LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for February 22, 2007Wind River buys RTLinuxAmong many in the real-time community, it is a matter of accepted faith that a general-purpose kernel (such as the Linux kernel) cannot be expected to perform properly in a situation where deterministic, real-time response is required. Things may work most of the time, but one never knows when such a kernel may get distracted for too long, with disastrous results for real-time applications. On the other hand, general-purpose kernels do tend to provide nicer programming environments than hard real-time kernels. So real-time developers can be faced with a fundamental conflict: deterministic response or a rich environment?One longstanding attempt to resolve this conflict is RTLinux. At its core, RTLinux is a small, real-time kernel without a great deal of functionality. One of the things RTLinux can do, however, is run a normal Linux kernel as a low-priority task. The RTLinux kernel responds to interrupts, passing them through to the real-time code when appropriate; Linux only gets a chance to run when the real-time code has finished. In an RTLinux system, a small amount of real-time code can perform data acquisition or other real-time tasks while leaving much of the more time-flexible processing to Linux-based code. One interesting thing to know about RTLinux is that the basic technique is patented. This patent - first covered in LWN in February, 2000 - was a relatively early indication of just how software patent claims can affect free software users. The core RTLinux code was licensed under the GPL, but it was not truly free; anybody wanting to use it was subject to the terms imposed by the patent owner. Those terms were eventually spelled out in the RTLinux patent license which allowed royalty-free use provided that either (1) the "Open RTLinux" distribution was used without modifications, or (2) the entire application was licensed under the GPL. Not everybody was happy with this license, but most of the world found ways of living with it or avoiding the patent, and things got quiet on the RTLinux front for some years. On February 20, however, Wind River Systems announced the acquisition of RTLinux - including the patent. Interestingly, nothing to be found in Wind River's press release or acquisition FAQ mentions the patent license in any way. The text of that license, meanwhile, has disappeared from the FSMLabs site and has yet to reappear on the Wind River site. LinuxWorld ran an article on the acquisition with a verbal statement from Wind River that the license would be maintained, which is a step in the right direction, but it hardly adds up to a commitment on Wind River's part. It is entirely possible that Wind River will continue with the current policy. Perhaps Wind River will even make new "Open RTLinux" releases allowing licensees to run reasonably contemporary software. At the moment, however, this code does not appear to be downloadable from anywhere, and there is no indication of when that situation might change. Along these lines, it's worth looking at some text from the acquisition FAQ [PDF]:
There are other real-time Linux products available in open source
today. However, RTLinux is the only commercially supported, hard
real-time product available today. Other open source versions of
RTLinux are based on much older versions of the technology or on
older distributions.
Given that Wind River sees an advantage to having a newer RTLinux than the "open source" versions, updated free releases of RTLinux from Wind River seem unlikely. For anybody who is concerned, there are alternative approaches to real time and Linux which are worthy of consideration. At the lowest level, there is Adeos, a "nanokernel" which makes RTLinux-like functionality available while avoiding the claims of the RTLinux patent. Rather than run the general-purpose kernel as a task of the real-time kernel, Adeos runs both as tasks underneath itself. Adeos, in turn, is used at the base of RTAI, a longstanding RTLinux competitor. Things have been relatively quiet on the RTAI front in recent times, but a look at the RTAI-Lab project suggests that interesting things are happening there still. Beyond that, work on the real-time preemption project, which aims to make Linux, itself, a real-time capable kernel, continues, and much of that work has found its way into the mainline. It will always be harder to prove that a full Linux kernel can provide deterministic response times, but, for many applications, the real-time performance of this kernel will be more than good enough. Some real-time vendors are already shipping products based on this work. There may well be an ongoing market for the RTLinux technology that Wind River has just bought. It would be nice if Wind River could find a way to exploit that market while, simultaneously, using RTLinux to increase its contributions back to the community. There are few indications that Wind River sees RTLinux as anything more than a product, though, so those hoping for a more community-oriented stance may well be disappointed. The good news is that the alternatives are plentiful and quickly getting better.
Notes from the Fedora frontThere have been a few events of interest in the Fedora community recently; this article will attempt to provide a quick overview thereof. For the purposes of this page, "events of interest" do not include personalities who have decided to switch loudly to a different distribution.The Fedora project has been trying to open itself up to contributions from the community, with slow (but real) success. The community is not just made up of developers and packagers, however; it turns out there is a group of motivated people who would like to help out with the Fedora artwork. Good design can be as hard as good code, and one would think that this sort of contribution would be welcome. And, to an extent, it is - to an extent. There has been a conversation happening on the fedora-art list recently; some of the themes can be seen in this posting. It seems, frankly, that the Red Hat-based Fedora folks are concerned about the quality of artwork contributions and (though they don't say so in so many words) loss of control over the default look of the distribution. The end result is that the Fedora board has decided that contributed artwork will not be part of the default Fedora theme; instead, that work will be done within Red Hat. The project is trying not to close the door completely:
But the default theme is not all there is to the Artwork project.
There are many things left to do, including the Echo icon set.
Redesign and new art is needed for the Wiki, infrastructure
applications, the "Some Day Soon" Plone site, and so forth. In
addition, Fedora is not limited to just the default release art.
As part of the initiative to give users the ability to spin their
own distributions built on Fedora, we'd like contributor art to be
able to function as a drop-in RPM package replacement for the
default release art.
Nonetheless, there is a fair amount of disappointment in the artwork community at the moment. On a related issue, the recent revelation that Dell's customers are asking for preinstalled Linux systems has created some interested in the Fedora community. Having a vendor as large as Dell preinstall Fedora would have clear benefits in helping the project to expand its user base. The Fedora folks would like to help make that happen, but it seems that there are some potential roadblocks on the way:
Unless we create the second logo set, I don't think we'll get very
far with pre-installation. Most vendors will want to sweeten the
user experience, and possibly add branding. Any of that will make
it no longer Fedora, and the vendor would be unable to make such
claims under the trademark policy. They'd have to remove all the
Fedora/RH trademarked logos and such too.
Some members of the advisory-board list have pointed out that worrying about the trademark policy is getting ahead of the game; making the distribution work seamlessly on, say, Dell laptops should maybe come first. Still, this issue points out the hazards of mixing trademark licensing and free software. Sometimes the results are not even in the trademark holder's interest. Dell laptops were mentioned because the project knows that a surprisingly large number of its users are installing Fedora on those systems. How does Fedora know this? The answer is a tool called "smolt," which gathers information on the underlying hardware and phones home with it. The project is quite careful about how this communication is done - no connection is made until the user explicitly agrees to it happening. Even so, there have been some complaints on the lists, along with suggestions that it could be illegal under the privacy laws of some countries, especially in Europe. The project is currently working on a privacy policy to govern its use of data gathered from smolt. It looks fairly tight; the project really is just interested in the sort of hardware its distribution is running on, not the people who are running it. Nonetheless, if anybody has concerns about the use of this information (which might be expanded to include a list of packages installed on the system), now would be the time to express them. During a recent Fedora board meeting, there was discussion of the Fedora 7 release delay, and, in particular, whether support for Fedora Core 5 and 6 would be extended to compensate. It came out that, while a number of people assume that the new 13-month support policy came into effect when it was adopted, that is not how the project understands it. The Fedora Core releases are currently expected to be supported under the old way of doing things: support for Fedora Core 5 will end when the second Fedora 7 test release (which just went into freeze mode) comes out. Support for Fedora Core 6 will end during the Fedora 8 development cycle. The full 13-month (or "2n+1") support mode is only expected to begin with Fedora 7. There has been some talk of trying to extend security support for FC5 and FC6, but it is not at all clear that it will happen. Finally, it has been noted that a number of Fedora tasks seem to be going more slowly than many people would like. The word that your editor has heard is that much of this has to do with the impending release of RHEL 5. Getting that release into final form has been causing some heavy demands on Red Hat's developers, with the result that less time is available for working on Fedora. Once the RHEL release is out, things can be expected to pick up a bit on the Fedora side.
Who wrote 2.6.20?Time recently published an article entitled Getting rich off those who work for free which, among other things, talked about free software this way:
Open-source, volunteer-created computer software like the Linux
operating system and the Firefox Web browser have also established
themselves as significant and lasting economic realities.
It is not uncommon to see Linux referred to as a volunteer-created system, as opposed to the corporate-sponsored, proprietary alternatives. There has been little research, however, into how much work on Linux is truly "volunteer" - done on a hacker's spare, unpaid time. In general, the assumption that Linux is created by volunteers is simply accepted. Determining the real provenance of free software can be a daunting task. There is a wealth of information available for those who look, however. In an attempt to shine some light in this area, your editor hacked up some scripts to do a lot of digging around in the kernel git repository. The idea was that, by looking at who is putting changes into the kernel, we can get a sense for where our source is coming from.
Who got patches into 2.6.20This study looked at the stream of patches that changed the 2.6.19 kernel into the current 2.6.20 release. There were, as it turns out 4983 non-merge changesets in this release, contributed by 741 different developers. (Merge changesets mark where the contents of other repositories were pulled into the mainline, but they do not carry any code changes, so the analysis skipped them). These patches added 286,439 lines of code and removed 159,812 others, for a total growth of 126,627 lines over the 2.6.20 development cycle. Your editor's scripts looked over every non-merge commit in 2.6.20. For each, the developer listed as the "author" was given credit for the patch. This approach is not entirely fair, since one developer will, in some cases, be submitting code written by a group of people. In general, though, there is no easy way of getting around this problem - the true breakdown of authorship of a joint work simply is not available in the mainline repository. Your editor believes that this inaccuracy affects the accounting of a relatively small portion of the patches merged into the mainline. Beyond that, how one generates statistics from a patch stream is an interesting question. How does one measure the productivity of programmers? One possibility is to look at the number of changesets merged. By that metric, this is the list of the most prolific contributors to 2.6.20:
Looking at patch counts rewards developers who put in large numbers of small patches. Al Viro's patches include a vast number of code annotations (to enable better checking with sparse), include file fixups, etc. Many of the changes are small - many do not affect the resulting kernel executable at all - but there are a lot of them. Even so, as the biggest contributor, Al generated less than 5% of the total changesets added to the kernel. The top 20 contributors, all together, generated 28% of the total changesets in 2.6.20. One could make the argument that a better way to look at the problem is by the number of lines affected by a patch. In this way, a contributor's portion of the whole will not depend on whether it has been split into a long series of small patches or not. On the other hand, simply renaming a file can make it look like a developer has touched a large amount of code. Be that as it may, by looking at lines changed (defined as the greater of the number of lines added or removed by each individual changeset), one gets a table like this:
Jeff Garzik comes out on top of this particular measurement by virtue of having deleted the long-unmaintained floppy tape subsystem. Patrick McHardy's work includes a number of additions to the netfilter subsystem, Jiri Slaby did a great deal of driver cleanup work, Avi Kivity was the contributor of the KVM virtualization code, and Andrew Victor contributed a number of ARM-related patches and the Atmel AT91 i2c driver. (The contributions made by other authors can be found by searching out their name in the 2.6.20 short-form changelog). Most of the developers in the above list got there by adding code to the kernel. It can be said, however, that the true heroes in the development community are those who remove code and make the kernel smaller. The developers who were best at removing more code than they added were:
Once again, Jeff Garzik's removal of ftape comes out on top, by far. Chris Zankel cleaned up the Xtensa architecture, removing a number of files in the process. Adrian Bunk worked on the ftape removal, got rid of the frame diverter code, removed an old, broken block driver, and generally performed cleanups all over the tree. Mr. Bunk is, in fact, the bane of old code; over the last year (since 2.6.16) he has removed a full 127,000 lines from the kernel source tree. Arnd Bergman got rid of a bunch of syscall*() macros. Linus Torvalds removed the broken x86 stack unwinder code. Finally, one could look at a different measure entirely: the number of patches signed off by each developer. A Signed-off-by: line is an indication that the person involved believes that the code is suitable for merging into the kernel; it implies that some degree of attention has been paid to the patch. Authors sign off their code, as do the subsystem maintainers who pass it up the chain. The top signers-off in 2.6.20 were:
There were a total of 10,354 signoff lines in the 2.6.20 patch stream, so each changeset, on average, was signed off just over two times. It is interesting that Linus, who ultimately merges every patch, only signed off 13% of them. It seems that most patches, these days, go directly into the mainline from subsystem repositories without a signoff from Linus or Andrew. Most of the other names on that list, with just a few exceptions, are the maintainers of subsystem or architecture trees.
Who paid themSo now we have a sense for who got their fingers on the code which went into 2.6.20. But one interesting question still has not been answered: to what extent was that code contributed by volunteers (or "hobbyists")? Finding an answer to that question is somewhat trickier than looking at who wrote the patches, mostly because very few developers say "I wrote this on behalf of my employer." The approach taken by your editor was relatively simplistic, but, perhaps, the best that is practical. Any patch whose author's given email address indicates a corporate affiliation is assumed to have been developed by an employee of that corporation. So any patch posted by somebody with an ibm.com email address is accounted as having been done by an IBM employee. Things are complicated by the fact that many people who work for companies do not use corporate addresses; it is not unheard-of for companies to have policies explicitly prohibiting code contributions associated with their domains. Your editor has coped with this problem by filling in the relevant developer's affiliation whenever it is known to him; in some cases, the developer was asked for this information. This method has the effect of crediting all of an employee's work to his or her employer. In many cases, the situation is probably more complicated than that; one assumes, for example, that a certain kernel hacker's employer has not directed him to hack on Battle for Wesnoth. When looking only at kernel code, however, crediting all work to the employer is probably relatively safe. Using this approach, the top sources of changesets were:
Looking instead at the number of lines of code changed, the results become:
[Note that these tables have been updated once since the article was originally published; the curious can see what the original versions looked like.] In these tables, the line marked "(Unknown)" is exactly that: patches for which existence of a supporting employer could not be determined. The line marked "(None)", instead, indicates the patches from developers known to be working on their own time. Either way, the results come out about the same: at least 65% of the code which went into 2.6.20 was created by people working for companies. If the entire "unknown" group turns out to be developers working on a volunteer basis - an unlikely result - then just over 1/3 of the 2.6.20 patch stream was written by volunteers. The real number will be lower, but it still shows that a significant portion of the code we run is written by developers who are donating their time.
One year's worth of changesLooking at a single kernel release is instructive, but it can also be deceptive. The relatively short release cycle used by the kernel project makes it fairly easy for prolific developers to see few of their patches go into a specific release. In an attempt to gain a longer-term perspective, your editor forced his suffering system to crank through the entire history from 2.6.16 (released almost exactly one year ago) to the present. Some 28,000 non-merge changesets have been added to the mainline (by 1,961 developers) over that time, replacing 1.26 million lines of old code with 2.01 million lines of new code - the kernel grew by 754,000 lines. The developers who touched the most lines over that time were:
The results for employers were:
The end result of all this is that a number of the widely-expressed opinions about kernel development turn out to be true. There really are thousands of developers - at least, almost 2,000 who put in at least one patch over the course of the last year. Linus Torvalds is directly responsible for a very small portion of the code which makes it into the kernel. Contemporary kernel development is spread out among a broad group of people, most of whom are paid for the work they do. Overall, the picture is of a broad-based and well-supported development community. There are many other interesting things to be learned by looking at the kernel's development history. Expect more articles along these lines as your editor finds the time to improve his scripts.
Security A PostgreSQL flawAn announcement of possibly insecure practices in user-defined PostgreSQL functions seems at first blush to be a fairly straightforward advisory; a deeper look reveals some serious implications. It is a problem that echoes a textbook security hole in UNIX setuid programs; it would appear that the developers did not consider that history when adding a setuid-like capability to PostgreSQL. Unfortunately, it also appears that the fix that the advisory recommends is not up to the task of resolving the issue. Anyone using SECURITY DEFINER functions in PostgreSQL probably has quite a large job ahead of them to clear up this particular mess. PostgreSQL functions can be be declared as "SECURITY DEFINER" functions, which causes them to run with the privileges of the owner rather than those of the invoker. PostgreSQL binds the operators and functions called at runtime and searches each element in the schema path to find them. Unfortunately, the user invoking the function can control the schema search path and, by defining operators or other functions that are used by the SECURITY DEFINER function, the invoker can run any code with the permissions of the owner. The once common, now hopefully largely eradicated, UNIX parallel was a vulnerability in setuid programs that invoked other programs via exec(). If the program did not either sanitize its PATH environment variable or fully specify the path to the executable, it was vulnerable to attackers who would put their own code in the path, with the same name as the executable, ahead of the standard program. When the setuid program executed, it would grab the wrong binary and the attacker could run arbitrary code with the permissions of the owner of the setuid program. Another important requirement is that all elements of the sanitized PATH and the directory of the binary are not writable by non-privileged users. So, much like the solution to the UNIX issue, the advisory suggests that SECURITY DEFINER functions specify a sanitized schema path. The equivalent to a fully specified path is not recommended as it is "likely to induce mistakes and will furthermore make the source code harder to read and maintain." Unfortunately, it turns out that because of the way PostgreSQL processes the function definitions, the only solution is to schema-qualify each and every function and operator reference in the function. In addition, setting a schema search path in a function is not local to the function, it changes the global search path for the whole program; functions that do this should restore the original search path on exit. It turns out that the references in a function are resolved as PostgreSQL creates an execution plan for the function. This is prior to actually executing the "set search path" operation in the function and so it will bind to functions and operators in the user controlled schema path as described here. The only alternative is the laborious and error-prone task of schema-qualifying function and operator references in SECURITY DEFINER functions. This is a very unfortunate outcome for a feature that was meant to promote more secure database usage. The idea is to separate the database privileges into different users but to still allow users with few privileges to perform a restricted set of privileged operations. It is surprising that the UNIX setuid issues from the dawn of time_t were not more closely studied when this feature was implemented. It would also seem that the PostgreSQL developers will need to rework how the execution plan and search path interact to fix this design flaw.
New vulnerabilities clamav: directory traversal, denial of service
ekiga: format string vulnerability
fail2ban: denial of service
gnomemeeting: format string flaw
gnucash: temporary file vulnerability
kernel: denial of service
MoinMoin: cross-site scripting and information leak
php: multiple vulnerabilities
spamassassin: denial of service
sun-jdk: arbitrary code execution
Updated vulnerabilities acroread: multiple vulnerabilities
apache: cross-site scripting
bind: denial of service
bluez-utils: hidd vulnerability
bugzilla: multiple vulnerabilities
busybox: insecure password generation
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dovecot: index cache file handling error
elinks: arbitrary file access
fetchmail: password disclosure and DOS
ffmpeg: buffer overflows
Mozilla stuff: multiple vulnerabilities
freeradius: several vulnerabilities
freetype: integer overflows
ftpd: privilege escalation
gcc: file overwrite vulnerability
gd: buffer overflow
gdb: buffer overflow
gdm: improper file permissions
gedit: format string vulnerability
gnupg: stack overwrite
grip: buffer overflow
gv: stack-based buffer overflow
gzip: multiple vulnerabilities
horde-kronolith: local file inclusion
imagemagick: buffer overflows
ImageMagick: buffer overflow
ImageMagick: buffer overflows
imlib2: arbitrary code execution
java: multiple vulnerabilities
kdelibs: integer overflow
kdelibs: kate backup file permission leak
kdelibs: cross-site scripting
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
kernel: denial of service
kernel: multiple vulnerabilities
koffice: integer overflow
krb5: uninitialized pointers
krb5: local privilege escalation
libgadu: memory alignment bug
libgtop2: buffer overflow
libmodplug: boundary errors
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libvncserver: authentication bypass
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lynx: arbitrary command execution
MoinMoin: cross-site scripting
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nbd: arbitrary code execution
openldap: security bypass
OpenSSH: denial of service
openssh: privilege separation issue
openssh: remote denial of service
php: several vulnerabilities
php: buffer overflows
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
postgresql: insufficient verification
postgresql: SQL injection
proftpd: stack-based buffer overflow
quake: buffer overflow
rar: buffer overflow
rpm: arbitrary code execution
samba: several vulnerabilities
shadow-utils: mailbox creation vulnerability
smb4k: multiple vulnerabilities
snort: denial of service
twiki: arbitrary code execution
ulogd: buffer overflow
unzip: long file name buffer overflow
w3c-libwww: possible stack overflow
wireshark: multiple vulnerabilities
wordpress: multiple vulnerabilities
xine: format string vulnerabilities
xine-lib: buffer overflow
xine-lib: buffer overflow
xinit: race condition
X.org: local privilege escalations
X.org: integer overflows
xpdf: buffer overflow
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.21-rc1, released on February 20. "There's a lot of changes, as is usual for an -rc1 thing, but at least so far it would seem that 2.6.20 has been a good base, and I don't think we have anything *really* scary here." Significant changes include the long-awaited dynamic tick patch, better high-resolution timer support, the VMI virtualization interface (now built on top of paravirt_ops), the ALSA "system on chip" layer, lots of new drivers, and more. See the short-form changelog for details, or the full changelog for lots of details.As of this writing, a few hundred patches have found their way into the mainline git repository since -rc1 was released. Most of them are in the Video4Linux subsystem, adding ASUS P7131 remote control support, BTTV cropping support, a big update to the pvrusb2 WinTV driver, a new MSI Mega Sky 580 driver, and quite a bit more. The current -mm tree is 2.6.20-mm2. Recent changes to -mm include Xen DomU support, lguest, Blackfin architecture support, more workqueue changes, POSIX listio completion support for asynchronous I/O, utrace (a new tracing mechanism meant to replace ptrace()), and the kernel markers patch. Stable kernel updates: 2.6.20.1, 2.6.19.4, and 2.6.18.7 were all released on February 20 with a single patch: a fix for the NFS ACL denial of service vulnerability. Larger updates for 2.6.18 and 2.6.19 (probably the last stable updates for both of those kernels) are currently in the works, with a likely release around the 23rd or 24th. 2.6.16.41 was released on February 18 with about a dozen fixes.
Kernel development news More changes for 2.6.21With the release of 2.6.21-rc1, the merge window for this kernel development cycle is now closed. Most of the major 2.6.21 changes were covered here last week, but a number of significant changes did get into the mainline between then and the closing of the window. They are:
Now the stabilization period begins, with the final 2.6.21 due somewhere approximately around the beginning of May.
The managed resource APIThe device resource management patch was discussed here in January. That patch has now been merged for the 2.6.21 kernel. Since the API is now set - at least, as firmly as any in-kernel API is - it seems like a good time for a closer look at this new interface.The core idea behind the resource management interface is that remembering to free allocated resources is hard. It appears to be especially hard for driver writers who, justly or not, have a reputation for adding more than their fair share of bugs to the kernel. And even the best driver writers can run into trouble in situations where device probing fails halfway through; the recovery paths may be there in the code, but they tend not to be well tested. The result of all this is a fair number of resource leaks in driver code. To address this problem, Tejun Heo created a new set of resource allocation functions which track allocations made by the driver. These allocations are associated with the device structure; when the driver detaches from the device, any left-over allocations are cleaned up. The resource management interface is thus similar to the talloc() API used by the Samba hackers, but it is adapted to the kernel environment and covers more than just memory allocations. Starting with memory allocations, though, the new API is:
void *devm_kzalloc(struct device *dev, size_t size, gfp_t gfp);
void devm_kfree(struct device *dev, void *p);
In a pattern we'll see repeated below, the new functions are similar to kzalloc() and kfree() except for the new names and the addition of the dev argument. That argument is necessary for the resource management code to know when the memory can be freed. If any memory allocations are still outstanding when the associated device is removed, they will all be freed at that time. Note that there is no managed equivalent to kalloc(); if driver writers cannot be trusted to free memory, it seems, they cannot be trusted to initialize it either. There are also no managed versions of the page-level or slab allocation functions. Managed versions of a subset of the DMA allocation functions have been provided:
void *dmam_alloc_coherent(struct device *dev, size_t size,
dma_addr_t *dma_handle, gfp_t gfp);
void dmam_free_coherent(struct device *dev, size_t size, void *vaddr,
dma_addr_t dma_handle);
void *dmam_alloc_noncoherent(struct device *dev, size_t size,
dma_addr_t *dma_handle, gfp_t gfp);
void dmam_free_noncoherent(struct device *dev, size_t size, void *vaddr,
dma_addr_t dma_handle);
int dmam_declare_coherent_memory(struct device *dev, dma_addr_t bus_addr,
dma_addr_t device_addr, size_t size,
int flags);
void dmam_release_declared_memory(struct device *dev);
struct dma_pool *dmam_pool_create(const char *name, struct device *dev,
size_t size, size_t align,
size_t allocation);
void dmam_pool_destroy(struct dma_pool *pool);
All of these functions have the same arguments and functionality as their dma_* equivalents, but they will clean up the DMA areas on device shutdown. One still has to hope that the driver has ensured that no DMA remains active on those areas, or unpleasant things could happen. There is a managed version of pci_enable_device():
int pcim_enable_device(struct pci_dev *pdev);
There is no pcim_disable_device(), however; code should just use pci_disable_device() as usual. A new function:
void pcim_pin_device(struct pci_dev *pdev);
will cause the given pdev to be left enabled even after the driver detaches from it. The patch makes the allocation of I/O memory regions with pci_request_region() managed by default - there is no pcim_ version of that interface. The higher-level allocation and mapping interfaces do have managed versions:
void __iomem *pcim_iomap(struct pci_dev *pdev, int bar,
unsigned long maxlen);
void pcim_iounmap(struct pci_dev *pdev, void __iomem *addr);
For the allocation of interrupts, the managed API is:
int devm_request_irq(struct device *dev, unsigned int irq,
irq_handler_t handler, unsigned long irqflags,
const char *devname, void *dev_id);
void devm_free_irq(struct device *dev, unsigned int irq, void *dev_id);
For these functions, the addition of a struct device argument was required. There is a new set of functions for the mapping of of I/O ports and memory:
void __iomem *devm_ioport_map(struct device *dev, unsigned long port,
unsigned int nr);
void devm_ioport_unmap(struct device *dev, void __iomem *addr);
void __iomem *devm_ioremap(struct device *dev, unsigned long offset,
unsigned long size);
void __iomem *devm_ioremap_nocache(struct device *dev,
unsigned long offset,
unsigned long size);
void devm_iounmap(struct device *dev, void __iomem *addr);
Once again, these functions required the addition of a struct device argument for the managed form. Finally, for those using the low-level resource allocation functions, the managed versions are:
struct resource *devm_request_region(struct device *dev,
resource_size_t start,
resource_size_t n,
const char *name);
void devm_release_region(resource_size_t start, resource_size_t n);
struct resource *devm_request_mem_region(struct device *dev,
resource_size_t start,
resource_size_t n,
const char *name);
void devm_release_mem_region(resource_size_t start, resource_size_t n);
The resource management layer includes a "group" mechanism, accessed via these functions:
void *devres_open_group(struct device *dev, void *id, gfp_t gfp);
void devres_close_group(struct device *dev, void *id);
void devres_remove_group(struct device *dev, void *id);
int devres_release_group(struct device *dev, void *id);
A group can be thought of as a marker in the list of allocations associated with a given device. Groups are created with devres_open_group(), which can be passed an id value to identify the group or NULL to have the ID generated on the fly; either way, the resulting group ID is returned. A call to devres_close_group() marks the end of a given group. Calling devres_remove_group() causes the system to forget about the given group, but does nothing with the resources allocated within the group. To remove the group and immediately free all resources allocated within that group, devres_release_group() should be used. The group functions seem to be primarily aimed at mid-level code - the bus layers, for example. When bus code tries to attach a driver to a device, for example, it can open a group; should the driver attach fail, the group can be used to free up any resources allocated by the driver. There are not many users of this new API in the kernel now. That may change over time as driver writers become aware of these functions, and, perhaps, as the list of managed allocation types grows. The reward for switching over to managed allocations should be more robust and simpler code as current failure and cleanup paths are removed.
A new Intel wireless driverAlmost exactly one year ago, Intel announced the ipw3945 project - a free driver for its 3945ABG wireless adapters. This move was welcomed as a refreshing change from the usual mode of operation in the wireless area, which usually involves binary-only drivers. Even so, this driver was greeted with some complaints; in particular, the binary-only "regulatory daemon" was not a popular idea, despite the fact that it ran entirely in user space. The ipw3945 driver was never merged into the mainline kernel.In many cases, just getting free drivers from companies seems like a lot to ask. Getting them to go back and start over is often out of the question. That is just what Intel has done, however, and, on February 9, the new version of the driver was announced, complete with a shiny new web site. The new driver should prove more popular than the old one was. The user-space regulatory daemon is no more. Intel's engineers, it seems, have found a way to move the regulatory function into the device's firmware, getting the host processor out of the regulatory compliance business altogether. That is probably a more robust solution in general, even though, strictly speaking, the flexibility of the hardware has been reduced. Most users will likely look at the tradeoff - better regulatory compliance and no binary-only daemon - and like what they see. Of course, those who see binary-only device firmware as an infringement of their freedom will not feel that the situation has improved much. Another significant change is that the new driver works with the Devicescape 802.11 stack. Devicescape remains the intended direction for wireless networking in the Linux kernel, so the new driver should be more easily integrated. At least, that will be the case once Devicescape gets into the mainline. For now, Linux users wanting to try out the new driver will also have to get a version of the d80211 module (available from the Intel site) and build that for their kernels as well. That leads to the obvious question: when will Devicescape make it into the mainline kernel? The process of getting that code ready for merging has taken rather longer than desired, but it is still moving forward. The current plan, it seems, is to rebase the Devicescape code to 2.6.21-rc1, once that's released, and get the result included in the -mm kernel. If all goes well, the Devicescape stack might just find its way into 2.6.22. That would be a major step forward for wireless networking in Linux. Back to the Intel driver: one thing that is still lacking is any sort of hardware documentation. Anybody not working for Intel will be limited in what they can do with this driver by what they can learn from the code itself. Your editor asked Intel about hardware documentation; we were told:
The reality is the driver sources are the programming information
for the hardware. As time goes forward we spend some time trying
to improve the comments in the headers for the source files to make
it more clear what they do and to provide some overviews of
theory-of-operation, but there isn't any self-contained accurate
document that covers everything you need to know to program and
operate the device.
Given the choice between developing code and writing documentation, the Intel hackers went for the code.
Clockevents and dyntickOne of the last patch sets to be merged before the 2.6.21 window closed was the clockevents and dyntick work from the real-time tree. These patches have been in the works for some time, and were originally targeted for merging in 2.6.19. In the process, the developers (primarily Ingo Molnar and Thomas Gleixner) discovered one of the fundamental laws of kernel development: if your patches break Andrew Morton's laptop, they are unlikely to make it into the mainline. That little difficulty has now been overcome, with the result that 2.6.21 will include some interesting core changes.Dealing with clock devices has traditionally been handled in the kernel's architecture-specific code. The result has been a lot of duplicated code between architectures (there are more architectures than common timer devices) and no uniform interface for the core kernel to make use of these devices. John Stultz's generic time of day infrastructure resolved a number of those problems, at least for the timekeeping task, but anybody who wanted to program timer devices in a more general way still ended up dealing with architecture-specific code. The "clockevents" patch set finishes this job. At its core, clockevents creates a driver API for devices which can deliver interrupts at a specific time in the future. The API tracks the capabilities of each timer (resolution and whether it can do one-shot or periodic interrupts, for example) and provides a simple interface for arming the timer. This API is defined in the core kernel, with only a low-level driver remaining in the architecture-specific code. The end result is that the kernel now has the means to query and use timer capabilities in an architecture-independent manner. With the clockevents mechanism in place, it becomes possible to support truly high-resolution timers. When such a timer is requested, all that is required is to pick a suitable clockevent device and arm it for the desired time. These devices can deliver interrupts with a high degree of precision, with the result that kernel timers, too, can offer high precision - a feature which is of clear utility to real-time users (among others). The periodic timer tick is now implemented with a clockevent as well. It does all of the things the old timer-based interrupt did - updating jiffies, accounting CPU time, etc. - but it is run out of the new infrastructure. All of this is an improvement, but there is still one thing which could be better: there is no real need for a periodic tick in the system. That is especially true when the processor is idle. An idle CPU can save quite a bit of power, but waking that CPU up 100 times (or more) per second will hurt those power savings considerably. With a flexible timer infrastructure, there is no point in turning the CPU back on until it has something to do. So, when the (i386) kernel goes into its idle loop, it checks the next pending timer event. If that event is further away than the next tick, the periodic tick is turned off altogether; instead, the timer is is programmed to fire when the next event comes due. The CPU can then rest unharrassed until that time - unless an interrupt comes in first. Once the processor goes out of the idle state, the periodic tick is restored. What's in 2.6.21 is, thus, not a full dynamic tick implementation. Eliminating the tick during idle times is a good step forward, but there is value in getting rid of the tick while the system is running as well - especially on virtualized systems which may be sharing a host with quite a few other clients. The dynamic tick documentation file suggests that the developers have this goal in mind:
The implementation leaves room for further development like full
tickless systems, where the time slice is controlled by the
scheduler, variable frequency profiling, and a complete removal of
jiffies in the future.
So expect some interesting work in the future - the removal of jiffies alone has a number of interesting implications. The developers also have support for the x86_64 and ARM architectures, though that support has not been merged for 2.6.21; MIPS and PowerPC support is in the works as well.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Security-related
Virtualization and containers
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials A look at dyne:bolic 2.4Dyne:bolic GNU/Linux is a live CD distribution that can be installed to a hard drive if desired. It is user friendly and has good hardware recognition. From the release announcement for version 2.4: codename DHORUBA:
This release improves user-friendliness introducing
Xfce-4.4 as the new default desktop, customized for the scheme of
interaction that is familiar to dyne:bolic users. Another important new
feature is the ability to create an encrypted nest to prevent access to
personal data stored in home directories. No complicated notions are
required, our user friendly setup deals with usb and harddisk storages as
usual, in case the nest is encrypted you'll see your home icon upgraded to
fortress, then everything that goes in your nest is protected.
The installation of dyne:bolic is very simple, just copy the /dyne directory from the CD to free partition on your computer. You can also save your configuration to a USB key. Dyne:bolic is 100% free software and it's optimized to run on slower computers. It's also designed as a practical tool for multimedia production: you can manipulate and broadcast both sound and video with tools to record, edit, encode and stream.
New Releases Debian GNU/Linux 3.1 updatedThe Debian project has updated the stable distribution Debian GNU/Linux 3.1 (codename `sarge'). "This update mainly adds security updates to the stable release, along with a few corrections to serious problems. Those who frequently update from security.debian.org won't have to update many packages and most updates from security.debian.org are included in this update."
Lunar-1.6.1 Install ISO "Moose Drool" released for x86_64 and i686"Moose Drool" is also known as the Lunar-Linux 1.6.1 Installer ISO and it is available now. "This ISO is partially a refreshed installer for i686, but it is also our first stable ISO for x86_64. The x86_64 installer ISO thus marks the true final entry for Lunar Linux as a multi-arch distro. This ISO comes with gcc-3.4.6, glibc-2.3.6, linux-2.6.20, perl-5.8.8, and other rock solid base components."
BLFS Version 6.2.0 has been released!Beyond Linux from Scratch has released BLFS Version 6.2.0. This release is the complement to the LFS 6.2 book.
openSUSE 10.3 Alpha1 releasedThe first public alpha release of openSUSE 10.3 is available for testing. Click below for a look at what's new and a list of known bugs. Alpha two is planned for March 15.
Ubuntu Herd 4 releasedThe Ubuntu Feisty Fawn Herd 4 CD is available for testing. The announcement (click below) contains download information for Ubuntu, Kubuntu and Edubuntu and a list of known bugs. "The primary focus during the time from Herd 3 has been a mix of feature development and bug fixing."
Distribution News Debian announcementsSteve McIntyre presents Bits from the 2IC. "First of all, we're still working towards an Etch release. It's a shame that it'll be later than many of us hoped, but again the new release is shaping up to be our best ever. It's not my place to second-guess the release team, but I'm hoping for a release soon. We're primarily waiting on the kernel to stabilise for release and a final debian-installer release candidate. We've got a few more RC bugs to polish off, then PARTY TIME!!! (Well, maybe some of us will have some more little spots of work to do in the last few days and hours... *grin*)"The third call for nominations has gone out for the 2007 Debian Project Leader elections. The campaign period begins February 25, 2007. Frans Pop has an update on key expiry that broke Etch. "This means that full CD and DVD images are now available again from, for all architectures (except S/390). The now available images are virtually identical to what will be released as D-I RC2, so testing and installation reports are most welcome." Raphael Hertzog reports on Alioth downtime and lost data from the gforge database. "What is definitely lost however is the changes done to trackers/forums/surveys during that period and in general anything that is gforge-specific. We're really sorry for that, you can be sure we'll take required measures for the future."
openSUSE meeting minutesopenSUSE has decided to use libata by default in version 10.3. If your openSUSE installation has more than 15 partitions this could cause some problems. Click below for more information on this, and other issues.
openSUSE SurveyopenSUSE is running a survey to get an idea of how people feel about the openSUSE project and the openSUSE 10.2 distribution.
Fedora 7 release delayedThe Fedora 7 release schedule always looked ambitious, given the challenges of integrating the Core and Extras repositories. It seems that integration is not proceeding as quickly as one might like, with the result that the Fedora 7 release is now planned for May 24, a one-month delay.
FDSCo Elections openThe elections for Fedora Documentation Steering Committee (FDSCo) are open until 23:59 UTC, 26 February 2007. Voting is open to all members of the cvsdocs group in the Fedora Account System.
Announcing Fedora Desktop User GuideThe Fedora Desktop User Guide for Fedora Core 6 is available. "The Desktop User Guide is here to help you accomplish specific tasks with the desktop applications. It is written for individuals who are unfamiliar with the default Fedora Desktop and who may be running their first Linux desktop."
ESR's goodbye noteFor those who can't resist: here is Eric Raymond's "goodbye, Fedora" note. "Over the last five years, I've watched Red Hat/Fedora throw away what was at one time a near-unassailable lead in technical prowess, market share and community prestige. The blunders have been legion on both technical and political levels." So far, the Fedora folks do not appear to be greatly pained by his departure.
Mandriva Cooker : The Inside Man VFabrice Facorat has posted some information about the Mandriva Cooker (development branch). Click below for more about Nvidia/ATI vs Xorg 7.2, Testing Metisse in cooker, 64 vs 32 bit Cooker, Migration to cdrkit, Testing RandR 1.2, 2007.1 Errata create, Warly Departure, and Using PulseAudio as default in 2008.0.
Ubuntu announcementsBen Collins announced regular meetings of the kernel team. "I invite anyone interested to attending, even if it's just to see how we get things done. Meetings are going to be held in the normal location: #ubuntu-meeting on irc.freenode.net. Meetings will be bi-weekly, Mon at 16:00 UTC, with the exception of the first meeting which is Wed Feb 21, at 16:00 UTC, due to holidays."Martin Pitt looks at some policy decisions with regard to the package maintainer field. "a fair while ago, the Debian project collectively decided that Ubuntu source and binary packages should not carry Debian's maintainers in their Maintainer: field any more. Instead, we shall preserve them in the Original-Maintainer: field and put an Ubuntu specific contact into Maintainer:" The Ubuntu archive team has added two new members. "We have also allocated archive team days, so if you need to have a package promoted, packages pushed through NEW or services the archive team offer, please contact the correct person on IRC (#ubuntu-devel being the most appropriate channel)."
New Distributions ProTech - a new security distributionProTech is a new security oriented distribution from the Techm4sters team. It's a live CD based on Ubuntu Feisty with tools for network administrators, pentesters and other forensic analysis. The first beta was made available for download February 13, 2007, with a final version expected in April 2007 when the Ubuntu Feisty release is finalized.
Tadpole Linux Announces Logo Design CompetitionTadpole Linux is new Gentoo-based live CD geared toward K-6 elementary school students. A Logo Design Competition is underway, with a submission deadline of March 2, 2007. The first release is expected soon after.
Distribution Newsletters Fedora Weekly News Issue 77The Fedora Weekly News for February 19, 2007 covers a change in the Fedora 7 schedule, Fedora 7 Test 1 Release Notes, Changes to fedora-advisory-board list, The Interview of Bill Nottingham, Fedora Directory Server is now in Fedora Extras, InfoDesk Inc. Chooses Fedora Directory Server, Ambassadors Report - SCALE5X, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for February 12, 2007 covers time zone updates, testing for new freetype, problems with NSS/NSPR, thanks from the KDE team, Adopt-a-Dev update, and much more.
DistroWatch Weekly, Issue 190The DistroWatch Weekly for February 19, 2007 is out. "Those users who enjoy beta testing Linux distribution had an exciting week as new development builds from Mandriva, PCLinuxOS, openSUSE and Ubuntu all appeared on public mirrors. In the meantime, the Fedora project announced a delay in the release of Fedora 7 - now scheduled for late May. In other news, Ubuntu has clarified its position on the issue of proprietary video drivers, Daniel Robbins is about to formally return to the project he founded some seven years ago, SabayonLinux loses two key developers, and CentOS announces plans for the all-new CentOS 5. The feature story takes a brief look at two distributions which recently bumped their version numbers while in the middle of development - SaxenOS and SimplyMEPIS."
Distribution meetings openSUSE Reminder: FOSDEM 2007 - this weekend!A reminder for anyone going to FOSDEM this weekend; openSUSE has a dev-room where there will be lots of interesting talks, and a small booth on the floor.
FudCon Videos are now availableFudCon videos from Boston 2007 are available for torrent download.
Package updates Slackware glibc-zoneinfo US Daylight Savings Time changesSlackware has new glibc-zoneinfo packages with the new US Daylight Savings Time schedule for all stable Slackware systems.
Newsletters and articles of interest Monitoring Servers and Clients using Munin in Ubuntu (Ubuntu Geek)Ubuntu Geek looks at Munin. ""Munin" means "memory". Munin the tool surveys all your computers and remembers what it saw. It presents all the information in in graphs through a web interface. Its emphasis is on plug and play capabilities. After completing a installation a high number of monitoring plugins will be playing with no more effort. Using Munin you can easily monitor the performance of your computers, networks, SANs, and quite possibly applications as well. It makes it easy to determine "what's different today" when a performance problem crops up. It makes it easy to see how you're doing capacity wise on all limited resources."
Create virtual Machines Using Virtualbox in Debian (Debian Admin)Debian Admin looks at Virtualbox on Debian Etch. "VirtualBox is a general-purpose full virtualizer for x86 hardware. Targeted at server, desktop and embedded use, it is now the only professional-quality virtualization solution that is also Open Source Software."
Distribution reviews Xubuntu offers appealing desktop alternative (tectonic)Tectonic has a review of Xubuntu. "Performance wise Xubuntu is everything I was hoping. It is light and fast. Clicking on the applications menu gives you immediate feedback. And unless you're running about five or six other applications at the time, opening a file browser or a terminal window is almost instantaneous. As I write this I have about four applications running, some with two or three windows open each. Clicking on the 'show desktop' applet hides all of the open six windows in just a second. On a slower machine this is not to be sneezed at."
Software Review: Yellow Dog Linux 5 for PlayStation 3 (BC Gaming)Blogcritics has a review of Yellow Dog Linux 5 for PlayStation 3. "[W]hat do you get with Yellow Dog Linux 5? There are 2248 packages (RPMs) included, including heavyweights in the Open Source software arena such as OpenOffice, GIMP, Firefox... the list goes on and on. Yellow Dog 5 also comes with a simply stunning desktop environment, called Enlightenment (E17)."
Page editor: Rebecca Sobol Development Progress on the Linux Desktop Testing ProjectThe Linux Desktop Testing Project (LDTP) is a desktop application testing framework that was originally announced in January, 2005.
GNU/Linux Desktop Testing Project (GNU/LDTP) is aimed at producing [a] high quality test automation framework and cutting-edge tools that can be used to test [the] GNU/Linux Desktop and improve it. It uses the Accessibility libraries to poke through the application's user interface. The framework also has tools to record test-cases based on user-selection on the application.
GNU/LDTP core framework uses Appmap and the recorded test-cases to test an application and gives the status of each test-case as output.
Version 0.8.0 of LDTP was recently announced: "This release features number of important breakthroughs in LDTP as well as in the field of Test Automation." New capabilities of LDTP 0.8.0 include:
System Applications Database Software PostgreSQL Weekly NewsThe February 18, 2007 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
wxSQLite3 1.7.2 released (SourceForge)Version 1.7.2 of wxSQLite3 is available. "The new version 1.7.2 of wxSQLite3 - a thin wrapper for the SQLite database for wxWidgets applications - now supports the current version 3.3.12 of SQLite. The wxSQLite3 API is now independent of optional features; it can be checked at runtime for which optional features wxSQLite3 was compiled. Since on Linux support for loadable extensions is not compiled into SQLite by default it has been made optional in wxSQLite3 as well."
Mail Software Apache SpamAssassin 3.1.8 releasedVersion 3.1.8 of Apache SpamAssassin has been released. "This is a maintenance and security release of the 3.1.x branch. It is highly recommended that people upgrade to this version."
Openchange MAILOOK milestoneOpenchange has announced the availability of a Linux MAPI library which will allow Linux users to access an exchange mail server. "The OpenChange team is very proud to announce we have released on our repository a first experimental but working implementation of our MAPI Library under Linux. Libmapi is a client-side MAPI library implementation designed to make MAPI messaging applications development under Linux trivial." (Thanks to Joerg Mayer.)
Printing CUPS 1.2.8 releasedVersion 1.2.8 of the CUPS printing system has been announced. "CUPS 1.2.8 adds a French localization, updates the Japanese and Spanish localizations, and fixes several web interface, printing, and networking bugs."
CUPS Driver Development Kit 1.1.0 announcedVersion 1.1.0 of the CUPS Driver Development Kit has been announced. "The new release adds support for creating globalized and compressed PPDs with configurable line endings, includes a new ppdmerge utility, and fixes some platform and packaging issues. The CUPS Driver Development Kit (DDK) provides a suite of standard drivers, a PPD file compiler, and other utilities that can be used to develop printer drivers for CUPS and other printing environments."
Web Site Development Mod_python 3.3.1 releasedVersion 3.3.1 of Mod_python, a Python language extension to the Apache web server, is out. See the online documentation for change history.
Desktop Applications Audio Applications Aqualung 0.9 beta 7.1 releasedVersion 0.9 beta 7.1 of Aqualung, a cross-platform music player, is available. "This is an update to our recent 0.9beta7 release, containing some important fixes to bugs that were found as a result of the greater user coverage after the release of 0.9beta7."
Mammut 0.57 releasedVersion 0.57 of Mammut, an FFT audio spectrum analysis package, has been released. This version adds new features, Mac and Windows ports and more.
Data Visualization Grace 5.1.21 is availableVersion 5.1.21 of Grace, a WYSIWYG 2D plotting tool, has been announced. "This is a maintenance release of the 5.1 series; an upgrade is recommended."
Desktop Environments GNOME 2.18.0 Beta 2 released (GnomeDesktop)GnomeDesktop has announced the release of GNOME 2.18.0 Beta 2. "Love is in the air! The GNOME 2.18.0 Beta 2 release is out to spread even more love in this Valentine's day. This is our second beta release on our road towards GNOME 2.18.0, which will be released in March 2007. So, If you're feeling alone, give some love to GNOME today by breaking it, fixing it, translating it, documenting it, and your [happiness] is g[u]aranteed tomorrow! Who knows? This release marks the start of the String Freeze. No, this doesn't have anything to do with the Finnish winter."
GARNOME 2.17.91 releasedVersion 2.17.91 of GARNOME, the bleeding-edge GNOME distribution, is out. "The "go go gadget garnome" release. We are pleased to announce the release of GARNOME 2.17.91 Desktop and Developer Platform. This release includes all of GNOME 2.17.91 (aka 2.18.0 Beta 2), tweaked and updated with love by the GARNOME Team."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Commit-Digest for 18th February 2007 (KDE.News)The February 18, 2007 edition of the KDE Commit-Digest has been announced. The content summary says: "The Dolphin file manager is moved into kdebase. Continued work in Umbrello courtesy of the Student Mentoring program. Graphical element representations start to be introduced in Kalzium. More new country maps in KGeography. KSpaceDuel begins the porting process to a scalable graphics interface, with further SVG intergration work in KMines, KWin4, KNetWalk, KBlackBox and KMahjongg. KolourPaint gains the ability to interface with image scanning hardware. Improved handling of the XPS document format in okular. Lilypond export functionality in KTabEdit. More work in the KDE Fonts Manager. The KNewStuff2 framework reaches new milestones in its reworking for KDE 4."
Quickies: Dev Wiki, Sonnet, Jambi, Scientific Analysis and CSS Compliance (KDE.News)KDE.News presents another Quickies article. "Vote for the name of the new KDE developer and sysadmin wiki. *** Nathan Sanders reveals that KDE 4's Sonnet will turbocharge language processing at Linux.com. *** Trolltech announced the first beta release of Qt Jambi, now available for testing and feedback. *** ChainLink is a new Qt 4 integrated environment for scientific data analysis and visualisation using Matlab/Octave/Scilab compatible syntax. ..."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
Encryption Software PasswordSafe 3.06 released (SourceForge)Version 3.06 of PasswordSafe is out. "Password Safe is a password database utility. Users can keep their passwords securely encrypted on their computers. A single Safe Combination unlocks them all. Version 3.06 is a minor release - some annoying bugs have been fixed, some features have been improved upon."
Games Ember 0.4.2 release candidate 4Release candidate 4 of Ember 0.4.2 has been announced on the WorldForge game site. "This release should be stable and contains no known bugs. If you have problems running it, please send a mail to Erik."
Interoperability Wine 0.9.31 releasedVersion 0.9.31 of Wine has been announced. Changes include: Many Direct3D fixes and performance improvements, Several new comctl32 test cases, IDL compiler improvements, More OLE32 marshalling fixes and lots of bug fixes.
Wine Weekly NewsletterThe February 19, 2007 edition of the Wine Weekly Newsletter is online with coverage of the Wine project. Topics include: News: Wine 0.9.31, CrossOver 6.0, DIB Engine Discussion, Summer of Code 2007, GNOME & Freedesktop Menus, Direct3D Screenshots, Toolbar Regression, RHEL 3 RPM's, and IE Developers Toolbar.
Mail Clients Bongo Project releases initial milestone: 0.1.0Version 0.1.0 of Bongo has been announced. "Bongo is a project to create fun and simple mail & calendaring software. As well as providing a well-featured but extensible set of server software, it also comes with a user-friendly web interface. The Bongo Project is pleased to announce the release of Bongo 0.1, which represents the first milestone on our roadmap. This is a source-only release intended for hackers and users who want to get an early preview of what we're building."
Multimedia Elisa 0.1.4 announcedVersion 0.1.4 of Elisa has been announced, it adds new features and bug fixes. "Elisa is a project to create an open source cross platform media center solution. While our primary development and deployment platform is GNU/Linux and Unix operating systems we also currently support Microsoft Windows and also hope to support MacOSX in the future. Elisa runs on top of the GStreamer multimedia framework and is develop[]ed in Python."
Music Applications CLAM 0.98 releasedVersion 0.98 of CLAM, a C++ framework for doing research and application development in audio and music, is available. "Apart from MacOS build, this release features KDE integration for NetworkEditor and Prototyper (so you can open network files from Konqueror), MFCCs added to Annotators extractor example, and several fixes (thanks James). FLTK module has been dropped and it is not being compiled by default. It will be completely removed on the next release."
Office Applications HylaFAX 4.3.2 releasedVersion 4.3.2 of HylaFAX, a fax modem interface, has been announced. "This release includes significant improvements to email templating, a system that offers server admins an unprecedented level of control over the branding of the email messages HylaFAX sends, and so we encourage you to check it out. As always, our sincerest thanks go to all who participate in the development and testing process."
Miscellaneous Laplock 0.0.4 releasedStable version 0.0.4 of Laplock is available. "Laplock locks your computer or laptop using a media card such as USB memory, SD, MMC, or a Memory Stick. Once you register a unique card, the program starts xlock or xscreensaver when it is removed and stops it once it is plugged in again."
Languages and Tools C GCC 4.1.2 releasedVersion 4.1.2 of GCC, the Gnu Compiler Collection, is out. "This release is a bug-fix release for problems in GCC 4.1.1. GCC 4.1.2 contains changes to correct regressions from previous releases, but no new features."
Caml Caml Weekly NewsThe February 20, 2007 edition of the Caml Weekly News is out with new Caml language articles.
Lisp Lython 1.0 announcedVersion 1.0 of Lython, a Lisp dialect compiler which outputs Python byte-code, has been announced. The description states: "Parses a lisp dialect using spark. Simple macros. Compiles to Python bytecode. Generates pyc, pyo files. Full-featured interactive interpreter. Based on Miles Egan's Lython."
PHP PHP 4.4.5 releasedVersion 4.4.5 of PHP has been released. See the ChangeLog file for a list of bug fixes and other improvements.
Python Jython 2.2 beta 1 announcedThe first beta release of Jython 2.2, a Python implementation on Java, is available. "This release contains all of the major features for a 2.2 release, so it's a significant milestone towards 2.2 proper. It's being released to solicit feedback about any bugs or missing features; if you can, download it and check for issues. "
PyPy 0.99 releasedVersion 0.99 of PyPy, a Python interpreter implementation and an advanced compiler, has been announced. "Welcome to the PyPy 0.99.0 release - a major snapshot and milestone of the last 8 months of work and contributions since PyPy-0.9.0 came out in June 2006!"
Tcl/Tk Tcl-URL!The February 15, 2007 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
Tcl-URL!The February 20, 2007 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
XML Introducing RDFa (O'Reilly)O'Reilly has published part one of a series on RDFa. "In this first part of a two-part series, Bob DuCharme introduces us to RDFa, a new, XHTML-friendly standard syntax for RDF metadata that allows you to embed RDF metadata into the Web in a novel way."
IDEs Wing IDE 2.1.4 releasedVersion 2.1.4 of Wing IDE, a Python language integrated development environment, has been announced. "This is a bug fix release that among other things fixes handling of UTF-8 byte order marks, improves auto-completion for PyQt 4, reports exceptions correctly in Python < 2.2, fixes some problems with Subversion 1.4, does better adaptive scrolling on OS X, and displays menus correctly in Hebrew locales."
Page editor: Forrest Cook Linux in the news Recommended Reading Save the BBC from Windows DRM! (Linux Journal)Glyn Moody looks at technological choices made by the British Broadcasting Corporation. "The BBC has a long and glorious past as a technological innovator. Throughout the history of broadcasting, it has often been the first to develop and promote new technologies. Sadly, it seems now to be teetering on the brink of making technical choices that will not only damage its own reputation as a world-class institution, but which will also have serious knock-on consequences for free software."
IDC: Linux Ecosystem Worth $40 Billion by 2010 (internetnews.com)internetnews.com covers a prediction by IDC on the future value of the Linux ecosystem. "At the Linuxworld Open Solutions Summit, which kicked off today in New York, IDC analysts detailed where they see the Linux ecosystem today and where it is headed by 2010. For 2006, Al Gillen, research vice president of system software at IDC, told an early morning audience that the research firm has pegged the Linux ecosystem that includes servers and software to be worth $18 billion. By 2010, Gillen said, the market will be worth $40 billion."
Building an Relationship Economy (Linux Journal)Doc Searls discusses the relationship economy in his Linux Journal blog. "Is there something new that open source development methods and values can bring to the economy? How about something old? I think the answer may come from the developing world, where pre-industrial methods and values persist and offer some helpful models and lessons for a networked world that's less post-industrial than industrial in a new and less impersonal way."
Trade Shows and Conferences The ACCURATE meetingPing reports on his touch screen voting software development and the ACCURATE meeting. "I'm excited to say that this new version fits in 400 lines of straightforward, readable Python. However, this version doesn't contain a verifier yet; included among the 300 lines of last year's software was a verifier for the ballot definition to ensure that, once the ballot is successfully loaded, the program cannot crash. After i add a verifier to the new version, it will probably weigh in somewhere between 500 and 600 lines. Still, not bad. I was aiming for under 1000, as a reasonable limit for the number of lines one could expect to review and verify with some confidence. (For comparison, the Diebold AccuVote TS-X software is over 31000 lines of C++.)"
LinuxWorld New York: a longer name for a smaller show (Linux.com)Linux.com covers the LinuxWorld OpenSolutions Summit. "IDG's East Coast Linux gathering is now officially called the LinuxWorld OpenSolutions Summit (LWOSS). The inaugural 2007 version of the renamed conference was held February 14 and 15 in the conference area of the Marriott Marquis hotel in Manhattan, not in a huge convention center. Despite the longer name, it was such a cute little conference that I kept wanting to pat it on its head. But sometimes smaller is better, and in many ways this 600-person LWOSS was more fun and more informative than its larger Boston and New York predecessors."
KDE at SCALE 5x (KDE.News)KDE.News reports on all things KDE at SCALE 5X. "KDE was once again well represented at the 2007 Southern California Linux Expo (SCALE 5x), demonstrating to show-goers why it is the most popular Linux desktop. There were talks, demonstrations from KDE developers and and thank yous in return. Read on for the full report."
Volunteers make Vancouver PHP Conference work (Linux.com)Linux.com covers the Vancouver PHP Conference. "More than 225 developers attended the second Vancouver PHP Conference at the University of British Columbia's Downtown Campus in Vancouver Canada this week. Organized by the Vancouver PHP Users Group, the conference attracted many of the best-known names in the PHP world, including Rasmus Lerdorf, Andrei Zmievski, Damien Seguy, and Zak Greant. The result was a well-rounded conference that shows what an experienced group of volunteer organizers can accomplish."
Companies Dell users demand more Linux options (ZDNet UK)ZDNet UK looks at what people are saying at Dell's Ideastorm website. "Nearly 40,000 users have used the Dell Ideastorm website to promote the suggestion that Dell should: "Offer the three top free Linux versions [Fedora, OpenSuse and Ubuntu] for free pre-installation on all Dell PCs". It is now the most popular suggestion on the site."
Flash for Linux -- It's Not for Designers (internetnews.com)internetnews.com looks into development issues with Adobe's Flash Player 9 for Linux. ""In general we chose the standard but we really just want it to work," Huang said. "Our wish list is for more consistency of libraries across the various Linux distributions, which would enable wider support." The problem revolves around the fact that there really isn't such a thing a standard Linux desktop. Efforts like the Linux Standard Base (LSB), which aims to provide standardized API's for the Linux desktop, fall short for Flash."
Linux Adoption Cuba to migrate to open-source software (ZDNet)ZDNet reports that the Cuban government is migrating its computers to open source software. " A Cuban academic, Hector Rodriguez, is supporting the migration to open source by heading up a development program within one of the largest Cuban universities. Cuba's customs service has already migrated to Linux, while the ministries of culture, higher education and communications are planning to do so, Rodriguez told the conference."
EBS chooses Linux for IT consolidation project (siliconrepublic.com)siliconrepublic.com reports on a Linux deployment by Ireland's EBS Building Society. "The building society, which is the fifth-largest credit institution in the country, has chosen SUSE Linux Enterprise Server (SLES) from Novell as the foundation for the consolidation project. This will involve hosting IBM WebSphere applications and SLES will support more than 1,000 users within EBS in 2007. EBS has been able to save on software licensing and hardware costs as a result of the project. It has also benefited the firms disaster recovery strategy, as this is now easier to perform backups from a single mainframe than on many distributed machines."
Interviews The last set of FOSDEM interviewsThe last set of interviews with FOSDEM speakers has been posted; featured this time are Jeremy Allison, Keith Packard, Miguel de Icaza, Paul Everitt, Pete Herzog, and Simon Phipps. "The benefit for [Sun] in opening up Java is that it will allow the market to grow even more. And a bigger market leads to more innovators and more opportunities. I know that can sound suspicious... But in our view a big community leads to big markets, which lead to big profits."
LinuxWorld: Samba's Jerry Carter talks Samba's future (SearchOpenSource.com)SearchOpenSource.com presents an interview with Jerry Carter from the Samba project. "Following his session on user authentication and Samba 3.0 at the LinuxWorld Open Solutions Summit, Jerry Carter answered a few questions on Samba's future and its role with Microsoft."
Web 2.0 Podcast: A Conversation with Jonathan Miller (O'ReillyNet)O'Reilly presents a podcast with Jonathan Miller, an accompanying textual transcription of the interview is included. "One year ago AOL CEO Jonathan Miller told Web 2.0 Summit program chair John Battelle that the new AOL would be truly open. At the Web 2.0 Summit 2006, Miller talks about the changes over this past year and what it has meant for revenues."
Inge Wallin - People Behind KDEThe latest interview in the People Behind KDE series features Inge Wallin. "Q:In what ways do you make a contribution to KDE? A:Since I come from a games background - I was a long time contributor to GNU Go - I started out in kdegames. I fixed a number of bugs in KPoker, KReversi, KPat, Konquest and for some time was the maintainer of KReversi. Then I drifted over to kdeedu and helped out a little there. For some reason I started to work with KOffice and since KChart was abandoned I fixed a number of bugs there and then took over maintainership of that application. I also did some work on KSpread."
Resources CLI Magic: Linux troubleshooting tools 101 (Linux.com)Linux.com looks at command line tools for troubleshooting your system. "When something goes wrong with your Linux-based system, you can try to diagnose it yourself with the many troubleshooting tools bundled with the operating system. Knowing about these tools, and how to effectively use them, can help you overcome many of the common problems on your system. Here's a list of some of the weapons in your arsenal against Linux problems."
Hardware Versus Software Firewalls (O'Reilly)Chris Swartz and Randy Rosel compare various firewall implementations in an O'Reilly article. "How do the freeware firewalls compare to expensive, all-in-one firewall solutions such as the Cisco PIX? The goal for this project, then, is to compare the Cisco PIX with two freeware firewalls."
Run Your Own Webradio Station With Icecast2 And Ices2 (HowtoForge)HowtoForge sets up an an audio streaming server with Icecast2. "This tutorial describes how to set up an audio streaming server with Icecast2. In order that Icecast2 can stream audio to listeners we install Ices2. Ices2 is a program that sends audio data to an Icecast2 server to broadcast to clients. Ices2 can either read audio data from disk (Ogg Vorbis files), or sample live audio from a sound card and encode it on the fly. In this article we will let Ices2 read .ogg files from the local hard disk."
Improved ways to suspend and hibernate a laptop under Linux (Linux.com)Linux.com revisits suspend and hibernate. "Last June I wrote about suspending and hibernating laptops under Linux. Since then a few things have changed -- thankfully, for the better -- so it's time to revisit the subject. Also, a few readers have responded offering suggestions for improving the suspend shell script I wrote back then, and I've incorporated these suggestions in a new version; unfortunately most of the comments are anonymous, so I can't give proper credit to their authors. The most important change since the last article is that laptops with multi-core CPUs are now the de facto standard. Intel Core Duo and Core2 Duo processors not only offer Symmetric Multiprocessing (SMP) functionality to mobile users but also consume less power, and thus produce less heat, than their predecessors."
Set up remote access in UNIX through OpenSSH (developerWorks)IBM developerWorks covers system administration using OpenSSH. "Use OpenSSH to provide a secure environment for running a remote terminal. The basics of OpenSSH and terminal usage are quite simple but, in this article, examine additional elements that allow automatic login to remote hosts, methods for running remote applications, and how to securely copy files between hosts."
Reviews The Pillars of KDE 4: Decibel Definitions and Benefits (KDE.News)KDE.News looks at the definitions and benefits of Decibel. "In part 1, we gave a general overview of Decibel. In part 2, we cover everyone's favorite section - the definitions! Well, at least we hope that the definitions will be informative. Part 3 will describe some benefits for developers while part 4 deals with benefits for users."
IBM unveils servers for Linux consolidation (Reseller News)Reseller News covers the latest IBM server offerings, introduced at the Linuxworld OpenSolutions Summit in New York. "The highest end of the three new offerings, the IBM System p5 560Q, includes advanced virtualisation features, such as IBM's Advanced Power Virtualisation, which runs multiple partitions per processor. This allows a customer to consolidate 320 x86-based Linux Web servers on to just one rack of five of the new servers, Handy says."
RPM development on the road to revival (Linux.com)Linux.com takes a look at RPM development. "The RPM Package Manager (RPM) package format and utilities are the backbone of the Red Hat Enterprise Linux (RHEL), Fedora Core, SUSE, and Mandriva Linux distributions, a host of smaller distros, and the Linux Standard Base. For years, the RPM utilities and specification were maintained by Red Hat. That changed in 2006 when, following a lengthy period of uncertainty, the company relaunched rpm.org as an independent hub for RPM development."
A look at Slackware's package utilities (Linux.com)Linux.com looks at Slackware's no frills approach to package management. "Unlike packages made for repository based solutions, like Debian's apt-get and Fedora's yum, Slackware packages were not designed to be dependency-aware -- and hardcore Slackware users would have it no other way. Installing dependencies by hand does have an advantage. It allows an administrator to remain in control of the libraries and programs installed on the system. But being one of the oldest distributions has its advantages. Thanks to its faithful bunch of developers, Slackware has perhaps the largest collection of package management tools. Let's look at some of them."
Xfce 4.4: The best lightweight desktop environment (Linux.com)Linux.com reviews Xfce 4.4. "For years, the lightweight Xfce has been a popular desktop environment for Linux distributions running on older hardware, thanks to its lower demand on resources as compared to KDE and GNOME; it's an ideal desktop for machines with less than 256MB of memory. Until recently, however, using Xfce was a little laborious, but with its latest release last month, Xfce is a much more usable desktop environment."
Zero Install: An executable critique of native package systems (Linux.com)Bruce Byfield looks at Zero Install on Linux.com. "Zero Install is one of the more promising alternatives to native package systems for Linux distributions, such as RPM and Debian's dpkg. Originally developed by Thomas Leonard, a professor in the Department of Electronics and Computing at the University of Southampton, it begins with a criticism of existing package systems the difficulties of using them, and is built to provide an answer to the problems raised by the critique. However, like other alternative package systems, it faces the problems of winning acceptance from the major distributions and fine-tuning its features."
Page editor: Forrest Cook Announcements Non-Commercial announcements EFF: Media Giant Bullies Internet CriticThe Electronic Frontier Foundation reports on their efforts to protect an Internet humor site. "The Electronic Frontier Foundation (EFF) warned Discovery Communications, Inc., today to cease its demands for the removal of an online template that uses humor to help people criticize the media company. The "SpankMaker," located at http://www.spankmymarketer.com/, helps users create parodies of a controversial marketing campaign in connection with a Discovery television production. The online tool provides images from the marketing campaign and Discovery's corporate websites, and allows users to modify them with commentary."
PUBPAT Exec testifies before U.S. House of RepresentativesThe Public Patent Foundation executive director has announced that its executive director was to address the the U.S. House of Representatives on the subject of patent reform on February 15. "Ravicher will begin with an opening statement and then answer questions from Representatives on the Subcommittee on Courts, the Internet, and Intellectual Property, including Chairman Howard Berman (D-CA) and Ranking Member Howard Coble (R-NC), at the oversight hearing on "American Innovation at Risk: The Case for Patent Reform"".
Commercial announcements ADempiere gets worldwide professional supportADempiere has announced the availability of worldwide professional support for its Enterprise Resource Planning software. "ADempiere project is glad to announce the incorporation of ADempiere Business inc. in the USA, an umbrella non-profit organization that will act as a virtual worldwide services organization that will offer quality professional services for the implementation of ADempiere."
Contests and Awards 2006 LinuxQuestions.org Members Choice Award Winners AnnouncedThe polls are closed and the results are in for the 2006 LinuxQuestions.org Members Choice Awards. Winners include Ubuntu (best distribution), Knoppix (best live distribution), Firefox (best browser), and much more.
Nokia announce the Nokia N800 Internet Reader ChallengeNokia has announced the Popular Science Nokia N800 Reader Challenge. "Magazine are joining forces to create the Popular Science Nokia N800 Reader Challenge, a contest calling for user-developed applications, scripts, services or hardware additions for the new Nokia N800 Internet Tablet. The Linux<-based Nokia N800 provides portable Internet access via Wi-Fi or an enabled cell phone with Bluetooth connectivity for Web browsing, email, instant messaging, Internet calling with integrated webcam, RSS feeds, streaming music and much more."
Education and Certification Free Linux course for beginnersLinuxBasics.org has announced their third free Linux class, entitled: An Introduction to Linux Basics. "This course is designed to give a foundation of understanding of Linux to a beginner who wants to know a little more about the system. More advanced Linux users will find an opportunity to dig deeper into some areas they always wanted to know more about or discover gaps in their knowledge that they didn't know existed."
Python BootcampBig Nerd Ranch will hold the next Python Bootcamp on May 21-25, 2007 near Atlanta,GA. "The Big Nerd Ranch announces Python training May 21-25, 2007 with a revised course and a new instructor, David Beazley. David Beazley is the author of the "Python Essential Reference," and offers a fresh take on Python training. This course is designed to teach Python programming, accompanied by the myriad uses of Python to extend and access existing systems. "Python as glue," in essence. Big Nerd Ranch provides intensive, all-inclusive courses to Mac OS X and Open Source programmers in a retreat environment."
Event Reports OpenVZ LinuxWorld follow-upThe open OpenVZ project has sent out a news release that highlights the project's progress in 2006. "The open source project, OpenVZ delivered some 50 software updates and in total more than 2 terabytes of its virtualization software were downloaded in 2006 by the user community - the project announced today. The operating system server virtualization software technology helps increase server utilization rates. The OpenVZ project freely distributes and offers support to its users, promoting operating system virtualization through a collaborative, community effort. Supported by SWsoft, the OpenVZ project serves the needs of the community developers, testers, documentation experts, and other technology enthusiasts who wish to participate in and accelerate the technology development process."
Calls for Presentations aKademy talks deadline extended (KDE.News)KDE.News reports that the aKademy 2007 talks deadline has been extended. "Due to a beastie in the submissions system, the aKademy 2007 Programme Committee have extended the deadline for talk proposals until February 23rd. See the Call for Participation for some guidelines and how to submit. Confirmation to those who have already submitted has been sent out, let us know if you have no heard from us. If you contribute to KDE in any way it is likely others will want to know about it, so send us your abstract before next Friday."
EVT '07 Call for PapersA call for papers has gone out for the 2007 USENIX/ACCURATE Electronic Voting Technology Workshop. The event will be held in conjunction with the USENIX Security symposium on August 610, 2007 in Boston, MA. "The USENIX/ACCURATE Electronic Voting Technology (EVT) workshop seeks to bring together researchers from a variety of disciplines, ranging from computer science and human factors experts through political scientists, legal experts, election administrators, and voting equipment vendors. EVT seeks to publish original research on important problems, including how the software and hardware in voting might be engineered to be more robust against tampering or how it might be written to be more easily and openly verified." Submissions are due by April 22.
Upcoming Events Bossa Conference - Mobile Internet and multimediaThe BOSSA Conference will take place in Recife, Brazil on March 12-14, 2007. "The idea is to cover areas thoroughly from the kernel to the User Interface in mobile Internet and Multimedia. Developers from many areas such as Jeff Waugh (Gnome), Zack Rusin(Qt/KDE), Marcel Holtmann (BlueZ), Chris Hofmann (Mozilla) and John "J5" Palmieri (RedHat) have already confirmed their participation in the event."
The 2007 Embedded Systems ConferenceCMP Technology has announced the 2007 Embedded Systems Conference. The event takes place at the San Jose, CA McEnery Convention Center on April 1-5, 2007. "The industry's brightest minds will bring the power of brainpower to San Jose's McEnery Convention Center, and have their choice of more than 180 training sessions, courses and seminars covering methodologies, processes, and techniques fundamental for engineers developing embedded systems."
KDE Italia at OpenMind 2007 this week (KDE.News)KDE.News notes the KDE presence at OpenMind 2007. "OpenMind 2007 is an Italian event dedicated to Free Software and free content. The event will be from this Thursday until Saturday (22nd to 24th) February in San Giorgio a Cremano, Naples."
KDE at Guademy, Spain and FOSS MEET, India (KDE.News)KDE.News mentions some upcoming KDE events. "A joint KDE and Gnome meeting is taking place in Spain next month called Guademy. The objectives are to create new projects and initiatives of collaboration between both Desktops and allow new developers to get started. Aaron Seigo will give an update on KDE 4 and Albert Astals Cid will talk about Okular. Meanwhile in India Pradeepto Bhattacharya of KDE India will be talking at FOSS MEET in NIT Calicut about KDE 4 and why you should develop with Qt."
OpenOffice.org Conference, BarcelonaBarcelona, Spain has been selected as the location for the 2007 OpenOffice.org Conference. "The figures show the continuing growth of the OpenOffice.org community, with the number of votes cast over 40% up on last year. In particular, the presence of two very strong proposals from the Asia-Pacific region reflects the huge success and potential for OpenOffice.org in this part of the world."
O'Reilly Media and CMP Technology launch Web 2.0 Expo TokyoThe Web 2.0 Expo, Tokyo has been announced. "O'Reilly Media, Inc. and CMP Technology, co-producers of the annual Web 2.0 Summit and newly created Web 2.0 Expo in San Francisco, today jointly announced the launch of a new conference and tradeshow that will bring together top leaders and technologists who are building, leveraging and driving the Japanese web economy. Web 2.0 Expo Tokyo, scheduled for November 15-16, 2007, will be held at Izumi Garden Tower in Roppongi, Tokyo."
O'Reilly Where 2.0 Conference registration opensRegistration is open for the 2007 O'Reilly Where 2.0 Conference. "Where 2.0 Conference, happening May 29-30, 2007 at The Fairmont Hotel in San Jose, California. Now in its third year, the Where 2.0 Conference will bring together the leading edge developers building location-aware technology with the businesses and entrepreneurs seeking location apps, platforms, and hardware that will help them capture a competitive edge."
Events: March 1, 2007 to April 30, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it.
Page editor: Forrest Cook
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[LDTP]](/images/ns/ldtp-logo-small.png){kind=logo}
The LDTP