LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for April 19, 2007The patent taxThe Software Freedom Law Center has recently put out a press release based on a study of how much each Windows user is paying for software patents. The methodology used is quite simple: look at the known payments made by Microsoft in patent cases, then divide that sum by the number of Windows licenses shipped. The bottom line was $21.50 per license. That is a significant part of the total cost of a license, and everybody who has bought a Windows license - even those of us who just overwrite Windows with a Linux installation - is paying it.SFLC describes this cost as a tax, and does its best to make the implications clear:
While $20 might not sound like a lot, it adds up pretty quickly. A
school with only 50 Windows machines - barely enough for one class
of students - is paying $1,000 of its limited budget in patent tax,
rather than buying books or other useful supplies. A government
agency with a mere couple hundred Windows machines is paying many
thousands of taxpayer dollars in patent tax.
As the SFLC points out, the real amount of this "tax" is likely to be higher than the estimate. The number of Windows licenses is probably inflated by Microsoft, and there's certain to be patent settlements that the public knows nothing about. Software patents thus cost quite a bit of money; trying to quantify this "tax" and spread the word is a useful thing to do. Perhaps, if more people understand what the patent system is costing them, there will be more pressure to make real reforms. The SFLC release wanders into slightly more dangerous territory, though, when it says:
On the other hand, free operating systems based on Linux have never
been found guilty of patent infringement, making Linux a
patent-tax-free alternative to Windows. Not only do these free
software systems have no patent tax, they have no taxes whatsoever,
because - like all open source software - they are available to the
public at zero cost.
There is a significant difference between saying "Linux has never been found guilty of patent infringement" and "Linux does not infringe upon any patents." The SFLC's choice of the former wording was carefully done. The nature of the software patent beast is such that almost any significant piece of software must infringe upon a number of patents. The fact that nobody has, yet, successfully prosecuted a patent case against Linux is not a cause for great comfort. Language like the above thus risks playing into the hands of those who would claim that the free software world is populated by those who would "steal" the "intellectual property" of others. Might they not say that the absence of software patent payments by Linux users is not an example of freedom, but, instead, an act of tax evasion? If Microsoft were to decide to bring a software patent suit against a developer or user of Linux, it could use this release to great advantage: what better example could there be of how the free software community's refusal to pay patent royalties puts companies like Microsoft at an unfair competitive disadvantage? Putting the focus on Linux in this discussion seems like the wrong direction to take. While free software developers make diligent attempts to avoid known patents, the same must certainly be true of companies like Microsoft. Our lack of patent infringement judgments is more a matter of luck, lack of sufficiently deep pockets, and, if some sources are to be believed, some users quietly paying patent royalties to avoid ending up in court. We need to get the software patent problem fixed, rather than brag about our avoidance - so far - of public settlements.
Open projects and secret plansAs of this writing, the GNOME.org front page features the following text:
At 9am, April 19th 2007, join industry leaders and community
developers for a major announcement about Open Source and Free
Software mobility.
This announcement will be made by Jeff Waugh, who has also promoted the event on the GNOME mailing lists with this request:
Those paying close attention over the last 12 months will have a
fair idea what this is about, but please resist the temptation to
reply to this post about it, as we're hoping to keep it under wraps
until Thursday.
This, in turn, has raised some eyebrows within the GNOME community. It has been pointed out that the GNOME Foundation charter reads like this:
In almost every sense of the word, GNOME is an open project. This
is one of our greatest strengths, has always been, and should be
the balefire by which we plot our course into the future...
This principle has real, concrete meaning for the foundation: All discussions must be publicly viewable, any person must have the opportunity to contribute to the decision-making process, and every GNOME contributor must have the direct ability to influence the decisions which are made. How, it was asked, do secret plans for a high-profile announcement of a major new direction for the project fit with those words from the charter? Where is the "publicly viewable" discussion which led up to these plans? How has it been possible for any person within the community to contribute to the process which led to this decision? Some developers see this sort of secrecy as being inconsistent with the open ideals of the GNOME project, and they have been asking why things are being done this way. Jeff has explained the reasons behind this move:
We'd like to exploit the promotional potential of this announcement
for the betterment of the GNOME community and the commercial
ecosystem around it. It is, in effect, a public secret -- the Board
knows, the Advisory Board knows, a particular subset of the
community knows (and have been participating for ~9 months) and
heaps of people in the broader community know about it but just
don't know that's what we're announcing.
Your editor is not privy to the substance of this announcement - though, as it happens, he will be present when the announcement is made, so stay tuned. Members of the GNOME community have been talking about taking advantage of opportunities in the embedded area for some time now, though. The venue the project has chosen (the Embedded Linux Conference) and the discussion of "mobility" give some strong hints as well. So it may well be that the core of this announcement will not come as a great surprise to active members of the GNOME project. More to the point, there are limits to how much a group like the GNOME board can change the direction of such a big project. The project's direction will be determined (and demonstrated) by the code, documentation, artwork, and so on which gets created and contributed; there is little else that matters. Perhaps the board can arrange partnerships with companies which may result in the creation of certain kinds of code; as long as that code is developed in a community-friendly manner and does not bypass the normal review process, there is little to complain about. Still, it's hard to avoid just a touch of discomfort with the sight of free software projects behaving like corporations. Hype-building, press releases, and flashy announcements may succeed in attracting the attention of the press, but they are not the best way for these projects to communicate with their users. We all benefit from the transparency that the free software process provides; free software users are generally happy to avoid the sorts of surprises that come with proprietary code. We do not need to be - and don't want to be - herded by way of carefully planned press events. That does not appear to be what's going on here; instead, the GNOME board has simply chosen a relevant conference to announce projects that some GNOME developers have been working on for some time. Perhaps some companies will announce that they intend to use and support this work. It may well be true that the board's tactics will lead to wider coverage of what's going on, with a presumably positive effect on the GNOME user and developer communities. As long as the GNOME developer community is not surprised by what comes out, all should be well. But projects which want to take this approach in the future should always think carefully whether their attempts to catch the flighty attention of the press may leave their core developers feeling left out.
ELC: The embedded Linux nightmare![[Thomas]](/images/conf/elc2007/tglx-sm.jpg)
The opening keynote talk at the 2007 Embedded Linux
Conference was given by Thomas Gleixner. Thomas has been a significant
contributor to the kernel for some time; most recently, he is the force
behind much of the high-resolution timer work which has been merged for
2.6.21. His experience with the embedded Linux industry has prompted him
to put together a talk on how that industry works (or doesn't) with the
development community. When things go badly, he says, the result is a true
nightmare.
Linux (and the kernel in particular) is, says Thomas, a sort of "mutual benefit society" which is jointly maintaining a common good. This society will only work as long as the stakeholders give to it as well as taking from it. The giving part, unfortunately, is often lacking in the embedded world. There are a lot of reasons given for the use of special, closed, vendor kernels in embedded situations. According to Thomas, these reasons do not hold water. They include:
What really flows from vendor kernels is user lock-in, community detachment, and waste of resources. None of these are good for users, for the vendor, or for the Linux community as a whole. They are, instead, the embedded Linux nightmare. As an example of community detachment, Thomas offered the linux-arm.org web site, which describes itself as:
This site is the definitive resource for the community of
developers and users of the Linux Kernel on the ARM Family of
processors.
This site, Thomas points out, was launched in 2005 - ten years after the community ARM port was launched. It does not even do the courtesy of linking to the real community ARM site. It is, instead, an example of a vendor trying to create its own community which has little to do with the people actually creating the code. With regard to waste of resources: a Linux developer recently rewrote a system-on-chip driver to make it suitable for the mainline. In the process, a 7,000-line driver became a much better 1,300-line driver. Using the COCOMO model, Thomas estimates that about $180,000 was wasted in the creation of this vendor driver. An even more egregious example is a fork of the real-time preemption tree by "an unnamed company" a couple of years ago. No patches have ever been published from this fork, and there has not been a single email exchange with the preempt-rt developers. The resulting code is still based on a kernel from about the 2.6.14 era, and is completely unmaintainable. Unfortunately, a customer now wants serial ATA support, putting this company in a difficult situation. Thomas asks: "why the hell is this company using Linux?" He estimates that at least ten staff-years have been wasted in this fork. The end result of this nightmare can be seen in the form of unhappy customers, a bad reputation for free software, fragmentation of the code base, a feeling of being ripped off among kernel developers, and wasted resources. In addition, Thomas fears that the kernel development process risks being dominated by the enterprise Linux companies, which do work with the community. If the embedded world wants to avoid all of these problems, it needs to start talking with the community and getting its code into the mainline kernel. Then Tux can get a good night's rest, and world domination will get back on schedule.
Security Brief items MadWifi: Much ado about nothing?A recent article reporting a remotely exploitable bug 'in Linux' has raised the ire of some in the Linux community for a few reasons, but inaccuracy probably tops the list. The timeliness of the report is also in question as the bug, in an out-of-tree Linux driver, was fixed four months ago in December 2006. When the usual suspects, Slashdot and digg, linked to the article, it became a rather visible 'failing' of Linux. The truth is much less damning; there are some interesting wrinkles, though, which are worth a look.The bug was found by French security researchers when fuzzing the MadWifi driver for Atheros Wireless LAN chipsets and was presented at Black Hat Europe at the end of March. The techniques used are similar to those used by David Maynor and johnny cache to find the MacOS wireless flaws that they 'demonstrated' at Black Hat USA last year. The only new information in the article (and others like it) was the presentation given by Laurent Butti; the bug had already been reported as CVE-2006-6332 and fixed in version 0.9.2.1 of MadWifi. MadWifi (which is an abbreviation for Multiband Atheros Driver for Wireless Fidelity according to the project's website) is a widely used driver for wireless cards, but it is not part of the Linux kernel and is unlikely to ever be. The driver relies on a 'Hardware Abstraction Layer' (HAL) that is only provided in binary form. The belief is that because the Atheros chips can be instructed to do various things that regulatory agencies (the FCC in the US for example) oppose, the code for doing that must be closed source. Rather than make the whole driver closed source, separating it into two pieces was done specifically to avoid the closed source portion being considered a derivative work of the kernel. Because of the non-firmware binary blob, the driver will not be included in some 'free' distributions and users will need to find it from other non-official or less supported repositories. This could lead some users to not update their driver because the package management system did not alert them to the change. At some level, any publicity that makes more people aware of the problem is probably a good thing. The bug itself is a fairly run-of-the-mill buffer overflow that is fixed in this changeset. While the bug was rather straightforward, its result is catastrophically bad. An attacker could run arbitrary code as root on a vulnerable machine that has the driver loaded; being connected to a wireless network is not required. This is the kind of 'drive by' laptop takeover that got so much attention when Maynor and cache announced their proof of concept exploit. It is a truly horrifying scenario for anyone worried about laptop or other wireless device security. At the time of the original release of information about the bug, the MadWifi project and various distributions made announcements about it. But, perhaps because of the impending Christmas holiday or because the seriousness of the bug was not recognized, there was very little press about it at that time. Though LWN did publish the announcements, one could certainly argue that a more detailed look was in order. Coupled with the severity of any exploit, the lack of coverage magnified the importance of the current articles. Had there already been a round of articles describing the flaw back in December (or even January), it is likely that the 'new' reports would have been ignored. That does not, of course, excuse the inaccuracies in the article. MadWifi is clearly not 'in' Linux though it will affect some Linux users. The lack of earlier press coverage and linking from aggregation sites served to elevate the visibility of the bug, which may have helped some users who missed it earlier, but overall just fed the 'Linux is buggy' hype machine. The headline and the way it was presented take an interesting event, the presentation of some security research, and try to turn it into an indictment of overall Linux security. This is the kind of article that tends to make Linux advocates rather cynical about the 'mainstream' technical press.
New vulnerabilities dokuwiki: cross-site scripting vulnerability
dovecot: information exposure
file: denial of service
freeradius: memory leak
kernel: denial of service
lighttpd: denial of service
madwifi: multiple vulnerabilities
mod_perl: denial of service
php: multiple vulnerabilities
vixie-cron: weak permissions may cause errors
Updated vulnerabilities acroread: multiple vulnerabilities
apache: cross-site scripting
Asterisk: two SIP denial of service vulnerabilities
bluez-utils: hidd vulnerability
bugzilla: multiple vulnerabilities
busybox: insecure password generation
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
cups: denial of service
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dovecot: index cache file handling error
elinks: arbitrary file access
evolution: format string error
fail2ban: denial of service
ffmpeg: buffer overflows
file: arbitrary code execution
firefox: FTP PASV port-scanning
freeradius: several vulnerabilities
freetype: integer overflows
gcc: file overwrite vulnerability
gd: buffer overflow
gdb: buffer overflow
gdm: improper file permissions
gedit: format string vulnerability
grip: buffer overflow
gzip: multiple vulnerabilities
horde-kronolith: local file inclusion
ImageMagick: integer overflows
imlib2: arbitrary code execution
inkscape: format string vulnerabilities
ipsec-tools: denial of service
java: multiple vulnerabilities
kdelibs: kate backup file permission leak
kdelibs: cross-site scripting
kernel: denial of service
kernel: multiple vulnerabilities
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
kernel: denial of service
kernel: denial of service
kernel: multiple vulnerabilities
krb5: uninitialized pointers
krb5: local privilege escalation
krb5: multiple vulnerabilities
ktorrent: incorrect validation
libgadu: memory alignment bug
libgtop2: buffer overflow
libmodplug: boundary errors
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lookup-el: insecure temporary file
lynx: arbitrary command execution
man-db: buffer overflow
mod_jk: stack overflow
mplayer: buffer overflow
mysql: denial of service
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nas: code execution
nbd: arbitrary code execution
ncompress: buffer underflow
openldap: security bypass
OpenOffice.org: buffer overflow and command execution
OpenSSH: denial of service
openssh: remote denial of service
php: several vulnerabilities
php: buffer overflows
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
postgresql: SQL injection
qt: "/../" injection
quake: buffer overflow
rpm: arbitrary code execution
Mozilla: multiple vulnerabilities
shadow-utils: mailbox creation vulnerability
slocate: information disclosure
snort: remote arbitrary code execution
sun-jdk: arbitrary code execution
tcpdump: denial of service
unzip: long file name buffer overflow
w3c-libwww: possible stack overflow
XFree86 X.org: integer overflows
xine: format string vulnerabilities
xine-lib: arbitrary code execution
xine-lib: buffer overflow
xine-lib: buffer overflow
xinit: race condition
xmms: BMP handling vulnerability
X.org: local privilege escalations
zziplib: buffer overflow
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.21-rc7, released by Linus on April 15. The list of fixes is relatively short; the next release - expected any day now - should be the final 2.6.21 kernel.About 30 fixes have been merged into the mainline git repository since -rc7. Also merged is the removal of the unused alloc_skb_from_cache() function. The current stable 2.6 kernel is 2.6.20.7, released on April 13. It contains fixes for a dozen or so serious problems. For older kernels: 2.6.16.47 was released on April 14, followed by 2.6.16.48 on April 16. Each contains around a dozen fixes, some of which are security-related.
Kernel development news Quotes of the week
So I claim that anything that cannot be fair by user ID is actually
really REALLY unfair. I think it's absolutely humongously STUPID to
call something the "Completely Fair Scheduler", and then just be
fair on a thread level. That's not fair AT ALL! It's the
anti-thesis of being fair!
-- Linus Torvalds
It just reminds me that the concept of "release early, release
often" doesn't actually work in the kernel. What is far more
obvious is "release code only when it's so close to perfect that
noone can argue against it" since most of the work is done by one
person, otherwise someone will come out with a counterpatch that is
_complete_ earlier but in all possibility not as good, it's just
ready sooner.
-- Con Kolivas
Schedulers: the plot thickensThe RSDL scheduler (since renamed the staircase deadline scheduler) by Con Kolivas was, for a period of time, assumed to be positioned for merging into the mainline, perhaps as soon as 2.6.22. Difficulties with certain workloads made the future of this scheduler a little less certain. Now Con would appear to have rediscovered one of the most reliable ways of getting a new idea into the kernel: post some code then wait for Ingo Molnar to rework the whole thing in a two-day hacking binge. So, while Con has recently updated the SD scheduler patch, his work now looks like it might be upstaged by Ingo's new completely fair scheduler (CFS), at version 2 as of this writing.There are a number of interesting aspects to CFS. To begin with, it does away with the arrays of run queues altogether. Instead, the CFS works with a single red-black tree to track all processes which are in a runnable state. The process which pops up at the leftmost node of the tree is the one which is most entitled to run at any given time. So the key to understanding this scheduler is to get a sense for how it calculates the key value used to insert a process into the tree. That calculation is reasonably simple. When a task goes into the run queue, the current time is noted. As the process waits for the CPU, the scheduler tracks the amount of processor time it would have been entitled to; this entitlement is simply the wait time divided by the number of running processes (with a correction for different priority values). For all practical purposes, the key is the amount of CPU time due to the process, with higher-priority processes getting a bit of a boost. The short-term priority of a process will thus vary depending on whether it is getting its fair share of the processor or not. It is only a slight oversimplification to say that the above discussion covers the entirety of the CFS scheduler. There is no tracking of sleep time, no attempt to identify interactive processes, etc. In a sense, the CFS scheduler even does away with the concept of time slices; it's all a matter of whether a given process is getting the share of the CPU it is entitled to given the number of processes which are trying to run. The CFS scheduler offers a single tunable: a "granularity" value which describes how quickly the scheduler will switch processes in order to maintain fairness. A low granularity gives more frequent switching; this setting translates to lower latency for interactive responses but can lower throughput slightly. Server systems may run better with a higher granularity value. Ingo claims that the CFS scheduler provides solid, fair interactive response in almost all situations. There's a whole set of nasty programs in circulation which can be used to destroy interactivity under the current scheduler; none of them, says Ingo, will impact interactivity under CFS. The CFS posting came with another feature which surprised almost everybody who has been watching this area of kernel development: a modular scheduler framework. Ingo describes it as "an extensible hierarchy of scheduler modules," but, if so, it's a hierarchy with no branches. It's a simple linked list of modules in priority order; the first scheduler module which can come up with a runnable task gets to decide who goes next. Currently two modules are provided: the CFS scheduler described above and a simplified version of the real-time scheduler. The real-time scheduler appears first in the list, so any real-time tasks will run ahead of normal processes. There is a relatively small set of methods implemented by each scheduler module, starting with the queueing functions:
void (*enqueue_task) (struct rq *rq, struct task_struct *p);
void (*dequeue_task) (struct rq *rq, struct task_struct *p);
void (*requeue_task) (struct rq *rq, struct task_struct *p);
When a task enters the runnable state, the core scheduler will hand it to the appropriate scheduler module with enqueue_task(); a task which is no longer runnable is taken out with dequeue_task(). The requeue_task() function puts the process behind all others at the same priority; it is used to implement sched_yield(). A few functions exist for helping the scheduler track processes:
void (*task_new) (struct rq *rq, struct task_struct *p);
void (*task_init) (struct rq *rq, struct task_struct *p);
void (*task_tick) (struct rq *rq, struct task_struct *p);
The core scheduler will call task_new() when processes are created. task_init() initializes any needed priority calculations and such; it can be called when a process is reniced, for example. The task_tick() function is called from the timer tick to update accounting and possibly switch to a different process. The core scheduler can ask a scheduler module whether the currently executing process should be preempted now:
void (*check_preempt_curr) (struct rq *rq, struct task_struct *p);
In the CFS scheduler, this check tests the given process's priority against that of the currently running process, followed by the fairness test. When the fairness test is done, the scheduling granularity is taken into account, possibly allowing a process to run a little longer than strict fairness would allow. When it's time for the core scheduler to choose a process to run, it will use these methods:
struct task_struct * (*pick_next_task) (struct rq *rq);
void (*put_prev_task) (struct rq *rq, struct task_struct *p);
The call to pick_next_task() asks a scheduler module to decide which process (among those in the class managed by that module) should be running currently. When a task is switched out of the CPU, the module will be informed with a call to put_prev_task(). Finally, there's a pair of methods intended to help with load balancing across CPUs:
struct task_struct * (*load_balance_start) (struct rq *rq);
struct task_struct * (*load_balance_next) (struct rq *rq);
These functions implement a simple iterator which the scheduler can used to work through all processes currently managed by the scheduling module. One assumes that this framework could be used to implement different scheduling regimes in the future. It might need some filling out; there is, for example, no way to prioritize scheduling modules (or choose the default module) other than changing the source. Beyond that, if anybody ever wants to implement modules which schedule tasks at the same general priority level, the strict priority ordering of the current framework will have to change - and that could be an interesting task. But it's a start. The reason that this development is so surprising is that nobody had really been talking about modular schedulers. And the reason for that silence is that pluggable scheduling frameworks had been soundly rejected in the past - by Ingo Molnar, among others:
So i consider scheduler plugins as the STREAMS equivalent of
scheduling and i am not very positive about it. Just like STREAMS,
i consider 'scheduler plugins' as the easy but deceptive and wrong
way out of current problems, which will create much worse problems
than the ones it tries to solve.
So the obvious question was: what has changed? Ingo has posted an explanation which goes on at some length. In essence, the previous pluggable scheduler patches were focused on replacing the entire scheduler rather than smaller pieces of it; they did not help to make the scheduler simpler. So now there are three scheduler replacement proposals on the table: SD by Con Kolivas, CFS by Ingo Molnar, and "nicksched" by Nick Piggin (a longstanding project which clearly deserves treatment on this page as well). For the moment, Con appears to have decided to take his marbles and go home, removing SD from consideration. Still, there are a few options out there, and one big chance (for now) to replace the core CPU scheduler. While Ingo's work has been generally well received, not even Ingo is likely to get a free pass on a decision like this; expect there to be some serious discussion before an actual replacement of the scheduler is made. Among other things, that suggests that a new scheduler for 2.6.22 is probably not in the cards.
ELC: How much memory are applications really using?Anybody who has tried to figure out why a Linux system is running short of memory can attest that the memory usage information made available by the kernel is, at best, difficult to use. Matt Mackall has recently been working on a set of patches aimed at improving this situation. Given the constraints imposed by embedded Linux systems, it is not surprising that Matt chose the Embedded Linux Conference to present his work (which, incidentally, was funded by the Consumer Electronics Linux Forum).
The problem is that the numbers exported by the current kernels are nearly meaningless. The reported virtual size of an application is nearly irrelevant; it says nothing about how much of that virtual space is actually being used. The resident set size (RSS) number is a little better, but there is no information on sharing of pages there. The /proc/pid/smaps file gives a bit of detail, but also lacks sharing information. And the presence of memory pressure can change the situation significantly. The Linux virtual memory system, in other words, is a black box which provides too little information on what is going on inside. Matt's project is to open up that box and shine some light inside. The first step is to add a new file (pagemap) in each process's /proc directory. It is a binary file containing the page frame number for each page in the process's address space. The file can be read to see where a process's pages have been placed and, more interestingly, it can be compared between processes to see which pages are being shared. Matt has a little graphical tool which can display this file, showing the patterns of which pages are present in memory and which are not. Then, there is a file (/proc/kpagemap) which provides information about the kernel's memory map. For each physical page in the system, kpagemap contains the mapping count and the page flags. This information can be used to learn about sharing of pages and about how each page is being used. There were a couple of graphical applications using this file as well; one showed the degree to which each page is being shared, while the other showed the use of each page as determined by its flags. Once this information is available, one can start to generate some useful numbers on memory use. Matt is proposing two new metrics. The "proportional set size" (PSS) of a process is the count of pages it has in memory, where each page is divided by the number of processes sharing it. So if a process has 1000 pages all to itself, and 1000 shared with one other process, its PSS will be 1500. The unique set size (USS), instead, is a simple count of unshared pages. It is, for all practical purposes, the number of pages which will be returned to the system if the process is killed. These numbers are relatively expensive to calculate, since they required a pass through the process's address space. So they will not be something which is regularly exported from the kernel. They can be calculated in user space using the pagemap files, though. Matt demonstrated a couple of tools to do these calculations. Using "memstats" on a galeon process, he supplemented the currently-available virtual size and resident set size numbers (105MB and 41MB, respectively) with a PSS of 26MB and a USS of 20MB. There is also a "memrank" tool which lists processes in the system sorted by decreasing PSS. With a tool like that, finding the memory hogs on the system becomes a trivial task. Matt pointed out that these numbers, while useful, will change depending on the amount of memory pressure being experienced by the system. It would be nice to be able to figure out how much memory a given process truly needs before it will begin to thrash. To this end, his patch creates a new clear_refs file for each process; this file can be used to reset the "referenced" flag on each page in the process's working set. After the process runs for a bit, one can look at which pages have had their referenced bits set again; those are the pages it actually needed to run during that time. The patches are in the -mm tree currently; it's possible that they could find their way into the mainline once the 2.6.22 merge window opens up. Those who would like to play with Matt's scripts can find them in this directory; the slides from his talk are packaged there as well. With luck, understanding system memory usage will require far less guesswork in the near future.
A peek at the DragonFly Virtual Kernel (part 2)[ Editor's note: this article is the second and final part of the look at the DragonFly BSD virtual kernel article by Aggelos Economopoulos. For those who questioned why a BSD development appears on this page, the answer is simple: there is value in seeing how others have solved common problems.]
Userspace I/OOur previous article gave an overview of the DragonFly virtual kernel and the kernel virtual memory subsystem. In this article, we can finally cover the complications that present themselves in implementing such a virtualized execution environment. If you haven't read the previous article, it would be a good idea to do so before continuing. Now that we know how the virtual kernel regains control when its processes request/need servicing, let us turn to how it goes about satisfying those requests. Signal transmission and most of the filesystem I/O (read, write, ...), process control (kill, signal, ...) and net I/O system calls are easy; the vkernel takes the same code paths that a real kernel would. The only difference is in the implementation of the copyin()/copyout() family of routines for performing I/O to and from userspace. When the real kernel needs to access user memory locations, it must first make sure that the page in question is resident and will remain in memory for the duration of a copy. In addition, because it acts on behalf of a user process, it should adhere to the permissions associated with that process. Now, on top of that, the vkernel has to work around the fact that the process address space is not mapped while it is running. Of course, the vkernel knows which pages it needs to access and can therefore perform the copy by creating a temporary kernel mapping for the pages in question. This operation is reasonably fast; nevertheless, it does incur measurable overhead compared to the host kernel. Page FaultsThe interesting part is dealing with page faults (this includes lazily servicing mmap()/madvise()/... operations). When a process mmap()s a file (or anonymous memory) in its address space, the kernel (real or virtual) does not immediately allocate pages to read in the file data (or locate the pages in the cache, if applicable), nor does it setup the pagetable entries to fulfill the request. Instead, it merely notes in its data structures that it has promised that the specified data will be there when read and that writes to the corresponding memory locations will not fail (for a writable mapping) and will be reflected on disk (if they correspond to a file area). Later, if the process tries to access these addresses (which do not still have valid pagetable entries (PTES), if they ever did, because new mappings invalidate old ones), the CPU throws a pagefault and the fault handling code has to deliver as promised; it obtains the necessary data pages and updates the PTES. Following that, the faulting instruction is restarted. Consider what happens when a process running on an alternate vmspace of a vkernel process generates a page fault trying to access the memory region it has just mmap()ed. The real kernel knows nothing about this and through a mechanism that will be described later, passes the information about the fault on to the vkernel. So, how does the vkernel deal with it? The case when the faulting address is invalid is trivially handled by delivering a signal (SIGBUS or SIGSEGV) to the faulting vproc. But in the case of a reference to a valid address, how can the vkernel ensure that the current and succeeding accesses will complete? Existing system facilities are not appropriate for this task; clearly, a new mechanism is called for. What we need, is a way for the vkernel to execute mmap-like operations on its alternate vmspaces. With this functionality available as a set of system calls, say vmspace_mmap()/vmspace_munmap()/etc, the vkernel code servicing an mmap()/munmap()/mprotect()/etc vproc call would, after doing some sanity checks, just execute the corresponding new system call specifying the vmspace to operate on. This way, the real kernel would be made aware of the required mapping and its VM system would do our work for us. The DragonFly kernel provides a vmspace_mmap() and a vmspace_munmap() like the ones we described above, but none of the other calls we thought we would need. The reason for this is that it takes a different, non-obvious, approach that is probably the most intriguing aspect of the vkernel work. The kernel's generic mmap code now recognizes a new flag, MAP_VPAGETABLE. This flag specifies that the created mapping is governed by a userspace virtual pagetable structure (a vpagetable), the address of which can be set using the new vmspace_mcontrol() system call (which is an extension of madvise(), accepting an extra pointer parameter) with an argument of MADV_SETMAP. This software pagetable structure is similar to most architecture-defined pagetables. The complementary vmspace_munmap(), not surprisingly, removes mappings in alternate address spaces. These are the primitives on which the memory management of the virtual kernel is built. Table 1. New vkernel-related system calls
int vmspace_create(void *id, int type, void *data);
int vmspace_destroy(void *id,);
int vmspace_ctl(void *id, int cmd, struct trapframe *tf,
struct vextframe *vf);
int vmspace_mmap(void *id, void *start, size_t len, int prot,
int flags, int fd, off_t offset);
int vmspace_munmap(void *id, void *start, size_t len);
int mcontrol(void *start, size_t len, int adv, void *val);
int vmspace_mcontrol(void *id, void *start, size_t len, int adv,
void *val);
At this point, an overview of the virtual memory map of each vmspace associated with the vkernel process is in order. When the virtual kernel starts up, there is just one vmspace for the process and it is similar to that of any other process that just begun executing (mainly consisting of mappings for the heap, stack, program text and libc). During its initialization, the vkernel mmap()s a disk file that serves the role of physical memory (RAM). The real kernel is instructed (via madvise(MADV_NOSYNC)) to not bother synchronizing this memory region with the disk file unless it has to, which is typically when the host kernel is trying to reclaim RAM pages in a low memory situation. This is imperative; otherwise all the vkernel "RAM" data would be treated as valuable by the host kernel and would periodically be flushed to disk. Using MADV_NOSYNC, the vkernel data will be lost if the system crashes, just like actual RAM, which is exactly what we want: it is up to the vkernel to sync user data back to its own filesystem. The memory file is mmap()ed specifying MAP_VPAGETABLE. It is in this region that all memory allocations (both for the virtual kernel and its processes) take place. The pmap module, the role of which is to manage the vpagetables according to instructions from higher level VM code, also uses this space to create the vpagetables for user processes. On the real kernel side, new vmspaces that are created for these user processes are very simple in structure. They consist of a single vm_map_entry that covers the 0 - VM_MAX_USER_ADDRESS address range. This entry is of type MAPTYPE_VPAGETABLE and the address for its vpagetable has been set (by means of vmspace_mcontrol()) to point to the vkernel's RAM, wherever the pagetable for the process has been allocated. The true vm_map_entry structures are managed by the vkernel's VM subsystem. For every one of its processes, the virtual kernel maintains the whole set of vmspace/vm_map, vm_map_entry, vm_object objects that we described earlier. Additionally, the pmap module needs to keep its own (not to be described here) data structures. All of the above objects reside in the vkernel's "physical" memory. Here we see the primary benefit of the DragonFly approach: no matter how fragmented an alternate vmspace's virtual memory map is and independently of the amount of sharing of a given page by processes of the virtual kernel, the host kernel expends a fixed (and reasonably sized) amount of memory for each vmspace. Also, after the initial vmspace creation, the host kernel's VM system is taken out of the equation (expect for pagefault handling), so that when vkernel processes require VM services, they only compete among themselves for CPU time and not with the host processes. Compared to the "obvious" solution, this approach saves large amounts of host kernel memory and achieves a higher degree of isolation. Now that we have grasped the larger picture, we can finally examine our "interesting" case: a page fault occurs while the vkernel process is using one of its alternate vmspaces. In that case, the vm_fault() code will notice it is dealing with a mapping governed by a virtual pagetable and proceed to walk the vpagetable much like the hardware would. Suppose there is a valid entry in the vpagetable for the faulting address; then the host kernel simply updates its own pagetable and returns to userspace. If, on the other hand, the search fails, the pagefault is passed on to the vkernel which has the necessary information to update the vpagetable or deliver a signal to the faulting vproc if the access was invalid. Assuming the vpagetable was updated, the next time the vkernel process runs on the vmspace that caused the fault, the host kernel will be able to correct its own pagetable after searching the vpagetable as described above. There are a few complications to take into account, however. First of all, any level of the vpagetable might be paged out. This is straightforward to deal with; the code that walks the vpagetable must make sure that a page is resident before it tries to access it. Secondly, the real and virtual kernels must work together to update the accessed and modified bits in the virtual pagetable entries (VPTES). Traditionally, in architecture-defined pagetables, the hardware conveniently sets those bits for us. The hardware knows nothing about vpagetables, though. Ignoring the problem altogether is not a viable solution. The availability of these two bits is necessary in order for the VM subsystem algorithms to be able to decide if a page is heavily used and whether it can be easily reclaimed or not (see [AST06]). Note that the different semantics of the modified and accessed bits mean that we are dealing with two separate problems. Keeping track of the accessed bit turns out to require a minimal amount of work. To explain this, we need to give a short, incomplete, description of how the VM subsystem utilizes the accessed bit to keep memory reference statistics for every physical page it manages. When the DragonFly pageout daemon is awakened and begins scanning pages, it first instructs the pmap subsystem to free whatever memory it can that is consumed by process pagetables, updating the physical page reference and modification statistics from the PTES it throws away. Until the next scan, any pages that are referenced will cause a pagefault and the fault code will have to set the accessed bit on the corresponding pte (or vpte). As a result, the hardware is not involved[4]. The behavior of the virtual kernel is identical to that just sketched above, except that in this case page faults are more expensive since they must always go through the real kernel. While the advisory nature of the accessed bit gives us the flexibility to exchange a little bit of accuracy in the statistics to avoid a considerable loss in performance, this is not an option in emulating the modified bit. If the data has been altered via some mapping the (now "dirty") page cannot be reused at will; it is imperative that the data be stored in the backing object first. The software is not notified when a pte has the modified bit set in the hardware pagetable. To work around this, when a vproc requests a mapping for a page and that said mapping be writable, the host kernel will disallow writes in the pagetable entry that it instantiates. This way, when the vproc tries to modify the page data, a fault will occur and the relevant code will set the modified bit in the vpte. After that, writes on the page can finally be enabled. Naturally, when the vkernel clears the modified bit in the vpagetable it must force the real kernel to invalidate the hardware pte so that it can detect further writes to the page and again set the bit in the vpte, if necessary.
Floating Point ContextAnother issue that requires special treatment is saving and restoring of the state of the processor's Floating Point Unit (FPU) when switching vprocs. To the real kernel, the FPU context is a per-thread entity. On a thread switch, it is always saved[5] and machine-dependent arrangements are made that will force an exception ("device not available" or DNA) the first time that the new thread (or any thread that gets scheduled later) tries to access the FPU[6]. This gives the kernel the opportunity to restore the proper FPU context so that floating point computations can proceed as normal. Now, the vkernel needs to perform similar tasks if one of its vprocs throws an exception because of missing FPU context. The only difficulty is that it is the host kernel that initially receives the exception. When such a condition occurs, the host kernel must first restore the vkernel thread's FPU state, if another host thread was given ownership of the FPU in the meantime. The virtual kernel, on the other hand, is only interested in the exception if it has some saved context to restore. The correct behavior is obtained by having the vkernel inform the real kernel whether it also needs to handle the DNA exception. This is done by setting a new flag (PGEX_FPFAULT) in the trapframe argument of vmspace_ctl(). Of course, the flag need not be set if the to-be-run virtualized thread is the owner of the currently loaded FPU state. The existence of PGEX_FPFAULT causes the vkernel host thread to be tagged with FP_VIRTFP. If the host kernel notices said tag when handed a "device not available" condition, it will restore the context that was saved for the vkernel thread, if any, before passing the exception on to the vkernel.
Platform driversJust like for ports to new hardware platforms, the changes made for vkernel are confined to few parts of the source tree and most of the kernel code is not aware that it is in fact running as a user process. This applies to filesystems, the vfs, the network stack and core kernel code. Hardware device drivers are not needed or wanted and special drivers have been developed to allow the vkernel to communicate with the outside world. In this subsection, we will briefly mention a couple of places in the platform code where the virtual kernel needs to differentiate itself from the host kernel. These examples should make clear how much easier it is to emulate platform devices using the high level primitives provided by the host kernel, than dealing directly with the hardware. Timer. The DragonFly kernel works with two timer types. The first type provides an abstraction for a per-CPU timer (called a systimer) implemented on top of a cputimer. The latter is just an interface to a platform-specific timer. The vkernel implements one cputimer using kqueue's EVFILT_TIMER. kqueue is the BSD high performance event notification and filtering facility described in some detail in [Lemon00]. The EVFILT_TIMER filter provides access to a periodic or one-shot timer. In DragonFly, kqueue has been extended with signal-driven I/O support (see [Stevens99]) which, coupled with the a signal mailbox delivery mechanism allows for fast and very low overhead signal reception. The vkernel makes full use of the two extensions. Console. The system console is simply the terminal from which the vkernel was executed. It should be mentioned that the vkernel applies special treatment to some of the signals that might be generated by this terminal; for instance, SIGINT will drop the user to the in-kernel debugger.
Virtual Device DriversThe virtual kernel disk driver exports a standard disk driver interface and provides access to an externally specified file. This file is treated as a disk image and is accessed with a combination of the read(), write() and lseek() system calls. Probably the simplest driver in the kernel tree, the memio driver for /dev/zero included in the comparison. VKE implements an ethernet interface (in the vkernel) that tunnels all the packets it gets to the corresponding tap interface in the host kernel. It is a typical example of a network interface driver, with the exception that its interrupt routine runs as a response to an event notification by kqueue. A properly configured vke interface is the vkernel's window to the outside world.
Bibliography[McKusick04] The Design and Implementation of the FreeBSD Operating System, Kirk McKusick and George Neville-Neil [Dillon00] Design elements of the FreeBSD VM system Matthew Dillon [Lemon00] Kqueue: A generic and scalable event notification facility Jonathan Lemon [AST06] Operating Systems Design and Implementation, Andrew Tanenbaum and Albert Woodhull. [Provos03] Improving Host Security with System Call Policies Niels Provos [Stevens99] UNIX Network Programming, Volume 1: Sockets and XTI, Richard Stevens.
Notes
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Networking
Security-related
Virtualization and containers
Page editor: Jonathan Corbet Distributions News and Editorials An LWN.net Distribution List updateIt's been over a year since we've looked at the ever changing LWN.net Linux Distribution List. Our last list update appeared in the March 30, 2006 weekly edition. At that time we had 455 active distributions plus 49 in the historical section. Now we are up to 485 "active" distributions, with an additional 58 listings in the Historical section.Determining whether or not a distribution is active is not always easy. Some are just very slow paced and may go several years between releases. Sometimes, just when you think a distribution is gone for good it shows up at a new URL, with a new or newly refreshed developer. This is the case with Trinux: Linux Security Toolkit, a distribution that hasn't seen an update in over three years, but now has a new lease on life with ubuntutrinux. Naturally it takes some time to check the links of over 500 distributions, so we can never guarantee that all of them are still in use. So while the list gets updated at least a couple of times per week; new distributions are added, existing entries are updated with new release information, etc.; older entries may stagnate for some time before being noticed and removed. Now it's time to say goodbye to those distributions that disappeared or were otherwise removed during the past year. NSA Security Enhanced Linux was removed from the list. The SE Linux project is still very much alive, but the reference distribution that was once used to test the code is no longer needed. HA Linux was a distribution used by Motorola, not to be confused with other high availability projects. Also Circle MUDLinux, freevix, Mandrakelinux Clustering, MSC.Linux, Mustang Linux, SCMLinux, SmartPeer, System-Down::Rescue, Troppix, Vedova Linux, and XenoLinux. As always, let us know about any additions or corrections to our list of Linux Distributions.
New Releases Release for CentOS-5 i386 and x86_64CentOS-5 for i386 and x86_64 has been released. "CentOS-5 is based on the upstream release 5, and includes packages from all variants including Server and Client. All upstream repositories have been combined into one, to make it easier for end users to work with. And the option to further enable external repositories at install time is now available in the installer." Click below for download information and release notes.
Announcing Foresight Linux 1.2Foresight Linux 1.2 has been released. This version features GNOME 2.18.1, Linux Kernel 2.6.20.6, better wireless driver and overall hardware support, fixes for some digital cameras and scanners to allow importing/scanning of images, added Japanese support (fonts and keyboards), a new GNOME Display Manager theme, new Epiphany extensions: Greasemonkey, Tab States & Push Scroll, OpenOffice.org 2.2, and Thunderbird 2 RC1. See the release notes for more information.
Mandriva Linux 2007 Spring: Spring Is Here!Mandriva has announced the release of Mandriva Linux 2007 Spring. This release features X.org 7.2, KDE 3.5.6, GNOME 2.18, OpenOffice.org 2.1, Mozilla Firefox 2.0, Mozilla Thunderbird 2.0 and Metisse, the new window environment developed by the French In Situ project.
openSUSE 10.3 Alpha3 releasedThe openSUSE Project has released the third public alpha release of openSUSE 10.3. Click below for a look at the important changes since Alpha2, the Most Annoying Bugs and other information for testers.
RedHawk Real-Time Linux Release 4.2Concurrent has announced the release of RedHawk Real-Time Linux 4.2. "RedHawk Linux v4.2 operating system is built on the 2.6.18.8 Linux kernel and incorporates many of the accepted Ingo Molnar real-time patches, overall performance and stability enhancements and improved user application space features unavailable in older kernels. Compatible with Red Hat Enterprise 4 Update 4, RedHawk Linux version 4.2 includes support for running the 32-bit version of RedHawk on AMD Opteron based systems in addition to the 64-bit version already supported. This capability benefits customers who want the advanced AMD architecture, while requiring their OS to run in native 32-bit mode for specific device driver compatibility."
Distribution News Debian announcementsMartin Pitt looks at PostgreSQL in Lenny and the libpq transition. "today I uploaded postgresql-8.2 into unstable. Welcome, Lenny! With this change, and the new postgresql-common architecture now being in Etch, there are a few changes ahead of us."Steve McIntyre presents a last few bits from the 2IC. "Well, it's been a busy year since AJ was elected and blind-sided me with his offer of the delegated 2IC job. It's not all been sweetness and light since that point, but certainly a lot has happened... :-) So, my own summary of the last couple of months since last I wrote about stuff. There have been a lot of announcements!"
A security analysis of two years of RHEL 4Red Hat Magazine has published a lengthy article on the security issues which affected Red Hat Enterprise Linux 4. "A default installation of Enterprise Linux 4 AS was vulnerable to only 3 critical security issues in the whole two years." It is, overall, a good exercise in transparency by a distributor.
Ubuntu: Introducing the Gutsy GibbonMark Shuttleworth has sent out a message looking forward to the next Ubuntu development cycle. It seems that "Gutsy Gibbon" beat out "Glossy Gnu" for the name. "The Glossy Gnu will nonetheless play a role in this next release, because Ubuntu 7.10 will feature a new flavour - as yet unnamed - which takes an ultra-orthodox view of licensing: no firmware, drivers, imagery, sounds, applications, or other content which do not include full source materials and come with full rights of modification, remixing and redistribution. There should be no more conservative home, for those who demand a super-strict interpretation of the 'free' in free software. This work will be done in collaboration with the folks behind Gnewsense." The release schedule has been posted as well.
Latest Ubuntu Delivers on the Promise of Open SourceClick below for a press release on the Ubuntu 7.04 release. "Ubuntu is the award-winning Linux distribution for the desktop, laptop, thin client and server which brings together the best of open source software every 6 months. Ubuntu 7.04 desktop edition includes a ground-breaking Windows migration assistant, excellent wireless networking support and improved multimedia support."
YDL v5.0.1 for Apple PowerPC is now shippingYellow Dog Linux v5.0.1 for the Apple PowerPC systems are available at the Terrasoft Store. "Yellow Dog Linux v5.0.1 for the Apple PowerPC systems adds greater than 500 package updates to the next generation Linux operating system released last fall for the Sony Computer Entertainment PLAYSTATION(R)3 with support for the former Apple PowerPC product line."
Distribution Newsletters Fedora Weekly News Issue 83The Fedora Weekly News for April 14, 2007 covers Fedora wiki accounts, Fedora-Extras list is closing, Fedora Development (2007-04-11) Live i386 image available, Fedora's Pidgin Plan, and much more.
Gentoo Weekly NewsletterThe Gentoo Weekly Newsletter for April 2, 2007 covers virtual/x11 removal, Gentoo in the press and more.The Gentoo Weekly Newsletter for April 9, 2007 looks at Developer of the Week Camille Huot, aka cam, tips and tricks and several other topics.
Ubuntu Weekly News: Issue #36The Ubuntu Weekly Newsletter for April 14, 2007 is out. " This is probably the last UWN before Ubuntu Feisty Fawn 7.04 gets released into the wild. In this issue we cover Mark's announcement on the next Ubuntu release codename and schedule, Feisty Fawn's release parties and a small delay in the release candidate due to problemas with certain ATA chipsets, although the final release is still expected on Thursday 19th."
Full Circle - the Ubuntu Community Magazine - issue #0The inaugural issue of Full Circle Magazine is available (pdf). This issue contains two articles on the History of Ubuntu - from Warty to Feisty and Ubuntu 7.04 - Feisty Fawn's New Features.
DistroWatch Weekly, Issue 198The DistroWatch Weekly for April 16, 2007 is out. "The new releases from CentOS and One Laptop Per Child (OLPC) projects were in the centre of attention at many Linux news sites during the past week. CentOS 5, a clone of Red Hat Enterprise Linux 5, is a free enterprise-class distribution with 5-year security support - perfect for any organisation with long-term operating system plans, while the first public release of OLPC -- especially its "Sugar" user interface -- also aroused much curiosity among Linux users. In the news section: Ubuntu "Feisty" gets delayed over several release-critical bugs, Linux Mint proves its growing popularity with incredible download figures, and FreeBSD gets a new file system - the excellent ZFS from Sun Microsystems. Finally, don't miss the fourth part of our overview of top ten Linux distributions covering KNOPPIX and Slackware Linux."
Newsletters and articles of interest Ubuntu 7.04 arrives Thursday (Linux-Watch)Linux-Watch takes a look at the Feisty Fawn. "This new v7.04 release encompasses five versions: Ubuntu Server, Ubuntu Desktop, Edubuntu, Kubuntu, and Xubuntu. Along with the self-explanatory server and desktop versions, Edubuntu is meant for educational uses; Kubuntu is a desktop platform that uses KDE 3.5.6 for its desktop environment instead of Ubuntu's GNOME 2.18; and Xubuntu is a desktop for lower-end PCs and uses the lightweight Xfce 4.4 desktop manager."
Linux Mint issues second KDE version test (DesktopLinux)DesktopLinux takes a look at Linux Mint 2.2 KDE edition. "The Linux Mint team this week made available the second release candidate of its Ubuntu-based Linux Mint 2.2, KDE edition. The release carries a 2.6.17 kernel (same as the most recent GNOME desktop version, which came out a week ago) along with several important improvements, according to the project. "We received a lot of feedback on BETA 020 and made important modifications in this release," said team member Clement Lefebvre. The stable release is scheduled for April 20, he added."
Distribution reviews Debian redefines itself with new release (Linux.com)Bruce Byfield reviews Debian's new release. "For much of its history, Debian has been the major noncommercial, philosophically free distribution. Now, as Debian developers and users have deserted the distro for Ubuntu, does Debian have a purpose any more? Debian 4.0, which was released this week, represents a collective effort to answer that question. The philosophy behind the release is best summarized on the home page for the Debian on the Desktop subproject, which states, "We will do everything we can to make things very easy for the novice, while allowing the expert to tweak things.""
Debian 4.0 Tiptoes to Leading Edge (eWeek)eWeek Labs tested Debian 4.0. "Debian is great fit for server deployments and is particularly well-suited for hosting applications that draw on popular open-source components, such as Apache or MySQL. Up-to-date versions of these popular Web and database servers, along with multiple alternatives for each and thousands of other applications, are available for Debian and ready for installation over one of the project's many repository mirror sites."
CentOS 5 is a solid enterprise OS (Linux.com)Linux.com has a review of CentOS 5. "Last week, two years since its last major release, the CentOS project released version 5 of its enterprise-focused Linux distribution. I downloaded it and put it to the test, and found that CentOS 5 has maintained its tradition of robustness and reliability while adding new features like virtualization."
Installing CentOS 5 "Debian Style" (MontanaLinux.org)Scott Dowdle looks at CentOS 5 "Debian Style". "Since I'm a Red Hat fan (which includes Fedora Core and CentOS), I'm aware of the complaints people have about "having to download multiple CDs" before they can start installing. In fact, the recently released CentOS 5 is 6 CDs (i386, or 7 CDs for x86_64). To counter those complaints, I thought I'd try a single CD install of the recently released CentOS 5 "Debian style" and then add everything in post-install. Join me if you will..."
Page editor: Rebecca Sobol Development Google Summer of Code 2007 kicks offWhen Google's 905 accepted students officially begin coding on May 28th, 137 mentoring open-source projects will be given a serious influx of labor. As in 2005 and 2006, Google will be paying each of these university students $4500 to act as pro-tempore developers for the scores of participating open source projects. The projects are given $500 for each student they take on and mentor. Google is spending more than four million dollars on the program this year, and significant contributions are expected for projects ranging from Ubuntu and Mozilla to scientific endeavors. The Google Summer of Code 2007 reached the second major milestone in its program timeline on April 11th by posting accepted student applications. This follows the announcement of accepted mentoring organizations and the simultaneous commencement of the student application period, the first major milestone, on March 14th. For more information about the Summer of Code's motivation, evolution, logistics, finances, and success, the Linux Weekly News turned to Google's Open Source Program Coordinator Leslie Hawthorn: LWN: What prompted Google to found the annual Summer of Code in 2005? What were the initial goals of the project, from Google's perspective? Hawthorn: We were looking for a way to provide students studying computer science and IT another set of opportunities to work in their field of academic study over the summer. We were also hoping to introduce more students to open source development, as well as to increase the number of open source developers in general. Of course, the great by-product of all of these goals is that more open source code is available to everyone. LWN: Were there any complaints or controversies from past Summers of Code that prompted logistical changes for the 2007? Hawthorn: We'll always be working to improve the program. Payments were an area of difficulty in 2005, and also last year, though much less so. This year we're introducing a whole new method of payments which we hope will mean that disbursements go more smoothly. We also heard from many of our students and mentors that there simply wasn't enough time during the program for students to come up to speed and get their code written, debugged and integrated back into the code base. We've reworked the timeline substantially this year and added in two months of "community bonding" to help with the time crunch. LWN: According to a 2006 article by the Internet News, about thirty percent of students continued to work with their mentoring organization after the completion of their Summer of Code 2005 project. Are you pleased with that retention rate? What could be done or has been done to improve it? Hawthorn: We're pleased, but we'd be ecstatic if that percentage were even higher. We're hoping the community-bonding period will encourage more students to stick around after the program ends. LWN: Google was only able to accept less than half of the mentoring organizations which applied this year. What criteria did you use to differentiate and select these organizations? Hawthorn: We based our decisions on several factors, but the major area was an organization's Ideas list: Did it look like a set of reasonable goals for students? Did the projects look interesting? Did the organization's Ideas list look well-organized and clearly written? LWN: How does Google benefit from accepting mentoring organizations such as the Robert H. Lurie Comprehensive Cancer Center of Northwestern University, which seemingly have little or no relevance to Google's business? Hawthorn: We take orgs from a wide variety of technology spaces. We benefit in the same way the rest of the world benefits: by having more code produced for everyone to use. LWN: Both mentors and students are required to submit evaluations which Google uses to determine whether or not the participants successfully completed their project and deserve payment. What questions are on these evaluation forms? What factors does Google use to determine whether or not payment is deserved? Hawthorn: The questions are newly determined each year. While Google makes the final determination on whether a student receives payment or not, in almost all cases we go with the mentor's judgment call. (We have not determined the questions yet for this year.) LWN: Can you estimate the success rate in past Summers of code based on these evaluation forms? Hawthorn: We had 89% of students pass their final evaluations for the 2005 program, and 82% for the 2006 program. LWN: What is Google's overall budget for the Summer of Code? How has this budget increased since 2005? Hawthorn: Our stipends budget has increased $1M each year; in 2005, we awarded $2M and in 2006 we awarded $3M. This year, our funding will increase to $4M. Our overall program costs behind the scenes will increase somewhat year by year, but not notably so. LWN: Google pays $5000 per student project - $4500 to the student and $500 to the mentor. What other major expenses are involved in the Summer of Code, be they during planning, administration, or otherwise? Hawthorn: Shipping internationally is incredibly expensive. We spend a decent amount of time planning for the program when it's not in session as well. LWN: What do you find usually motivates students to participate in the Summer of Code? Surely it's not just the money. Hawthorn: It's the t-shirt. Seriously, though, students are drawn to the program for a variety of reasons: passion for open source, desire for recognition and potential career advancement. That said, though, you would be shocked at the number of student and mentor applications that specifically mention the t-shirt. LWN: Is it too early to announce the Google Summer of Code 2008? Hawthorn: We have nothing to announce now. Stay tuned! :) Click here to read more of the interview with Leslie Hawthorn and see what's coming with this year's Summer of Code.
System Applications Database Software MySQL 5.1.17 beta has been releasedBeta version 5.1.17 of the MySQL DBMS is out. "Bear in mind that this is a beta release, and as any other pre-production release, caution should be taken when installing on production level systems or systems with critical data."
PostgreSQL Weekly NewsThe April 15, 2007 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
PostgreSQL Access Control Extension (PGACE) RFCKaiGai Kohei has sent out an RFC for the PostgreSQL Access Control Extension. "As I announced alpha version of SE-PostgreSQL about one month ago, I'm working for development of a security facility integrated with secure operating system. It provides database users fine grained mandatory access control including row and column level one, and integration with operating system security policy."
Web Site Development Lighttpd 1.4.15 announcedVersion 1.4.15 of lighttpd, a lightweight web server, is out with one bug fix. "As a good tradition with lighttpd release we are bitten by a last minute hotfix in 1.4.14. :) The bug appeared in 1.4.14 and users of 1.4.13 or older releases are not affected."
mnoGoSearch 3.2.42 announcedVersion 3.2.42 of mnoGoSearch, a web site search engine, has been announced. See the change log file for details.
Miscellaneous Eventum 2.0 releasedVersion 2.0 of Eventum, an issue tracking system from MySQL, is out with a large number of new features and bug fixes. "Eventum is a user-friendly and flexible issue tracking system that can be used by a support department to track incoming technical support requests, or by a software development team to quickly organize tasks and bugs. Eventum is used by the MySQL AB Technical Support team, and has allowed us to dramatically improve our response times."
Desktop Applications Audio Applications eSpeak 1.22 releasedVersion 1.22 of the eSpeak text to speech converter has been released. Changes include new mbrola front end capabilities, the addition of Czech, Slovak and Scottish English language support, improved Polish and Swedish language support, and an increase in the fastest speaking rate to 370 wpm.
Desktop Environments GARNOME 2.18.1 releasedVersion 2.18.1 of GARNOME, the bleeding-edge GNOME distribution, is out. "As usual it includes updates and fixes after the official GNOME freeze, together with a host of third-party GNOME packages, Bindings and the Mono(tm) Platform -- this is the second release of the current stable GNOME branch, ironing out yet-more bugs, hopefully adding yet-more stability, and ships with the latest and greatest stable releases."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
40 Students to work on KDE during GSoC 2007 (KDE.News)KDE.News reports on the selection of 40 KDE projects for the Google Summer of Code. " This is the third consecutive year that KDE is participating in the initiative. Though Thiago Macieira, KDE's Summer of Code co-ordinator, states that reviewing the 213 submissions was difficult, Aaron Seigo, member of the KDE e.V. board, has the "highest confidence in the final list, with ambitious and exciting new technology and functionality set to grace the KDE desktop, which is very fitting with what we are trying to achieve with the KDE 4 vision"."
KDE Commit-Digest (KDE.News)The April 15, 2007 edition of the KDE Commit-Digest has been announced. The content summary says: "The Summer of Code begins, with 40 KDE projects. Registration opens for Akademy 2007. Hosting proposals invited for Akademy 2008. Further progress in the KBattleship rewrite with sounds and network play integrated, and theming support added to the Bovo game. More work on Strigi file analysers. Drag-and-drop and porting work in Mailody. A new CVS plugin for KDevelop 4. KSquares moves to kdegames. A new game, Kollision, is imported into playground/games"
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Xfce 4.4.1 releasedVersion 4.4.1 of Xfce, a lightweight desktop environment, has been announced. "It's the first maintenance release of Xfce 4.4 (the current stable branch of Xfce) aimed at fixing important bugs and update translations."
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
Financial Applications GnuCash starts a new unstable seriesGnuCash 2.1.0 - an unstable release - is out. This release is interesting in that it shows the directions the GnuCash project is pursuing in this cycle. The leading feature would appear to be a port to Windows; there are also improvements to scheduled transactions, the elimination of the ancient g-wrap dependency, and more.
SQL-Ledger 2.8.1 releasedVersion 2.8.1 of SQL-Ledger, a web-based accounting system, has been announced. This release fixes a number of bugs and improves latex compatibility.
Interoperability Wine 0.9.35 releasedVersion 0.9.35 of Wine has been announced. Changes include: Broken aRts sound driver now removed for good, Many fixes to the Quartz DLL sound support, File I/O performance improvements, The usual assortment of Direct3D fixes and Lots of bug fixes.
Wine Weekly NewsletterThe April 16, 2007 edition of the Wine Weekly Newsletter is online with coverage of the Wine project. Topics include: Summer of Code Projects, Cedega 6.0 & Wine Benchmarks, OpenGL Child Windows Revisited, DIB Engine Ideas, Removing Audio Drivers, NT Named Pipes, DInput Bug and Windows/Linux Shared Objects.
Mail Clients Claws Mail 2.9.0 releasedVersion 2.9.0 of Claws Mail, an email client, is out. The news release shows a long list of new features, including a port to the Maemo platform: "The Maemo port touches several areas: using the correct APIs for a good integration, adding of a new layout suited for small screens, Maemo-specific default preferences changes, Maemo-specific GUI improvements, etc." (Thanks to Colin Leroy).
Mozilla Thunderbird 2 release candidate 1 available (MozillaZine)MozillaZine reports on the availability of release candidate 1 of Mozilla Thunderbird 2. "Features new to Thunderbird 2 include message tags, advanced folder views, session navigation history, a visual refresh of the theme, improved new mail notification alerts and support for Vista. "The release candidate is available for Windows, Mac OS X, and Linux in over 35 languages. Beta testers will be offered the RC via automatic software update.""
Medical Applications ClearHealth 2.0 Feature Sludge (LinuxMedNews)LinuxMedNews notes the feature freeze announcement for ClearHealth 2.0. "Over at the ClearHealth Forum David [Uhlman] has announced that ClearHealth 2.0 is now in the freezing process. He includes a brief list of new features as well as features that are slated for late-inclusion (which I am happy to say includes one of my own patches. Watch LMN for a new MirrorMed-sponsored testing push, once an offic[i]al RC is out."
openEHR release 1.0.1 (LinuxMedNews)LinuxMedNews covers the release of openEHR 1.0.1, an electronic health record system. "The result of 14 months' review, implementation and testing, this release is a major milestone, correcting and improving the openEHR Release 1.x platform. We believe Release 1.0.1 to be a stable base for ongoing implementation and forthcoming specifications, including the Template Model, EHR Extract, Security, Archetype Query Language, CEN EN13606 integration and services (in cooperation with the HL7/OMG HSSP project). It also provides a foundation for tools and systems for the development and governance of clinical models, including openEHR archetypes, templates and terminology subsets."
Music Applications hexter 0.6.1 releasedVersion 0.6.1 of hexter is out with minor improvements. "hexter is a software synthesizer that models the sound generation of a Yamaha DX7 synthesizer. It can easily load most DX7 patch bank files, accept patch editing commands via MIDI sys-ex messages, and recreate the sound of the DX7 with greater accuracy than any other open-source emulation (that the author is aware of...) hexter operates as a plugin for the Disposable Soft Synth Interface (DSSI)."
Qsynth 0.2.6 is outVersion 0.2.6 of Qsynth, a fluidsynth GUI front-end application, is out with incremental improvements.
Tapeutape 0.0.5 and Tranches 0.0.5 releasedNew releases of Tapeutape and Tranches have been announced. "Tapeutape is a midi-controlled virtual sampler. It is highly configurable,lets you create instruments/kits/setups and is designed for live performance. Tranches is a midi-controlled multi-(inputs|outputs) live beat repeat|redirect tool for the jack sound server on Gnu/Linux".
PDA Software Pimlico project announced (GnomeDesktop)GnomeDesktop.org has announced the launch of the Pimlico project. "Pimlico is a suite of lightweight Personal Information Management (PIM) applications designed primarily for handheld and mobile devices. Pimlico builds upon the GTK+ toolkit and the Embedded Evolution Data Server, which together provide a solid foundation for the applications."
Science PyQwt 5.0.0 releasedVersion 5.0.0 of PyQwt, a set of Python bindings for the Qwt C++ scientific and engineering class library, has been announced. "PyQwt-5.0.0 is a major release with support for Qt-4.x, many API changes compared to PyQwt-4.2.x, and a NSIS Windows installer."
Miscellaneous AsciiDoc 8.2.1 releasedVersion 8.2.1 of AsciiDoc, a text document format for writing articles, short documents, books and UNIX man pages, has been announced. "This release includes a Vim syntax highlighter (inspired by Felix Obenhuber's asciidoc.vim script) plus quite a few minor additions and changes."
PeaZip 1.6 - file archiver for Linux and Windows (GnomeDesktop)GnomeDesktop.org looks at PeaZip. "PeaZip is a cross platform archiver, released under LGPL for Linux and Windows, developed using Lazarus/FreePascal. Basically it acts as frontend for console archiving utilities, like p7zip and Matt Mahoney's PAQ, supporting many archive formats and offering a wide range of features about archiving, multi-volume spanning, compression and encryption."
Languages and Tools C GCC 4.2.0 status reportMark Mitchell has sent out a status report for GCC 4.2.0. "As has been remarked on the GCC mailing lists, I've not succeeded in getting GCC 4.2.0 out the door. However, with the limited criteria that we target only P1 regressions not present in 4.1.x, we seem to be getting a bit closer."
Caml Caml Weekly NewsThe April 17, 2007 edition of the Caml Weekly News is out with new Caml language articles.
Haskell Haskell Weekly NewsThe April 12, 2007 edition of the Haskell Weekly News is online. This week we see truckload of new libraries.
Perl Five Ways to Improve Your Perl Programming (O'ReillyNet)brian d foy discusses methods for improving Perl code on O'Reilly. "Inside every tangle of obfuscated Perl code is a clean, well-architected gem struggling to emerge from its cocoon. brian d foy has spent a lot of time thinking about this for his new book, Mastering Perl, and has come up with a Top Five list of things that every Perl programmer should be thinking about when writing code."
Python PyQt version 4.2 releasedVersion 4.2 of PyQt, the Python bindings for Qt, is available. "The highlights of this release include: - The ability to write widget plugins for Qt Designer in Python. - Integration of the Python command shell and the Qt event loop. This allows developers to call Qt functions dynamically on a running application. - Integration of the Qt event loop with the standard Python DBus bindings available from www.freedesktop.org."
XML A Smoother Change to Version 2.0Marc de Graauw discusses XML vocabularies on O'Reilly. "Marc de Graauw follows up David Orchard's recent piece about versioning XML vocabularies with a piece about the Capability Compatibility Design Pattern, including code for achieving forward and backward compatibility between XML vocabulary revisions."
Editors PyPE 2.8.5 announcedVersion 2.8.5 of PyPE has been announced, this version includes a lot of bug fixes and some new features. "PyPE (Python Programmers' Editor) was written in order to offer a lightweight but powerful editor for those who think emacs is too much and idle is too little. Syntax highlighting is included out of the box, as is multiple open documents via tabs."
IDEs DrPython 165 releasedVersion 165 of DrPython, a cross-platform Python IDE, has been announced. "This release is in first place a bug fix release. Unicode related stuff has been reworked. Linux related things were also tested, fixed and reworked. Some tweaks in the code and some nice little improvements as Search in Class Browser or use icons/no icons in it."
Page editor: Forrest Cook Linux in the news Recommended Reading Thinking Past Platforms: the Next Challenge for Linux (Linux Journal)Doc Searls urges hardware OEMs to make something different with Linux. "I want to challenge the big hardware OEMs -- Dell, HP, Lenovo, Sony and the rest of them -- to break free of the only form factors Microsoft will let them make, and start leading the marketplace by making make cool, interesting, fun and useful stuff that isn't limited by any one company's catalog of possibilities. Stop making generic stuff. Grow greener grass beyond the Windows fences. Stop thinking of Linux as "generic" and "a commodity". Start looking at how building only Windows PCs forces you to make generic, commodity products."
Windows vs. Linux: The Patent Tax (Software Freedom Law Center)The Software Freedom Law Center takes a look at the hidden taxes added to MS Windows. "With tax day approaching in America, we at the Software Freedom Law Center wanted to share some important information about the hidden taxes added to every copy of Microsoft's Windows operating system. If you run a computer using Windows, you're not just paying for the programmers who put the program together and the corporate operations that brought it to market. You're also paying a hidden tax of well over $20 that Microsoft has had to pay to other patent holders. This is true whether you bought your copy of Windows on CD or pre-installed on a laptop, desktop, or server machine."
Trade Shows and Conferences KDE at CeBIT 2007 Report (KDE.News)KDE.News has the better-late-than-never report on KDE at CeBIT 2007. "KDE was present at Cebit 2007 in Hannover, the world's largest IT fair. The booth was located inside the LinuxPark in Hall 5, where Linux New Media had given us and other open source projects the opportunity to present their work. Alexander Neundorf, KDE buildsystem maintainer and the booth manager in charge for large parts of the event, considers this year's CeBIT "a very successful event for KDE"."
Companies Former OSDL CEO Launches Startup (eWeek)eWeek looks at Collaborative Software Initiative, a new company headed by Stuart Cohen, former CEO of the Open Source Development Labs. "CSI will focus on building noncompetitive, essential software for vertical industries in a collaborative environment to help companies solve their shared IT problems. The business model for the company is simple: Develop and support essential code that does not exist today and which meets the needs and requirements of a number of competitive companies in vertical industries -- such as compliance and regulatory software for the financial services market -- at a significantly lower cost than if the company were to develop this internally or outsource it, and then offer support for it."
Mandriva raising new funds for Linux business (ZDNet)ZDNet covers a new funding effort by Mandriva. "Mandriva, a struggling seller of the Linux operating system, is in the process of raising "a minimum of 3 million euros," or $4.1 million, the French company said Monday. The funds will be used to exit bankruptcy protection and to complete the acquisition of server software company Linbox, a merger the companies agreed upon in September 2006 but have been unable to complete."
Microsoft's 'Men in Black' kill Florida open standards legislation (Linux.com)Linux.com reports on Microsoft funded lobbying efforts to defeat open data formats. "It was just a bit of text advocating open data formats that was slipped into a Florida State Senate bill at the last minute with no fanfare, but within 24 hours three Microsoft-paid lobbyists, all wearing black suits, were pressuring members of the Senate Committee on Governmental Operations (COGO) to remove the words they didn't like from Senate bill 1974." (Thanks to Lisa)
Palm Treo with Linux OS to be available by year end (Earthtimes.org)Earthtimes.org reports on Palm's plans to sell Linux-based mobile phones. "Palm Inc. announced Tuesday that it was mulling a developing the Linux-based operating system on its Treo line of handhelds. Palm chief executive, Ed Colligan said they had been working on this for many years and that the first sets with Linux loaded should be out by the end of the year. However he stressed that the company was not abandoning the Microsoft's Windows Mobile platform and would continue to sell it alongside the Linux one. Colligan said the introduction of Linux would "improve the reliability and performance and stability" of Palm products."
Legal SQL-Ledger license changeThe SQL-Ledger project, a web-based accounting system, has announced a license change. "We made it into slashdot again because we changed the license for version 2.8.0 to an open source license. A copy of the license can be viewed here. The license did not take away the freedom to make changes nor did it take away the freedom to redistribute however it took away the freedom to just rip out the logo replace it with something else and call it another program. The license was misinterpreted by the geeks on slashdot and I even had hatemail sent to me, how dare I change the license. I can't repeat what was said because it was not pretty."
Interviews Q&A: New Linux group to push OS toward common ground (TechWorld)TechWorld has an interview with Linux Foundation board member Christine Martino. "Q: What is the Linux Foundation going to focus on? A: It's really around three big things: standardising and driving the Linux Standard Base [LSB] efforts, promotion and collaboration. I think it's very good to have a neutral party, a non-vendor, promoting Linux. It also sets up a platform for collaboration, whether it's [involving] the technical community, developers and even end users."
Reviews Intel debuts Linux-based "Mobile Internet Device" (LinuxDevices)LinuxDevices.com takes a look at Intel's "Mobile Internet Devices". "MIDs are smaller and more appliance-like than the clunky UMPC (ultra-mobile PC) concept co-launched about a year ago by Intel as the UMPC and by Microsoft as Origami. Whereas UMPCs have 5- to 7-inch displays and boot the slow-moving Windows GUI, MIDs have 4- to 6-inch displays, boot simplified Linux-based UIs with "instant-on" performance, and offer consumer price points, according to an IDF presentation by Intel Sr. Engineering Manager Danny Zhang and PengCheng Zou, senior manager of RedFlag Linux's R&D department."APC (Australian Personal Computer) Magazine has a photo gallery with pictures and screenshots.
KDE App of the Month is Back with kdesvn (KDE.News)KDE.News has announced a new KDE app of the month article, this one looks at kdesvn. "After one year of silence we are back with another issue of App of the Month. This time we selected a developer tool, kdesvn. It is a well integrated KDE client for subversion. The overview takes a look at some basic functions. We also have an interview with kdesvn's developer Rajko Albrecht, covering the development process and much more."
Open source Mule takes the "donkey work" out of ESB (IT Manager's Journal)Tina Gasperson looks at the Mule project on IT Manager's Journal. "Mule is an Enterprise Service Bus (ESB) -- the "glue" between different enterprise applications in different company departments that allows IT managers to move information back and forth seamlessly. Think of disparate enterprise applications as ribs, with the ESB as a backbone that connects everything. Mulesource founder Ross Mason says open source is the best way to make an ESB that is customizable and affordable. In 2000, Mason was working on a large-scale project for a bank. He found himself growing tired of the endless repetitive coding tasks that were necessary to tie disparate applications together for in-house ESBs, calling it "donkey work.""
Young Scientists Design Open-Source Program at NASA (Wired)Wired looks at NASA's CosmosCode project, an effort to create open-source code to be used in live space missions. "The program was launched quietly last year under NASA's CoLab entrepreneur outreach program, created by Robert Schingler, 28, and Jessy Cowan-Sharp, 25, of NASA's Ames Research Center in Mountain View, California. Members of the CosmosCode group have been meeting in Second Life and will open the program to the public in the coming weeks, organizers said. "CosmosCode is ... allowing NASA scientists to begin a software project in the public domain, leveraging the true value of open-source software by creating an active community of volunteers," said Cowan-Sharp, a NASA contractor."
Ubuntu's new Linux sports debugging tool (ZDNet)ZDNet examines new debugging tools in Ubuntu's upcoming Feisty Fawn release. "Feisty Fawn, also known as version 7.04, comes with software that can send debugging information to help programmers track down the problems that cause applications to crash, Canonical Chief Executive Mark Shuttleworth said in an interview. "There are potentially millions of users of an application on Ubuntu, but they don't have a relationship with us or upstream developers," Shuttleworth said. "If we can connect those two groups more effectively, it's good for both of them.""
Miscellaneous A Debian developer's thoughts on the state of Debian (Linux-Watch)Linux-Watch has an open letter from Debian Developer Thaddeus H. Black. " Debian's main, high-volume mailing lists necessarily give a distorted view of Debian Development culture. A relative handful of disgruntled people, not all of whom are even Debian Developers, account for a surprisingly large fraction of the volume on the lists, and for an even larger fraction of the heat there."
Ubuntu Linux forges tighter DB2 ties (CRN Australia)CRN Australia reports on the availability of IBM's DB2 DBMS software for the Ubuntu distribution. "IBM's DB2 has long been a Linux-friendly, cross-platform database. But as of this week, there will be improved coexistence between DB2 and the latest Ubuntu 6.06 Linux release. The latest IBM database will now download and deploy easily from the Ubuntu desktop. If users want DB2, they can go to the download site, and Ubuntu automates the download and installs it."
Remotely executable Wi-Fi bug found in Linux (ComputerWorld)ComputerWorld reports on an exploitable bug in the MadWi-Fi Linux kernel device driver for Atheros-based Wi-Fi chipsets. "A bug has been found in a major Linux Wi-Fi driver that can allow an attacker to take control of a laptop -- even when it is not on a Wi-Fi network. There have not been many Linux Wi-Fi device drivers, and this is apparently the first remotely executable Wi-Fi bug. It affects the widely used MadWi-Fi Linux kernel device driver for Atheros-based Wi-Fi chipsets, according to Laurent Butti, a researcher from France Telecom Orange, who found the flaw and released the information in a presentation at last month's Black Hat conference in Amsterdam." (Thanks to Duncan)
Page editor: Forrest Cook Announcements Non-Commercial announcements FSFE launches list of recommended Free Software lawyersThe Free Software Foundation Europe has started a new list of lawyers with expertise in the area of Free Software. "The Free Software Foundation Europe (FSFE) is committed to working with lawyers throughout Europe to maximise the legal security of Free Software and is aware that as the community matures it is important to be able to locate professional legal advice. For this reason FSFE has introduced a new policy for recommending legal experts in individual countries."
OpenPBX.org changes name to CallWeaverThe OpenPBX.org project, an open-source telecom switching application, has been renamed CallWeaver. "CallWeaver is the new name for the OpenPBX.org project. We are honored by Steve Underwood who generously shared this name and domain with the project. We also acknowledge Marc Olivier Chouinard (Moc) for setting the entire project in motion. The project name was changed because of a conflict with software from the Voicetronix company with the same name. We hope to work with Voicetronix and their hardware in the future." (Thanks to Bruno Wolf III).
Ardour: Google Summer of Code UpdateThe Ardour multi-track audio recorder project has published an update on the Google Summer of Code activities. "The Ardour project has been awarded 2 projects, which are: *MIDI editing* by Dave Robillard, Carleton University, Ottawa (mentored by Paul Davis). Dave picked the short straw and will be working 27 hours a day to implement every item of MIDI editing functionality known to man. *N.M panning* by Christian Muise, Carleton University, Ottowa (mentored by Jesse Chappell). Christian will be working on adding back end support for more traditional multispeaker panning systems (like 5.1, 10.2 and so forth) along with a GUI to control it."
Summer of Code 2007 underway (GnomeDesktop)GnomeDesktop presents a status update for the GNOME involvement in the 2007 Google Summer of Code. "So the list of approved GNOME SoC projects is now online with a lot of interesting projects getting approved. Highlights include projects to further improve GNOME bluetooth support, Scanning support and input device hotplugging. Other interesting projects revolved around Telepathy and the new VOIP infrastructure, Pitivi improvements and Evolution."
The PHP.net Google Summer of CodeThe PHP Project has announced its Google Summer of Code projects. "The PHP team is once again proud to participate in the Google Summer of Code. Seven students will "flip bits instead of burgers" this summer".
Commercial announcements BakBone announces Enterprise Data Protection solutions for RHEL5BakBone Software has announced support for Red Hat Enterprise Linux 5 by their NetVault: Backup and NetVault: Replicator software. "BakBones NetVault: Backup provides enterprise-class data protection for complex heterogeneous environments, regardless of size. This award-winning solution is fast, reliable and simple to install. NetVault: Replicator delivers continuous, cross-platform data replication for multi-platform environments and easily integrates with NetVault: Backup for the highest levels of availability, disaster recovery and business continuity."
Glide Launches for LinuxTransMedia has announced the launch of the complete Glide Suite of Desktop and Mobile Applications for Linux users. "Linux users will now be able to access, edit and share virtually all of their files stored on their Linux PCs from a wide selection of cell phones. "Glide provides a user-friendly desktop interface for Linux, a powerful suite of applications and seamless interoperability with Windows, Macs and a wide selection of cell phones," said TransMedia Chairman and CEO, Donald Leka."
OrangeHRM Open Source HRM System releases new editionOrangeHRM Inc. has announced the availability of OrangeHRM On-Demand, a hosted version of its OrangeHRM open source human resources management solution for small and mid-sized enterprises. The company has also released a new Version 2.1 that upgrades the system's Leave Management module and a variety of other functions.
OSGeo graduates MapGuide Open Source to full project statusAutodesk, Inc. has announced the promotion of MapGuide Open Source to the OSGeo fully endorsed project status. "Following the first anniversary of its launch, MapGuide Open Source has achieved a new status within the Open Source Geospatial Foundation (OSGeo) as a fully endorsed project. Originally developed as Autodesk MapGuide software by Autodesk, Inc., and released to the open source community in 2006, MapGuide Open Source is a Web-based platform that enables users to develop and publish online mapping applications and geospatial web services."
SageTV releases version 6.1 of its media center softwareSageTV has announced the release of Sage TV Media Center 6.1. "Like the earlier Version 6.0, Sage TV Media Center Version 6.1 brings online video to your TV, support for the global DVB broadcasting standard, the ability to play unencrypted DVD libraries on the TV with SageTV Media Extender, and expanded file support that allows you to play virtually any video and music file format. The new Sage TV Version 6.1, available for download at http://www.sagetv.com, adds beta support for watching, browsing, and searching YouTube videos."
Sumitomo Electric Industries chooses Novell for Xen virtualizationNovell, Inc. has announced that Sumitomo Electric Industries is using SLES with Xen virtualization. "Novell today announced that Sumitomo Electric Industries is using SUSE(R) Linux Enterprise Server from Novell(R) with integrated Xen* virtualization software to extend the useful life of its platforms, minimize additional hardware investment through more efficient use of resources, and operate an effective disaster recovery site. By running SUSE Linux Enterprise Server and Xen on hardware containing Dual-Core Intel* Xeon* processors with Intel Virtualization Technology, Sumitomo Electric Industries is extending the life of valued applications on virtual servers, thus optimizing data center resources and running a more efficient business."
Univa Joins Red Hat ISV Partner ProgramUniva Corporation has announced its joining of the Red Hat ISV Partner Program. "Univa Corporation, the leading provider of commercial software, support and services for grid solutions based on open source Globus software, today announced it has joined the Red Hat ISV Partner Program, which offers software vendors the opportunity to easily access the tools and resources necessary to develop and test their applications on Red Hat Enterprise Linux, the leading platform for open source computing. Univa joined as a Red Hat Ready Partner."
New Books New Book on KDevelop (KDE.News)KDE.News notes the release of a new book on KDevelop. "If you are able to read German and use or plan to use KDevelop, it is now possible to get the help of a newly published book. In "KDevelop - Einführung in die Entwicklungsumgebung" KDevelop contributors Jonas Jacobi and Robert Gruber will not explain in great length that "The 'New File' menu entry opens a new file", but concentrate on less self-explatory topics like advanced code navigation, documentation with Doxygen or using Valgrind with KDevelop."
Resources FSFE NewsletterThe Free Software Foundation Europe Newsletter covers the Freedom Task Force's useful tips for compliance, a talk about GPLv3 in Brussels, STACS kickoff meeting in Paris, an introduction to FSFE's new interns, an announcement for a new Italian Fellowship meeting, and more.
Release of updated "Why OSS/FS? Look at the Numbers!"David A. Wheeler has announced an updated version of "Why Open Source Software / Free Software (OSS/FS, FLOSS, FOSS)? Look at the Numbers!". "This paper continues to provide "quantitative data that, in many cases, using open source software / free software (abbreviated as OSS/FS, FLOSS, or FOSS) is a reasonable or even superior approach to using their proprietary competition according to various measures. This paper's goal is to show that you should consider using OSS/FS when acquiring software.""
Surveys Survey of OpenLogic Expert Community Shows Open Source Developers Are Positive On Draft 3 of GPLv3OpenLogic, Inc. has announced the results of a survey regarding the most recent draft of the GPL v3. "The survey shows that OpenLogic Expert Community members, who are leading committers and contributors of open source products, are positive about the most recent draft of the GPLv3. 71% of respondents who currently use the GPL v2 said they would support moving projects they work with to the GPLv3 when the final draft comes out."
Education and Certification LinuxCertified Announces Linux Device Driver Development CourseLinuxCertified has announced a new Linux device driver development course. "LinuxCertified Inc, a leading provider of Linux training and services, today announced its next Linux Device Driver Development Course class to be held in South Bay, CA from May 14th to May 16th. With the increasing adoption of Linux in wide variety of environments, supporting Linux has become vital for device vendors. Being able to support Linux opens a rapidly growing market to these device vendors."
LPI Announces First LPIC-3 certified professionalsThe Linux Professional Institute has announced the first recipient of the LPIC-3 Core certification, Kazufumi Ichikawa. "In addition, LPI announced that Tzu-Wei Hsu of Taiwan was the first in the world to earn the LPI-302 Mixed Environment speciality certification while Michael Gisbers of Germany was the first "beta" exam recipient of both the LPIC-3 Core and the LPI-302 Mixed Environment certifications."
LPI announces regional program for Latin AmericaThe Linux Professional Institute has announced a new regional strategy for Latin America. "Jose Carlos Gouveia, Area Operations Manager for Latin America, described the new program would be a made in Latin America strategy to further LPI's existing Regional Enablement Initiative (REI). The regional program would focus on making LPI certification and exams more accessible through the creation of test sites with training partners, the enhancement of a region-wide proctor network, and the development of new affiliates throughout the region."
Calls for Presentations HITBSecConf2007 - Malaysia: Call for Papers 2 weeksA call for papers has gone out for the HITBSecConf2007 security conference. The event takes place in Kuala Lumpur, Malaysia on September 3-6, 2007. Submissions are due by May 1.
Upcoming Events aKademy 2007 Registration Open (KDE.News)KDE.News reports that registration for aKademy, the KDE World Summit, is open. "As always, attendance to aKademy is free of charge, but you must register. Registration must be in by the end of the month if you want the aKademy Team to book your accommodation for you. See you in Glasgow!"
Akademy conference program available (KDE.News)KDE.News reports that the Akademy 2007 conference program has been published. "The programme for aKademy's conference is now available. With KDE 4 technologies now moving into place the talks give a superb overview of the state of the art on the free desktop. Themes include KDE 4 pillars, language bindings, applications, quality control, libraries, operating systems & distributions and community."
Call for Location of Akademy 2008 (KDE.News)KDE.News has posted a call for location for Akademy 2008. "We are looking for a large institution to host our world summit sometime in the summer of 2008. There needs to be a dedicated local team to organise an event like this who will work in partnership with KDE e.V."
Events: April 26, 2007 to June 25, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Web sites KDE-Forum Romania Launched (KDE.News)KDE.News has announced the launch of KDE-Forum Romania. "After the rise of KDE-Forum.org, and KDE-Forum.de, Romanians wanted a forum of their own, and KDE-Forum Romania was born. Destined to unite all Romanians under one roof, KDE-Forum Romania is going to join its brothers on the boat for the upcoming KDE 4 release."
The XFree86 Chinese web siteThe XFree86 project has announced a new Chinese translation of its web site. "Zhao Fengyang is setting up an XFree86 web site in China, which will have Chinese translations of some of the XFree86 documentation."
Audio and Video programs BBC program on Open SourceThe BBC presents an audio program on open-source software. "Paul Bennun finds out how Free and Open Source software is making its impact felt across the world, fuelling development and saving businesses millions of pounds. Produced by a global network of software enthusiasts and freely given away, community created computer programs can compete with big business. Their creators are driven by an ideology as much as price, challenging traditional intellectual property rights and placing power in the hands of the public rather than private corporations." (Thanks to Stephen Turner).
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Matt Mackall]](/images/conf/elc2007/MattMackall-sm.jpg)