LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for January 11, 2007Looking forward to Fedora 7LWN readers will, by now, be well familiar with the fact that the Fedora universe is changing. There will be no more Fedora Core releases, and the repository known as Fedora Extras is going away. In their place will be a combined distribution known simply as Fedora, with the next release being called Fedora 7. The Fedora community is busily trying to figure out just what that release is going to look like.Bill Nottingham posted a discussion document on January 4. It keeps the previously-discussed schedule, with the first test release happening on January 30 and general availability of Fedora 7 on April 26. There's a long list of objectives for this release, some of which are:
There's much more on the list, but the above should be enough to give a sense for what is going on. The Fedora developers would like to improve their distribution in a number of significant ways, and in a very short period of time. Most of the desired changes are uncontroversial. The creation of a desktop version of the distribution, however, has been the subject of a fair amount of discussion. The Fedora distribution has traditionally been fairly strongly tied to the GNOME desktop. As Fedora tries to expand its community, though, there is a stronger set of voices calling for support of a KDE version of Fedora as well. Nobody seems to oppose that idea, but there is still a shortage of consensus on how it should be done. As often seems to happen in community discussions, the Fedora developers have gotten hung up on a relatively unimportant issue: naming. Current plans call for the GNOME-based version of the distribution to be named "Fedora Desktop," while the KDE-based version would be "Fedora KDE." The KDE users, who were under the impression that they had a desktop too, think that this naming goes against the idea of KDE being an equal citizen. Others claim that "Fedora Desktop" is meant to be a combination of the "best of breed" desktop software, most of which just happens to come from the GNOME project. They hold out the possibility of a separate "Fedora GNOME" version for GNOME purists; it would feature tools like AbiWord, Gnumeric, and Epiphany, which currently have failed to qualify for the "best of breed" designation. This idea doesn't seem to make the KDE community feel much better. Jeff Spaleta has posted a call for peace on this issue, saying:
But more importantly in the near term. the fact that there is going to
be a KDE spin is a fundamentally important step in terms of opening
the process for community involvement. How about we, as engaged and
proactive community members, focus on making the technical side of
that happen. Whether the Desktop spin is called the Desktop spin or
the 'Office Professional Workforce of Doom' spin its trivially
unimportant compared to helping Rex get the KDE spin out the door.
On the technical side, the biggest disagreement would appear to be over whether Firefox should be included. There has also been some discussion of OpenOffice.org and Evolution. In each case, there seems to be some tension between a "pure" KDE system and a desire to include applications that some users are likely to want. Since the unwanted presence (or absence) of any of these tools is relatively easy to correct after installation, one assumes that a solution will be found that everybody is able to live with. This kind of discussion is not new in the free software community, but it is relatively new to Fedora. As this distribution opens up and accepts more input from outside of Red Hat, there is no doubt that it will get more opinions as well. How these newcomers are accommodated will have a big effect on how successful a more community-oriented Fedora will be. We should see some concrete signs of how well the community is working sometime around late April.
Second Life releases some codeThere is a wide variety of online role-playing games on the net. Second Life is unique among them, however, and not just for the lack of quests to fulfill or monsters to kill. In the Second Life environment, "residents" can lease "property" and create interesting artifacts through the use of a built-in scripting language. The environment has proved free and powerful enough to bring together hundreds of thousands of people, many of whom have engaged in large-scale acts of world building. Second Life has shown what can happen when the tools of creation are available to all, but it remains a proprietary service running on proprietary software.As of January 8, however, Second Life has become a little less proprietary. Linden Lab, the company which owns Second Life, has announced the release of the Second Life viewer application under version 2 of the GPL. The viewer is the client which runs on the user's system; it is a significant chunk of code. Its release should enable interested developers to enhance the Second Life experience - and, perhaps, stabilize the Linux client somewhat. The way is not yet clear for an entirely free Second Life client, however, as the released code depends on a number of libraries shipped in binary form. Interestingly, many of those libraries (cURL, expat, Mesa, ogg/vorbis, openssl, zlib, etc.) are free software; it is not clear why Linden feels the need to ship its own copies of them. There are a couple of proprietary libraries in there as well, however. Linden hopes to either relicense or route around those libraries in the near future; a quick glance by your editor suggests that this objective should not be too hard to achieve. The Second Life client would appear to be almost free. Those who would hack on the client code must sign a contributor agreement [PDF] before contributing any changes back. This agreement is essentially a copyright transfer; it allows Linden to do anything it wants with the code. Linden offers commercial licensing terms, so contributors should be sure that they have no objections to that use of their code. The freeing of this code is a good thing; it brings the free software world that much closer to being a first-participant in the creation of interesting virtual worlds. It is only a beginning, however. The bulk of the logic which implements Second Life lives on the server side, and that code remains proprietary. Imagine if the original WWW browsers had been released into a world where a single company owned the only web server; that is, to a first approximation, where we stand with Second Life at this time. As long as this state of affairs persists, Second Life will remain just another proprietary service. Linden has some grand visions for how Second Life could grow:
A lot of the Second Life development work currently in progress is
focused on building the Second Life Grid - a vision of a globally
interconnected grid with clients and servers published and managed
by different groups. Expect many changes and updates in the coming
months in support of this architecture.
Now that sounds like fun, but it will only reach its potential if the server code is free. Linden continues to make noises - but no promises - about freeing this code. The freeing of the client is a good start; it shows that Linden is serious about involving the community. Releasing the server code will require a rather larger leap of faith on Linden's part, however; the server is where the company makes its money. Let's hope that Linden can find a way to take that leap.
Hardware that Just WorksFor whatever reason, there has recently been increase in the number of corporate LWN subscribers who want to receive information by fax. Your editor, having long seen facsimile as a sort of quaint technology for people who don't have email access, has never kept a fax machine around; there just hasn't been much call for it. Recently, however, wandering over to the local mailbox outlet to send faxes has become somewhat tiresome - and time consuming. The printer was showing signs of old age as well, so it seemed it was time to get a new toy in the form of one of those all-in-one devices which can print, scan, copy, and, yes, send faxes.A long stint as a system administrator was enough to teach your editor that the management of printers ranks high on the list of Truly Obnoxious Tasks. For whatever reason, making printers work properly has always been painful, whether one is connecting a dot-matrix line printer to a VAX or a contemporary inkjet to a Linux system. So your editor approached the task with some trepidation, and with a fair amount of advance research. To this end, the linuxprinting.org site, which was merged into the Free Standards Group last year, remains an invaluable resource. Your editor ended up with an HP OfficeJet device which performs all of the required functions. It may yet be convinced to wash the dishes as well, though it seems that feature is not yet well supported under Linux. Everything else is, however. Printing Just Works. Scanning with xsane Just Works. Overall, it is a very nice device, and making it work with Linux was just about painless. A great deal of credit is due to HP, which has made free drivers available for its hardware. Thanks to this openness on HP's part, its hardware is fully supported on Linux systems and can be used to its full potential. That policy just resulted in another sale for HP, and, probably, many others. It behooves us to be sure that HP hears that feedback from its Linux customers. If manufacturers understand that supporting Linux means more sales, they will support Linux. Credit is also due to the HPLIP project, which has packaged HP's drivers with a significant amount of support code. HPLIP integrates well with CUPS, which has done a great deal to civilize printing on free systems. Finally, the distributors have done a lot of work to make the setup of new printers easy. All of this work has transformed an administrator's job; when your editor thinks back to writing lpd output filters for a new device, he feels an immediate need for a strong drink. Now it has become necessary to find a new excuse for drinking. Congratulations to all of those who have managed to bring about such an improvement over a few short years.
linux.conf.auThe seventh edition of linux.conf.au starts on January 15 in Sydney. Over the years, linux.conf.au has become one of the most vibrant, interesting, and just plain fun free software events on the planet. This year's program looks likely to continue the trend. LWN editor Jonathan Corbet is lucky enough to be speaking at the event; come and say "hi" if you're in the area.
Security Tracing behind the firewallA new tool, 0trace, that can sometimes peek through a firewall and provide information about the hosts and addresses living behind it was recently released. The tool itself is in a rough, proof-of-concept form, but it can provide interesting results that are likely unexpected by the network administrator. A bit of a look at how 0trace accomplishes this feat requires a bit of firewall background as well. Many firewalls use Network Address Translation (NAT) to multiplex multiple internal computers over one external, routable, IP address. When an internal host makes a connection to the outside world, the NAT device rewrites the addresses in the packets so that the external host believes it is talking to the firewall itself rather than the actual host (which is typically in the private, unroutable IP space). In order to do that, the NAT device records information about the connection: the IP addresses for the internal and external hosts as well as port information. It is this established connection table that 0trace exploits in order to do its work. The basic scheme is much the same as traceroute in that 0trace sends packets with increasing time-to-live (TTL) values and listens to the ICMP "time exceeded" responses to determine the hosts that the packet has traversed. The difference is that 0trace uses an established connection to piggyback its probes on. Because many NAT implementations do not closely examine packets that are associated with an established connection, those responses, even from internal hosts, are forwarded along. Users of traceroute are familiar with the '*' character that gets printed when there is no response from one of the hops; tracing a route these days typically ends in a series of hops without a response resulting in several rows of '* * *'. These are often systems that are behind firewalls which filter out the probe packets that traceroute sends because they are not associated with a connection that it knows about. The example in the announcement shows 0trace output from a scan of www.ebay.com with several internal IP addresses past the point where the traceroute output stops. In order to run 0trace, one must first establish a connection with the host of interest. Using telnet to port 80 is one way to go about that; once the connection is established, the 0trace shell script is run. That script sets up a tcpdump to grab the traffic to and from the supplied IP address and then waits. The user must generate some traffic at this point and typing 'GET / HTTP/1.0' (followed by one return) is a good way to do that. 0trace analyzes the TCP packet dump to retrieve the sequence and ack numbers from the conversation; the shell script then passes those off to the 0trace C program (sendprobe). Using proper sequence/ack numbers from the established connection further disguises the 0trace traffic as a legitimate part of the conversation. This technique is not new and the author, Michal Zalewski, credits a number of other people in the announcement and ensuing thread, but this is likely the first public implementation. The implementation is very dependent on the exact format of tcpdump output and is rather fragile because of that, but it is an interesting proof-of-concept. Zalewski invites interested people to improve upon it. Using it against hosts without their permission might be considered illegal in some jurisdictions; one should exercise care before using it. It does show a weakness in current NAT implementations that will likely need to be addressed.
New vulnerabilities avahi: denial of service
drupal: code injection
fetchmail: password disclosure and DOS
geoip: path traversal
kernel: multiple vulnerabilities
krb5: uninitialized pointers
openoffice.org: integer overflows
proftpd: denial of service
wordpress: SQL injection
X.org: integer overflows
Updated vulnerabilities apache: cross-site scripting
apache-mod_auth_kerb: off-by-one error
bind: denial of service
bugzilla: multiple vulnerabilities
busybox: insecure password generation
bzip2: race condition and infinite loop
cacti: multiple vulnerabilities
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dbus: denial of service
denyhosts: denial of service
dovecot: index cache file handling error
elinks: arbitrary file access
elog: multiple vulnerabilities
ffmpeg: buffer overflows
Mozilla stuff: multiple vulnerabilities
freeradius: several vulnerabilities
freetype: integer overflows
ftpd: privilege escalation
gcc: file overwrite vulnerability
gdb: buffer overflow
gdm: improper file permissions
gedit: format string vulnerability
gnupg: stack overwrite
grip: buffer overflow
gv: stack-based buffer overflow
gzip: multiple vulnerabilities
gzip: arbitrary command execution
imagemagick: buffer overflows
ImageMagick: buffer overflows
imlib2: arbitrary code execution
kdegraphics: stack overflow
kdelibs: integer overflow
kdelibs: kate backup file permission leak
kernel: denial of service
kernel: bridging code buffer overflow
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
kernel: denial of service
koffice: integer overflow
krb5: local privilege escalation
libgadu: memory alignment bug
libgd2: denial of service
libgsf: heap buffer overflow
libmodplug: boundary errors
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libvncserver: authentication bypass
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
linux-restricted-modules: nVidia driver vulnerability
lynx: arbitrary command execution
mono: source disclosure attack
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nbd: arbitrary code execution
ncompress: buffer underflow
openldap: security bypass
openoffice.org: several vulnerabilities
openser: buffer overflow
OpenSSH: denial of service
openssh: privilege separation issue
openssh: remote denial of service
php: several vulnerabilities
php: buffer overflows
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
postgresql: SQL injection
proftpd: denial of service
proftpd: stack-based buffer overflow
quake: buffer overflow
rpm: arbitrary code execution
shadow-utils: mailbox creation vulnerability
squirrelmail: multiple cross-site scripting vulnerabilities
unzip: long file name buffer overflow
virusscan: DT_RPATH vulnerability
w3c-libwww: possible stack overflow
w3m: denial of service
xine-lib: buffer overflow
xine-lib: buffer overflow
xine-ui: format string vulnerabilities
xinit: race condition
X.org: local privilege escalations
X.Org: buffer overflow
xpdf: buffer overflow
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.20-rc4, released on January 6. Says Linus: "There's absolutely nothing interesting here, unless you want to play with KVM, or happened to be bitten by the bug with really old versions of the linker that made parts of entry.S just go away."About 100 patches have been merged into the mainline git repository since -rc4, as of this writing. They are fixes, mostly in the architecture, ALSA, and networking subsystems. The current -mm tree is 2.6.20-rc3-mm1. Recent changes to -mm include a bunch of KVM work (see below), another set of workqueue API changes, and the virtualization of struct user. The current stable 2.6 kernel is 2.6.19.2, released on January 10. It contains a long list of fixes, including the fix for the file corruption problem and several with security implications. For older kernels: 2.6.16.38-rc1 was released on January 9 with a long list of fixes - many of which are security-related.
Kernel development news Why kernel.org is slowKernel.org is the main repository for the Linux kernel source, numerous development trees, and a great deal of associated material. It also offers mirroring for some other Linux-related projects - distribution CD images, for example. Users of kernel.org have occasionally noticed that the service is rather slow. Kernel tree releases are a long time in making it to the front page, and the mirror network tends to lag behind. This important part of the kernel's development infrastructure, it seems, is not keeping up with demand.Discussion on the mailing lists reveal that the kernel.org servers (there are two of them) often run with load averages in the range of 2-300. So it's not entirely surprising that they are not always quite as responsive as one would like. There is talk of adding servers, but there is also a sense that the current servers should be able to keep up with the load. So the developers have been looking into what is going on. The problem seems to originate with git. Kernel.org hosts quite a few git repositories and a version of the gitweb system as well - though gitweb is often disabled when the load gets too high. The git-related problems, in turn, come down to the speed with which Linux can read directories. According to kernel.org administrator H. Peter Anvin:
During extremely high load, it appears that what slows kernel.org down more
than anything else is the time that each individual getdents() call takes.
When I've looked this I've observed times from 200 ms to almost 2 seconds!
Since an unpacked *OR* unpruned git tree adds 256 directories to a cleanly
packed tree, you can do the math yourself.
Clearly, something is not quite right with the handling of large filesystems under heavy load. Part of the problem may be that Linux is not dedicating enough memory to caching directories in this situation, but the real problems are elsewhere. It turns out that:
It has been reported that the third of the above-listed problems can be addressed by moving to XFS, which does a better job at keeping directories together. Kernel.org could make such a switch - at the cost of about a week's downtime for each server. So one should not expect it to happen overnight. The first priority for improving the situation is, most likely, the implementation of some sort of directory readahead. That change would cut the amount of time spent waiting for directory I/O and, crucially, would require no change to existing filesystems - not even a backup and restore - to get better performance. An early readahead patch has been circulated, but this issue looks complex enough that a few iterations of careful work will be required to arrive at a real solution. So look for something to show up in the 2.6.21 time frame.
Some KVM developmentsThe KVM patch set was covered here briefly last October. In short, KVM allows for (relatively) simple support of virtualized clients on recent processors. On a CPU with Intel's or AMD's hardware virtualization support, a hypervisor can open /dev/kvm and, through a series of ioctl() calls, create virtualized processors and launch guest systems on them. Compared to a full paravirtualization system like Xen, KVM is relatively small and straightforward; that is one of the reasons why KVM went in to 2.6.20, while Xen remains on the outside.While KVM is in the mainline, it is not exactly in a finished state yet, and it may see significant changes before and after the 2.6.20 release. One current problem has to do with the implementation of "shadow page tables," which does not perform as well as one would like. The solution is conceptually straightforward - at least, once one understands what shadow page tables do. A page table, of course, is a mapping from a virtual address to the associated physical address (or a flag that said mapping does not currently exist). A virtualized operating system is given a range of "physical" memory to work with, and it implements its own page tables to map between its virtual address spaces and that memory range. But the guest's "physical" memory is a virtual range administered by the host; guests do not deal directly with "bare metal" memory. The result is that there are actually two sets of page tables between a virtual address space on a virtualized guest and the real, physical memory it maps to. The guest can set up one level of translation, but only the host can manage the mapping between the guest's "physical" memory and the real thing. This situation is handled by way of shadow page tables. The virtualized client thinks it is maintaining its own page tables, but the processor does not actually use them. Instead, the host system implements a "shadow" table which mirror's the guest's table, but which maps guest virtual addresses directly to physical addresses. The shadow table starts out empty; every page fault on the guest then results in the filling in of the appropriate shadow entry. Once the guest has faulted in the pages it needs, it will be able to run at native speed with no further hypervisor attention required. With the version of KVM found in 2.6.20-rc4, that happy situation tends not to last for very long, though. Once the guest performs a context switch, the painfully-built shadow page table is dumped and a new one is started. Changing the shadow table is required, since the process running after the context switch will have a different set of address mappings. But, when the previous process gets back into the CPU, it would be nice if its shadow page tables were there waiting for it. The shadow page table caching patch posted by Avi Kivity does just that. Rather than just dump the shadow table, it sets that table aside so that it can be loaded again the next time it's needed. The idea seems simple, but the implementation requires a 33-part patch - there are a lot of details to take care of. Much of the trouble comes from the fact that the host cannot always tell for sure when the guest has made a page table entry change. As a result, guest page tables must be write-protected. Whenever the guest makes a change, it will trap into the hypervisor, which can complete the change and update the shadow table accordingly. To make the write-protect mechanism work, the caching patch must add a reverse-mapping mechanism to allow it to trace faults back to the page table(s) of interest. There is also an interesting situation where, occasionally, a page will stop being used as a page table without the host system knowing about it. To detect that situation, the KVM code looks for overly-frequent or misaligned writes, either of which indicates (heuristically) that the function of the page has changed. The 2.6.20 kernel is in a relatively late stage of development, with the final release expected later this month. Even so, Avi would like to see this large change merged now. Ingo Molnar concurs, saying:
I have tested the new MMU changes quite extensively and they are
converging nicely. It brings down context-switch costs by a factor
of 10 and more, even for microbenchmarks: instead of throwing away
the full shadow pagetable hierarchy we have worked so hard to
construct this patchset allows the intelligent caching of shadow
pagetables. The effect is human-visible as well - the system got
visibly snappier
Since the KVM code is new for 2.6.20, changes within it cannot cause regressions for anybody. So this sort of feature addition is likely to be allowed, even this late in the development cycle. Ingo has been busy on this front, announcing a patch entitled KVM paravirtualization for Linux. It is a set of patches which allows a Linux guest to run under KVM. It is a paravirtualization solution, though, rather than full virtualization: the guest system knows that it is running as a virtual guest. Paravirtualization should not be strictly necessary with hardware virtualization support, but a paravirtualized kernel can take some shortcuts which speed things up considerably. With these patches and the full set of KVM patches, Ingo is able to get benchmark results which are surprisingly close to native hardware speeds, and at least an order of magnitude faster than running under Qemu. This patch is, in fact, the current form of the paravirt_ops concept. With paravirt_ops, low-level, hardware-specific operations are hidden behind a structure full of member functions. This paravirt_ops structure, by default, contains functions which operate on the hardware directly. Those functions can be replaced, however, by alternatives which operate through a hypervisor. Ingo's patch replaces a relatively small set of operations - mostly those involved with the maintenance of page tables. There was one interesting complaint which come out of Ingo's patch - even though Ingo's new code is not really the problem. The paravirt_ops structure is exported to modules, making it possible for loadable modules to work properly with hypervisors. But there are many operations in paravirt_ops which have never been made available to modules in the past. So paravirt_ops represents a significant widening of the module interface. Ingo responded with a patch which splits paravirt_ops into two structures, only one of which (paravirt_mod_ops) is exported to modules. It seems that the preferred approach, however, will be to create wrapper functions around the operations deemed suitable for modules and export those. That minimizes the intrusiveness of the patch and keeps the paravirt_ops structure out of module reach. One remaining nagging little detail with the KVM subsystem is what the interface to user space will look like. Avi Kivity has noted that the API currently found in the mainline kernel has a number of shortcomings and will need some changes; many of those, it appears, are likely to show up in 2.6.21. The proposed API is still heavy on ioctl() calls, which does not sit well with all developers, but no alternatives have been proposed. This is a discussion which is likely to continue for some time yet. Perhaps the most interesting outcome of all this, however, is how KVM is gaining momentum as the virtualization approach of choice - at least for contemporary and future hardware. One can almost see the interest in Xen (for example) fading; KVM comes across as a much simpler, more maintainable way to support full and paravirtualization. The community seems to be converging on KVM as the low-level virtualization interface; commercial vendors of higher-level products will want to adapt to this interface if they want their products to be supported in the future.
UnionfsA longstanding (and long unsupported in Linux) filesystem concept is that of a union filesystem. In brief, a union filesystem is a logical combination of two or more other filesystems to create the illusion of a single filesystem with the contents of all the others.As an example, imagine that a user wanted to mount a distribution DVD full of packages. It would be nice to be able to add updated packages to close today's security holes, but the DVD is a read-only medium. The solution is a union filesystem. A system administrator can take a writable filesystem and join it with the read-only DVD, creating a writable filesystem with the contents of both. If the user then adds packages, they will go into the writable filesystem, which can be smaller than would be needed if it were to hold the entire contents. The unionfs patch posted by Josef Sipek provides this capability. With unionfs in place, the system administrator could construct the union with a command sequence like:
mount -r /dev/dvd /mnt/media/dvd
mount /dev/hdb1 /mnt/media/dvd-overlay
mount -t unionfs \
-o dirs=/mnt/media/dvd-overlay=rw:/mnt/media/dvd=ro \
/writable-dvd
The first two lines just mount the DVD and the writable partition as normal filesystems. The final command then joins them into a single union, mounted on /writable-dvd. Each "branch" of a union has a priority, determined by the order in which they are given in the dirs= option. When a file is looked up, the branches are searched in priority order, with the first occurrence found being returned to the user. If an attempt is made to write a read-only file, that file will be copied into the highest-priority writable branch and written there. As one might imagine, there is a fair amount of complexity required to make all of this actually work. Joining together filesystem hierarchies, copying files between them, and inserting "whiteouts" to mask files deleted from read-only branches are just a few of the challenges which must be met. The unionfs code seems to handle most of them well, providing convincing Unix semantics in the joined filesystem. Reviewers immediately jumped on one exception, which was noted in the documentation:
Modifying a Unionfs branch directly, while the union is mounted, is
currently unsupported. Any such change can cause Unionfs to oops,
or stay silent and even RESULT IN DATA LOSS.
What this means is that it is dangerous to mess directly with the filesystems which have been joined into a union mount. Andrew Morton pointed out that, as user-friendly interfaces go, this one is a little on the rough side. Since bind mounts don't have this problem, he asked, why should unionfs present such a trap to its users? Josef responded:
Bind mounts are a purely VFS level construct. Unionfs is, as the name
implies, a filesystem. Last year at OLS, it seemed that a lot of people
agreed that unioning is neither purely a fs construct, nor purely a vfs
construct.
That, in turn, led to some fairly definitive statements that unionfs should be implemented at the virtual filesystem level. Without that, it's not clear that it will ever be possible to keep the namespace coherent in the face of modifications at all levels of the union. So it seems clear that, to truly gain the approval of the kernel developers, unionfs needs a rewrite. Andrew Morton has been heard to wonder if the current version should be merged anyway in the hopes that it would help inspire that rewrite to happen. No decisions have been made as of this writing, so it's far from clear whether Linux will have unionfs support in the near future or not.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Security-related
Virtualization and containers
Page editor: Jonathan Corbet Distributions Gentoo and the Linux Terminal Server ProjectThe Linux Terminal Server Project (LTSP) makes it easy to set up Linux-based thin clients. It packages up all the necessary software and adds custom-written scripts and packages to make the whole process incredibly easy. But the world of LTSP is changing.Project MueKow (pronounced "Moo-Cow") is a complete rethink on how to handle the creation and distribution of LTSP. In the current 4.x series, the project builds and packages essentially form an entire Linux distribution. Developers Jim McQuillan and Scott Balneaves realized this doesn't make sense because they only add value to a small proportion of packages—5% would be optimistic. Everything else is simply an additional burden that detracts from the time they can spend on the project's real focus. And from a user and distribution perspective, all those packages outside of the distribution's package management create more opportunities for outdated packages, security holes, and other fun problems. MueKow will become LTSP-5. Four months ago, LWN briefly referred to a story about the future of LTSP, which inspired your author to start a native Gentoo port. What makes Gentoo a solid platform for LTSP? Its source-based nature gives it a number of benefits. Not only can one infamously customize the optimization flags with which packages are compiled, but one can also decide which features to include and which to exclude. For example, one can choose to leave out Kerberos support in Gentoo. In a binary distribution, packages may link against and depend upon Kerberos unconditionally. With diskless clients, including unnecessary features raises the number and size of files that must be transported across the network. This problem gets increasingly severe as one scales up to more clients. Once the Gentoo port is done, the automated client builder will take care of removing unneeded cruft. Many people use Gentoo not because it is source-based but because of the power and flexibility of the package manager, portage. One feature that makes portage powerful for embedded setups and diskless clients is its ability to install packages into an arbitrary chroot without requiring that the package manager itself be installed there. A simple command such as `ROOT="/opt/ltsp" emerge packagename` will install that package, all of its run-time (not build-time) dependencies, and package metadata to /opt/ltsp. Software installed in a chroot can later be easily updated or uninstalled using similar commands. This integration of the client chroot with the server installation may be unique to Gentoo. For a distribution to qualify as LTSP-compliant, the LTSP project defined a set of requirements:
A native LTSP port fulfills the LTSP-5 requirements by adding LTSP-specific packages, porting the automated client builder's distribution-specific plugins, and writing the needed init scripts. Those three steps pretty well take care of the distribution's role in fulfilling the LTSP-5 requirements. The rest is a matter of server configuration. As the packaging and init script porting are fairly trivial once you understand an individual distribution's quirks, we will spend most of our time discussing the client builder. Adding LTSP-specific packages amounts to making a map of the packages installed on an LTSP-4 system, determining which are installed by default, and adding a metapackage to pull in the rest. Many distributions will not have much to port in the init scripts, but Gentoo has a BSD-style, dependency-based initialization process for which the LTSP init scripts will require significant rewriting. To build a client environment, one runs a script called ltsp-build-client. It creates the chroot, installs the client packages and sets up reasonable defaults. The LTSP client-root builder is a fine piece of work. It's entirely written in shell, and its core is beautifully created so one can simply drop in a new shell-script plugin and have it instantly start working. Each distribution has its own directory for plugins in /usr/share/ltsp/plugins/ltsp-build-client, as a number of tasks are expected to be distribution-specific, but there is a common directory for those few distribution-neutral tasks. Files in the distribution directories can override common files with the same name, and they can use files from another distribution. This is particularly useful in the case of related distributions such as Ubuntu and Debian, both of which already have mostly working LTSP-5 ports. In addition to distribution-level overrides, system administrators can install their own overrides of distribution plugins in /etc/ltsp/plugins/ltsp-build-client. LTSP has no shortage of interesting projects, such as enhancing support for local devices and selectively running applications on the client rather than the server. To get involved or learn more, join the #ltsp channel on irc.freenode.net or visit the home page.
New Releases Endian Firewall 2.1 released (SourceForge)Release 2.1 of Endian Firewall is available. "Endian Firewall is a "turn-key" linux security distribution that turns every system into a full-featured security appliance. The software has been designed with "usability in mind" and is very easy to install, use and manage, without losing its flexibility. This new release contains many improvements, bugfixes and upgrades."
Distribution News Debian GNU/Linux 3.0 archivedThe Debian Project has announced that Debian 3.0 ("woody") has been put out to pasture, and is no longer carried by the project's mirror network. "After four and a half years this marks the final end of life for GNU/Linux 3.0. This distribution has been superseded by Debian GNU/Linux 3.1 (codename 'sarge') which the Debian project has released on June 6th, 2005. Security support for woody has therefore ended already in June 2006, one year after the release of sarge."
XaraLX removal from Fedora ExtrasXaraLX, a general purpose graphics program, has been removed from all releases of Fedora Extras. "We have taken this drastic step as we have been made aware that it is in violation of Fedora Policies. While the application has been released as GPL, it contains a Static Library that is still proprietary and available in binary form only. There is a note in the source tarball stating that at some future time the library will also be released under the GPL. When that happens we will welcome XaraLX back as a package."
New Fedora infrastructure leader announcedMike McGrath has been appointed as the new Fedora Infrastructure Leader. "Mike has been a contributor to the Fedora Project for quite a while now, especially the Fedora Infrastructure group, and I'm personally very glad that we were able to hire from within for this job. There are never as many job openings as I wish there were, but when we do have openings in Fedora it is my intention that we will look to fill them from within our community first. Mike won't be starting 100% until February, but in the sense that he is already involved deeply in Fedora Infrastructure, and it's just a matter of him ramping up his time over the next few weeks."
Distribution Newsletters Fedora Weekly NewsThe January 8 Fedora Weekly News is out. Topics include a claim of one million unique Fedora Core 6 installations, FUDCon, and the proposed Fedora 7 schedule.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for December 25, 2006 is out. This is a short holiday edition.
Gentoo Weekly NewsletterThe January 1, 2007 edition of the Gentoo Weekly Newsletter is online with the latest Gentoo distribution news.
Announcing "Cooker : The inside man IV"Linux Wizard presents Cooker : The Inside Man IV, featuring the latest Mandriva news.
Ubuntu Weekly NewsThe January 7 issue of the Ubuntu Weekly News is out. Topics covered this week include the latest Kubuntu developer meeting, secure use of the Ubuntu IRC channels, and the most recent changes to the upcoming "Feisty" distribution.
Package updates Fedora updatesUpdates for Fedora Core 6: pygtk (packaging error fix), pam (bug fixes), tar (new man page), apr-util (bug fixes), fonts-indic (various improvements), fonts-sinhala (bug fixes), fonts-arabic (bug fixes), selinux-policy (bug fixes), system-config-printer (bug fixes), binutils (bug fixes), cyrus-sasl (bug fixes), agg (sync with final 2.4 release), dovecot (reenabled GSSAPI), evolution (bug fixes), gnome-python2 (bug fixes), gawk (bug fixes), vnc (bug fix), dbus (bug fix), setup (bug fixes).Updates for Fedora Core 5: pygtk (packaging error fix), seamonkey (release bump), yelp (rebuild), epiphany (rebuild), devhelp (rebuild), eclipse (rebuild), avahi (security and bug fixes), xterm (bug fixes).
Mandriva updatesUpdates for Mandriva Linux 2007.0: samba (bug fixes), kdeutils (ark fix), mesa (bug fix), postfix and cyrus-sasl (bug fixes).
rPath updatesUpdates for rPath: conary (maintenance release).
Trustix updatesUpdates for Trustix Secure Linux 2.2 & 3.0: bind, logwatch, perl-dbd-pg (bug fixes).
Ubuntu updatesUpdates for Ubuntu 6.10: glibc (bug fix), ubiquity (bug fixes).Updates for Ubuntu 6.06-LTS: glibc (bug fix).
Newsletters and articles of interest How To Create A Local Debian/Ubuntu Mirror With apt-mirror (Howtoforge)Howtoforge has published a tutorial on creating a Debian/Ubuntu mirror site. "This tutorial shows how to create a Debian/Ubuntu mirror for your local network with the tool apt-mirror. Having a local Debian/Ubuntu mirror is good if you have to install multiple systems in your local network because then all needed packages can be downloaded over the fast LAN connection, thus saving your internet bandwidth."
Page editor: Forrest Cook Development LIRC - the Linux Infrared Remote Control projectLIRC, the Linux Infrared Remote Control project interfaces common IR remote controls to a Linux system. It is being produced by this group of developers.The software's description states:
The most important part of LIRC is the lircd daemon that will decode IR signals received by the device drivers and provide the information on a socket. It will also accept commands for IR signals to be sent if the hardware supports this. The second daemon program called lircmd will connect to lircd and translate the decoded IR signals to mouse movements. You can e.g. configure X to use your remote control as an input device.
The user space applications will allow you to control your computer with your remote control. You can send X events to applications, start programs and much more on just one button press. The possible applications are obvious: Infra-red mouse, remote control for your TV tuner card or CD-ROM, shutdown by remote, program your VCR and/or satellite tuner with your computer, etc. I've heard that MP3 players are also quite popular these days.
The list of supported devices shows the hardware that will work with LIRC, this includes audio, TV card, MIDI, Bluetooth and USB interfaces, TV cards, some radio remote controls and even a few PDAs. For the hardware hacker, documentation is available for constructing a number of serial port receivers, serial port transmitters and a bidirectional parallel port interface. Colin McGregor has put together a Linux Journal HOWTO article on building an LIRC interface. The LIRC FAQ and HOWTOs document has both hardware and software build/install information and the online manual explains how the system works in detail. LIRC is used by a number of higher level projects such as the Rhythmbox and XMMS music players, the PulseAudio sound server, Fluendo's Elisa Media Center and the MythTV PVR project. Version 0.8.1 of LIRC was recently announced, the previous release came out about a year ago. Changes include new support for USB-UIRT, transmitter support for newer versions of the Windows Media Center transceiver and support for the Iguanaworks USB IR Transceiver. If you want to add an IR remote control to your favorite Linux project, take a look at LIRC. The LIRC software is available for download here.
System Applications Database Software Firebird 1.5.4 releasedVersion 1.5.4 of the Firebird DBMS is available. "This sub-release introduces a number of bug fixes backported from the Firebird 2.0.x branches. These test builds are available for Windows and Linux 32-bit platforms."
MySQL Community Server 5.0.33 releasedVersion 5.0.33 of MySQL Community Server has been announced. "MySQL Community Server 5.0.33, a new version of the popular Open Source Database Management System, has been released. The release is now available in source form from our download pages at"
New update released for all PostgreSQL versionsPostgreSQL versions 8.1.6 and 8.2.1 have been announced. "Releases 8.1.6 and 8.2.1 fix a number of error issues with versions 8.1 and 8.2, including several issues that can cause unexpected aborts in 8.2. Further, all versions have been updated for the new Australian and Canadian daylight-saving time rules."
PostgreSQL Weekly NewsThe January 7, 2007 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
PyDbLite 1.9 announcedVersion 1.9 of PyDbLite has been announced. "PyDbLite is a small, fast, pure-Python, in-memory database management program. The database object supports the iterator protocol, so that requests can be expressed with list comprehensions or generator expressions instead of SQL."
SQLite 3.3.9 releasedVersion 3.3.9 of SQLite, a light weight DBMS, is out. "Version 3.3.9 fixes bugs that can lead to database corruption under obsure and difficult to reproduce circumstances. See DatabaseCorruption in the wiki for details. This release also add the new sqlite3_prepare_v2() API and includes important bug fixes in the command-line shell and enhancements to the query optimizer. Upgrading is recommended."
Mail Software Exim 4.66 releasedRelease 4.66 of the exim mail transfer agent is out. "This is a bug fix and features release in the 4.xx series of releases - see the download pages. Documentation was updated for 4.66."
Postfix 2.4 snapshot 20070107 releasedSnapshot 20070107 of the Postfix mail transfer agent is out. Changes include "Cleanup: eliminate the Linux/Solaris "wait for accept()" stage from the queue manager to delivery agent protocol. This alone achieves 99.99% of the Linux/Solaris speed up from the preceding change. The pending connection pipeline takes care of the rest. Tested on Linux kernels dating back to 2.0.27 (that's more than 10 years ago)."
Desktop Applications Audio Applications Ardour 2.0 beta 10 releasedVersion 2.0 beta 10 of Ardour, a multi-track audio recording system, has been released. "Hot off the winter presses for a new year comes 2.0 beta 10 source release. For Mac OS X users here is the universal binary. We plan for beta 11 to be the last set of code changes before we switch to the release candidate pattern, so get your bug reports in to the tracker ASAP."
Das_watchdog 0.3.1 announcedVersion 0.3.1 of Das_watchdog is out with several new features. "Whenever a program locks up the machine, das_watchdog will temporarily sets all realtime process to non-realtime for 8 seconds. You will get an xmessage window up on the screen whenever that happens."
ewa 0.62 releasedVersion 0.62 of ewa has been announced. "Ewa (East-West Audio) is a GPL server program that dynamically adds intros and outros to mp3s on the basis of user-defined rules. With ewa, internet audio publishers can periodically rotate the promotional content in their mp3 downloads without remastering."
jack_mixer version 2 releasedVersion 2 of jack_mixer is out with a new meter scale, documentation improvements and bug fixes. "jack_mixer is GTK (2.x) JACK audio mixer with look similar to it`s hardware counterparts. It has lot of useful features, apart from being able to mix multiple JACK audio streams."
Business Applications webERP version 3.05 released (SourceForge)Version 3.05 of webERP, a suite of accounting modules for business administration, has been announced. "This is the first release for just over a year and incorporates all the development over that period including: Weighted Average Inventory Costing - previously only standard costing was available, Integrated SQL report writer - exports to CSV as well as producing PDF reports, Wiki integration option - to provide the basis for a structured company knowledge-base and numerous enhancements, options and bug fixes."
Desktop Environments GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
The Road to KDE 4: New KOffice Technologies (KDE.News)KDE.News looks forward to KDE 4, and KWord 2.0 in particular. "All manner of objects are being converted to the new Flake library, for instance KFormula elements, so you can insert nicely rendered math into your documents without any trouble. This support could make KWord as exciting to use for page layouts as KPresenter, as you are no longer restricted to dull, square document shapes. These changes should enable KWord 2 to behave as a respectable basic desktop publishing application."
KDE Commit-Digest (KDE.News)The , 2007 edition of the KDE Commit-Digest has been announced. The content summary says: "Sonnet, the natural language checker, continues to develop and can now discriminate between more than 70 different languages. More work on the "konsole-split-view" branch to add split/merge functionality to the KDE 4 console. Support for filesystem labels in the "mountconfig" Guidance configuration module. Large developments in the "mailtransport" KDE-PIM work to enable code sharing between users of the common "emailing" action. Support for background text colours in Konversation. Further work in the "Papillon" MSN Messenger connection library, with support for Xtraz status and notifications in Kopete. Gradient editing tool introduced across KOffice. Better support for PDF presentation files in Okular. Improved AI in the recently-imported game KSquares. "Sublime", the new user interface library for KDevelop 4 is imported into KDE SVN. The initial code for KRunner, the KDE 4 replacement for the "Run Command" dialog, is imported into KDE SVN. The RSS Konqueror sidebar plugin is removed from KDE SVN, along with dcoprss and librss, which will both be replaced by libsyndication in KDE 4."
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
Educational Software Kanatest 0.4.0 releasedVersion 0.4.0 of Kanatest, a Japanese kana (Hiragana and Katakana) simple flashcard tool, is out. Changes include: Kanatest now uses fonts instead of images for kanas, Kana chart has been added, New and powerful statistics, Enhanced options, A new logo and icon and Completely rewritten code and a lot of gui improvements.
Games Open Yahtzee 1.6 released (SourceForge)Version 1.6 of Open Yahtzee has been announced. "Open Yahtzee is a full featured Yahtzee game. Open Yahtzee is written in wxWidgets and is cross-platform. Open Yahtzee 1.6 features couple of enhancements to the game play such as the ability to undo moves such as accidental scoring (you can't undo rolling dices of course). Another new feature is a new icon set for the program and ability to check for updates via the web."
Interoperability Wine 0.9.29 releasedVersion 0.9.29 of Wine has been announced. Changes include: "More work on the new Direct3D state management, Debugger support for Mac OS, Many OLE fixes and improvements, Audio input support on Mac OS and Lots of bug fixes."
Video Applications LiVES 0.9.8.2 releasedVersion 0.9.8.2 of LiVES is available. "LiVES began in 2002 as the Linux Video Editing System. Since it now runs on more operating systems, LiVES is a Video Editing System. It is designed to be simple to use, yet powerful. It is small in size, yet it has many advanced features." See the CHANGELOG file for details on this version.
Miscellaneous od2txt 0.2 releasedStable version 0.2 of od2txt, "A simple (and stupid) converter from OpenDocument Text to plain text", has been announced.
Languages and Tools Assembly Language AsmIDE 0.9.22 releasedStable version 0.9.22 of AsmIDE is out. "This release includes a new debugger, source code generator, disassembler, updated reference tool, library expansion and numerous other changes. AsmIDE is a collection of program to support assembler development on Linux. It runs in a terminal and the library supports terminal programs."
C GCC 4.1.2 Status ReportMark Mitchell has written a GCC 4.1.2 Status Report. "I've decided to focus next on GCC 4.1.2. After GCC 4.1.2, I will focus on GCC 4.2.0. At this point, I expect GCC 4.3 to remain in Stage 1 for some time, while we work on GCC 4.1.2 and GCC 4.2.0."
Caml Caml Weekly NewsThe January 9, 2007 edition of the Caml Weekly News is out with new Caml language articles.
Groovy Groovy 1.0 is thereVersion 1.0 of Groovy has been announced. "Groovy is a dynamic language for the JVM that integrates seamlessly with the Java platform. It offers a Java-like syntax, with language features inspired by Smalltalk, Python or Ruby, and lets your reuse all your Java libraries and protect the investment you made in Java skills, tools or application servers. Groovy can be used for various purposes, from adhoc shell scripting leveraging Java APIs, to full-blown web applications built on Spring and Hibernate through the Grails web framework. It can also be integrated very easily in your applications to externalize business logic, create Domain-Specific Languages, or to provide templating capabilities, and much more. A lot of passion and energy has been put in this new version after two release candidates that have been tested against real-world projects: on a mission-critical insurance application, on the XWiki 2nd generation wiki engine, as well as on the RIFE framework and through the Spring 2.0 scripting integration."
Haskell Haskell Weekly NewsThe January 09, 2007, edition of the Haskell Weekly News is online. This week sees the release of more libraries and applications for the new year, and the Haskell Hackathon gets underway!
Java GCJ NewsThe Gnu Compiler for Java (GCJ) project has put out a new news report. "We've merged the gcj-eclipse branch to svn trunk. The merge changes gcj to use the Eclipse compiler as a front end, enabling all 1.5 language features. This merge also brings in a new, generics-enabled version of Classpath, including some new tools. This new code will appear in GCC 4.3."
Discovering a Java Application's Security Requirements (O'ReillyNet)Mark Petrovic discusses Java security issues in an O'Reilly article. "Java security manager policy files are powerful and flexible, but rather grueling and error-prone to write by hand. In this article Mark Petrovic employs a novel approach: a development-time SecurityManager that logs your applications' calls and builds a suitable policy file."
Lisp SBCL 1.0.1 releasedVersion 1.0.1 of Steel Bank Common Lisp (SBCL) has been announced. "This version supports the new platform FreeBSD/x86-64, adds more debugging information to compiled code, improves profiling and performance, and more."
Python Charming Python: Decorators make magic easy (IBM developerWorks)David Mertz works with Python decorators in an IBM developerWorks article. "Python made metaprogramming possible, but each Python version has added slightly different -- and not quite compatible -- wrinkles to the way you accomplish metaprogramming tricks. Playing with first-class function objects has long been around, as have techniques for peaking and poking at magic attributes. With version 2.2, Python grew a custom metaclass mechanism that went a long way, but at the cost of melting users' brains. More recently, with version 2.4, Python has grown "decorators," which are the newest -- and by far the most user-friendly way, so far -- to perform most metaprogramming."
Ruby Abandoned Projects, Bus Proofing, and a Draft Directive (On Ruby)Pat Eyler discusses abandoned projects in his On Ruby blog. "To me, running a project is both an opportunity and a responsibility. In starting several projects, I've taken on an obligation to the community, and if I just abandon a project I'm not fulfilling that obligation. (To me, while "Free as in speech" is more important than "Free as in beer", "Free as in puppies" is pretty important too.) I'd like it to be clear that I want my project taken over and maintained. The immediate parallel that comes to mind is a Living Will."
Rolling with Ruby on Rails Revisited, Part 2 (O'ReillyNet)O'Reilly presents part two of the series Rolling with Ruby on Rails Revisited by Bill Walton and Curt Hibbs. "Was it really two years ago when Curt Hibbs introduced Ruby on Rails to the world at large? In that time, Rails has grown up a lot. Curt and Bill Walton revisit the original tutorial to bring it up to date and show off how much easier it is to get started with the powerful Ruby on Rails web framework."
Tcl/Tk Tcl-URL!The January 9, 2007 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
XML The XQuery Chimera Takes Center Stage (O'Reilly)Simon St. Laurent discusses the state of XQuery on O'Reilly's XML.com. "XQuery has pretty much always been about more than XML. For years, vendors have shown diagrams where XQuery provided a central cloud connecting all kinds of relational databases and XML databases -- and whatever else might be lying around -- into a single lovely XML stream. Connections with relational databases have been a key justification for XQuery's support of the W3C XML Schema type system and its heavily typed processing model. XQuery isn't meant to replace SQL, but it can certainly complement it, especially when relational databases are already supporting reporting results as XML."
Libraries RFIDIOt version 0.1k releasedVersion 0.1k of RFIDIOt, the RFID open source library, is out. "Over the Christmas break I did quite a bit of work on the code and have added a hardware abstraction layer that allows support for readers other than the ACG, and to test it I've added limited support for the Frosch Hitag reader. New features in this release: Program Hitag2 to EM4x02 / Unique, Reset Hitag2 to default state (Frosch only), Read German passports and Various tidy-ups and improvements."
Urwid 0.9.7.2 releasedVersion 0.9.7.2 of Urwid, a command line user interface library for Python, is out. "This maintenance release significantly improves the performance of Urwid when run in UTF-8 mode. A UTF-8 input handling bug was also fixed."
Page editor: Forrest Cook Linux in the news Recommended Reading Sununu Wants to Squelch FCC Flag Raising (InternetNews.com)InternetNews.com describes proposed legislation to be introduced by representative John Sununu which would prevent the U.S. Federal Communications Commission from imposing technology mandates - like the broadcast flag. "'Whether well-intentioned or not, the FCC has no business interfering in private industry to satisfy select special interests or to impose its own views,' Sununu said in a statement. 'My legislation will ensure that decisions about the design and development of products and services to meet FCC rules are made by technology experts, not government regulators.'"
Novell tells court: For SCO bankruptcy is 'inevitable' and 'imminent' (Groklaw)Groklaw has fun with Novell's latest filings in its suit against the SCO Group. "Now that Novell has been permitted to analyze the Agreements, it is apparent why SCO was hesitant to produce them: they are direct evidence of SCOs wrongdoing. SCOs breach of its fiduciary duty to fully inform Novell concerning the royalties it collected from Sun and Microsoft, when requested, can be no defense to Novells request for preliminary relief."
Companies MySQL changes license to avoid GPLv3 (Business Review Online)Business Review Online covers plans by MySQL AB to delay the move to the GPLv3 license. "Heres an announcement that almost got drowned out by festive cheer: MySQL has changed the license it uses for its open source database management system to avoid being forced to move to the forthcoming GPL v3. Kaj Arno, MySQL VP of community relations, revealed the license change on his blog, on December 22, noting that the license for MySQL 5.0 and 5.1 had changed from "GPLv2 or later" to "GPLv2 only". As he explained, this was in order to make it an option, not an obligation for the company to move to GPLv3." (Thanks to Francesco P. Lovergine.)
Linux Adoption Indian IT Services Organisation Inclining Towards Linux (SDA India)SDA India reports on plans for a large deployment of Linux systems in Chennai, India. "In line with many A one European cities moving towards open source technology like Amsterdam, the southern India city of Chennai is also moving towards Linux. The state of Tamil Nadu, is deploying 32,600 Linux desktop systems and training 30,000 government officials. Forty-three open source-based servers are also on the way to support key Government applications."
Interviews People Behind KDE: Eike Hein (KDE.News)KDE.News has announced the latest interview in the People Behind KDE series. "In a brand new series of People Behind KDE we meet a coder from the KDE heartland, Germany who enables us to communicate with the global developer community through Konversation. Someone who is not satisfied with a static terminal window, tonight's star of People Behind KDE is Eike Hein."
Resources Blogging From Ubuntu Using Drivel (Ubuntu Geek)Ubuntu Geek presents a tutorial on using Drivel under the Ubuntu distribution. "Drivel is a GNOME client for working with online journals, also known as weblogs or simply blogs. It retains a simple and elegant design while providing many powerful features."
Fingerprinting the World's Mail Servers (O'Reilly)Ken Simpson and Stas Bekman discuss a survey of the most popular mail server programs on the net, open-source software dominates the arena. "This summer, the sales staff at MailChannels came to the dev team with an urgent request: "Can you tell us which companies are running Sendmail? If we could know that, it would be so much easier to sell our Sendmail-compatible product." For those of us who understand the SMTP protocol, the answer was, of course, a resounding "Yes." Most mail servers announce their identity when you connect to them on TCP port 25. The dev team decided that this was a summer science project they just had to get on top of. We even gave the science project a name: PingedIn, and we hope to provide more dynamic content on our skeletal website."
Delve into UNIX process creation (IBM developerWorks)Sean Walberg explores UNIX process creation in an IBM developerWorks article. "Examine the life cycle of a process so that you can relate what you see happening on your system to what's going on within the kernel. System administrators must know how processes are created and destroyed within the UNIX® environment in order to understand how the system fits together and how to manage misbehaving processes. Similarly, developers must understand the UNIX processes model in order to write solid applications that run unattended and won't cause problems for system administrators."
How to get a Windows tax refund (Linux.com)Linux.com looks at the process of getting some money back after buying a new computer with Microsoft Windows pre-installed. "If you buy a computer, you often pay for Microsoft Windows even if you didn't ask for it and aren't going to use it. This article shows you how to return your unused Windows license and get your money back, freeing yourself from the Windows tax. I recently purchased a new laptop computer from Dell. As a GNU/Linux user and believer in Free Software, I knew from the start that I wasn't going to run Microsoft Windows. Unfortunately, Dell didn't offer this laptop with Ubuntu or a no-OS option, so I tried getting my Windows refund from Dell after the purchase."
Reviews Review: Exaile Media Player (Linux.com)Linux.com reviews the Exaile music player application. "Exaile is similar to Amarok, but it's based on GTK+ (the GIMP Toolkit), the same GUI toolkit GNOME uses, and thus it loads almost instantly on GNOME and integrates nicely with it. The first impression the program makes is that it's a clone of Amarok, at least from an interface point of view; if you're an Amarok user, you'll feel right at home."
NuFW: Single sign-on meets firewall (Linux-Watch)Linux-Watch looks at NuFW. "Where NuFW steers away from commonplace firewalls is by bringing the notion of user identity to the firewall's security rules. With most firewalls, the rules on what network ports are enabled or disabled is determined by the computer's network address... With NuFW, the firewall permissions follow an authenticated user instead of a PC's address."
Consolidate your radio streams with streamtuner (Linux.com)Linux.com looks at Streamtuner. "Streamtuner is a point-and-click GUI browser for the thousands of Internet radio streams available today. It lets you play streams and manage your favorites in a single window -- like a Linux tuner for Internet radio. Streamtuner has a GTK 2.0 interface and is published under the revised BSD license. It lets you use plugins to browse and search popular portals including SHOUTcast and Icecast."
Text email clients revisited (Linux.com)Joe 'Zonker' Brockmeier reviews a number of text-based email clients in a Linux.com article. "Lately, I've been pining for the simplicity of a text email client. Though Sylpheed has been a reliable workhorse, I decided to survey today's text email clients to see if I should go back to reading email in an xterm. I tested Pine, Cone, Mutt, and nmh to see if any of them were up to the task. For my use, Mutt came out on top, but Pine is also a reasonable alternative if you don't mind the licensing. In compiling my list of test candidates, I tried to be as complete as possible while including packages that are still maintained and require less than heroic efforts to obtain and use."
Page editor: Forrest Cook Announcements Non-Commercial announcements Change of domain for the AGNULA projectThe old domain used by the AGNULA project (which works on audio-oriented Linux distributions) has been abruptly grabbed by an unrelated third party and used to host yet another spam blog. The project is working on changing this state of affairs; in the mean time, however, the site has move to agnula.info.
Lobbying effort ATI and NVIDIADavid A. Wheeler has sent in news regarding a video driver email campaign: "Lobby4linux is stirring up a lobbying campaign to NVIDIA and ATI to support FLOSS 3D drivers."
Commercial announcements CrossOver 6 AnnouncedVersion 6 of CrossOver for Mac and Linux is out. "Users of Intel based Mac systems can now seamlessly run many Windows applications on their Mac without needing a Windows license. Supported applications include Outlook, Visio, Project, Quicken, Steam based games such as Half Life 2, and many more. For Linux users, we have added support for Outlook 2003, World of Warcraft, a range of Steam based games such as Half-Life 2, and a number of other applications. Additionally, CrossOver 6 represents another major step forward in the evolution of Wine, so most users will find substantial improvements in the overall compatibility and behavior of CrossOver as compared to version 5."
Open Country Announces Partnership with TurbolinuxOpen Country and Turbolinux have announced a partnership. "Open Country, a next-generation systems management software company, today announced it has entered into a partnership agreement with Turbolinux, Inc., a global provider of Linux-based solutions, to deliver powerful end-to-end management capabilities for Turbolinuxs Chinese customers. Under the terms of the agreement, a customized Mandarin version of Open Country's Universal Systems Management Suite will be bundled with Turbolinux Server 10.5 for the Chinese market."
An OpenMoko updateRumor has it that some telephone products have been announced this week. A little more quietly, it was announced that the Linux-based (and open) OpenMoko phone would begin to ship in February, though widespread availability will probably take a little longer. There's also some details on the final hardware configuration, click below for the full text.
Second Life software to be releasedLinden Labs has announced that it has released the code for its "viewer" application as open source. "The Second Life Viewer is used by subscribers or 'Residents' to access the virtual world's Grid. Freely-downloadable from the Second Life website, the Viewer software enables Residents to control their in-world avatars, interact with each other via Instant Message, create content, buy and sell objects, access multimedia content and to navigate around the virtual environment." One has to dig a bit, but the associated FAQ states that the GPL is being used, "as well as a separate license for entities that wish to reserve the ability to create proprietary extensions for the viewer." (Thanks to Francesco Lovergine).
Storix, Inc. launches backup and adaptable system recovery softwareStorix, Inc. has announced the launch of Storix System Backup Administrator version 6 for Linux and AIX. "SBAdmin is designed for daily backup management, as well as Adaptable System Recovery (ASR), providing the flexibility to migrate systems to different hardware or to provision new systems. This ability, coupled with the free annual maintenance offered by the company to its customers, significantly reduces the user's TCO and increases productivity by minimizing downtime."
Nokia N800 announcedNokia has announced the availability of the N800, the much-rumored upgrade of the Linux-based 770 tablet. "Building on the success of the Nokia 770 Internet Tablet, the Nokia N800 introduces faster performance, full screen finger qwerty keyboard, easier continuous connections through Wi-Fi or via Bluetooth phone, integrated web camera as well as a new elegant design." There is a page with some photos available.
Resources Optaros publishes an open source catalogOpteros has announced the release of an "Open Source Catalog," designed to help companies decide which projects are "enterprise ready." Actually downloading the report requires registration, but it's under a Creative Commons license, so we've made a copy available [PDF]. There are some interesting conclusions (qmail is said to be more enterprise-ready than postfix or sendmail, despite scoring lower in the "community" and "functionality" categories), but it still might serve as a useful starting point for people trying to choose free software.
Contests and Awards Qt Centre Programming Contest (KDE.News)KDE.News has announced the Qt Centre Programming Contest 2007. "Qt community site Qt Centre is celebrating its first anniversary with a programming contest. The contest is open until the end of May and the winner is the best Qt 4 or Qtopia application or component in one of several categories. Great prizes to be won include a MacBook and two Qtopia Greenphones. The contest is sponsored by Basyskom, froglogic, ICS, KDAB and Trolltech."
InfoWorld Honors SUSE Linux Enterprise DesktopNovell, Inc. has announced the winning of a technical award by the SUSE Linux Enterprise Desktop 10. "Novell today announced its SUSE(R) Linux Enterprise Desktop 10 has earned a 2007 InfoWorld Technology of the Year Award, being named "Best Linux Desktop." According to InfoWorld, "Novell's revamped desktop Linux* distribution combines professional fit and finish with unique usability features not available from other vendors... A class act, [SUSE Linux Enterprise Desktop] 10 gives business users new reason to consider Linux for enterprise desktops.""
Event Reports Transcript: Richard Stallman on free softwareCiaran O'Riordan has posted a transcript of Richard Stallman's talk on free software in Zagreb last March. It is, he says, the first transcript of a general RMS talk since 1986. The 1986 transcript is also available for anybody who would like to see what's changed over the last twenty years.
Calls for Presentations Call for Papers: aKademy 2007aKademy 2007 will be held in Glasgow, Scotland from June 30 to July 7. KDE 4 will clearly be a big topic at this gathering. The call for papers has gone out; click below for the details. Abstracts are due by February 14.
KDE Room at FOSDEM 2007 (KDE.News)KDE.News has posted a call for participation for the upcoming FOSDEM conference. "These annual meetings are organised by volunteers, free of charge and generally recognised as one of the most productive gatherings available on the European stage. This year it will be held on the weekend of 24/25th February 2007 on the ULB Campus Solbosh in Brussels, Belgium. We are now looking for KDE contributors to talk about what they are working on. Talks in previous years have included PyKDE, Krita, KDE Marketing, KDevelop and Context Linked Desktops. We want to hear from all parts of KDE in the devroom, so do not think your area of work is too insignificant."
CFP for RAID 2007A call for papers has been posted for the Recent Advances in Intrusion Detection 2007 conference (RAID 2007). The event takes place in Gold Coast, Queensland, Australia on September 5-7, 2007, papers are due by March 31.
Red Hat Summit 2007 call for sessionsA call for sessions has been posted for the Red Hat Summit 2007. The event takes place in San Diego, CA on May 9-11, 2007, submissions are due by January 19.
Upcoming Events Terra Soft Hosts Cell Hack-a-thonTerra Soft Solutions has announced the first Cell processor "hack-a-thon". The event takes place in Loveland, Colorado on January 20-26, 2007. "Glen Otero, Ph.D., Chief Scientist at Terra Soft describes this week long event as, "A gathering of researchers from all over the globe who wish to port science and engineering applications to the Cell processor and create the initial knowledge base of Cell-optimized code. Code authors have the option to release code through the newly formed HPC Consortium, making it available to researchers everywhere."
DebConf7 registration/sponsorship/CFP deadlineAn update report has been sent out for DebConf7, which will take place in Edinburgh, Scotland on June 17-23, 2007. Regarding registration for sponsored accommodation: "We need this information now to make financial estimates. In particular, we would like to calculate how much money we can allocate to travel sponsorship. Even if you are not applying for travel sponsorship, we suggest you organise travel soon. For example, for those coming from Europe some budget airlines recently opened booking for flights that are currently very cheap, and will increase in price over the next few months." Also, the event submission deadline is January 31.
ETel Adds New Speakers and SessionsNew speakers have been announced for the O'Reilly Emerging Telephony Conference. "The program schedule is nearly final for ETel, the OÂReilly Emerging Telephony Conference. A cross-section of noted industry experts will be leading more than 50 sessions and hands-on workshops designed to capture the trends of the evolving telecom industry and provide the means to navigate the communication opportunities ahead. ETel 2007 is scheduled for February 27 through March 1, 2007 in Burlingame, California."
Django at PyConThe Django weblog mentions some Django web development system events at PyCon 2007. "On Feb 22nd (the tutorial day) I (Jacob) will be teaching back-to-back three-hour Django tutorials. The morning tutorial is an introduction to Django designed for anyone interested in getting started with Django. After lunch, I'll move on to an advanced Django tutorial, covering a lot of what goes on under the hood. Anyone who knows Django and wants to dig deeper should really enjoy this one. You can, of course, sign up for both."
PyCon 2007 Funding AvailableThe Python Software Foundation has announced the availability of funding for PyCon 2007 attendees. "The Python Software Foundation has allocated some funds to help people attend PyCon 2007. If you'd like to come to PyCon but can't afford it, maybe the PSF can help you." Funding requests are due by January 19.
Linux Installfest workshop in Davis, CAThe Linux Users' Group of Davis will hold the next Linux Installfest workshop in Davis, CA on Saturday, January 20, 2007.
Events: January 18, 2007 to March 19, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Audio and Video programs Web 2.0 Podcast: A Conversation with Bruce Chizen (O'ReillyNet)O'Reilly presents an interview with Bruce Chizen in audio and video formats. "Adobe CEO Bruce Chizen talked with Web 2.0 Summit program chair Tim O'Reilly about the ubiquity of Flash and PDF, and the fine line that his company walks between open standards and open source. They talked about everything from eBooks and Apollo to competing with Microsoft. This episode is sponsored by the Intel Software Partner Program."
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[LIRC]](/images/ns/lirc.png)