LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for April 12, 2007How not to handle a licensing violationFor a long time, Broadcom 43xx wireless interfaces had no free Linux driver. Happily, a dedicated group of developers reverse engineered the device, and, over time, were able to create the missing driver. In the process, they implemented some features which were not available in Broadcom's proprietary driver. Not wanting their code to become part of the proprietary version, the Linux bcm43xx developers chose the GPL for their code - a choice that most other Linux driver developers make as well.More recently, the bcm43xx developers noticed that the OpenBSD "bcw" driver looked very much like their code. It would appear that the developer of this driver looked to the Linux code for inspiration and took a bit more than just ideas. GPL-licensed code is meant to be shared and reused, but it is not meant to be relicensed unilaterally by third parties. So the bcm43xx hackers decided to talk to the OpenBSD developer about the apparent copying which had taken place. Unfortunately, their message was copied to a rather large number of people, along with a few mailing lists. The response from the OpenBSD side took two forms, neither of which will be at all surprising to those who have watched how that community operates:
In theory, this situation should be simple to resolve. The OpenBSD developer, Marcus Glocker, has acknowledged the problem and stated that he was aware of it before the discussion began. He says:
I wanted to make some quick progress (maybe too quick), and rewrite
the functions in question after seeing some first success, e.g.
receivment of first frames, which isn't the case right now.
The bcm43xx developers have said from the outset that they would be willing to relicense at least some of the affected code. The two groups should be able to sit down, talk things through, and end up with everybody being happy. That has not happened. Instead, we got a nasty flame war, the outright deletion of the OpenBSD bcw driver, and the bizarre sight of Theo de Raadt claiming that he is the person with "at least some fucking empathy in my soul." That is not how things should have gone. There need be no enmity between the Linux and BSD communities; when something like this happens it's worth looking at why in the hope of avoiding a recurrence in the future. The initial contact from the Linux side was clearly mishandled. When licensing issues come up, the generally-accepted first step is a quiet, polite, private message seeking a solution. People rarely respond well when the first communication about a problem is broadcast to the world. Had the bcm43xx developers conducted a private chat with the OpenBSD bcw developer, chances are that the issues would have been worked out with relatively little fuss. Most developers are interested in solving problems, after all. The OpenBSD crowd also missed its chance for a quiet solution when it went on the attack. Attempts to divert the discussion through ad hominem attacks, profanity, and general bluster will never lead to a civil conversation or a peaceful resolution of a problem. Deleting the bcw driver (and blaming the Linux community for its loss) seems childish at best. The use of OpenSSH as a sort of trump card is just strange, and a little worrying. Needless to say, it would also have been better if the code had not been used contrary to its license in the first place. But code licensing issues are complex. In a world where vast amounts of code are floating around under mutually-incompatible licenses, the occasional problem is certain to turn up. That's why the "open source licensing compliance" companies are able to make a living. But licensing disagreements between free software projects are rarely so intractable that they cannot be solved by rational discussion. The next time a situation like this comes up - something which is certain to happen, sooner or later, and the Linux community might just find itself on the other side of the table - we can only hope that all of the people involved will approach a solution in a way which allows that rational discussion to take place.
Two examples of abandoned hardwareLWN's review of the Nokia N800 (published in March) was rather strongly criticized by one commenter who felt that the "partly open" nature of the device had been skipped over. The commenter also wished that Nokia's abandonment of the 770 tablet had been discussed. He has a point, and recent developments merit another look at this issue.Back in January, Ari Jaaksi, Nokia's head of open source software operations, wrote about the fate of the 770:
However, please remember that 770 is already an old product. It was
announced 1.5 years ago and that is a long time! However, it is a
good product and Nokia supports it fully and keeps on selling it,
too. It is just that technology keeps on developing and we want to
offer better hardware to our customers.
Few people would disagree with the goal of offering better hardware over time - we have all come to expect that, actually. But that does not mean we want our old hardware to turn into paperweights, so the "supports it fully" statement was taken as a good sign by Nokia 770 owners. Many of those owners are expressing their disappointment, however, now that Nokia has started closing bugs with a message saying "WONTFIX. No fixes to N770 anymore." It seems they had thought that "supports it fully" meant that the product was, well, supported fully. Nokia's Quim Gil has clarified what Nokia means by "full support":
"Nokia supports it fully" means at least that the End-User
Software Agreement is still valid and Nokia 770 customers can make
use of all their rights, same as before the N800 and the IT OS
[2007] were launched.
In other words, 770 users can expect the device to not turn into a brick overnight, but not a whole lot more. Mr. Gil does go on to say that severe security problems would be fixed, but that seems to be about the extent of it. There are no plans for another system software release for the 770. There is an OS 2007 on 770 project which is working at porting a version of OS 2007 (the version running on the N800) to the 770 as a "hacker edition," but some parts of it work better than others, and it's not likely to be what many 770 owners had in mind. The hacker edition will not be a supported product. It's tempting to say that, since the 770 is a Linux-based device, the community should be able to support it into the future. As long as people care about the platform, it should continue to work. The problem is that the 770 contains a fair amount of non-free software at all levels. It seems that Nokia's agreement with Opera prohibits them from providing a new version of the browser for the 770. Some of the power management code is proprietary, as are various other pieces of the system. So, even if the "hacker edition" can be made to work, it will be a system with a number of binary blobs in important places. That will severely limit the degree to which the community can support the platform; it's a slow death sentence for the 770 tablet. There have been calls for the opening of the tablet software. The same message from Mr. Gil talks about why that was not done in the first place:
The maemo and IT OS versions that have been developed for the 770
(and the N800) reflect the degree of openness that has been
feasible within the context, schedules and resources available for
these projects. Yes, there has been also this discussion about how
open all this should be, but a big weight of the decisions have
been carried by project management decisions. People used to
community driven free software development need to understand (I'm
still learning at it) how different the picture is when you develop
inside a corporation and together with a hardware production
process.
An obvious counterargument would be the One Laptop Per Child project which is successfully developing high-quality hardware and software under tight deadlines in an entirely open manner. That notwithstanding, the 770 project is long finished, so Nokia should be able to release the relevant source now. Unfortunately, such a release appears not to be in the cards:
From a Nokia Corporation perspective open sourcing components might
be a slow process even if all the parties involved have a clear and
common wish opening a specific source code. If we are talking about
hardware drivers, the process might be *really* slow. Therefore,
there are little chances that the solution for 770 customers comes
from Nokia opensourcing components, really.
Note that the "slow" argument applies only to the hardware-specific components. A release of higher-level software is even less likely:
The UI is different, it was decided to have it closed in order to
protect it from changes and deviations out of the control of the
project.
Mr. Gil's postings include a number of statements to the effect that things will be better in the future. He says:
We are learning, and we are applying the new lessons to the current
strategy. N800 customers (and developers targeting this device)
will received and improved support. We will provide details as soon
as we approve the new plans, currently under discussion.
There are hints that more components will be opened in the future as well, but no promises. The end result is that the 770 will, for many users, hit the end of its useful life much sooner than it should have, and that the N800, while hopefully lasting longer, may well encounter similar issues. This state of affairs is unfortunate, it makes a nice piece of hardware less valuable than it really should be. On a different front, users of the proprietary NVIDIA drivers should be aware, by now, that the company has decided to drop support for a number of its products from the latest driver release. Here's a list of supported (and dropped) adapters for the curious. The older hardware can still be run using the "legacy" driver, but not all features are supported. This loss of support can be a problem for users; it is also a problem for the few distributors which make these drivers available. Ubuntu, in particular, has been contending with this issue. Including the "legacy" driver adds a support requirement over time. It also adds some interesting twists to the "feisty" upgrade: some systems will have to "upgrade" to the "legacy" driver, while others can go to the current module. One assumes they will work everything out, but it is a hassle that nobody needed. And it could have been avoided by simply making the driver be free software.
Blaming FedoraA disgruntled Fedora user recently complained about how the distribution's policies "sometimes suck." It seems that this user had attempted to use an obscure OpenOffice.org feature which is available under some distributions, but which is not available on Fedora systems. This feature, it turns out, is implemented with a piece of closed-source code, which Fedora is unwilling to ship.Your editor has a gripe as well. For a period of time, his Rawhide desktop contained the Emacs 22 pre-test releases from the FSF. Once Rawhide picked up those releases, however, your editor happily stopped building his own. But the Rawhide version of Emacs lacks the Tetris game found in stock Emacs. The end result is that your editor has to use his editor for actual work instead of pointless block stacking. Rather than start a lengthy flame war, though, your editor simply chose to avoid procrastination and get something useful done. Fedora, like any complex project, offers plenty of opportunities for criticism; some of those have appeared in these pages in the past. But this sort of feature removal is not one of those opportunities. Anybody who uses the Fedora distribution should understand the constraints the project operates under. They include:
Sometimes it seems like Fedora cannot win. The distribution takes regular grief for its omission of patented codecs, non-free office suite components, binary drivers, etc. But those who appreciate free software rarely credit the project for the extensive work it has done to ensure that everything it ships is free. Fedora users benefit from Red Hat's support: without that support, there would be far less developer time, bandwidth, publicity, etc. available to the project. Dragging Red Hat into unneeded legal hassles would benefit nobody but the lawyers; Fedora users have an interest in avoiding that eventuality. One might well wonder why certain Fedora users feel the need to repeat these complaints so often. Perhaps the project is not doing an adequate job of communicating what it is trying to do. One assumes that, if people understood what Fedora is, they would not complain about it not being something it can never be.
Security What to do about DNS?The Domain Name System (DNS) has been in the news a bit recently, mostly because of a ham-handed attempt by the US Department of Homeland Security (DHS) to control the master signing key for the DNS Security Extensions (DNSSEC) root zone. While the impact of that is still being debated, it certainly does not help alleviate the fears that other countries have regarding US control of the Internet. Meanwhile, the DHS is pushing adoption of DNSSEC which further fans the flames, even while there are serious questions about the protocol and what, if any, real problems it solves. On another front, Bugtraq readers will have noticed a call to action regarding DNS issues from security researcher Gadi Evron. All of this seems like a good reason to take a look at DNS and DNSSEC and to try to shed some light on the state of Internet name lookups. DNS is one of the most commonly used services on the Internet, every time one puts 'lwn.net' into a browser, it is used to turn that name into an IP address. In a naive implementation, the browser causes the machine to talk to one of the 13 root servers (k.root-servers.net for example) requesting information about a nameserver for 'net'; it will get a response listing the 13 servers that handle requests for the 'net' top-level domain (D.GTLD-SERVERS.NET for example). As part of the answer, it also receives the IP address for D.GTLD-SERVERS.NET (otherwise it would have to query for that IP address which could lead to an infinite loop) and it uses that address to query for a nameserver for 'lwn.net'. The response is a set of hosts and their IP addresses that are the nameservers for the 'lwn.net' domain and these in turn can be queried to get the IP address of the host of interest. After all that, the browser can connect to the IP address on port 80 and commence with the HTTP request. In most cases, all of that traffic does not get generated each time a hostname needs to be resolved because there are caches that store information on intermediate hosts. Hosts are typically configured to talk to a caching nameserver when they make DNS requests. The caching nameservers store name-to-IP mappings for as long as the time-to-live (TTL) value will allow. TTL values are an amount of time in seconds that the information returned is valid; they are chosen by a domain owner as a tradeoff between quick responses to changes and DNS traffic reduction; typical values range from two hours to two days. When a caching nameserver finds a mapping in its cache with time still left in the TTL, it can just provide that information to a requester without making any queries upstream. DNS has worked, by and large, for a long time, but it is not without its problems. Anyone who can intercept DNS queries and/or reply in a way that looks like it came from the queried server can control the name resolution process, providing a number of opportunities for phishing and other kinds of malfeasance. Because the information is typically cached, one redirection with an enormous TTL can have a large impact in what is known as a DNS cache poisoning attack. A poisoned cache sufficiently high in a hierarchy of caching DNS servers can affect large swaths of the Internet as the redirection can trickle down to each of the nameservers below it. It is against this backdrop of cache poisoning and exploitable flaws in some DNS implementations (Wikipedia has some good examples here) that calls to implement DNSSEC have increased. By using public key encryption, DNSSEC removes the possibility of spoofing the nameserver for a domain through a DNS reply. DNSSEC replies will be signed using the private key of the domain and can then be verified using the public key. If the response does not verify, it does not contain valid information for that domain and should be discarded. At first blush, this seems like a good thing that will eliminate some existing problems; as with many things, though, the devil is in the details. In order to verify any signed queries, one must obtain the public key from a trusted source; invalid public keys just lead to the same forgery issues that are present in the current system. The public keys will have to be signed in a hierarchy that corresponds to the domain name hierarchy and the top-level master signing key will be the key at the top of the heap. Its public portion will be distributed with DNSSEC enabled software and the private part will sign the keys for the root servers. The root servers will sign the keys for the TLD servers which will in turn sign keys for each of the domains. By verifying each step before caching the information, nameservers can ensure they have correct DNS mappings. There are some inherent problems in DNSSEC and perhaps the highest profile issue is with the exposure of all the zone data. Because DNSSEC is tasked with providing an authoritative 'not found' message for hosts without an entry, it enables enumeration of all hosts in a zone. The 'not found' messages need to be signed, but it is deemed important not to have the private keys online (in case of a security breach); it also cannot just be a single signed 'not found' message because it could be replayed, in effect knocking a valid host out of the DNS. The solution involves ranges of invalid hostnames each with their own signed 'not found' message. Through a series of queries, an attacker can gain all of the 'not found' ranges which leaves the available hostnames obvious in the gaps. This is very different from the current DNS where one could only ask for hosts by name and essentially get a yes or no answer. This information leakage was at first considered to be a non-issue by the IETF group working on DNSSEC. They have since been convinced that this problem would prohibit adoption in some jurisdictions and would severely limit some of the more interesting uses for DNS after it becomes secured. The latest proposals provide for a 'not found' message that contains a canned signed portion along with a cryptographic hash of the hostname requested and recipients would need to verify both the signature and that the hash corresponds to the request that they made before accepting the response. There are also legitimate questions about why DNS needs to be secured. Even if you are certain you know the right address to use for a particular domain, you are not guaranteed that a connection made to that IP actually gets to your intended destination. In order to ensure that, you must have another layer of encryption such as HTTPS or ssh using verified keys. It also does not really help against the vast majority of phishing scams as it does not assist users in recognizing that 'thisistotallynotpaypal.com' is not in any way the same as 'paypal.com' even though they end the same way. There are some interesting applications for secured services like DNSSEC, but critics argue that those applications should be implemented separately from DNS. There is no need to risk breaking the currently working DNS system by adding additional complexity for little or no gain. If putting DKIM keys into a nameserver-like structure is desirable, and many would argue that it is, create a new system, perhaps based on DNS/DNSSEC, that implements it. In the meantime, they contend, we should leave DNS alone. Given these questions and a bit of concern whenever any government - but particularly the US government - tries to muscle in on Internet governance, it should come as no surprise that there is a bit of an uproar regarding the DHS key control attempt. It is not completely clear why the DHS believes it must control the master signing key; the theories range from the bland, through clueless and into nefarious. It is possible that DHS believes it is the only entity that can be trusted with the keys, a position which tends to cause muttering about US arrogance. Another possibility is that DHS does not really understand what the keys are and what can be done with them. The paranoid are concerned that the keys might be used to set up a parallel set of root servers that remake the Internet into something more in line with the Bush administration's vision of what the Internet should look like. By co-opting or otherwise manipulating Internet routing, the DHS, some fear, could stage a complete takeover via this alternate sanitized hierarchy. No matter what the reason, it certainly stirs up people who feel that Internet governance should be handled by international organizations and not by the US government. The problems that Gadi Evron brought to the attention of Bugtraq readers are independent of the DNS vs. DNSSEC debate as neither address the issues that he is trying to solve. A great deal of Internet malware, botnets, spyware, viruses, phishing, etc. relies on name resolution in order to do its work. They typically use nameservers and IP mappings with very short TTL values which allows them to be highly mobile, rapidly changing nameservers and IP addresses as they get detected and shut down in the whack-a-mole game that gets played continuously on the Internet. The white hats simply cannot move fast enough even if they do not run up against slow moving or hostile ISP administrators. The easiest place to handle this kind of domain is with its registrar, who can completely shut it down by routing its nameservers to nonexistent hosts. This ability to essentially remove a domain's existence can be abused (as GoDaddy proved with seclists.org earlier this year) and there need to be some strict policies and procedures in place to govern how that power is to be used. In addition, there are so-called black hat registrars that do not care and perhaps encourage malicious behavior from some of their registrants. Evron was reporting on a message he sent to the registrar operations mailing list highlighting the problem and looking for solutions. His message to Bugtraq reported on the progress and asked for further ideas. DNS is a critical piece of Internet infrastructure and anything that impacts it will be felt by a lot of people; anything that breaks it will break the net. All of the services that we use rely, at least to a limited extent, on DNS and any serious outage would make the Internet completely unusable. Because of that, a conservative approach is required. Threats can come from both criminals and governments (though some would claim that is redundant) and we need to protect the net from both. Perhaps DNSSEC tips things too far one way and another approach is needed. It will be interesting to see how it plays out.
New vulnerabilities ipsec-tools: denial of service
man-db: buffer overflow
Updated vulnerabilities acroread: multiple vulnerabilities
apache: cross-site scripting
Asterisk: two SIP denial of service vulnerabilities
bluez-utils: hidd vulnerability
bugzilla: multiple vulnerabilities
busybox: insecure password generation
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
cups: denial of service
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dovecot: index cache file handling error
elinks: arbitrary file access
evolution: format string error
fail2ban: denial of service
ffmpeg: buffer overflows
file: arbitrary code execution
firefox: FTP PASV port-scanning
freeradius: several vulnerabilities
freetype: integer overflows
gcc: file overwrite vulnerability
gd: buffer overflow
gdb: buffer overflow
gdm: improper file permissions
gedit: format string vulnerability
grip: buffer overflow
gv: stack-based buffer overflow
gzip: multiple vulnerabilities
horde-kronolith: local file inclusion
ImageMagick: DCM and XWD buffer overflows
ImageMagick: integer overflows
imlib2: arbitrary code execution
inkscape: format string vulnerabilities
java: multiple vulnerabilities
kdelibs: bug in FTP protocol
kdelibs: kate backup file permission leak
kdelibs: cross-site scripting
kernel: denial of service
kernel: multiple vulnerabilities
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
kernel: denial of service
kernel: denial of service
kernel: multiple vulnerabilities
krb5: uninitialized pointers
krb5: local privilege escalation
krb5: multiple vulnerabilities
ktorrent: incorrect validation
libgadu: memory alignment bug
libgtop2: buffer overflow
libmodplug: boundary errors
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libwpd: buffer overflows
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lookup-el: insecure temporary file
lynx: arbitrary command execution
mod_jk: stack overflow
mplayer: buffer overflow
mysql: denial of service
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nas: code execution
nbd: arbitrary code execution
ncompress: buffer underflow
openafs: privilege escalation
openldap: security bypass
OpenOffice.org: buffer overflow and command execution
OpenPBS: multiple vulnerabilities
OpenSSH: denial of service
openssh: privilege separation issue
openssh: remote denial of service
php: several vulnerabilities
php: buffer overflows
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
postgresql: SQL injection
qt: "/../" injection
quake: buffer overflow
rpm: arbitrary code execution
Mozilla: multiple vulnerabilities
shadow-utils: mailbox creation vulnerability
slocate: information disclosure
snort: remote arbitrary code execution
squid: denial of service
sun-jdk: arbitrary code execution
tcpdump: denial of service
unzip: long file name buffer overflow
w3c-libwww: possible stack overflow
XFree86 X.org: integer overflows
xine: format string vulnerabilities
xine-lib: arbitrary code execution
xine-lib: buffer overflow
xine-lib: buffer overflow
xinit: race condition
xmms: BMP handling vulnerability
X.org: local privilege escalations
zope: cross-site scripting
zziplib: buffer overflow
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.21-rc6, released by Linus on April 5. It contains a fair number of fixes. Says Linus: "We should be getting close to a 2.6.21 release, so please update any regression reports you've done."A few dozen patches have been merged into the mainline git repository since -rc6 was released. Your editor guesses that one more -rc will be needed before 2.6.21 is done. The current -mm tree is 2.6.21-rc6-mm1. Recent changes to -mm include a number of tweaks for Sony laptops, an enlarged set of paravirt_ops hooks, a new set of /proc files for learning about process memory, a rework of the NFS file locking code, and the signalfd() patches. Andrew notes that -mm is now a "rather large" 25MB patch against the mainline. The current stable 2.6 kernel is 2.6.20.6, released on April 6; 2.6.20.5 had been released moments earlier. The two patches contain a fair number of fixes, including one for a remotely exploitable crash in the Appletalk code. For older kernels: 2.6.16.47-rc1 was released on April 11 with about a dozen fixes.
Kernel development news Quote of the week
But being a
subsystem maintainer requires that you trust contributors to some
degree, and you just can't trust contributors when you're a
perfectionist. This means that the maintainer should be less of a
perfectionist than the contributors, otherwise he/she ends up doing
everything by him/herself.
-- Jean Delvare
Toward a safer sysfsThe story of sysfs (and the device model in general) is a long and complicated one. The creation of a single data structure to represent the system's hardware and software configuration was long overdue; many tasks (power management, for example) cannot be done properly without it. Sysfs adds value to that structure by representing it to user space. This structure is useful in many ways, but it has also brought its share of hassles. Exposing kernel data structures to user space makes it hard to change those structures without breaking the user-space API; it also exposes every one of them to user-space initiated lifecycle problems.Internally, the core building block for the device model is the kobject. Objects represented in sysfs - devices, for example - each contain a kobject which, among other things, is the focal point for sysfs access. The kobject also contains a reference count for the containing object which is used to manage its lifecycle. A given kobject and its containing data structure can be deleted when the reference count goes to zero - and not before. Reference counting works, but it can lead to surprises. As an example, consider a USB device - a mouse, say. When this device is plugged into the system, a suitable device structure (containing a kobject) is created and registered with the kernel. When the mouse is unplugged, that structure is released. But imagine what happens if a user-space process opens a sysfs file associated with the mouse device while it is present, and keeps that file open long after the physical device goes away. The kernel must be able to handle operations on that open sysfs file, even though the driver thinks that the device it represents is long gone. The reference counting in the kobject makes this work - most of the time. The potential for confusion is high, though, especially with drivers which have not been written with this sort of lifecycle management in mind. Back at the end of March, Tejun Heo posted a discussion of device model lifecycle issues which points out this problem and a few others. His argument is that the need to manage objects with different lifecycles makes programming with the device model hard - something developers have known for some time. Even the core device model maintainers will admit that it's easy to get things wrong. More recently, Tejun has followed up with a patch set which attempts to simplify the situation. There is a great deal of cleanup work in these patches, and one small API change, but the core change is this: it enables a clean separation of the lifecycles of sysfs objects and the underlying data structures they represent. As a result, it is no longer necessary for code outside of sysfs to be concerned about the fact its data structures may have a shorter life than the sysfs objects representing those structures. A sysfs directory (which represents a kobject) is represented within the kernel by struct sysfs_dirent. In current kernels, if the sysfs_dirent structure exists, its underlying kobject is expected to exist as well. It is not possible for the kobject to go away as long as the sysfs_dirent structure exists; that means that the structure containing the kobject must continue to exist as long as any references to the sysfs files exist. Tejun's patch works by eliminating that requirement. In the modified sysfs, each sysfs_dirent contains a new counter called s_active. This counter tracks the number of active references to the object; these references are the ones which involve the associated kobject at the current moment. A user-space process which is holding a sysfs file open will not increase the s_active count until it performs an actual operation on that file, and the reference remains only for as long as it takes to complete the operation. Since most sysfs operations are quite fast, active references will not normally be held for long. The active count, as it happens, is maintained with an rwsem - a reader/writer semaphore. Active references are tracked as readers, so there can be any number of them outstanding at a given time. The code to obtain an active reference works with a call to down_read_trylock(), meaning that it will take a "lock" (a reference) if one is available, but it will not block if the operation fails. All of the relevant sysfs operations have been changed to obtain active references before referencing the kobject - and they make sure that the reference was granted. If an attempt to obtain an active reference fails, sysfs fails the higher-level operation with -ENODEV. The only way down_read_trylock() will fail is if another thread holds a writer lock on the semaphore - or is in the process of waiting for the readers to get out of the way so it can get that lock. Should something happen which causes the underlying kobject to go away, the cleanup code will call down_write() on the s_active rwsem in the sysfs_dirent entry, thus taking a writer lock. This call will cause any future attempts to obtain an active reference to fail; it will also block until all currently-existing active references are released. The end result of all this is that, once the final kobject_put() call has completed for a given kobject, there will be no further attempts to access that kobject from sysfs. The kobject (and its containing data structure) can be safely deleted, and the driver need worry no more about it. As an added bonus, there is no longer any need to increase module reference counts when sysfs attributes are being accessed. A driver which is being unloaded will release all of its devices, meaning that sysfs will no longer make any calls into the driver module anyway; the module reference count becomes superfluous. So Tejun's patch removes the owner field from attribute structures - a change which ripples through a significant amount of driver code. There have been some comments on how the patches are implemented, but no disagreement with the ultimate goal; these changes could go in as soon as 2.6.22. Tejun would appear to have more improvements in mind, but, even with no further changes, the current patches go a long way toward making sysfs safer and easier to work with.
Too many threadsPart of the fun of working with truly large machines is that one gets to discover new scalability surprises before anybody else. So the SGI folks often have more fun than many of the rest of us. Their latest discovery has to do with the number of kernel threads which, on a 4096-processor system, leads to some interesting kernel behavior.To begin, they found out that they could not even boot a kernel with the default configuration. Linux systems normally have a limit of 32768 active processes at any given time. Anybody who has run "ps" will have noted that kernel threads are taking up an increasing number of those slots; your editor's single-processor desktop is running 39 of them. In fact, there are now enough kernel threads on a typical system that they will fill that entire space - and more - on a 4096-CPU machine. This problem is relatively easy to take care of by raising the limit on the number of processes. But it gets more interesting from there. The init process is the parent of last resort for every other process on the system, including kernel threads. So, on a big system, init has a lot of child processes. These children live on a big linked list; that list must be searched by various functions, including the variants of wait(). If the process being searched for is toward the end of the list, that search can take a long time. Since (1) most kernel threads are long-lived, and (2) new processes are put at the end of the list, chances are that a search will, indeed, be looking for a process at the end. Then, for the ultimate in fun, load a module into the kernel. The module loading process calls stop_machine_run() when the new module is being linked in; this function creates a high-priority kernel thread for each processor on the system. That thread will grab its assigned CPU and simply sit there until told to exit; while all CPUs are locked up in this way the linking process can be performed. Calling a function like stop_machine_run() is a somewhat antisocial act in the best of times. But, in the 4096-processor system, stop_machine_run() will create 4096 threads, each of which goes on the end of init's child list, and each of which must be searched for when the time comes to clean it up. The result is a system which simply stops for an extended period of time. One could argue that people with systems that large simply should not load modules, but there is a possibility of pushback from the user community. So other solutions need to be found. Robin Holt's problem report included a simple patch which moves exiting processes to the beginning of the child list. This change solves the immediate problem by making searches for those children find them without having to iterate through all of the long-lived processes which are not going anywhere. Linus had a couple of alternatives. One was to create a separate list for zombie processes, eliminating that search altogether. Another was to stop making kernel threads be children of the init process since they have little to do with user space in any case. But some developers feel that the real solution might be to start cutting back on the number of kernel threads. The biggest culprit for kernel thread creation will certainly be workqueues, which, by default, create one thread for every CPU on the system. There are situations which can benefit from multiple threads and CPU locality, but there are undoubtedly many places where all of those threads are not needed. Cleaning them up would help to solve some of the scalability issues; as an added bonus it would remove some of the clutter from ps listings. In many cases, a workqueue may not be necessary at all. Instead, kernel subsystems could just use the "generic" keventd workqueue (which runs as the events/n threads). There are some issues with using keventd, including indeterminate latency and a small possibility of deadlocks, but, for many situations, it may work well enough. In other cases, using a thread makes sense. Tasks involving long delays are one example; running a function with multi-second delays in keventd is considered impolite. Work requiring complicated context also benefits from its own thread. But, in a number of cases, those threads need not be created until there is actually some work to be done. A quick ps run on most systems will show threads related to error handling, asynchronous I/O, bluetooth, and more. In the current scheme, they are created at boot (or module load) time and many of them may never do any real work before the system shuts down. Thread creation is cheap, so many of these threads could be created on demand when they are needed. There are probably some real improvements to be made in this area; all that's needed is somebody with the time and motivation to do the work. In the mean time, those of you with 4096-way systems may need to apply a patch or two.
The SLUB allocatorThe slab allocator has been at the core of the kernel's memory management for many years. This allocator (sitting on top of the low-level page allocator) manages caches of objects of a specific size, allowing for fast and space-efficient allocations. Kernel hackers tend not to wander into the slab code because it's complex and because, for the most part, it works quite well.Christoph Lameter is one of those people for whom the slab allocator does not work quite so well. Over time, he has come up with a list of complaints that is getting impressively long. The slab allocator maintains a number of queues of objects; these queues can make allocation fast but they also add quite a bit of complexity. Beyond that, the storage overhead tends to grow with the size of the system:
SLAB Object queues exist per node, per CPU. The alien cache queue
even has a queue array that contain a queue for each processor on
each node. For very large systems the number of queues and the
number of objects that may be caught in those queues grows
exponentially. On our systems with 1k nodes / processors we have
several gigabytes just tied up for storing references to objects
for those queues This does not include the objects that could be on
those queues. One fears that the whole memory of the machine could
one day be consumed by those queues.
Beyond that, each slab (a group of one or more continuous pages from which objects are allocated) contains a chunk of metadata at the beginning which makes alignment of objects harder. The code for cleaning up caches when memory gets tight adds another level of complexity. And so on. Christoph's response is the SLUB allocator, a drop-in replacement for the slab code. SLUB promises better performance and scalability by dropping most of the queues and related overhead and simplifying the slab structure in general, while retaining the current slab allocator interface. In the SLUB allocator, a slab is simply a group of one or more pages neatly packed with objects of a given size. There is no metadata within the slab itself, with the exception that free objects are formed into a simple linked list. When an allocation request is made, the first free object is located, removed from the list, and returned to the caller. Given the lack of per-slab metadata, one might well wonder just how that first free object is found. The answer is that the SLUB allocator stuffs the relevant information into the system memory map - the page structures associated with the pages which make up the slab. Making struct page larger is frowned upon in a big way, so the SLUB allocator makes this complicated structure even more so with the addition of another union. The end result is that struct page gets three new fields which only have meaning when the associated page is part of a slab:
void *freelist;
short unsigned int inuse;
short unsigned int offset;
For slab use, freelist points to the first free object within a slab, inuse is the number of objects which have been allocated from the slab, and offset tells the allocator where to find the pointer to the next free object. The SLUB allocator can use RCU to free objects, but, to do so, it must be able to put the "next object" pointer outside of the object itself; the offset pointer is the allocator's way of tracking where that pointer was put. When a slab is first created by the allocator, it has no objects allocated from it. Once an object has been allocated, it becomes a "partial" slab which is stored on a list in the kmem_cache structure. Since this is a patch aimed at scalability, there is, in fact, one "partial" list for each NUMA node on the system. The allocator tries to keep allocations node-local, but it will reach across nodes before filling the system with partial slabs. There is also a per-CPU array of active slabs, intended to prevent cache line bouncing even within a NUMA node. There is a special thread which runs (via a workqueue) which monitors the usage of per-CPU slabs; if a per-CPU slab is not being used, it gets put back onto the partial list for use by other processors. If all objects within a slab are allocated, the allocator simply forgets about the slab altogether. Once an object in a full slab is freed, the allocator can relocate the containing slab via the system memory map and put it back onto the appropriate partial list. If all of the objects within a given slab (as tracked by the inuse counter) are freed, the entire slab is given back to the page allocator for reuse. One interesting feature of the SLUB allocator is that it can combine slabs with similar object sizes and parameters. The result is fewer slab caches in the system (a 50% reduction is claimed), better locality of slab allocations, and less fragmentation of slab memory. The patch does note:
Note that merging can expose heretofore unknown bugs in the kernel
because corrupted objects may now be placed differently and corrupt
differing neighboring objects. Enable sanity checks to find those.
Causing bugs to stand out is generally considered to be a good thing, but wider use of the SLUB allocator could lead to some quirky behavior until those new bugs are stamped out. Wider use may be in the cards: the SLUB allocator is in the -mm tree now and could hit the mainline as soon as 2.6.22. The simplified code is attractive, as is the claimed 5-10% performance increase. If merged, SLUB is likely to coexist with the current slab allocator (and the SLOB allocator intended for small systems) for some time. In the longer term, the current slab code may be approaching the end of its life.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Networking
Architecture-specific
Virtualization and containers
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Building a High-Performance Cluster with GentooPeople often laugh off the optimization you gain from compiling your own software with Gentoo Linux. But there is at least one area of Linux that needs to eke out every last bit of performance from hardware: high-performance computing (HPC) clusters. They are the domain of dedicated tweakers, always searching for another 1% increase in performance. If you can increase the speed of your code by 5%, you save a day and a half every month. The amount of work you can accomplish with that extra time really adds up when you consider hundreds or thousands of CPUs. These clusters are the big brothers of that distcc or openMosix setup you have at home, with an entirely new collection of problems.By using Gentoo, you can optimize compilation to your heart's content without being forced to leave the distribution's packaging system. The Portage package manager supports arbitrary setting of compilation flags and linker flags as well as non-GCC compilers. Fortran may seem like a dead language to many readers, but its use in scientific computing remains vast. Many HPC cluster administrators install multiple Fortran compilers, each with its own strengths and weaknesses, so supporting these compilers within a distribution's packaging system makes the admin's job significantly easier. Creating a Gentoo-based cluster is not for the lighthearted, however. Less experienced Linux administrators who don't need to optimize their clusters for speed or size may wish to go with a prepackaged cluster distribution such as OSCAR, Rocks, or Warewulf. But if you need to get the most from your hardware, if you want to minimize your on-disk profile by leaving out useless features and packages, or if you enjoy the easy maintenance Portage provides, then use Gentoo. I founded the Gentoo Cluster Project four years ago to make Gentoo better for clustering by creating a community of cluster administrators and writing documentation to help those new to Gentoo or new to clusters. A major trade-off of using Gentoo rather than a prepackaged cluster distribution, in my mind, is increased initial set-up time but ongoing ease of administration. This is the same trade-off you will find in going with diskless rather than diskful clusters. Gentoo's flexibility as a metadistribution means you can make whatever you want from it without hacking and slashing all over the place, as you may need to if starting from another distribution. Your changes to the base configuration are easy to find, document, and reproduce. You can even start out with something more minimal than a Gentoo base system by taking advantage of Portage's ROOT support to install only what you need to an arbitrary location (described in more detail in this LWN article). I find this most useful for diskless clusters. You can easily install to a location on an NFS server such as /opt/cluster/, which the diskless nodes use as their filesystem root. By using UnionFS to mount a read-only NFS root with tmpfs layered on top, all of the nodes can use the same filesystem without any concerns about multiple simultaneous writes. You can push only security fixes using `glsa-check`, and with a single invocation of `emerge`, you can manage full system updates to the server root or the diskless root. Diskful clusters can also benefit from Gentoo. By now, you've probably wondered why anyone would use Gentoo on a diskful cluster, because they would need to compile every package on all of these hundreds of machines. But that isn't the case. Portage supports use of a binary package server, so you can compile packages just once per architecture rather than once per machine. For a serious cluster, you may wish to create more finely grained packages, however, based on the roles of machines within the cluster. File servers require a different set of features (USE flags, in Gentoo) than compute nodes, and they may even benefit from a different set of compilation flags, for example to produce smaller binaries and thus lower disk I/O. Now you've learned a little about the basic idea behind a HPC cluster and how it works on Gentoo, but what about the applications and communications? A big stack of middleware makes it all possible. At the lowest level, all HPC programs have to talk to each other somehow. The dominant standard today is the Message Passing Interface (MPI). HPC programs must be specifically written to use MPI; it is not transparent to the application. MPI implementations are API-compatible, but regretfully, they are not ABI-compatible. Programs must be specially compiled for each MPI implementation they use. As with Fortran compilers, each MPI implementation has its strengths and weaknesses. One popular, "new" implementation is Open MPI. It's a merger of three existing implementations: FT-MPI, LA-MPI, and LAM/MPI. The other most popular, open-source implementation is MPICH2. Both projects are under active development, so testing them with your workloads is a requirement if you must choose one. On the level above these custom-written applications sits a batching system such as Torque. This is where users send their computing jobs, and it takes care of the details of when and how to run these jobs. Submitted jobs sit in a queue until their turn, and the batching system can use a number of scheduling algorithms to decide when to run jobs. Sometimes, these simpler batching systems fall short of your needs. That's when you call in the big guns: something like Maui. It's an extremely flexible job scheduler that supports a vast array of scheduling policies, priorities, job reservations, and resource sharing. At some point, a basic cluster like this will fall short of your needs. You may need to investigate specialized clustering filesystems such as LustreFS or PVFS2, migrate your network to something with better performance than basic Ethernet such as Myrinet or Infiniband, or find another solution to your problem. In clustering, the answer is almost always to benchmark and profile, because the problem is specific to your application rather than being generic to all clusters. Using Gentoo gives you the flexibility and power to make many of these changes while still staying within the Portage package management system.
New Releases Debian GNU/Linux 4.0 releasedThe Debian Etch release has happened. "Using a now fully integrated installation process, Debian GNU/Linux 4.0 comes with out-of-the-box support for encrypted partitions. This release introduces a newly developed graphical frontend to the installation system supporting scripts using composed characters and complex languages; the installation system for Debian GNU/Linux has now been translated to 58 languages." Click below for the announcement.
Debian GNU/Linux 3.1 updatedFor those Debian admins who are not yet ready to upgrade to Etch, the Debian Project has released an update to the old stable 3.1 sarge release. "Users who would like to continue using Debian GNU/Linux 3.1 are advised to update their /etc/apt/sources.list network sources to refer to 'sarge' instead of `stable'."
Aurora SPARC Linux Build 2.98 (Beta 1 for 3.0)The Aurora SPARC Linux project has announced Build 2.98 to the world. This is a BETA release, for what will become 3.0. Some of the features in this release include Fedora Core 6 based tree of packages (some things are newer), support for Niagara hardware (Sun T1000, T2000), gcc-4.1.1, gnome 2.16, KDE 3.5.5, and kernel 2.6.20 (with patches!).
Linbox Directory Server 1.1.4 availableThe Linbox Directory Server 1.1.4 is now available. Linbox Directory Server is an enterprise directory platform based on LDAP designed to manage identities, access control informations, policies, application settings and user profiles. This version features a Spanish translation, thanks to Alejandro Escobar, and mailbox quota support.
Puppy Linux 2.15 CE released (Go2Linux.org)Go2Linux.org has a release announcement for Puppy Linux 2.15 Community Edition. "The Puppy 2.15CE (Community Edition) is the result of collaboration of a team of Puppy enthusiasts. It is built upon version 2.14 but with many enhancements. In particular the guys have worked on an improved user-interface and nice out-of-the box first impression."
Distribution News Debian project leader election 2007 resultsThe results are in for the 2007 Debian project leader election: the winner is Sam Hocevar. See the election page for lots of details.
teTeX is gone (from Debian unstable), beware of build-dependenciesThe Debian TeX Task force is preparing an upload of TeX Live 2007 to unstable. With this version, teTeX will vanish as a separate package and only continue to exist as transitional packages. "teTeX has been abandoned upstream. TeX Live, which uses most of the scripts developed for teTeX, is its successor in Debian (and elsewhere), and we do not plan to support both systems beyond the lifetime of etch."
Fedora Wiki AccountsWiki woes have led to the deletion of many Fedora wiki accounts "Those wishing to keep an account should simply sign up again."
Mandriva Flash 4GB ReleasedMandriva Flash 4GB provides a full-featured system - Mandriva Linux 2007 KDE 32-bit - on a bootable USB 2.0 key. All you have to do is plug in the USB key, turn the PC on and the Mandriva Linux operating system is ready to use in no time, with all you need for office work, Internet and multimedia tasks. System configuration, preferences and data are all saved to the 4GB key.
Novell's SLED available on Sun x64 workstationsNovell, Inc. has announced the release of SUSE Linux Enterprise Desktop 10 for the Sun Ultra workstation platform. "The Sun Ultra 20, Ultra 20 M2, Ultra 40 and Ultra 40 M2 Workstations are available with SUSE Linux Enterprise Desktop, certified and supported by Sun. The workstations have been fully tested and YES Certified(TM) to run SUSE Linux Enterprise Desktop, a complete desktop computing solution that dramatically reduces costs, improves end-user security and increases workforce productivity."
Licensing of the Ubuntu Documentation WikiNew material added to the Ubuntu documentation wiki will be licensed under the Creative Commons license. "This decision is not intended in any way to underestimate the value of contributions, but rather to ensure that the material on the documentation wiki complies with the same standards of openness as the Ubuntu project as a whole."
New Distributions Linux for Clinics Alpha Release (LinuxMedNews)LinuxMedNews takes a look at the Linux For Clinics distribution, which has just released an alpha version. "The Linux For Clinics (LFC) Project consists of a team of people who have a common interest in health, medicine, humanity and free and open source software (FOSS). Our team represents a community that shares the common ideals of aiding mankind and treating everyone with respect so that they will treat others in kind. This philosophy is represented by the African word 'UBUNTU' which means 'Humanity Towards Others'."
NixOSLambda the Ultimate introduces NixOS, a Linux distribution based on Nix, a purely functional package management system. NixOS is an experiment based on Eelco Dolstra's PhD thesis, The Purely Functional Software Deployment Model. From the Nix home page: "Nix is a purely functional package manager. It allows multiple versions of a package to be installed side-by-side, ensures that dependency specifications are complete, supports atomic upgrades and rollbacks, allows non-root users to install software, and has many other features. It is the basis of the NixOS Linux distribution, but it can be used equally well under other Unix systems."
Distribution Newsletters Fedora Weekly News Issue 82The Fedora Weekly News for April 7, 2007 covers Aurora SPARC Linux Build 2.98 (Beta 1 for 3.0), Seeking reviewers for Summer of Code applications, Fedora Account System Changes, and several other topics.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for March 26, 2007 looks at the Developer of the Week (dsd), Gentoo Village at CCC, and several other topics.
Ubuntu Weekly News: Issue #33The Ubuntu Weekly Newsletter for March 24, 2007 covers Feisty Fawn's beta release, newly approved Ubuntu members, the big effort the "Ubuntu Desktop Effects" team is doing, and all the buzz about Ubuntu going on in the press and the blogosphere, and much more.
Ubuntu Weekly News: Issue #35The Ubuntu Weekly Newsletter for April 8, 2007 is out. This edition looks at Feisty Herd 6 canceled, Feisty Frozen for Release Candidate Preparation, Licensing of the Documentation Wiki Discussed, Launchpad Open for Beta Testing, and several other topics.
DistroWatch Weekly, Issue 197The DistroWatch Weekly for April 9, 2007 is out. "Debian "Etch", the long-awaited release from the largest Linux distribution project that has ever graced the Internet era, finally hit the download mirrors on Easter Sunday and provided some welcome news relief during the otherwise unexciting weekend. But the current string of important releases will not stop here; Mandriva is about to announce a new stable release of its flagship product, Ubuntu is busy preparing its first and only release candidate for "Feisty Fawn", and openSUSE is hard at work in finalising a new alpha release for delivery later this week. In other news, SimplyMEPIS announces its latest and greatest, Samuel Hocevar becomes the new Debian Project Leader, and Arch Linux changes its release policy. Finally, don't miss the third part of our overview of Top Ten Distributions."
Newsletters and articles of interest The Perfect Setup - Debian Etch (Debian 4.0) (HowtoForge)HowtoForge has a tutorial demonstrating a server setup on Debian 4.0. "This tutorial shows how to set up a Debian Etch (Debian 4.0) based server that offers all services needed by ISPs and hosters: Apache web server (SSL-capable), Postfix mail server with SMTP-AUTH and TLS, BIND DNS server, Proftpd FTP server, MySQL server, Courier POP3/IMAP, Quota, Firewall, etc. This tutorial is written for the 32-bit version of Debian Etch, but should apply to the 64-bit version with very little modifications as well."
Ubuntu-based Linux Mint tests KDE version (DesktopLinux)DesktopLinux looks at the Linux Mint KDE edition. "The Ireland-based Linux Mint team yesterday made available the first release candidate of its next version, Linux Mint 2.2 KDE Edition Beta 020. Code-named "Bianca," it uses the KDE 3.5.6 desktop for the first time, running on a 2.6.17-10 kernel, the team said."
Distribution reviews Dyne:Bolic 2.4.2: A live CD multimedia studio (Linux.com)Linux.com reviews Dyne:Bolic 2.4.2. "The Dyne:Bolic distribution is a live CD designed for creating, broadcasting, and publishing all kinds of audio, video, and graphic content. It includes some of the best free and open source tools with which you can compose music, mix video streams, and create 3-D animations. Since version 1.4.1, which we reviewed last year, Dyne:Bolic has changed little on the outside. The developers have shuffled the application menu, swapped out some applications, and upgraded all apps to their respective stable versions. The major change is that the 2.x releases are based on a new dyne:II core which has been written from scratch. The new core makes it easier to create new customized versions of Dyne:Bolic."
GoblinX Premium 2007.1 (tuxmachines.org)TuxMachines.org reviews GobinX 2007.1 Premium. "GoblinX developers released their 2007.1 Premium version of GoblinX Linux recently and I was able to obtain the 1-cd version for testing. GoblinX has always been a very interesting project to watch with their odd-looking almost macabre-themed XFCE distro. It's based on Slackware, so you know they have a good foundation and XFCE is coming into its own. With new versions of GoblinX being released about once per year, it's hard to pass up the chance to test it when a new one arrives on the scene."
I'm JADed ! (Linux Journal)Dave Phillips reviews JAD, the JackLab Audio Distribution. "The latest JAD is based on the openSUSE 10.2 distribution, which is, according to Wikipedia, "a community project, sponsored by Novell, to develop and maintain a general purpose Linux distribution". SUSE is one of the most popular Linux distributions, with a large community of users and developers primarily based in Europe. However, potential users should have no fear if they don't happen to live in a European country: openSUSE is clearly designed for use anywhere, with full internationalization support."
Pioneer Linux fails to excite (Linux.com)Linux.com looks at Kubuntu-based Pioneer Linux. "In November, Techalign released its Pioneer Linux distribution, based on Kubuntu, and available in several paid versions and one free version. I tested the recent Pioneer Linux Basic Release 2 (R2), which is based on Kubuntu Edgy 6.10. Apart from a few minor cosmetic changes and some additional applications, Pioneer isn't very different from a stock Kubuntu."
Red Hat Enterprise Linux 5: Some Assembly Required (eWeek)eWeek reviews RHEL 5 with an emphasis on virtualization features. "The benefit of using virtualization within general-purpose operating systems is that these products typically offer broader hardware support than do bare-metal or appliance-type virtualization products. The downside is that operating systems, such as RHEL5, tend to offer virtualization services like erector-set pieces - virtualization-savvy OSes can deliver results similar to a product like ESX server, but there's some assembly required."
A first look at SimplyMEPIS 6.5 (DesktopLinux)DesktopLinux.com has a review of SimplyMEPIS 6.5 rc2. "SimplyMEPIS 6.5 is built on the 2.6.17 Linux kernel, based on Ubuntu 6.06 LTS (Long Term Service), aka "Dapper Drake," by the way. Until version 6.0, MEPIS had been built on Debian, but MEPIS designer Warren Woodford found that Debian Stable was too far behind the curve, and Debian Testing/Unstable was advancing too quickly and breaking too often, so he switched to Ubuntu. Unlike Ubuntu, which uses GNOME for its default desktop, MEPIS uses KDE 3.5.3." The final release of SimplyMEPIS 6.5 is now out.
Page editor: Rebecca Sobol Development Introducing the OCRopus ProjectThe OCRopus Project is a new open-source optical character recognition (OCR) effort that was launched this week by Google:
OCRopus is a state-of-the-art document analysis and OCR system, featuring pluggable layout analysis, pluggable character recognition, statistical natural language modeling, and multi-lingual capabilities.
The OCRopus engine is based on two research projects: a high-performance handwriting recognizer developed in the mid-90's and deployed by the US Census bureau, and novel high-performance layout analysis methods.
OCRopus is development is sponsored by Google and is initially intended for high-throughput, high-volume document conversion efforts. We expect that it will also be an excellent OCR system for many other applications.
According to the FAQ document, OCRopus is mainly intended to be used for character recognition of scanned and digitally photographed text. Output will be in HTML+CSS format. The OCRopus plug-in architecture will support multiple character recognition plug-ins. Scanning of non-English text will be provided by language-specific plug-in modules. The Processing Steps diagram gives a graphical overview of the code flow. The software is being released under the Apache license, it is written in C++ and Python. One of the main components of OCRopus is Tesseract OCR, which was released as open-source code by HP and UNLV in 2005. The lead OCRopus developer is Professor Thomas Breuel from the German Research Center for Artificial Intelligence in Kaiserslautern. Funding has been set aside to support a number of graduate students. The source code is available for an early release of the project: "The technology preview release is basically the first check-in of the source code into the subversion repository. What you can expect is that this code performs about as well as Tesseract in terms of character-level performance, but that is able to cope better with non-trivial layouts. There is no packaging, binary distribution, or full autoconf yet." The getting started document explains the dependencies and shows how to build the software. The project roadmap calls for an alpha release in the third quarter of 2007, a beta release in the first quarter of 2008 and a 1.0 release in the third quarter of 2008. Open-source contributions are being requested: "We are hoping for contributions by the open source community in areas such as adapting the system to additional languages, creating a Gnome desktop application, integration with Gnome desktop search, web-based tools for proofing and training, language modeling, additional character recognition engines, and other useful tools and add-ons." Help is being requested for porting to non-Linux platforms. Support for KDE is not yet mentioned, but should be possible with a bit of developer effort.
System Applications Database Software PostgreSQL Weekly NewsThe April 8, 2007 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
SQLite 3.3.15 releasedVersion 3.3.15 of SQLite, a lightweight DBMS, is out. "An annoying bug introduced in 3.3.14 has been fixed. There are also many enhancements to the test suite."
Filesystem Utilities Earth 0.2 releasedStable version 0.2 of Earth is out with bug fixes and other improvements. "Earth allows you to find files across a large network of machines and track disk usage in real time. It consists of a daemon that indexes filesystems in real time and reports all the changes back to a central database. This can then be queried through a simple, yet powerful, web interface. Think of it like Spotlight or Beagle but operating system independent with a central database for multiple machines with a web application that allows novel ways of exploring your data." See the What's New document for change details.
Interoperability Samba 3.0.25rc1 releasedVersion 3.0.25rc1 of Samba has been announced. "This is the first release candidate of the Samba 3.0.25 code base and is provided for testing only. An RC release means that we are close to the final release but the code may still have a few remaining minor bugs. This release is *not* intended for production servers. There has been a substantial amount of development since the 3.0.23/3.0.24 series of stable releases. We would like to ask the Samba community for help in testing these changes as we work towards the next significant production upgrade Samba 3.0 release."
Mail Software Sendmail 8.14.1 releasedVersion 8.14.1 of the Sendmail mail transfer agent has been announced. "Sendmail, Inc., and the Sendmail Consortium announce the availability of sendmail 8.14.1 which fixes some bugs, e.g., If a milter rejected a recipient the MTA still kept it in its list of recipients and delivered to it if the transaction was accepted. The new DaemonPortOptions which begin with a lower case character can now be set."
Web Site Development Dimdim 1.6.0 alpha released (SourceForge)Version 1.6.0 alpha of Dimdim, a web conferencing application, has been announced, it features usability improvements. "With Dimdim you can show Presentations, Applications and Desktops to any other person over the internet without installing anythign on the Attendee side. You can chat, show your webcam and talk with others in the meeting."
Release of Remo 0.1.4 alphaVersion 0.1.4 alpha of Remo, the Rule Editor for ModSecurity, is out with a number of new features.
Desktop Applications Audio Applications Ardour 2.0rc1 releasedThe first release candidate of Ardour 2.0, a multi-track audio workstation, is out. "A couple of weeks after 2.0 beta12, the Ardour team brings you 2.0rc1 , and the OS X Tiger universal DMG. Dozens of bug fixes, a few usability improvements, even a couple of new features (e.g. rename & delete snapshots). This is first release candidate for 2.0, but it is missing last minute tweaks, specifically up to date and complete translations. We hope to release RC2 within the next 7-10 days which will hopefully be the final release before 2.0." See the full release announcement for more details.
Data Visualization Asymptote 1.25 releasedRelease 1.25 of Asymptote is out with some path changes. "Asymptote is a powerful descriptive vector graphics language that provides a natural coordinate-based framework for technical drawing. Labels and equations are typeset with LaTeX, for high-quality PostScript output. A major advantage of Asymptote over other graphics packages is that it is a programming language, as opposed to just a graphics program."
Desktop Environments Compiz/Beryl merger is officialThe Compiz and Beryl projects have sent out an announcement that their merger is now official. There's a lot of details to be worked out, but the decision to proceed has been made. "We will create a code review panel consisting of the best developers from each community who will see that any code included in a release package meets the highest standards and is suitable for distribution in an officially supported package. " There's no word on the naming issue, though. (LWN looked at the merger proposal back in March).
GNOME 2.18.1 releasedVersion 2.18.1 of the GNOME desktop environment has been released. "This is the first release in a series of point releases for the 2.18 branch. Come and see all the bug fixing, all the new translations and all the updated documentation brought to you by the wonderful team of GNOME contributors! While development has started on the GNOME 2.19/2.20 road, work on the stable branch continues to make it even more solid."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Software AnnouncementsThe following new KDE software has been announced this week:
KDE Commit-Digest (KDE.News)The April 8, 2007 edition of the KDE Commit-Digest has been announced. The content summary says: "Bluetooth support in Solid. 'Breadcrumb" navigation widget from Dolphin is made more modular to allow use in other KDE contexts. Support for different caret (text cursor) styles in Konsole. Various bugfixes in TagLib. Better AIM protocol file transfer support in Kopete. KWord gets the ability (through Kross scripting) to use an OpenOffice.org instance to import from supported file formats. KPackage starts to be ported to the SMART package management scheme..."
The Road to KDE 4: Strigi and File Information Extraction (KDE.News)The KDE.News "Road to KDE4" series is back. "This week I am featuring Strigi, an information extraction subsystem that is being fully deployed for KDE 4.0. KDE has previously had the ability to extract information about files of various types, and has used them in a variety of functional contexts, such as the Properties Dialog. Strigi promises many improvements over the existing versions."
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
Educational Software TCExam 4.0.011 released (SourceForge)Version 4.0.011 of TCExam has been announced. "TCExam is a Web-based Assessment Software system (e-exam or CBT - Computer Based Testing) that enables educators and trainers to author, schedule, deliver, and report on surveys, quizzes, tests and exams. The software is used all over the world by universities, schools, companies and independent teachers."
Electronics Atom 200704 releasedOpenCollector has announced the release of version 200704 of Atom. "Atom is a new functional hardware description language embedded in Haskell. Unlike Confluence and HDCaml, Atom is an adventure above RTL. Borrowing on ideas developed by Arvind, Hoe, and others, Atom compiles rule-based circuit descriptions down to Verilog for simulation and synthesis. This method of design works particularly well for complex control logic."
Financial Applications LedgerSMB 1.2.0 releasedVersion 1.2.0 of LedgerSMB is out with a security fix. "LedgerSMB 1.2.0 has been released, completing a comprehensive SQL injection audit of the code inherited from SQL-Ledger. Numerous SQL injection issues were fixed. In fact, most fields were not properly quoted and escaped. These problems should affect all known versions of SQL-Ledger as well. The fix was delayed because the scale of the changes made required extensive testing-- these were not trivial changes. Users are advised to upgrade as soon as possible."
Games Globulation2 alpha 22 releasedThe alpha 22 release of Globulation2, a real time strategy game, has been announced. "Globulation 2 brings a new type of gameplay to RTS games. The player chooses the number of units to assign to various tasks, and the units do their best to satisfy the requests. This allows players to manage more units and focus on strategy rather than individual unit's jobs. Globulation 2 also features AI allowing single-player games or any possible combination of human-computer teams."
Interoperability Wine Weekly NewsletterThe April 10, 2007 edition of the Wine Weekly Newsletter is online with coverage of the Wine project. Topics include: Winebot, X Error, No Packages Yet For Ubuntu 7.04, Fedora Packages, On the Fly Debugging, Sound Test and Nautilus File Management.
Miscellaneous Alerttail 0.1.1 releasedVersion 0.1.1 of Alerttail is available for download. "Alerttail executes actions when "some text" has been written to a file. This software tails a file and when a line matches some text pattern alerttail will execute a list of actions defined on it's own configuration file. Imagine you want to be warned when some text is written to a log file, you could just configure alerttail asking it to notify you with a gtk notify popup."
Languages and Tools C Getting Familiar with GCC Parameters (O'ReillyNet)Mulyadi Santosa discusses ways to optimize gcc compilation on O'Reilly. "gcc (GNU C Compiler) is actually a collection of frontend tools that does compilation, assembly, and linking. The goal is to produce a ready-to-run executable in a format acceptable to the OS. For Linux, this is ELF (Executable and Linking Format) on x86 (32-bit and 64-bit). But do you know what some of the gcc parameters can do for you? If you're looking for ways to optimize the resulted binary, prepare for a debugging session, or simply observe the steps gcc takes to turn your source code into an executable, getting familiar with these parameters is a must. So, please read on."
Caml Caml Weekly NewsThe April 10, 2007 edition of the Caml Weekly News is out with new Caml language articles.
Haskell Call for Contributions - HC and A ReportA Call for Contributions has gone out for the May, 2007 edition of the Haskell Communities & Activities Report. The submission deadline is May 2. "If you are working on any project that is in some way related to Haskell, write a short entry and submit it to the me. Even if the project is very small or unfinished or you think it is not important enough -- please reconsider and submit an entry anyway!"
Java Controlling Threads by Example (O'Reilly)Viraj Shetty works with Java threads on O'Reilly. "One of the useful features in Java is the built-in support for writing multithreaded applications. A thread is an execution path in the program that has its own local variables, program counter, and lifetime. If the task being executed on the thread takes a long time, there needs to be a mechanism to stop, monitor, pause, and resume the task. This article will take a nontrivial example with threads and refactor the code to include these capabilities."
Real-time Java, Part 1: Using the Java language for real-time systems (developerWorks)IBM developerWorks begins a series on real-time Java. "This article, the first in a five-part series on real-time Java, describes the key challenges to using the Java language to develop systems that meet real-time performance requirements. It presents a broad overview of what real-time application development means and how runtime systems must be engineered to meet the requirements of real-time applications. The authors introduce an implementation that addresses real-time Java challenges through a combination of standards-based technologies."
Perl Weekly Perl 6 mailing list summary (O'Reilly)The April 3, 2007 edition of the Weekly Perl 6 mailing list summary is out with coverage of the latest Perl 6 developments.
PHP PHP OpenID 2.0.0-rc1 releasedVersion 2.0.0-rc1 of PHP OpenID has been announced. "PHP OpenID 2.0.0-rc1 implements revision 294 of the OpenID 2 specification. I'd very much like it if you can give it a try. With only a few changes to your application, you should be able to upgrade from version 1.2.2. Otherwise, the library transparently supports OpenID 1 and OpenID 2 relying parties and servers. This release also incorporates numerous bugfixes and feedback from library users."
Python pycairo release 1.4.0Release 1.4.0 of pycairo, a set of Python bindings for the Cairo multi-platform 2D graphics library, has been announced. A number of new methods have been added and some obsolete methods have been removed.
Python 2.5.1 release candidate 1 is outRelease candidate 1 of Python 2.5.1 has been announced. "This is the first bugfix release of Python 2.5. Python 2.5 is now in bugfix-only mode; no new features are being added. According to the release notes, over 150 bugs and patches have been addressed since Python 2.5, including a fair number in the new AST compiler (an internal implementation detail of the Python interpreter)."
Python-URL! - weekly Python news and linksThe April 11, 2007 edition of the Python-URL! is online with a new collection of Python article links.
Tcl/Tk Tcl-URL! - weekly Tcl news and linksThe April 11, 2007 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
XML Introducing RDFa, Part Two (O'Reilly)Bob DuCharme presents part two of an O'Reilly XML.com series on RDFa. "In this second part of a two-part series, Bob DuCharme concludes his introduction of RDFa--a new, XHTML-friendly standard syntax for RDF metadata that allows you to embed RDF metadata into the Web in a novel way."
Editors Emacs 22 on April 23A brief message has been sent to the emacs-devel list stating that the final Emacs 22 pre-test release will happen on April 16. If all goes well, the long-awaited Emacs 22.1 release will happen on Monday, April 23. The last major Emacs release was in 2001. (LWN looked at the upcoming Emacs release last October).
Libraries Pantheios 1.0.1 beta 24 released (SourceForge)Version 1.0.1 beta 24 of Pantheios is available with bug fixes. "Pantheios is an Open Source C/C++ Logging API library, offering an optimal combination of 100% type-safety, efficiency, genericity and extensibility. It is simple to use and extend, highly-portable (platform and compiler-independent) and, best of all, it upholds the C tradition of you only pay for what you use."
Version Control colorsvn 0.3.2 announcedStable version 0.3.2 of colorsvn has been released. "colorsvn is the Subversion output colorizer. Colorsvn was extracted from kde-sdk and was extended with build process and configuration."
Page editor: Forrest Cook Linux in the news Recommended Reading Interview with Richard Stallman on GPLv3 and More, by Sean Daly (Groklaw)Groklaw has an interview with Richard Stallman. "Sean Daly met up with Richard Stallman in Brussels, where Stallman just gave a speech on the GPLv3 draft. Mr. Stallman was kind enough to do an interview for Groklaw right afterward, which we appreciate, especially because Sean tells me rms was so exhausted before his speech that he pushed the chair away and did it standing up, to make sure he stayed awake."
Hackers v Hollywood, Round 2 (LA Times)The LA Times has a column on Corel's response to the WinDVD crack. "On Friday, Corel informed WinDVD users that they had to download a 'security update' in order to continue playing high-definition discs. They'll have about three months to do so; after that, all newly minted high-def discs will include a set of instructions that permanently disables the older, hacked version of the software. Users who put one of these new discs into their PC will not be unable to play that disc, but they'll render the software incapable of playing any other high-def Hollywood movie -- even the older ones in their personal collections. Ouch!" The joy of DRM and non-free software.
Companies AMD Launches 3.0GHz Opteron Processors (eWeek)eWeek covers the latest Opteron processor releases from AMD. "On April 4, AMD launched the Opteron 2222 SE model for two-way systems and the 8222 SE model for four- and eight-way servers. The two new models will both run at 3.0GHz and offer 2MB of Level 2 cache and the same integrated memory controller and HyperTransport technology (a high-speed chip-to-chip interconnect) as other processors in that series."
Linux Adoption 203 Million Mobile Phones Will Use Linux Operating Systems by 2012 (3G.co.uk)3G.co.uk covers a prediction on the increasing use of Linux in mobile phones. "ABI Research forecasts that by 2012, more than 127 million devices will be enabled with a commercial Linux OS, up from 8.1 million in 2007. Additionally, device shipments that incorporate Linux as an RTOS replacement are set to grow to more than 76 million units in 2012, up from nearly zero in 2007. "Linux in the cellular phone is not a question of 'if', but 'when'," says research director Stuart Carlaw."
Resources The lighttpd Web Server (O'ReillyNet)Bill Lubanovic investigates lighttpd on O'Reilly. "Until recently, Apache didn't have a serious open source rival. In Netcraft's latest web server survey, we can see one emerging. As always, Apache has the top spot, Microsoft's IIS is second, and the ever-popular unknown is third. Fourth is Sun's Java Web Server (formerly known as ONE, formerly iPlanet, formerly Netscape). But at number five, serving about 1.4 million sites, is something called lighttpd. Where did that come from? We'll look into lighttpd's history, basic installation and configuration, and some visions of the future."
Complex service checks with Nagios (Linux.com)Linux.com presents an excerpt from the book Building a Monitoring Infrastructure with Nagios. "Nagios is a GPL-licensed framework that allows you to intelligently schedule little monitoring programs written in any language you choose. Nagios lets you monitor hosts, services, and networks. Here are a couple of examples of real-world monitoring scenarios."
Tips: Making Vim easy (Linux.com)Joe 'Zonker' Brockmeier has a few tips for new Vim users. "Vim's flexibility and countless features are a major asset for experienced users, but a challenge for newbies. If you've always wanted to try Vim but were put off by your first attempts, you can start off gradually by getting to know Vim's GUI and easy mode. This article is a primer for those who haven't used Vim much and want to wade in gradually."
Reviews A first look at Dolphin, the KDE 4 file manager (Ars Technica)Ars Technica looks at Dolphin, the KDE 4 file manager. "Although Konqueror is one of the most powerful file-management applications available on the Linux platform, the broad scope of its functionality creates some usability problems that aren't easily resolved. Konqueror's elaborate profile system and support for KParts-based document viewing add complexity to file management and intimidate users who are accustomed to less sophisticated file managers. By focusing exclusively on file management, Dolphin avoids many of the pitfalls inherent in Konqueror's approach. Although Dolphin is still under development and lacks a number of critical features, early releases illuminate the significant potential of the application. Dolphin appears to be a well-thought compromise that will provide a more reasonable balance of versatility and usability."
Ekiga videophone gets you connected (Linux.com)Joe Barr reviews Ekiga on Linux.com. "For my next try, instead of finding a camera online and wondering whether it was supported, I selected a camera I found on a list of supported devices (registration required) and then tried to find it available for sale. As a rule of thumb, the newer the device, the less likely it is to have a Linux driver, and the older the device, the harder it is to find it for sale. I had better luck with the second camera I tried, a Creative Labs Ultra NX."
Writing and publishing with Emacs Muse (Linux.com)Linux.com takes a look at Emacs Muse, a publishing environment for Emacs. "Some of the uses that people have put Muse to include documentation and tutorials, Web pages, recipes and poems, blogs, and knowledge bases. Since I started using Muse last year, I've output LaTeX, HTML/XHTML, DocBook, and PDF files. After a bit of tweaking, the results have been very good."
Make Firefox full screen even better with Fullerscreen (Linux.com)Joe 'Zonker' Brockmeier examines the Firefox Fullerscreen extension on Linux.com. "Fullerscreen is an extension that gives Web pages in Firefox the full run of your monitor. If you spend much time using Web-based applications like Gmail, Google Notebook, or Backpack, Fullerscreen is a must-have addition to Firefox."
Integrated issue tracking with Ikiwiki (LinuxWorld)Joey Hess looks at Ikiwiki. "Ikiwiki is a wiki engine with a twist. It's best described by the term "wiki compiler". Just as a typical software project consists of source code that is stored in revision control and compiled with make and gcc, an ikiwiki-based wiki is stored as human editable source in a revision control system, and built into HTML using ikiwiki."
Radiant Data launches 64-bit Linux HA replicating file system (Linux-Watch)Linux-Watch looks at PeerFS. "If you need your data to be available in all your offices -- even if the central office goes up in smoke one day -- Radiant Data's new PeerFS 4.0, which now supports multiple 64-bit Linuxes, might be just what you need."
XMP making inroads in open source imaging software (Linux.com)Nathan Willis looks at the Extensible Metadata Platform (XMP). "Two separate projects are attempting to build support for the Extensible Metadata Platform (XMP) in Linux. Not to be confused with the "Jabber protocol" XMPP, XMP is an XML-based metadata standard for digital images. Despite its historical connections to photography, other kinds of applications and data stand to benefit, too, making XMP-aware projects something we all should watch."
Miscellaneous The Linux Foundation Boosts Its Membership (eWeek)eWeek reports on the newest members of the Linux Foundation. "The Linux Foundation, which was created in January 2007 out of the merger between the Open Source Development Labs and the Free Standards Group, has signed up three new members: Marvell, Nokia and VirtualLogix. This brings current membership of the foundationwhich has the goal of providing services that are useful to the community and industry, as well as protect, promote and continue to standardize the Linux platform to around 86."
Page editor: Forrest Cook Announcements Non-Commercial announcements EFF: Don't Let Europe Turn Its Citizens into CopycriminalsThe Electronic Frontier Foundation has sent out an alert concerning the upcoming (April 24) vote on the "intellectual property enforcement directive." "If IPRED2 passes in its current form, "aiding, abetting, or inciting" copyright infringement 'on a commercial scale' in the EU will become a crime. The entertainment industry has made it clear that it sees sites like YouTube, P2P software, and even ISPs as 'inciting' infringement." It is not hard to imagine free software developers being affected by this kind of law.
Gaim becomes PidginThe Gaim messaging client has been renamed Pidgin. The announcement says that the name change is the result of a painfully-achieved settlement with AOL which should also unblock the delayed 2.0 release.
Harmony sends Sun a letterThe Apache Harmony project, which is working toward the development of a free Java SE implementation, has sent an open letter to Sun Microsystems asking for a license to Sun's Java Compatibility Kit which does not impose field of use restrictions on Harmony users. "As I explain below, these restrictions are contrary to the terms of the Java Specification Participation Agreement (JSPA) - the governing rules of the JCP - to which Sun is contractually bound to comply as a signatory. The ASF has a proud history of support for open software ecosystems in which commercial software can flourish. However, Sun's JCK license protects portions of Sun's commercial Java business at the expense of ASF's open software." There is also an associated FAQ with more information.
LinuxChix announces new leaderThe women's technical group LinuxChix has appointed a new international co-ordinator, Mary Gardiner, replacing previous coordinator Jenn Vesperman, who resigned after six years running the organization. "Mary Gardiner's primary focus as coordinator will be on forming a closer relationship with the regional chapters, enabling the LinuxChix community to better reach potential and existing women Free Software users worldwide. Gardiner will also be investigating other ways that LinuxChix can reach a larger audience and help its members engage with the Free Software community. She intends to be coordinator of LinuxChix for two years. Gardiner, a resident of Sydney, Australia and a postgraduate student in computing, has been active as a volunteer in LinuxChix since 2000."
Python opportunities at the Google Summer of CodeA list of Python projects involved in the Google Summer of Code has been announced. "Google recently published the list of mentoring organizations participating in Google Summer of Code 2007. They have accepted Python Software Foundation into Google Summer of Code."
Single-vendor software purchase stopped in ItalyThe Associazione per il Software Libero has sent out a press release proclaiming a "historic victory" in its battle to ensure that free software alternatives are considered in Italian government purchases. A request for tenders for €4.5 million in Microsoft licenses has been withdrawn after the Associazione went to court with a challenge. "The most important result is that Associazione per il Software Libero succeeded in monitoring actions of public institutions in a domain -information technologies - that too often responds to pressures of some companies and to mere 'technical' reasons instead of focusing on public benefit: free access to information (free format), adoption of trustworthy technologies (free software) and use of public money for the benefit of the citizens."
Zope Foundation in the Google Summer of CodeThe Zope Foundation will participate in the 2007 Google Summer of Code. "This means we're looking for students and more mentors who would like to take on projects, as well as good projects. We have a wiki page about it with project suggestions and prospective mentors; if you're interested in this project, please check it out."
Commercial announcements Over 100 Post-production facilities Adopt Autodesk's Visual Effects SystemsAutodesk, Inc. has announced new market gains for its video post-production software. "During the past six months, more than 100 additional post-production facilities around the globe have adopted Autodesk, Inc.'s film and television solutions running on the Linux operating system. The Autodesk Linux-based systems provide digital artists and editors with increased speed and interactivity. In April 2006, Autodesk transitioned its visual effects and editing/finishing systems from SGI-based workstations to workstations running the Linux operating system. The Linux-based Autodesk Flame visual effects system renders complex 3D composites more than 20 times faster than on previous SGI-based workstations."
The newly updated 1994-2006 Linux Journal Archive CD-ROMLinux Journal has announced the availability of a new archive CD-ROM for $26.95. "In easy-to-use HTML format, this space-saving archive CD-ROM offers users the advantage of immediate access to the essential Linux resource: Linux Journal. The Archive CD-ROM contains every issue of Linux Journal, from the premiere March 1994 issue through December 2006."
Nokia Announces Open C SDK Plug-In for S60 DevicesNokia has announced: "the Open C Plug-In extension for the S60 3rd Edition Software Development Kit, enabling easier porting of Linux-targeted open source projects to Symbian OS- based S60 smartphones and increased productivity for developers of mobile applications running on S60 devices."
Novell Joins The Green GridNovell has announced that it has joined The Green Grid, a consortium of information technology companies and professionals committed to improving energy efficiency in the data center. "Novell will help customers reduce the power consumption in their data center through the operating system virtualization built into the SUSE(R) Linux Enterprise platform and the management tools that comprise the Novell(R) ZENworks(R) product suite. As a result, customers can lower the cost of managing their data centers while also helping the environment."
SGI Announces New CEOSGI has announced that Robert H. "Bo" Ewald, formerly Chairman and CEO of Linux Networx, has been named Chief Executive Officer, effective immediately. Bo replaces Dennis McKenna who has served as SGI's Chief Executive Officer since January 31, 2006. In addition to his role as CEO, Bo will serve on SGI's Board of Directors.
SourceForge.net and Krugle bring code search to open-source repositoryKrugle, Inc. has announced a partnership with SourceForge.net. "SourceForge.net and Krugle, Inc. today announced that SourceForge.net has embedded Krugle's search engine into the world's largest repository of open source software. The search engine gives developers direct, contextual access to the underlying code of the site's 145,000 open source projects. The announcement addresses the growing importance of specialized search engines as valuable tools to help developers deal with increasing software complexity."
Sun Microsystems donates storage technologies to OpenSolarisSun Microsystems, Inc. has announced the donation the source code to the Storage Community to the OpenSolaris project. "Sun Microsystems, Inc. today announced it is donating storage technologies for storage developers within the OpenSolaris community. This will enable community members to combine OpenSolaris with hardware from any source to create compelling storage solutions at a fraction of the price of traditional proprietary storage vendors. This combination of open source and commodity hardware heralds a new stage in the storage industry."
TransGaming announces Cedega 6.0TransGaming Inc. has announced Cedega 6.0. "Rich with new features and functionality, ranging from improved graphics and performance to support for many new games, Cedega 6.0 remains the only commercial solution in the world that allows hundreds of triple A games to be played on the rapidly growing Linux operating system."
New Books Designing BSD Rootkits - No Starch Press's Latest ReleaseNo Starch Press has published the book Designing BSD Rootkits: An Introduction to Kernel Hacking by Joseph Kong.
Linux Appliance Design - New from No Starch PressNo Starch Press has published the book Linux Appliance Design by Bob Smith, John Hardin, Graham Phillips, and Bill Pierce.
Resources The Linux Foundation Announces Linux Standard Base Update and New Testing ToolsThe Linux Foundation has announced an update of the Linux Standard Base (LSB) and the release of a new testing toolkit. ""All the moving parts are coming together to give the Linux ecosystem its first testing framework that will coordinate development of upstream code to standards and downstream implementations," said Jim Zemlin, executive director of the Linux Foundation. "In order for a standard to be effective, it needs to have a powerful -- and usable -- testing infrastructure. Our testing framework will deliver that functionality and allow the Linux ecosystem to collaborate and test code while it's being developed, improving quality and allowing ISVs to reduce their costs and get their feedback into the Linux ecosystem more effectively.""
Education and Certification Linux Professional Institute and VCampus launch training portalThe Linux Professional Institute and VCampus have announced a new training portal site. "VCampus Corporation, a leader in certification and professional development training and services, together with the Linux Professional Institute (LPI), today announced the launch of the LPI North America Online Learning Portal. Based on LPI's globally-recognized certification objectives, this portal is poised to meet growing demand for sophisticated, professional Linux programmers, consultants and systems administrators. You can log on to the VCampus LPI Online Learning Portal at http://www.vcampus.com/lpinama."
LPI Offers Certification Exams at Intel Developer ForumThe Linux Professional Institute will hold discounted certification exams at the Intel Developer Forum in Beijing, China on April 17 and 18, 2007.
Calls for Presentations DEFCON One Five CfP in effectA call for papers has gone out for DEFCON 15. The event takes place in Las Vegas, NV on August 3-5, 2007. Submissions are due by June 15.
CFP: Storage Security and Survivability WorkshopA call for papers has gone out for the 2007 Storage Security and Survivability Workshop. Submissions are due by June 8. "The 3rd International Workshop on Storage Security and Survivability (StorageSS 2007) will be held on Monday, October 29, 2007, in conjunction with the 14th ACM Conference on Computer and Communications Security (CCS 2007), which will meet October 30November 2, 2007 in Alexandria, Virginia, USA."
Upcoming Events Sun Announces CommunityOne EventSun Microsystems, Inc. has announced the new CommunityOne event, it will take place on May 7, 2007 at the Moscone Center in San Francisco, CA. "CommunityOne is a free, one-day event designed for open source and web developers to gain detailed technical information on free and open source projects including, NetBeans(TM) Software, OpenSolaris (TM), GlassFish(TM), OpenJDK and the Mobile & Embedded Community, as well as interact with other participants to exchange ideas and best practices. In addition, CommunityOne will host talks on topics relating to Web 2.0, James Governor and Stephen O'Grady from the analyst firm RedMonk will moderate an unconference, Ian Murdock will host a session on open operating systems and Sun will host its second Startup Camp event."
The FOSS Symposium (LinuxMedNews)LinuxMedNews has announced the 2007 FOSS Symposium, which will take place in Houston, Texas on April 24. "IBM's Eishay Smith, Enfold Systems Alan Runyan and a few others will be speaking at a one day symposium in Houston entitled 'Free and Open Source Software (FOSS) for Healthcare: Progress and Promise' This will be held at: School of Health Information Sciences, UT-Houston".
The Workshop on GCC InternalsThe Workshop on GCC Internals will be held in Bombay, India on June 18-20, 2007. Pre-registration runs from April 9 to May 1.
2007 JavaOne Conference opens more possibilities for attendeesSun Microsystems, Inc. has announced new JavaOne conference tracks. "Sun Microsystems, Inc., today announced that in addition to the 250 conference sessions, 117 BOFs and 15 Hands-on-Labs, the 2007 conference will offer two special one-day tracks -- Java Technology Business Day and Java Technology in TV: Blu-ray Disc and Cable Day." The conference runs from May 8-11, 2007 and takes place in San Francisco, CA.
Linuxfest Northwest 2007Linuxfest Northwest 2007 takes place at Bellingham Technical College in Washington State, April 28 - 29, 2007. There will be speakers from Red Hat, Google, Novell, OLPC project, MySQL, the Software Freedom Law Center, Linden Labs (Second Life), and many others. Admission and parking are free, and all ages are welcome.
Power.org announces Software SummitThe first Power Architecture Software Summit will take place in Austin, Texas on April 19, 2007. "Power.org will host the first Power Architecture Software Summit, a unique opportunity for software developers and development managers to refine Power.org's software strategy. The Power.org Software Summit will focus on identifying solutions to challenges associated with software development on Power Architecture. Discussions will revolve around presentations that address a wide range of topics ..."
Events: April 19, 2007 to June 18, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Miscellaneous One time chance to order your own LAC'07 t-shirt!Conference T-shirts for the 2007 Linux Audio Conference are available. "This is a one-time offer only, and be sure to put in your orders soon, as the offer will only stand up until the 16th of April. We want to have the payment in advance, as we need to pay the cost of printing, packaging and postage."
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||