer function is receiving an appropriately-typed argument. There are a lot of timers in the kernel, so this is the sort of change which makes people nervous. Al's plan involves creating the SETUP_TIMER() macro, but leaving the callback function's prototype unchanged. Then parts of the kernel could be converted at leisure, with the callback function prototype being changed once the conversion of in-kernel code is complete. Thomas Gleixner joined in with an alternative suggestion: remove the data value from struct timer_list altogether, and pass a pointer to the timer_list structure into the callback function. If that structure is embedded within some other structure which has the information the callback really needs, a simple recast with container_of() will yield the needed pointer. The result would be a smaller timer_list structure. This approach mirrors the proposed workqueue API changes discussed here last week. Al doesn't like that idea. He has been working to get rid of casts in the kernel, but this API would require the introduction of hundreds more of them. There is little type safety built into container_of(). To him, the space required for a pointer is more than justified by the extra compile-time checking that comes from its use. Ingo Molnar, in disagreeing, makes the tradeoff clear:
The question is: which is more important, the type safety of a
container_of() [or type cast], which if we get it wrong produces a
/very/ trivial crash that is trivial to fix - or embedded timers
data structure size all around the kernel? I believe the latter is
more important.
Not too many other developers have joined the discussion so far. It's an important one, though; how this decision goes could shape how kernel APIs are designed in the future. Perhaps somebody will come up with a way to have both type safety and smaller size. Until such a time, however, there is a tradeoff to be made, and it's not clear which way the decision will go.
Secure deletion and trash bin supportA look at the man page for the chattr command reveals some interesting functionality; users may set special bits on files to request either that the file be undeletable, or that deletion be "secure" - meaning that the file's contents truly disappear from the disk. The key word here, however, is "request." Those bits have existed for many years, but few - if any - Linux filesystems actually implement those features. The undeletable and secure deletion flags are just placeholders for a "would be nice" feature to be added in the future. Someday.That day may be a little closer thanks to this patch posted by Nikolai Joukov. It adds support for those two flags to ext4 in a relatively simple and straightforward way. The patch works like this: whenever the last link is removed from a file, the undeletable and secure deletion flags are checked. Should either one be set, the file will be moved over to the .trash/<uid>/ directory in the root of the filesystem. Each per-uid directory has restrictive permissions, keeping users from perusing each others' deleted files. There are no subdirectories, so the path information is lost; preserving paths might be added in a future version. A number is appended to the file name when collisions with files already in the trash happen. That's it for the kernel side. Undeletion is easily handled from user space by simply moving the file back out of the trash. The secure deletion feature is also to be done in user space, however. A special daemon can overwrite the file data in whatever way best suits the user's paranoia, then delete the file for real. A possible addition to the patch is a notification mechanism to force that daemon to run when filesystem space gets tight. In any case, all of the policy decisions on how to handle secure deletion requests would live in user space. One might wonder why the trash can needs to be implemented in the kernel. The desktop projects have, after all, had a trash can available for some time. There seem to be two reasons why this patch adds that functionality. The first is that it comes for free with this approach to secure deletion. More importantly, however: it is not really possible for a user-space solution to intercept every attempt to delete a file. The nicest file manager available will not be able do do anything about an "rm" command typed into a shell, or an unlink() call from within a non-cooperating application. Catching file deletion within the kernel ensures that none will slip through the cracks. The patch has not received a whole lot of comments as of this writing. One question which has come up is: why not do this at the VFS layer, rather than within ext4? There is little that is ext4-specific about the patch, and doing the work within the VFS would make this feature available to all filesystems - at least those which support the relevant file flags. Mr. Joukov agrees that moving this feature up might be the right thing to do, so there may be a reworked version of this patch coming in the future.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Virtualization and containers
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Kanotix seeks stability, sidux follows unstableKanotix is a live CD distribution, that originally used Knoppix as a base. As a live CD it automatically detects and configures lots of hardware and has software for analysis, data rescue, forensic work, removal of viruses on Windows systems, or it can be used for surfing and mailing in an Internet cafe. Kanotix can also be installed to a hard drive where it allows the user access to all the packages available in the Debian unstable repository. The Kanotix fan base has remained loyal because of the hardware support and because of the great community support available to help smooth over the rough spots while following Debian unstable, aka 'sid'.Now it seems that Kanotix will be changing. One developer, Stefan Lippers-Hollmann (slh) has left the project. Lead developer Jörg Schirottke (Kano) writes:
Since financing Kanotix through donations has proved a failure and I am
planning restructuring to a more stable base (be it Ubuntu or Debian will
have to show in tests) and I myself regard Debian/Sid as unfortunately not
compliant with a more commercial orientation, he [Stefan Lippers-Hollmann]
has left the project.
Stefan Lippers-Hollmann posted his resignation to an internal section of the forum, but it has been copied in its entirety (with permission) into this public forum post by kelmo. Stefan writes:
I hereby I resign from all positions within in the Kanotix project because of
technical and personal disagreements about the status quo. Therefore I suggest
changing all passwords I might have had access to (including the webserver,
different login passwords, postnuke accounts etc.) and locking my account on
the forum. I've already withdrawn my key from kanotix-archive-keyring.
Why do I resign after two years of hard work for Kanotix? As expected this isn't easy to answer and has evolved over time, but technical and personal disagreements make this step inevitable and non revocable for me. In particular I object about:
Meanwhile, for those who still want to follow Debian sid, but need some help getting through the rougher spots, a new distribution, sidux, is on the horizon. This sidux press release introduces a new star in the Linux galaxy:
On 24th of November 2006 sidux was formed by a group of people who strive
to do the impossible: making Debian Sid (aka "Unstable") stable. The goal
is becoming the best Debian Sid based live distro with special focus on
clean and easy hard disk install. Strategic milestones and 3-4 planned
releases timetabled will give stability and accountability to corporate and
home users with a demand for bleeding edge software running on modern
hardware, and a definable path over time.
sidux has yet to see its first release, but the documentation is there to upgrade an existing Kanotix system, or to install sidux on a free partition. The forums and IRC channels are open and there's code available in its SVN repository. This would seem to be a good time to get started, while Debian sid is relatively stable.
New Releases openSUSE 10.2 is doneopenSUSE 10.2 has been completed. "There are still a lot of bugs open for 10.2 and I'm sure real usage over the time will find some more. We will release via online update security updates for 10.2 as usual and release also the most severe bug fixes. But most bug fixes will only be done for 10.3, our next release coming out next summer."
rPath Linux 1.0.5 available for x86 and x86_64rPath has released a updated images for rPath Linux 1. "The new images incorporate installation fixes for certain installation methods and all package updates released as of November 22. The Xen dom0 images have been enhanced with several additional packages for various filesystems and LVM support."
Ubuntu "Feisty" Herd 1 releasedThe first test release for the upcoming Ubuntu "Feisty Fawn" distribution is now available. They suggest not trying it if you're not prepared to run into a few bugs. See this page for a list of new things in Feisty. "Feisty will certainly lead the way with new desktop technologies, including 3d effects and windows that wobble. On the networking side, Network Manager is likely going to finally make it on the default desktop, after what seems like forever waiting in the wings. On the Zeroconf side, Feisty will have Avahi installed and enabled by default. Upstart, the sysvinit replacement, is going to have the new event-based init system actually turned on, for faster and more reliable booting."
Zod livecd betaA beta live CD version of Fedora 6 with software from Core and Extras is available. Click below for download information.
Distribution News Debian release update: open blockers for the freezeAndreas Barth looks at the Etch release. "There are a few items that should be resolved prior to the hard freeze, for the very good reason that we don't want to spend time reviewing fixes if we can use the same time (more productive) for fixing bugs."
Linspire Continues Global Expansion of Desktop LinuxLinspire, Inc. has announced the immediate release and digital availability of Linspire 5 in German, Dutch, Spanish, and Standard English (UK). "The combined translation efforts from the community-based desktop Linux localization IRMA Project, with the commercial support from Linspire translation specialists and strategic partners, continues the international expansion of new language offerings, following the announcement of Linspire 5 French last week."
Mandriva Linux, 3D on a flash driveMandriva has launched Mandriva Flash, the first Mandriva Linux Live USB key. "Bringing its long experience with Live CDs, Mandriva aims to offer the best performing live system. All you have to do is plug in the USB key, turn the PC on and the Mandriva Linux 2007 operating system is ready to use in no time, with all you need for office work, Internet and multimedia tasks."
OpenPKG Advent Calendar 2006 now onlineOpenPKG GmbH has created an Advent Calendar, with background information and tips & tricks about OpenPKG.
Distribution Newsletters Fedora Weekly News Issue 69The Fedora Weekly News for December 4, 2006 covers Fedora Project is Hiring, Fedora Ambassadors Day, Eclipse on Linux Distributions Project, FUDCon Boston 2007, SCALE 5X Registration Opens, Migration to Fedora Core 6, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for the week of November 27, 2006 is out, with a look at new x86/i586 stages, experimental Alpha/PPC LiveCD images, GNOME 2.16 going stable, new virtual/mysql, and much more.
Ulteo Newsletter #1The first Ulteo Newsletter takes a look at what's been happening behind the scenes of the Ulteo Project. The first alpha release of Ulteo should be available soon. "For this first alpha release, be prepared to dive a bit inside the system to understand the potential of Ulteo. On the desktop you will find only a few differences with what you can use or see when compared to a graphical environment on other distro's. Maybe then you will understand what makes Ulteo different, and you will start to think about the next steps of development." (For those just tuning in, Ulteo is what Gaël Duval has been working on since leaving Mandriva).
DistroWatch Weekly, Issue 180The DistroWatch Weekly for December 4, 2006 is out. "It's openSUSE week, as one of the oldest and most popular Linux distributions on the market makes a brand new release on Thursday. Will the project's association with Novell (and, indirectly, Microsoft) hurt the download figures? We'll have to wait and see. In the meantime, the much awaited public release from Gaël Duval's Ulteo is about to hit the download mirrors - expect the live CD image later this week. Also in the news: interest in running Linux on Sony PlayStation 3 intensifies, KANOTIX is rocked by resignation of a co-developer, and Ubuntu developers react on the project's decision to include proprietary graphics driver in Feisty. Finally, we are pleased to announce that the recipient of DistroWatch's November 2006 donation is the digiKam project."
Package updates Fedora updatesUpdates for Fedora Core 6: parted (upgrade to GNU parted-1.8.0), pyparted (upgrade to pyparted-1.8.0), net-snmp (fix memory leak), gjdoc (fixes required to build multlib version of Eclipse), gnome-volume-manager (prevent storage devices from mounting when the screen saver is running), hal (bug fixes), dbus-glib (bug fixes), authconfig (bug fixes), mod_auth_kerb (bug fix), audit (bug fix), dbus (update to 1.0.1), redhat-menus (bug fix), hsqldb (add missing entries to files section), openssl (bug fix), control-center (gnome bug fix), rhythmbox (bug fix), gnome-session (bug fix), m17n-db (fixed a typo), ppp (bug fix), frysk (new upstream version), freetype (bug fixes, Asian font fix), dbus (bug fix), boost (bug fixes), libsoup (update to 2.2.98), gtk2 (bug fixes), selinux-policy (bug fixes), gamin (bug fix), gtkhtml3 (update to 3.12.2), evolution (update to latest 2.8 release), evolution-data-server (update to 1.8.2), evolution-connector (update to latest 2.8 release), libsepol (upgrade to latest from NSA), gnome-icon-theme (bug fix), paps (bug fix), ypbind (bug fixes), autofs (bug fixes), policycoreutils (bug fix), libvirt (bug fixes, new features), tar (security bug fix), freetype (bug fixes), eclipse (bug fixes), cpio (bug fix), gnome-bluetooth (bug fixes), ntp (bug fix), initscripts (bug fixes), kudzu (bug fixes), virt-manager (bug fix), fonts-indic (bug fixes), gaim (bug fixes).Updates for Fedora Core 5: parted (upgrade to GNU parted-1.8.0), pyparted (upgrade to pyparted-1.8.0), audit (fix minor parsing problem and add new msg types), gamin (bug fixes), boost (bug fixes), tar (security bug fix).
Mandriva updatesUpdates for Mandriva Linux 2007.0: rpmdrake (bug fixes), drakxtools (bug fixes), clamav (new upstream version, also available for 2006.0, Corporate 3.0 & 4.0).
rPath updatesUpdates for rPath Linux 1: conary, conary-build, conary-repository (Conary 1.0.40 maintenance release) openldap, openldap-clients, openldap-servers (bug fixes).
Trustix updatesUpdates for Trustix Secure Linux 2.2 & 3.0: samba (new upstream version).
Ubuntu updatesUpdates for Ubuntu 6.10: lvm2 2.02.06-2ubuntu3.2, initramfs-tools 0.69ubuntu20.0edgy1, mediawiki_1.7~edgy1, katapult_0.3.1.4-0ubuntu2~edgy1, brasero_0.5.1-0ubuntu2~edgy1, compiz_0.3.3-0ubuntu2~git2006112~edgy1, comix_3.6-1~edgy1, rar_3.6.0-0ubuntu1~edgy1, lyx_1.4.3-2~edgy1, flashplugin-nonfree_9.0.21.78.2ubuntu1~edgy1, seahorse_0.9.7-0ubuntu1~edgy1, soundconverter_0.9.3-1~edgy1, stardict_2.4.8-1~edgy1, unrar-nonfree_3.6.8-0ubuntu2~edgy1, trac_0.10.2-1~edgy1, kopete 4:3.5.5+kopete0.12.3-0ubuntu2.1, mdadm 2.4.1-6ubuntu5.1.Updates for Ubuntu 6.06 LTS: lvm2 2.02.02-1ubuntu1.2, scummvm_0.9.0-0ubuntu1~dapper1, moodle-book_1.6.1-1~dapper1, seahorse_0.9.7-0ubuntu1~dapper1, moodle_1.6.3-1ubuntu1~dapper1, mediawiki_1.7~dapper1, lirc_0.8.0-9ubuntu1~dapper1, apcupsd_3.12.4-2~dapper1, kino_0.92-1ubuntu2~dapper1, gcin_1.2.9-1ubuntu1~dapper1, mythtv_0.20-0.2ubuntu2~dapper1, mythplugins_0.20-0.6ubuntu4~dapper1, conky_1.4.4-1~dapper1, amule_2.1.3-1~dapper1, libraw1394_1.2.1-2build1~dapper1, rkhunter_1.2.9-2~dapper1, bzflag_2.0.8.20060605ubuntu1~dapper1, flashplugin-nonfree_9.0.21.78.2ubuntu1~dapper1, cmake_2.4.3-1ubuntu1~dapper1.
Newsletters and articles of interest How To Compile A Kernel - The SuSE Way (HowtoForge)HowtoForge looks at creating a custom kernel on SUSE Linux. "Each distribution has some specific tools to build a custom kernel from the sources. This article is about compiling a kernel on SuSE systems. It describes how to build a custom kernel using the latest unmodified kernel sources from www.kernel.org (vanilla kernel) so that you are independent from the kernels supplied by your distribution. It also shows how to patch the kernel sources if you need features that are not in there."
Simple Package management with Synaptic Package Manager in Ubuntu (Debian Admin)Debian Admin covers some Synaptic tips for Ubuntu systems. "Synaptic is a graphical user interface (GUI) for managing software packages on Debian-based distributions. If you are using Debian or Ubuntu you will easily find Synaptic in the System Tools menu or in the Administration menu. Synaptic uses the GTK graphic libraries . So, if you are using GNOME on your debian-based distro you will probably have Synaptic installed as well. Synaptic is a graphical package management program for apt. It provides the same features as the apt-get command line utility with a GUI front-end based on Gtk+."
Installing Popular Applications On Your Ubuntu Desktop With Automatix2 (HowtoForge)HowtoForge looks at the use of Automatix2 on Ubuntu. "Although Ubuntu comes with lots of applications that can be installed on your desktop, there are still some applications that are available only from third-party repositories. Finding all these repositories and installing these applications manually is very time-consuming, but fortunately some people have created a script called Automatix2 (which is the successor to Automatix) which automates the task for you. It comes with a graphical interface so that you can run it from your desktop, and this tutorial describes how you do it."
Distribution reviews Xandros 4.1 Professional - Review (Open Addict)Open Addict has a review of Xandros 4.1 Professional. "Xandros Desktop Professional was released not too long after Xandros Home Edition-Premium, but the differences are quite extraordinary. I just recently bought (I'm talking about a week ago) a copy of Home Edition-Premium (which will be referred to as HEP for the rest of this review) and noticed it used an older kernel. HEP uses a 2.6.15.x kernel while the Professional version uses the 2.6.18.x kernel. Another note of significance is the addition of AIGLX/XGL to the Professional edition as well as the ability to use Mobile Broadband connections via 3G and other related technologies. Bluetooth is also available as well as the addition of the Beagle search utility."
Page editor: Rebecca Sobol Development Major release 1.1.3 of FLACFLAC, the Free Lossless Audio CODEC, is an audio coder/decoder application. The FLAC features document has this description:
FLAC stands for Free Lossless Audio Codec. Grossly oversimplified, FLAC is similar to MP3, but lossless, meaning that audio is compressed in FLAC without any loss in quality. This is similar to how Zip works, except with FLAC you will get much better compression because it is designed specifically for audio, and you can play back compressed FLAC files in your favorite player (or your car or home stereo, see
supported devices) just like you would an MP3 file.
FLAC formatted audio files are supported by a long list of
software applications on many operating system platforms.
FLAC is also supported by
Rockbox, an open-source
firmware replacement for portable music players.
FLAC can be used to compress common .wav files by a 2:1 ratio. Your author has used FLAC to work on an audio archiving project, as described in this article. Version 1.1.3 of FLAC was recently announced:
Almost 2 years in the making, FLAC 1.1.3 is a major release with improved compression, improved cover art and multichannel support, better recovery for corrupted files, many new features and options in the command-line tools, and several bug fixes. For developers, the decoder and encoder APIs have also been simplified and there is a new porting guide.
The changelog lists the latest improvements, including:
System Applications Audio Projects Rivendell v0.9.77 releasedVersion 0.9.77 of Rivendell, a radio station automation system, is out. "Issues addressed include the following: Broken PLAY Transitions -- Fixes random hangs and log stopdowns between events with PLAY transition type. Audio Importation Issues -- Fixes various issues with autotrimming and level normalization. RDLogManager Timed-Start Attributes -- Fixes a problem where an event would fail receive a Hard Time 'Start Immediately' attribute if the Pre-Import Carts list was empty."
CORBA omniORB 4.1.0 and omniORBpy 3.0 releasedomniORB 4.1.0 and omniORBpy 3.0 have been announced, both are stable versions and include some new features. "I am pleased to announce that omniORB 4.1.0 and omniORBpy 3.0 are now available. omniORB is a robust, high performance CORBA implementation for C++; omniORBpy is a version for Python."
Database Software PostgreSQL 8.2 releasedPostgreSQL 8.2 has been released. There's a fair amount of new stuff in this release, including significantly improved performance, SQL aggregates, advisory locks, and more. Click below for details and download information.
PostgreSQL Weekly NewsThe December 3, 2006 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
Printing PyKota 1.25 releasedVersion 1.25 of PyKota, a printer quota and accounting system, has been announced. "After more than six months of work, PyKota v1.25 Official is finally out. The most important new feature is support for the accounting of ink usage, although most of the work took place in the several releases of pkpgcounter published since this past summer."
Security Sussen 0.33 releasedVersion 0.33 of Sussen, a vulnerability and configuration issue checker, is out with bug fixes and other improvements.
Telecom 1bizCom 0.8.0.0 beta released (SourceForge)Version 0.8.0.0 beta of 1bizCom has been announced. "1bizCom is next generation web-based, multi-tenant, distributed, mulit-lingual, inbound, outbound Video enabled VoIP & VVoIP call/ contact center solution for Asterisk with Built-in phone, IVR, CRM, Predictive dialer, ACD, Chat, Mail, Fax, Video and other features. 1bC 0.8.0.0 beta is now available that includes major outbound call center software features."
Web Site Development Samizdat 0.6.0 releasedVersion 0.6.0 of Samizdat, an RDF-based engine for building collaboration and open publishing web sites, is out. "The version increase attributes to the gradual changes in 0.5.x series and incorporates almost two years worth of real-world deployment. Now that Samizdat has finally become a mature open publishing system, the road is cleared for more intrusive changes and major new features, such as free exchange and calendaring. In the way of major features, this version introduces ubiquitous message translations and RSS syndication. Many old tools are now more flexible and easier to use".
Desktop Applications Audio Applications Ardour 2.0 beta 9 releasedVersion 2.0 beta 9 of Ardour, a multi-track audio editor, has been announced. "The changelog is persnickety but fulsome".
HOgg 0.2.0 releasedVersion 0.2.0 of HOgg has been announced. "The HOgg package provides a commandline tool for manipulating Ogg files, and a corresponding Haskell library. This is the initial public release. The focus is on correctness of Ogg parsing and production. The capabilities of the hogg commandline tool are roughly on par with those of the oggz* tools[0], although hogg does not yet provide an equivalent to oggz-validate."
pyalsa - python midi wrappers and useful MIDI <-> alsa mixerPhil Frost has announced the pyalsa project. "PyAlsa is a set of wrappers for some parts of the ALSA library. Currently wrapped are some parts of the sequencer and mixer interfaces. Included with PyAlsa is midimix.py, an ALSA mixer controllable by MIDI. It has no GUI (by design) and can send feedback to move motorized faders and such when the mixer changes state in another application."
Desktop Environments GNOME 2.17.3 releasedVersion 2.17.3 of GNOME has been announced. "This is our third development release on the road towards GNOME 2.18.0, which will be released in March 2007. You all know what you have to do now. Go download it. Go compile it. Go test it. And go hack on it, document it, translate it, fix it."
GARNOME 2.17.3 announcedVersion 2.17.3 of GARNOME, the bleeding edge GNOME distribution, is out. "This release includes all of GNOME 2.17.3 plus a whole bunch of further updates. This is the third release in the unstable cycle, with more features, more fixes and yet more madness added."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit-Digest (KDE.News)The December 3, 2006 edition of the KDE Commit-Digest has been announced. The content summary says: "Substantial work and improvement in the font installation KControl module. Support for OpenDocument annotations in Okular. New Interface ideas and consistency work in Amarok. KTabEdit gets better support for the 'Guitar Pro' file format. Iceland map added to KGeography. Work starts on a new keyboard rendering engine in KTouch, and on a model/view interface implementation for KVocTrain. Early work on a Phonon backend for KsCD. Speed optimisations in Strigi, with experimental probing for the feasibility of leveraging the inotify daemon. Experimental code sees Akonadi become searchable through Strigi. Kross, the multi-language application scripting framework, loses its dependency on KOffice and moves into kdelibs as the cornerstone of scripting in KDE 4."
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
Electronics gnucap 2006-12-04 releasedDevelopment snapshot 2006-12-04 of gnucap, a circuit analysis package, has been announced. "This snapshot keeps the new way devices and models are dispatched, and adds two user commands "attach" and "detach". These commands allow the user to add and remove plugins at run time. The 2006-11-snapshot added the capability to add something just by linking it, with no other changes required. This version adds the ability to do it manually at run time. Work on Verilog-AMS is going well."
Financial Applications SQL-Ledger 2.6.21 releasedVersion 2.6.21 of SQL-Ledger, a web-based accounting package, is out with a new whitelist script variable. See the What's New document for change the project history.
Multimedia XMMS2 0.2 releasedVersion 0.2 of XMMS2, the descendent of the popular XMMS music player, is out. "This release is minor features addition and we wanted to get it out before merging collections and waf migration. This (I know) has been stated before, but this time we might even do it."
Music Applications New MMA feature: melody creationExperimental auto-generation of melodies has been added to MMA. "A few discussions with one enthusiastic user and some false starts later, I've come up with the idea of having a new track I've called an ARIA. Using pattern definitions, much like those used in other MMA tracks, you set a framework for MMA to generate a melody over a given set of chord changes."
Office Applications HylaFAX 4.3.1 releasedVersion 4.3.1 of HylaFAX, a utility that can send and receive FAXes, has been released. "This release introduces a powerful new email templating system that offers an unprecedented level of control over the branding of the email messages HylaFAX sends, and so we encourage you to check it out. No release would be complete without bugfixes of course, and this one has plenty. As always, our sincerest thanks go to all who participate in the development and testing process."
Office Suites OpenOffice.org 2.1.0rc2 (OOE680_m6) is outRelease candidate 2 of OpenOffice.org 2.1.0 has been announced. See the release notes for a long list of new features.
OpenOffice.org NewsletterThe November, 2006 edition of the OpenOffice.org Newsletter is out with the latest OO.o office suite articles and events.
Video Applications xjadeo 0.4.0-rc1 announcedVersion 0.4.0-rc1 of xjadeo is available. "Xjadeo is a simple movie player that synchronizes video to an external time source such as jack transport. It is intended to aid sound composition to a video clip. This is a rewrite of the previous 0.1 release and a conclusion of the ongoing development during the last year."
Miscellaneous OmegaT 1.6.1 Update 1 releasedVersion 1.6.1 Update 1 of OmegaT is out with bug fixes. "OmegaT is a free and open source multiplatform Computer Assisted Translation tool with fuzzy matching, translation memory, keyword search, glossaries, and translation leveraging into updated projects."
Languages and Tools Caml Caml Weekly NewsThe December 5, 2006 edition of the Caml Weekly News is out with new Caml language articles.
Haskell Haskell Communities and Activities ReportThe Eleventh edition of the Haskell Communities and Activities Report is online. "Welcome to the eleventh edition of the Haskell Communities and Activities Report a collection of entries about everything that is going on and related to Haskell in some way that appears twice a year."
Haskell Weekly NewsThe December 5, 2006 edition of the Haskell Weekly News is online. This week we see the 11th Haskell Communities and Activities Report released, Visual Haskell 0.2 is available, and a suite of new libraries and applications are announced.
Java Java Generics and Collections: Evolution, Not Revolution, Part 2 (O'ReillyNet)O'Reilly presents part two of an excerpt series by by Maurice Naftalin and Philip Wadler. "In the second part of an excerpt from Java Generics and Collections, authors Maurice Naftalin and Philip Wadler continue their study of how to adopt Java 5.0 generics in a measured, sustainable fashion. Having shown how to genericize a library while leaving the library in legacy mode, they now present three approaches to the opposite scenario: genericizing a client that uses a non-genericized library."
Perl This week on the Perl 6 mailing lists (O'Reilly)The December 3, 2006 edition of the Weekly Perl 6 mailing list summary is out with coverage of the latest Perl 6 developments.
Python Python-URL!The December 4, 2006 edition of the Python-URL! is online with a new collection of Python article links.
Tcl/Tk Dr. Dobb's Tcl-URL!The December 6, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.
XML XSLT as Pretty Printer (XML.com)Hew Wolff uses XSLT for print formatting on O'Reilly's XML.com. "Recently I was wading through some hard-to-read XML files. Art & Logic, the company I work for, was helping a client to build an Ajax-style Web interface that used XML to talk to the backend and client-side XSLT to produce the HTML. I found myself reformatting the XML by hand to make things easier and finally wondering as I hit the spacebar yet again: couldn't an XSLT style sheet do this formatting for me? I had done something similar before, so I decided to try writing that style sheet, using a test-driven approach. Some hours later I had a handy utility, and a new appreciation for some of the wrinkles of XML. Here's a cleaned-up account of what I did."
IDEs Discover the Ajax Toolkit Framework for Eclipse (IBM developerWorks)Tim McIntire introduces the Ajax Toolkit Framework for Eclipse in an IBM developerWorks article. "The Ajax Toolkit Framework (ATF) is a core piece of the new Open Ajax initiative, which aims to increase accessibility to the powerful Web programming technique through the Eclipse Foundation. The ATF extends the Eclipse Web Tools Platform (WTP) by adding an Asynchronous JavaScript and XML (Ajax) development environment for a variety of open source Ajax tool kits, including Dojo, Zimbra, and Rico. This article includes a HelloWorld example in which you install and configure the ATF, then use Eclipse and Dojo to create a basic Web application."
Page editor: Forrest Cook Linux in the news Recommended Reading For $150, Third-World Laptop Stirs Big Debate (New York Times)The New York Times is running a front page article on the One Laptop Per Child (OLPC) project. "When computer industry executives heard about a plan to build a $100 laptop for the developing worlds children, they generally ridiculed the idea. How could you build such a computer, they asked, when screens alone cost about $100? Mary Lou Jepsen, the chief technologist for the project, likes to refer to the insight that transformed the machine from utopian dream to working prototype as a really wacky idea. Ms. Jepsen, a former Intel chip designer, found a way to modify conventional laptop displays, cutting the screens manufacturing cost to $40 while reducing its power consumption by more than 80 percent. As a bonus, the display is clearly visible in sunlight." (Thanks to Jonathan B. Horen.)
Child's play: Sneaking a peek at the OLPC OS (Linux.com)Linux.com takes a look at the OLPC laptops. "The first One Laptop Per Child hardware devices are still months from deployment, but you can sneak a peek at their Sugar desktop environment and bundled applications by running an OS image under an emulator. It's a great way to finally get some hands-on time with this long-anticipated project, even though it's not perfect."
How Vista Lets Microsoft Lock Users In (InformationWeek)InformationWeek has an article by Cory Doctorow on Microsoft's use of "trusted computing" technologies to lock up its document formats. "Vista is the first operating system to begin to use the features of the Trusted Computing Module, though for now, Microsoft is eschewing the use of 'Remote Attestation' where software is verified over a network (they've made no promise about doing this forever, of course). No company has spent more time and money on preventing its competitors from reading its documents: remember the fight at the Massachusetts state-house over the proposal to require that government documents be kept in open file-formats?"
The SCO Problem Kimball Rules: SCO's Objections Denied! (Groklaw)Groklaw has a new ruling from Judge Kimball in the SCO case reaffirming the magistrate's order tossing out much of the company's purported evidence. "The court finds that SCO failed to comply with the courts previous discovery-related Orders and Rule 26(e), that SCO acted willfully, that SCOs conduct has resulted in prejudice to IBM, and that this resultthe inability of SCO to use the evidence at issue to prove its claims should come as no surprise to SCO." The end gets a little closer.
Companies Why Flash 9 for Linux is taking so long (Linux.com)Linux.com looks into the reasons behind the delay of Adobe's Flash 9 player for Linux. "Adobe skipped a version of Flash for Linux and released stable versions of the Flash 9 player for Windows and Mac OS X long before the beta of Flash 9 to Linux users. Paul Betlem, senior director of engineering for Adobe, explained why the process is taking so long. Betlem says that several factors have contributed to the tardiness of Flash on Linux. The primary problem, says Betlem, is the complexity of porting the Flash player to Linux due to differing libraries used for sound, video, and type on different Linux distributions."
HP racks up 100,000 Linux server sales in UK (PC Pro)PC Pro reports on a new HP Linux server sales landmark. "HP has sold its 100,000th Linux-based server in the UK. The company has also shipped over 1,500,000 Linux servers worldwide, it has announced. The company pointed to figures from IDC that showed 32.7 per cent year-on-year growth in Linux server shipments by the company, gaining five percentage points of unit market share."
Novell announces Linux-based Open Enterprise Server 2 (Linux-Watch)Linux-Watch looks into Novell's announcement of their upcoming Linux-based Open Enterprise Server 2 operating system. "Although OES 2 won't be out until early in the second quarter of 2007, it already has support commitments from Novell's software partners. The list currently includes backup solution vendors CA, Commvault, Symantec, and Syncsort, along with anti-virus software vendors McAfee and Trend Micro. OES, which will be based on Novell's SLES (SUSE Linux Enterprise Server) 10, is designed to be a drop-in replacement for Novell NetWare servers, and as a direct competitor to Microsoft's Server 2003."
Linux lab cuts staff, focuses on legal issues (ZDNet)ZDNet reports on layoffs at Open Source Development Labs. "CEO Stuart Cohen resigned to pursue opportunities with higher-level open-source software, and nine employees in technical and administrative roles lost their jobs, said Mike Temple, OSDL's chief operating officer and its new leader. That leaves a staff of 19, including Tom Hanrahan in charge of engineering, Diane Peters in charge of legal work, and top Linux programmers Linus Torvalds and Andrew Morton."
Linux at Work Turbolinux proposes mobile Linux for consumers (EETimes)EETimes reports on the latest efforts by Turbolinux, Inc. "Turbolinux, Inc., a major Linux operating system supplier in Japan, said it will offer a Linux booting device in an iPod-sized media player as a way to promote Linux among consumers. Dubbed "Wizpy," the player uses flash memory in a portable media player with radio and audio recording functions. More important, it functions as a USB flash memory drive that can boot Linux on PCs, enabling users to establish their own Linux working environment, browser, mailer and application software."
Legal Patent Office Asked to Review and Revoke Blackboard PatentThe Software Freedom Law Center has filed a request with the US Patent and Trademark Office (USPTO) to re-examine the Blackboard e-Learning patent. "Blackboard, Inc., maker of web-based software that allows teachers and students to interact outside of the classroom, was awarded the patent on January 17, 2006. The patent, "Internet-based education support system and methods" (U.S. 6988138), grants Blackboard a monopoly on most educational software that differentiates between the roles of teacher and student until the year 2022."These articles on NewsForge and Groklaw examine the case in more detail.
Interviews University Students to Enhance KDE (KDE.News)KDE.News has an interview with some students working on KDE. "A group of students at the Paul Sabatier University in Toulouse will be collaborating on the KDE projects KPlato and Umbrello as part of their Institut Universitaire Professionalisé en Ingénierie des Systèmes Informatiques (Professional Institute of Computer Software Engineering) course of study."
Looking Back on Three Years of OpenUsability with Jan Muhlig (KDE.News)KDE.News talks with Jan Mühlig. "Just following the recent World Usability Day and a few months past the third birthday of OpenUsability I took some time to talk to Jan Mühlig, one of the OpenUsability founders and to get an inside look at some of the history of the project, how it works from the inside and some of the current direction."
Resources Housekeeping utilities for Debian packages (Linux.com)Bruce Byfield discusses some lesser-known Debian package management tools in a Linux.com article. "For all the efficiency and continued evolution of Debian's APT tools, some gaps in package management functionality remain. One of the largest ones is that, when a package is removed, any other packages that depend on it are not removed. The result is a growing number of orphans on the system -- that is, packages that serve no purpose for the system as a whole, although in some cases they continue to be useful individually. Similarly, while you can keep track of security announcements for Debian or distributions derived from it, the basic package system has no way of telling you which vulnerabilities might affect your system. To compensate for these lacks, you can turn to a group of housekeeping tools that make maintaining your Debian system easier and more efficient."
Lightweight Linux for High-Performance Computing (LinuxWorld.com)LinuxWorld.com takes a look at lightweight Linux for HPC. "Linux has long provided an outstanding operating system for a wide range of users in a variety of settings. However, high-performance computing users, who must run applications on thousands of nodes, historically have faced challenges that Linux could not effectively address."
When Linux Runs Out of Memory (O'ReillyNet)O'ReillyNet looks at what happens when a Linux system runs out of memory. "Perhaps you rarely face it, but once you do, you surely know what's wrong: lack of free memory, or Out of Memory (OOM). The results are typical: you can no longer allocate more memory and the kernel kills a task (usually the current running one). Heavy swapping usually accompanies this situation, so both screen and disk activity reflect this."
Linux Gazette #133The December 2006 edition of Linux Gazette is out. Articles in this edition include Easy Shell Scripting, Installing Knoppix, Plotting the spirograph equations with 'gnuplot', Poor Man's Laptop: Richer Features, Learning about Linux Processes, and much more.
Reviews Bastille: rated security with education (Linux.com)Linux.com takes a look at Bastille. "Bastille is a program for improving system security on Debian, Fedora, Gentoo, Mandriva, Red Hat Enterprise Linux, and SUSE. Unlike packet sniffers, anti-virus programs, and the majority of security programs available today, Bastille does not wait to react to possible security breaches, but prevents them by removing system vulnerabilities. With many distributions softening security in their default installations in the name of convenience, this approach is enough by itself to make Bastille an essential program."
The Linux way to Flickr (Linux.com)Linux.com looks at the Flickr Web portal. "The Flickr Web portal allows people to publish and share online, grouped and tagged by subject, whole galleries of digital pictures. You can use Flickr with several GNU/Linux-based applications. Developers can also use the API published on the Web site to obtain an API_KEY and build new interfaces to download, upload, or process pictures in Flickr. What might be less known is that Flickr already is another place where GNU/Linux users can meet, as well as a potentially very useful advocacy tool."
Multifunction media player targets Nokia Linux tablets (LinuxDevices.com)LinuxDevices covers the beta release of the Canola media player for Nokia's Linux-based 770 and forthcoming "870" Internet tablets. "The Instituto Nokia de Tecnologia in Brazil released the first beta of the Canola media player for Nokia's Linux-based 770 and forthcoming "870" Internet tablets. Canola can index and render local and network-based music, video, and photos; podcasts; photocasts; and Internet radio."
The Ruby Way (Linux Journal)Nicholas Petreley reviews The Ruby Way on Linux Journal. "I've wanted to tackle Ruby for quite some time. Luckily, Addison-Wesley just sent me a copy of The Ruby Way, Second Edition by Hal Fulton. This is one of those books that makes me think publishers feel the need to sell books by the pound. The sad part about that is that, in many cases, books printed by the pound contain tons of fluff and useless information. Not so with The Ruby Way. Every page contains gems valuable for anyone who wants to program with Ruby."
Miscellaneous OpenOffice.org announces contest winners (Linux.com)Linux.com covers the OpenOffice.org template and clipart contest. "OpenOffice.org has announced the winners of its template and clipart contest. The judges distributed a total of five cash prizes totalling $1,700 for templates, and three cash prizes totalling $1,300 for clipart, as well as two Honorable Mentions for templates. In addition, the project will send T-shirts and other OpenOffice.org merchandise to many of the other entrants."
Of hypocrisy and the FSF (Libervis)Libervis asks why the FSF sites run Debian when Debian is not on the FSF's list of free distributions. Quoting Richard Stallman: "We did not install any of that non-free software, so it is ok for us to run Debian. But we cannot recommend its servers to the public. Other people might install the non-free software from the site."
Page editor: Forrest Cook Announcements Non-Commercial announcements EFF: Self-Help Group Backs Off Attack on Internet CriticThe Electronic Frontier Foundation has sent out a media release concerning a self-help group's attempt to uncover an anonymous poster. "Landmark Education, known for its Landmark Forum motivational workshops, served a subpoena for the identity of an anonymous user of Google Video last month, claiming that a French documentary posted by the user infringed Landmark's copyrights. The piece, entitled "Voyage Au Pays Des Nouveaux Gourous" (Voyage to the Land of the New Gurus), is highly critical of Landmark and included hidden camera footage from inside a French Landmark Forum event along with panel discussions about the group." Landmark has withdrawn the subpoena.
Commercial announcements Adaptive Planning Express Edition 3.0 ReleasedAdaptive Planning has announced the release of Adaptive Planning Express Edition Version 3.0. The latest version of Adaptive Planning's open source budgeting and forecasting application is available via free download from SourceForge.
Ampro Accelerates EPIC Form Factor Performance to 1.8 GigahertzAmpro Computers, Inc. has announced the availability of their 1.8 GHz Pentium M 745 processor EPIC single board computer. "At a mere 4.5" x 6.5" (115mm x 165mm), the 1.8 GHz ReadyBoard 800 implements high CPU and I/O performance in a size that is 34% smaller than the Mini-ITX form factor. The Intel(R) 82855 chipset is featured, with up to 1GB DDR 333 SODIMM RAM, (4) USB 2.0 ports, (4) serial ports, (2) serial ports with RS-422/485 capability, EIDE, Gigabit Ethernet, 10/100 Ethernet with Wake on LAN support, LVDS, (8) general-purpose I/O (GPIO) pins, integrated chipset graphics, and PCI-104 expansion (PCI bus)."
Compiere hires a community relations managerBack in October, LWN wrote about Compiere's difficulties in its relationship with its development community. Compiere Inc. has now announced the hiring of Dawn Foster (or "Geekygirl Dawn Foster" on her weblog) as "director of community and partner programs." "Foster will serve as a liaison between Compiere and the open source community to ensure the company is effectively communicating with the community, while encouraging community contributions to the Compiere ERP & CRM project. She will also be responsible for managing Compieres recently expanded partner program and relationships with Compiere partners, many of whom are active participants in Compieres open source community."
Jive Software launches IgniteRealtime.org web siteJive Software has announced the launch of their IgniteRealtime.org web site. "IgniteRealtime.org is a community website intended to increase support of Jive Software's active developer and user communities. IgniteRealtime.org builds upon the tremendous success of Jive Software's Open Source EIM products by evolving the website from a source code destination to the single biggest XMPP-centric product community on the Web, with a goal of driving the adoption of XMPP as the primary standard for open, real-time communications."
Novell's Susan Heystee to Oversee Microsoft Pact in Strategic Partner RoleNovell, Inc. has announced the appointment of Susan Heystee. "Novell has appointed Susan Heystee, recently named vice president and general manager for Global Strategic Partners, to manage the relationship with Microsoft under the recently announced Novell-Microsoft agreement to promote Linux* and Windows* interoperability. Heystee will oversee both the business and technical cooperation components of the agreement, ensuring that Novell(R) customers gain the maximum benefit from interoperability work around Linux."
Novell Appoints Colleen O'Keefe to Lead Services BusinessNovell, Inc. has announced the appointment of Colleen O'Keefe as senior vice president of services at Novell. "Former NCR executive, O'Keefe will oversee Novell's technical support offerings, critical competitive differentiators for Novell in the Linux market."
Novell adds OpenXML to OpenOffice.orgNovell has sent out a press release proclaiming its intent to implement OpenXML support for OpenOffice.org. "Novell will release the code to integrate the Open XML format into its product as open source and submit it for inclusion in the OpenOffice.org project. As a result, end users will be able to more easily share files between Microsoft Office and OpenOffice.org, as documents will better maintain consistent formats, formulas and style templates across the two office productivity suites."
Novell's fourth-quarter resultsNovell has announced its "preliminary" quarterly and annual results. "During the fourth fiscal quarter 2006, Novell reported $13 million of revenue from Linux Platform Products, up 32 percent year-over-year."
OpenLogic expands OpenLogic Expert CommunityOpenLogic, Inc. has announced the expansion of the OpenLogic Expert Community. "The OpenLogic Expert Community is the first program to provide consolidated, commercial-grade support across a wide range of open source products by tapping the open source development community for enterprise support. OpenLogic currently offers enterprise support for more than 160 certified open source products -- providing a single point of contact for enterprise open source issues. Through the Expert Community, OpenLogic pays qualified experts for help in resolving the most complex issues and shepherds enterprise issues through the entire process to resolution."
PolyServe Joins Red Hat Advanced Software Partner ProgramPolyServe, Inc. has announced that it has joined the Red Hat Advanced Software Partner Program. "Membership in the program ensures customers that PolyServe's shared data clustering software solutions for Linux have been tested for and are certified with Red Hat Enterprise Linux, are supported under the Technical Support Alliance Network (TSANet) cooperative support forum, and are compliant with Red Hat's guidelines for interoperability."
Sun releases some development toolsSun Microsystems has announced the release of its "NetBeans C/C++ Development Pack" and "NetBeans Visual Web Pack" tools. The C/C++ tools are available under the CDDL; the "Visual Web Pack," instead, is available under the rather more restrictive "Sun entitlement for software".
Terracotta Goes Open SourceTerracotta, Inc. has announced that the company is open sourcing its Java clustering product line to accelerate adoption by developers using open source frameworks. The announcement is followed by a second press release (click below for both) on the software companies and projects that are backing Terracotta's move to open source its Java Virtual Machine (JVM) clustering software.
Virtual Bridges upgrades Win4Lin ProVirtual Bridges, Inc. has announced a major upgrade to its Win4Lin Pro product. "Win4Lin Pro Desktop allows Linux users to run Windows applications from the security of the Linux desktop. Win4Lin Virtual Desktop Server is the enterprise/SMB product for delivering Windows applications on thin clients via a Linux server. The Win4Lin Pro 3.5 upgrade includes new functionality, support for newer Linux distributions, performance improvements and a roll-up of the maintenance releases since Win4Lin Pro 3 which was released in May 2006."
New Books No Starch Press releases "The Book of JavaScript" Second EditionNo Starch Press has published the book The Book of JavaScript, Second Edition: A Practical Guide to Interactive Web Pages by thau!.
Cryptography for Developers released by Syngress PublishingSyngress has published the book Cryptography for Developers by Tom St. Denis.
Head First Object-Oriented Analysis and Design - New from O'ReillyO'Reilly has published the book Head First Object-Oriented Analysis & Design by Brett D. McLaughlin, Gary Pollice, and David West.
Information Architecture for the World Wide Web, Third Edition - New From O'ReillyO'Reilly has published the book Information Architecture for the World Wide Web, Third Edition by Louis Rosenfeld and Peter Morville.
Contests and Awards Ekiga awarded in Soissons (GnomeDesktop)GnomeDesktop has announced the winning of an award by the Ekiga project. "Ekiga won last week one of the Free Software Awards in Soissons (France). Ekiga was nominated in the "Multimedia" category. The jury appreciated the quality of the project and the fact that it was original (GnomeMeeting was the first Open Source GUI to support VoIP together with video and the H.323 standard on GNU/Linux in 2001). It is now the first Open Source application to support multiple major VoIP protocols at the same time, again with audio and video."
Winner announced for the GnuPG logo contestThomas Wittek from Cologne has won the GnuPG logo contest. "He will soon see his design used with GnuPG and also receive 50 percent of the received donation (we received as of now 215 Euro but further donations won't be rejected)."
Education and Certification LPI changes recertification policyThe Linux Professional Institute has announced a change in its recertification policy. "The Linux Professional Institute (LPI), the world's premier Linux certification is changing the organization's "Recertification Policy" to ensure that the skills and knowledge of Linux professionals continues to be relevant and current. Candidates who have earned LPIC certifications will have to re-certify every five years or alternatively earn a higher certification status. Previously recertification was only required after ten years."
Novell Supports LPI's upcoming Enterprise-Level certificationThe Linux Professional Institute (LPI) and Novell have announced cooperation of Novell on the development of LPI's upcoming enterprise-level certification program, LPIC-3. "LPIC-3 will be LPI's senior certification level for Linux professionals, requiring candidates to hold both LPIC-1 and LPIC-2 designations. LPI will launch the program in January 2007 and will hold the first North American exam lab at Novell's BrainShare(R) event in March 2007."
TimeSys Expands Educational Webinar Series for Embedded Linux DevelopmentTimeSys has announced an expanded webinar series for embedded Linux developers. "Beginning in early December, the new topics are designed to help developers that are new to embedded Linux, showing the steps to boot Linux on a target embedded board, get a sample application to run on the board, and help attendees understand the options available for filesystems to use with their project."
Calls for Presentations 2nd Call for Talks for the FOSDEM Debian Developer's roomThe second Call for Talks has gone out for the FOSDEM Debian Developer's room. "About a month ago, I sent out a first Call for Talks to the debian-project and debian-events-eu lists. In the mean time, I did receive an official confirmation that we will be able to get a DevRoom at FOSDEM for the whole weekend; more specifically, we will be having room AW1.125, which has 76 seats, on saturday from 14:15 to 19:00, and on sunday from 09:00 to 18:00."
NLUUG 2007 spring conference Call for PapersA call for papers has gone out for the NLUUG 2007 spring conference. The event takes place in Ede, the Netherlands on May 10, 2007, submissions are due by December 31.
Upcoming Events PyCon 2007 announcedPyCon 2007 has been announced. "PyCon 2007, the fifth annual conference of the Python community, will take place February 23-25 at the Dallas/Addison Marriott Quorum hotel. The keynote speakers will include Ivan Krstiæ, from the One Laptop Per Child project; Adele Goldberg, a developer of Smalltalk; Robert R. Lefkowitz, an expert on the use of open source in business; and Guido van Rossum, the creator of Python."
SCALE 5x Opens For Registration (LinuxMedNews)LinuxMedNews has announced the registration for SCALE 5X. The event takes place on February 10-11, 2007 in Los Angeles, CA. "The Expo is now accepting early registrations. A full pass (expo floor and seminars is $60 until January 24, 2007, and $70 thereafter, a student pass is $30 until January 24, 2007, and $35 thereafter, and an expo-floor-only pass is $10. Join us for over 40 seminars and tutorials. Presentations from Chris Dibona, Ted Haeger, Don Marti, and more! Expo floor will include exhibits by Dell, ClearHealth, Google, Krugle, Ingres, Trolltech, and others."
Registration Open for VistA Community Meeting (LinuxMedNews)LinuxMedNews has announced the registration for the 14th VistA Community Meeting. "K.S. Bhaskar writes: As you may be aware, the next VistA Community Meeting will be at the National Institute of Standards and Technology, Gaithersburg, MD, USA, Tuesday through Thursday, January 9-11, 2007. We hope that you will be able to attend."
Events: December 14, 2006 to February 12, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Audio and Video programs Akademy 2006 Review and Videos (KDE.News)KDE.News mentions the availability of coverage from the aKademy 2006 conference. "Linux Magazine have put their overview of aKademy 2006 -- the KDE World Conference -- online from their December 2006 issue. They describe how aKademy helped plan the road to KDE 4, and also report on the widely-successful OpenDocument day. There is also a review of KAlarm available from the same issue. In other aKademy 2006 news, the videos of the presentations and talks are now being uploaded."
The Linux Action Show interviews Novell Rep on Microsoft-Novell dealThe Linux Action Show has an interview with Novell's Director of Marketing for Linux and Open Source Platforms. "The Linux Action Show gets Novell's take on the Microsoft/Novell deal straight from the source: The Director of Marketing for Linux and Open Source Platforms at Novell. They Ask the questions and concerns on the minds of the community, plus they get the insider's track on Suse Linux Enterprise, openSUSE and more."
Web 2.0 - Barry Diller and Arthur Sulzberger (O'ReillyNet)O'Reilly presents an audio podcast from the Web 2.0 Summit. "Barry Diller and Arthur Sulzberger, Jr. talked to Web 2.0 Summit program chair John Battelle about publishing content online. Sulzberger is chairman of The New York Times Company which now includes NYTimes.com, Boston.com, and About.com. Diller is the chairman and chief executive officer of IAC/InterActiveCorp, and chairman of Expedia, Inc. In the second half of their discussion they turn to community created content and answered questions about its role in their various websites."
Page editor: Forrest Cook Letters to the editor LWN forums
Dear LWN editors,
Page editor: Jonathan Corbet
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Ryzom]](http://www.ryzom.com/multimedia/screenshots/fyros-desert/fyros%20special%20place03.jpg/image_view_fullscreen)
![[Ryzom]](http://www.ryzom.com/multimedia/screenshots/matis-forest/image.jpg/image_view_fullscreen)
![[FLAC]](/images/ns/flac.png)