LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for May 24, 2007A day at the Open Source Business ConferenceLWN readers will certainly be aware that your editor spends a fair amount of time at development-oriented conferences. In some ways all conferences are alike, but, still, all that experience was insufficient to prepare your editor for OSBC, which is a different sort of affair. Neckties, Blackberries, and Windows laptops are ubiquitous. There are booths for law firms. People wonder about whether customers should buy their "open source" software licenses on a one-time or subscription basis. The wireless network actually works, but power outlets are nowhere to be found. It's all very strange.
There was a session, led by Larry Augustin, on "downloads to dollars" - how to start making money once you have people actually downloading your software. Much talk on how to extract information from downloaders which can be used to "open a dialog" with them. When is the proper point to start requiring registration, with a valid email address, to download a software tarball? It was suggested that the source download is really the same thing as the free trial offerings from some proprietary vendors, with the same end: to lead to the "monetization" phase. It can all sound cynical and manipulative to ears more accustomed to gatherings of developers, but this is the sort of thing people building businesses in the open source mode worry about. There was a lawyer-led session on reciprocity requirements in the GPL. Much worry goes into trying to figure out just when it might be permissible to ship proprietary components with free software. The presenter, Stephen Gillespie, thinks that GPLv3 might make the mixing of proprietary code easier in some situations. Another session purported to explore "the future of open source," but seemed to be more about the present of open source companies. Much time was spent conducting polls of the audience by having everybody send their responses as cellular text messages to a special number. Eventually time got tight and the moderator came up with the new idea of having people simply raise their hands instead. Lots of talk about how customers should "buy" their open source software licenses. There was also discussion on how to build a community around software releases, though the main concern seemed to be keeping the download rates high. In general, participants here are concerned with download counts. A large number of downloads is a crucial indicator of a successful open source release; prospective venture capitalists always want to know what the download rate is. Some participants seem to have concluded that there is a lot of useless downloading going on; people just collect software because it's out there for free. But they still want to know how to improve download rates.
In the question period, your editor asked about his statements that Microsoft would, by virtue of distributing Novell's coupons, eventually find itself bound by the terms of GPLv3. He answered that there was much he could not talk about because he signed a non-disclosure agreement to be able to read the terms of the Microsoft-Novell deal. He had expected that agreement to be moot by now, but those terms still have not been made public. Until then, he says, we can look at the terms which have been put into GPLv3 which require the granting of a patent license to all recipients of the software. We can also look at Microsoft's behavior, which includes "throwing coupons out of airplanes" and attacking the GPLv3 patent provisions, and come to our own conclusions. Responding to another question (about the lack of terms requiring web service providers to give back changes they are running but not distributing to others), Eben had a fairly strong warning for Google. If the company continues to operate in a secretive way and not contribute back the bulk of its changes, there will be growing pressure for a remedy based on licensing terms. It is really up to that one company, he says, to determine where that aspect of the debate goes in the future. The second (and final) day at OSBC will include a keynote by Marten Mickos, a panel on license enforcement actions, and a panel on the good (or not so good) effects of the Microsoft/Novell deal. Stay tuned for the report.
Where have the reviewers gone?The PostgreSQL relational database management system is an important free software project, providing a solid and capable database system. As of this writing, the project's development roadmap states that the code has been in a feature freeze since the beginning of April, with all candidate patches up for review and merging into the source repository. That these patches will be fixed up, if necessary, and everything will come together for a planned 8.3.0 release in July.PostgreSQL hacker Bruce Momjian recently sounded an alarm about this release:
Based on our progress during this feature freeze, we will not
complete the feature freeze until August/September. I think we
need adjust expectations about an 8.3 release date, and decide if
we want to radically change our work process.
It seems that the pile of candidate patches is not being reviewed in any sort of timely manner. So they remain candidates and the 8.3.0 release fails to take form. There are, it seems, a few directions the project could take in response to this problem:
As of this writing, the project has not announced any decisions, but the developers have decided not to change the project July release date - yet. Stay tuned and we will eventually see what comes out. This episode points out, once again, an important aspect of our process: often the limiting factor in a free software project is not the number of developers, but, instead, the number of reviewers who can look over the code those developers create. This shortage is especially acute in projects (like PostgreSQL) which insist on relatively rigorous review processes. But, in any project, the "many eyeballs" factor is important; if the eyeballs are not there, the free software process is not working as well as it should. Reviewing patches can be unrewarding work. It requires great attention to detail and the energy to look for bugs in code without the corresponding gratification of having actually written that code. Poking holes in other peoples' work is not fun, especially when those people do not react well. Often it can seem like the same mistakes come around again and again, leading reviewers to wonder if anybody is actually listening to them. So reviewers can get a little grumpy at times. The people who can do the best reviews are usually also some of the project's best developers, and, often, they would rather be developing. So code piles up and the review does not happen. In the long term, the community will need to find ways to encourage more code review if we are serious about the quality of the work we are doing. Better public acknowledgment of reviewers might be a good start; credit is, after all, one of the chief currencies in which we trade. Perhaps we need some better tools to support the review process; along these lines, the recently announced review board project is worthy of some attention. Some projects have considered requiring potential contributors to review some patches before their own contributions can be merged. The right way to encourage more code review will probably differ from one project to the next, but, one way or another, we can certainly find solutions to this problem.
The Open Solutions AllianceBusinesses are increasingly attracted by the freedom and flexibility that open source provides, but many remain put off from making the leap by concerns over interoperability in the absence of any centralized coordination. The free software community recognized this as a growing problem some years back, and set up projects like the Linux Standard Base to ease compatibility issues. But the LSB deals only with interoperability between GNU/Linux and the applications its runs. As more open source enterprise programs have appeared further up the stack, a secondary — and even thornier — problem has emerged that involves interoperability between the many different combinations of applications. To begin to address this problem, the Open Solutions Alliance (OSA) was launched [PDF] in February by ten companies operating in the field of open source applications: Adaptive Planning, Centric CRM, CollabNet, EnterpriseDB, Hyperic, JasperSoft, OpenBravo, SourceForge.net, SpikeSource and Talend. The Alliance grew out of a meeting in November 2006. "It was a collection of Bay Area open source vendors that wanted to talk about collaborating to build better enterprise class solutions," explains Hyperic's Stacey Schneider. "The conversation quickly turned to being a community issue that was larger than anything we could do as point solutions." As SpikeSource's Dominic Sartorio, who is also president of the OSA, explains, the basic inspiration was open source itself: "a large number of commercial entities have grown where open source is a development methodology and means of doing business, and they could collaborate through collective effort in similar ways that developers around the world collaborate on building better software." The OSA also hopes to extend the scope of collaboration: "we were also thinking in terms of taking the notion of community to business users, getting together on common requirements," Sartorio says. Finally, the OSA intends to tackle another problem its members constantly face when bidding for contracts. "Open source just hasn't been one of the alternatives that [a] particular customer may have considered," Sartorio explains. "They may have a short-list of proprietary vendors, but they haven't even thought of the open source one. And we found the reason for that may just be that even if they are are aware that alternatives exist they may not believe it's mature, or they may not have seen enough success stories to believe it's mainstream enough to be ready for them to adopt." The OSA aims to counter that impression by pooling efforts to raise awareness about the maturity and increasing adoption of open source solutions. One of the main arms of the OSA is its interoperability group, which is headed by Barry Klawans, CTO of JasperSoft. He explained how the group works. "We've actually changed our thinking a little bit since February, when we launched the OSA. Our plan then was we would launch projects on the forums, we have a lot of discussions about them, we drive to some recommendation, codify it, then do a reference implementation. We've since decided that it probably makes sense to launch the initiatives, talk about them a little bit, then dive in and get our hands dirty - really learn by doing. Then, when we've really got some more insight and more detail, put together a formal recommendation, go through that, codify it, and at that point, retrofit any previous work to match the actual codified standard that comes out at the end." Klawans explains why there was a shift: "It's not like we're a standards organization where people who have been working on this for 20 years get sent to the committees; we're a consortium of vendors who are all trying to work together." According to Klawans, this is an important distinction: "I don't want us to become a traditional standards body, because in my mind that is the opposite end of the spectrum from innovation: when you stop innovating, you then codify." Sartorio echoes this thought: "Whenever we're driving any kind of interoperability initiative, very, very rarely do we expect that we'll have to invent something new. In most cases we find that there are existing standards, or existing reference implementations, or existing best practices out there, but they may not be widely used, or there may be several different options to choose from and the fact that there's so many options makes it an interoperability problem. So it helps to have an organization like the OSA come in and in a completely open and public way have a debate over what are the right approaches in making an implementation." Klawans emphasizes the importance of outside input, and asks anyone interested to "register at the site, get onto the forums, participate in the discussions, help us out." As part of its open approach, the OSA has published what it calls its Interoperability Roadmap [PDF], detailing who will do what, and when. For example, the Infrastructure Task Force aims to "reduce install, configuration and deployment burden, minimize the footprint of deployed components, and ensure that disparate applications are easier to integrate out of the box." The Management Task Force, meanwhile, will be addressing ways of improving the user experience of installation, configuration, logging and monitoring by agreeing common approaches. The first project, to create a common customer view profile, is already underway. As Klawans explains, this has grown into a surprisingly ambitious undertaking. "That just came out of us in the interoperability group talking about well, we want to do this, we want to do that, we want to define the common data model, we're working on security and single sign on," he says. "And at some point, someone said, you know, why don't we build something that shows all of these?" Although audacious, taking such a bold approach for the first project does have its advantages. "It would help us figure out the process," Klawans notes, "it'll really make us sweat the details, and at the end of the day, it will make a great OSA demo." All this work will be fully open source. "Whenever we're working on any kind of prototype," Sartorio says, "where we want to take several applications and prototype some kind of integration, we're always going to use an OSI license version of any of those products. Similarly, whenever we have to develop new code - for example, if we're taking on an interoperability challenge and there's no existing standard or existing reference implementation - we'll always release that under an OSI license." This rigor contrasts with a more relaxed attitude when it comes to membership of the OSA, which depends on a company espousing "open solutions" rather than strict open source. As Sartorio explains: "we didn't want to limit ourselves to a very strict definition and then leave out a lot of the hybrid entities out there that really do share a lot of these common problems with us, and really are adopting open source at least as a development methodology, and at least sort of the spirit of doing things in an open and collaborative way." Given this looser definition, one intriguing possibility is that Microsoft might in theory be eligible to join the OSA. Sartorio comments: "I'm sure if they did, they would be some real interesting conversations. I for one would be concerned about the public image if they joined. I don't think that would happen." Moreover, Sartorio believes that it's "definitely possible" that the definition of "open solution" might be tightened up in the future as more companies adopt OSI-compliant licenses. It is still very early days for the OSA. New members are joining [PDF] all the time — the initial ten has grown to 18 — and new projects are being defined. But Sartorio already has some clear ideas of what he hopes to achieve. "First, driving the adoption of commercial open source alternatives to proprietary, to the degree that we're going to make every short-list. The second measure of success, on the interoperability front, would be if we've got good solid and ratified interoperability proposals and best practices that cover most if not all of the interoperability issues that one would typically encounter during the course of a deployment or trying to bring different solutions together." To which Klawans adds a third: "another measure of success for the interoperability group will be when closed source vendors start implementing our interoperability rules as well." Glyn Moody writes about open source at opendotdotdot.
Security Brief items When routers go badBroadband routers are ubiquitous these days, so much so that they go unnoticed; unless they fail, no one pays any attention to them. These routers run some kind of embedded OS, often Linux, on a fairly capable hardware platform which makes them interesting targets for an attacker. Because they tend to be invisible and unmonitored, subverting routers without affecting their normal function makes a perfect hidden space for malicious code to run. As a recent Bugtraq posting from Gadi Evron points out, there have already been a few reports of vulnerable routers and we can only expect to see more. Even if the router manufacturers are staying on top of vulnerabilities in their codebase, which is not a foregone conclusion, there are still serious questions about how a largely non-technical user base will be assisted or forced into upgrading their firmware. The logistics of getting the right firmware and upgrade program into a user's hands and having them run it correctly so that their router does not turn into a brick is rather daunting. One can only imagine the volume of support calls that could be generated. In many cases, the router makers are selling special versions of their hardware to specific broadband providers who sell or lease them to their customers. This allows the router maker to leave the support burden to the providers who typically already have a large technical support organization. It is unclear whose responsibility it is to track security issues and ensure that any critical vulnerabilities are patched, it probably depends on the contract. The broadband providers typically host any updates and manufacturer's websites refer users looking for updates there. It certainly seems like a situation where vulnerabilities could fall through the cracks. As an example, Qwest provides a router for their DSL customers, made by Actiontec, that is based on Linux 2.4.17 which was released in December 2001. Since that time, there have been numerous 2.4 kernel releases, with the most recent, 2.4.34.4 having been released in April. Many of those releases have been done for security problems in various subsystems, including one for CAN-2005-0449 which could potentially lead to a denial of service from a bug in the netfilter packet filtering code. It is unclear if the router is susceptible to this particular problem, one hopes not, but there are plenty of other candidates, in the other security bug fixes or any that come up in the future. Any outward (broadband) facing network service is, of course, a potential vector for security issues. Many of these routers serve web pages for configuration as well as allowing telnet or ssh connections for maintenance. One hopes that these services can only be configured to run on the internal network. Even then, many of these routers provide a wireless bridge in addition to ethernet on the LAN side and that may expose those services more broadly. Once a router has been subverted, it could be turned to any number of malicious tasks; the simplest might be to add it to a botnet for spamming or distributed denial of service. It does not take much in the way of CPU horsepower or RAM to perform those kinds of tasks and they could easily run on many routers without interfering in any noticeable way. An attack focused on a particular individual could potentially intercept and report on all of their internet traffic; there is no better place for spyware on a network. It is not only routers, of course, that are vulnerable, any embedded device could be a target, but routers have the network connectivity that makes them particularly interesting and accessible. Long before we start putting wireless network connected Linux systems in control of our cars, the need for vigilance about security updates for embedded devices must be ingrained into users. It needs to become as obvious to people as the need for an anti-virus scanner on Windows has become.
New vulnerabilities clamav: file descriptor leak
libpng: denial of service
mod_security: remote rule bypass
mydns: buffer overflows
phpwiki: remote code execution
ratbox: denial of service
Updated vulnerabilities acroread: multiple vulnerabilities
aircrack-ng: remote execution of arbitrary code
apache: cross-site scripting
Asterisk: two SIP denial of service vulnerabilities
bind: denial of service
bugzilla: multiple vulnerabilities
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
cups: denial of service
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dovecot: directory traversal
elinks: code execution
elinks: arbitrary file access
evolution: format string error
pop mail man-in-the-middle attacks
fail2ban: denial of service
ffmpeg: buffer overflows
file: denial of service
file: arbitrary code execution
firefox: FTP PASV port-scanning
freetype: integer overflows
gcc: file overwrite vulnerability
gd: buffer overflow
gdb: buffer overflow
gedit: format string vulnerability
gimp: arbitrary code execution
grip: buffer overflow
gzip: multiple vulnerabilities
horde-kronolith: local file inclusion
ImageMagick: integer overflows
imlib2: arbitrary code execution
ipsec-tools: denial of service
java: multiple vulnerabilities
kdelibs: kate backup file permission leak
kdelibs: cross-site scripting
kernel: denial of service
kernel: denial of service
kernel: multiple vulnerabilities
kernel: denial of service
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
kernel: denial of service
kernel: denial of service
kernel: multiple vulnerabilities
krb5: uninitialized pointers
krb5: local privilege escalation
krb5: multiple vulnerabilities
ktorrent: incorrect validation
lftp: shell command execution
libgadu: memory alignment bug
libgtop2: buffer overflow
libmodplug: boundary errors
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lighttpd: denial of service
lookup-el: insecure temporary file
lynx: arbitrary command execution
mod_jk: stack overflow
mod_perl: denial of service
moin: arbitrary JavaScript execution
mplayer: buffer overflow
mysql: denial of service
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nbd: arbitrary code execution
ncompress: buffer underflow
openldap: security bypass
OpenSSH: denial of service
openssh: remote denial of service
php: multiple vulnerabilities
php: several vulnerabilities
php: buffer overflows
php: several vulnerabilities
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
postgresql: SQL injection
postgresql: privilege escalation
pptpd: denial of service
python: information disclosure
qemu: multiple vulnerabilities
qt: "/../" injection
quagga: denial of service
quake: buffer overflow
rpm: arbitrary code execution
samba: several vulnerabilities
Mozilla: multiple vulnerabilities
shadow-utils: mailbox creation vulnerability
slocate: information disclosure
snort: remote arbitrary code execution
squirrelmail: missing input sanitizing
tcpdump: denial of service
tetex: buffer overflow
tomcat: directory traversal
util-linux: access restriction bypass
vim: arbitrary shell code execution
vixie-cron: weak permissions may cause errors
wordpress: another pile of vulnerabilities
XFree86 X.org: integer overflows
xine: format string vulnerabilities
xine-lib: arbitrary code execution
xine-lib: buffer overflow
xine-lib: buffer overflow
xinit: race condition
xmms: BMP handling vulnerability
xscreensaver: password check bypass
zziplib: buffer overflow
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 prepatch is 2.6.22-rc2, released on May 18. "Various random fixes all over - the shortlog (appended) is fairly readable. The most notable ones are probably more SLUB fixes, and the epoll optimizations and cleanups." The long-format changelog has all the details.The current -mm tree is 2.6.22-rc2-mm1. Recent changes to -mm include the CFS CPU scheduler, a big Xen update, an update to the signalfd() interface allowing multiple signals to be retrieved in a single system call, a new on-demand readahead patch (see below), and the fallocate() system call. There is a large stable 2.6.21 update under review; it was not released as of this writing.
Kernel development news On-demand readahead"Readahead" is the act of speculatively reading a portion of a file's contents into memory in the expectation that a process working with that file will soon want that data. When readahead works well, a data-consuming process will find that the information it needs is available to it when it asks, and that waiting for disk I/O is not necessary. The Linux kernel has done readahead for a long time, but that does not mean that it cannot be done better. To that end, Fengguang Wu has been working on a set of "adaptive readahead" patches for a couple of years.Adaptive readahead was covered here in 2005. The patches have been languishing in the -mm tree for one simple reason: their complexity is at such a level that few people are able to review them in any useful way. The new on-demand readahead patch is a response to a request from Andrew Morton for a simpler patch to help get the merge process going. The new code is indeed simpler, having dispensed with much of the logic found in the full adaptive readahead mechanism. To a great extent, the on-demand patch reimplements what Linux readahead does currently, but in a simpler and more flexible way. Like the current code, the on-demand patch maintains a "readahead window" consisting of a portion of the file starting with the application's last read. Pages inside the readahead window should already be in the page cache - or, at least, under I/O to get there as soon as possible. The window moves forward as the application reads data from the file. The current code actually implements two windows, being the "current window" (a set of in-cache pages which includes the application's current position) and the "ahead window," being the pages most recently read in by the kernel. Once the application's position crosses from the current window into the ahead window, a new I/O operation is started to make a new ahead window. In this way, the kernel tries to always keep sufficiently far ahead of the application that the file data will be available when requested. The on-demand patch, instead, has a single readahead window. Rather than maintain a separate "ahead window," the new readahead code marks a page (using a flag in the page structure) as being at the "lookahead index." When an application reads its way into the marked page, the readahead window is extended and a new I/O operation is started. There is some resistance to the idea of using a page flag, since those bits are perennially in short supply. Andrew Morton has suggested using some more approximate heuristics instead. That approach might occasionally make the wrong decision, but the penalty is low and does not affect the correctness of the system's operation as a whole. While the on-demand patch appears to do relatively little, it does have the advantage of removing a bunch of complexity from the current readahead code. It is able to make its decisions without the overhead of trying to track events like an attempted readahead of pages which are already in the cache. The checks for sequential access are made less strict as well, causing readahead to stay active in situations where the current code would turn it off. The result, according to some benchmarks posted with the patch, is improvements in application speed between 0.1% and 8% or so - with some performance regressions in some cases. Interestingly, some of the best results come with a benchmark running on a MySQL database, which is not where one would normally expect to see a lot of sequential activity. This patch set is clearly simple enough to be reviewed; in the absence of any strong objections, it could conceivably be ready for 2.6.23. Then, perhaps, Fengguang can start working on adding some of the more complex logic which makes up the full adaptive readahead mechanism.
Video4Linux2 part 6a: Basic frame I/O
The Video4Linux2 API defines three different ways of transferring video frames, two of which are actually available in the current implementation:
This article will look at the simple read() and write() interface; streaming transfers will be covered in the next installment.
read() and write()Implementation of read() and write() is not required by the Video4Linux2 specification. Many simpler applications expect these system calls to be available, though, so, if possible, the driver writer should make them work. If the driver does support these calls, it should be sure to set the V4L2_CAP_READWRITE bit in response to a VIDIOC_QUERYCAP call (described in part 3). In your editor's experience, however, most applications do not bother to check whether these calls are available before attempting to use them. The driver's read() and/or write() methods must be stored in the fops field of the associated video_device structure. Note that the Video4Linux2 specification requires drivers implementing these methods to provide a poll() operation as well. A naive implementation of read() on a frame grabber device is straightforward: the driver tells the hardware to start capturing frames, delivers one to the user-space buffer, stops the hardware, and returns. If possible, the driver should arrange for the DMA operation to transfer the data directly to the destination buffer, but that is only possible if the controller can handle scatter/gather I/O. Otherwise, the driver will need to buffer the frame through the kernel. Similarly, write operations should go directly to the device if possible, but be buffered through the kernel otherwise. Less simplistic implementations are possible. Your editor's "Cafe" driver, for example, leaves the camera controller running in a speculative mode after a read() operation. For the next fraction of a second, subsequent frames from the camera will be buffered in the kernel; if the application issues another read() call, it will be satisfied more quickly without the need to start up the hardware again. After a number of unclaimed frames the controller is put back into an idle state. Similarly, a write() operation could delay the first frame by a few tens of milliseconds with the idea of helping the application stream frames at the hardware's expected rate.
Streaming parametersThe VIDIOC_G_PARM and VIDIOC_S_PARM ioctl() calls adjust some parameters which are specific to read() and write() implementations - and some which are more general. It appears to be a call where miscellaneous options with no obvious home were put. We'll cover it here, even though some of the parameters affect streaming I/O as well. Video4Linux2 drivers supporting these calls provide the following two methods:
int (*vidioc_g_parm) (struct file *file, void *private_data,
struct v4l2_streamparm *parms);
int (*vidioc_s_parm) (struct file *file, void *private_data,
struct v4l2_streamparm *parms);
The v4l2_streamparm structure contains one of those unions which should be getting familiar to readers of this series by now:
struct v4l2_streamparm
{
enum v4l2_buf_type type;
union
{
struct v4l2_captureparm capture;
struct v4l2_outputparm output;
__u8 raw_data[200];
} parm;
};
The type field describes the type of operation to be affected; it will be V4L2_BUF_TYPE_VIDEO_CAPTURE for capture devices and V4L2_BUF_TYPE_VIDEO_OUTPUT for output devices. It can also be V4L2_BUF_TYPE_PRIVATE, in which case the raw_data field is used to pass some sort of private, non-portable, probably discouraged data through to the driver. For capture devices, the parm.capture field will be of interest. That structure looks like this:
struct v4l2_captureparm
{
__u32 capability;
__u32 capturemode;
struct v4l2_fract timeperframe;
__u32 extendedmode;
__u32 readbuffers;
__u32 reserved[4];
};
capability is a set of capability flags; the only one currently defined is V4L2_CAP_TIMEPERFRAME which indicates that the device can vary its frame rate. capturemode is another flag field with exactly one flag defined: V4L2_MODE_HIGHQUALITY, intended to put the hardware into a high-quality mode suitable for single-frame captures. This mode can make any number of sacrifices (in terms of the data formats supported, exposure times, etc.) in order to get the best image quality that the device can handle. The timeperframe field is used to specify the desired frame rate. It is yet another structure:
struct v4l2_fract {
__u32 numerator;
__u32 denominator;
};
The quotient described by numerator and denominator gives the time between successive frames on the device. Another driver-specific field is extendedmode, which has no defined meaning in the API. The readbuffers field is the number of buffers the kernel should use for incoming frames when the read() method is being used. For video output devices, the structure looks like:
struct v4l2_outputparm
{
__u32 capability;
__u32 outputmode;
struct v4l2_fract timeperframe;
__u32 extendedmode;
__u32 writebuffers;
__u32 reserved[4];
};
The capability, timeperframe, and extendedmode fields are exactly the same as for capture devices. outputmode and writebuffers have the same effect as capturemode and readbuffers, respectively. When the application wishes to query the current parameters, it will issue a VIDIOC_G_PARM call, resulting in a call to the driver's vidioc_g_parm() method. The driver should provide the current settings, being sure to set the extendedmode field to zero if it is not being used, and the reserved field to zero always. An attempt to set the parameters results in a call to vidioc_s_parm(). In this case, the driver should set the parameters as closely as possible to the application's request and adjust the v4l2_streamparm structure to reflect the values which were actually used. For example, the application might request a higher frame rate than the hardware can provide; in this case, the fastest possible rate should be programmed and the timeperframe field set to the actual frame rate. If timeperframe is given as zero by the application, the driver should program the nominal frame rate associated with the current video norm. If readbuffers or writebuffers is zero, the driver should return the current settings rather than getting rid of the current buffers. At this point, we have covered enough to write a simple driver supporting frame transfer with read() or write(). Most serious applications will want to use streaming I/O, however: the streaming mode makes higher performance easier, and it allows frames to be packaged with relevant metadata like sequence numbers. Tune in for the next installment in this series which will discuss how to implement the streaming API in video drivers.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Architecture-specific
Virtualization and containers
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials The Red Hat Global DesktopThe Red Hat Global Desktop was announced at the Red Hat summit earlier this month. This product is based on Red Hat Enterprise Linux 5, but with significant differences in the support and distribution model. Red Hat is partnering with Intel to build affordable solutions for local governments and small businesses in developing countries. Intel will provide free drivers and a wide variety of hardware certified to work with this software.The Global Desktop will not be available as a download. Instead a base system will be available to vendors. The vendors will be able to use it to provide customized solutions and support for their customers. Red Hat will be a back end support provider for those vendors. Red Hat developer Christopher Blizzard summed it up nicely in his blog: "In summary, this is about growing the Linux client market. This isn't about trying to replace some small set of Windows desktops in the developed world or trying to line up a relatively small number of units through a US OEM. This is about getting out there where people will grow up on free and open source software and understand that it's not just free-as-in-cheap, but is also better and empowering to how they lead their lives and run their businesses. It's just the first step, but it's an important one."
New Releases 64 Studio 1.4.0 'Ariadne' released!64 Studio is aimed at digital content creation, including audio, video, graphics and publishing tools. The latest development release, 1.4.0 'Ariadne', is the first release candidate for the forthcoming 64 Studio 2.0, which will retain compatibility with Debian Etch to create a long-lived and stable creative desktop.
CentOS 4.5 is released for i386, x86_64, and ia64The CentOS development team has announced the release of CentOS 4.5 for i386, x86_64 and ia64. It is available on all CentOS.org mirrors and via bittorrent.
Pie Box Enterprise Linux 4 AS U5 now availableUpdate 5 of Pie Box Enterprise Linux 4 has been released. "Pie Box Enterprise Linux 4 is aimed at people who need a stable OS with a long lifespan but don't want an expensive bundled support contract. It is derived from open source software with only four packages modified in order to replace trademarks and logos with our own. Features of Pie Box Enterprise Linux 4 include the Linux 2.6 kernel, SELinux, GNOME 2.8, Samba 3.0, Logical Volume Manager 2, PCI Express support and NFSv.4."
SimplyMEPIS Localized French and Spanish CDs Ready for TestingMEPIS has announced test versions of new French and Spanish 32 bit CDs for SimplyMEPIS 6.5. "The new ISOs are available at MEPIS online mirrors in the testing directory. Suggestions and fixes should be submitted at the appropriate forum, http://www.mepis-france.org or http://www.mepisimo.com"
Slax Tools 070521A new version of Slax Tools has been released. Slax Tools are graphical applications that simplify process of generating custom version of live distribution Slax.
Distribution News Bits from DebianPetter Reinholdtsen takes a look at the debian package usage counter, popularity-contest or popcon. "The debian package usage counter, popularity-contest, reached 50,000 contributors a few hours ago. This is the number of machines reporting their list of installed packages and related information every week. The information collected is among other things used to make sure the most popular packages are on the installation CDs and DVDs."It looks like the sparc32 port will be dropped for Lenny. "Another reason is that dropping sparc32 support will allow optimization for sparc64 which will result in improved support for the modern sparc systems from Sun and Hitachi. Other distributions have already made this choice."
Automatic YUM Local Mirror GURU GUIDEThere's a new GURU GUIDE available that documents the technique for having YUM automatically use a local mirror without any configuration changes on the clients. Click below for the announcement.
Munich's KDE Desktops Usability Certified (KDE.News)KDE.News reports that the LiMuX distribution (based on Debian and KDE) created for the city of Munich has been certified to meet the international usability standard ISO 9241.
openSUSE mailing listsHere's a reminder that the migration from lists.suse.com to lists.opensuse.org is complete and support for the old mailinglist names will be dropped on June 1, 2007. This email will help you find new openSUSE mailing lists.
Ubuntu Technical Board meeting minutesHere are the minutes for the Ubuntu Technical Board meeting held on May 22, 2007. Topics include the process for applying to become an Ubuntu Core Developer, and a look at future meetings (scheduling changes, getting the minutes out, and getting items on the agenda).
Distribution Newsletters Fedora Weekly News Issue 88The Fedora Weekly News for May 19, 2007 looks at the deep freeze for Fedora 7, the fedora-cs-list for Czech and Slovak Fedora users, Fedora Rawhide Live Images, a summary from the Red Hat Summit, F7 Firstboot and EULA, and much more.
Ubuntu Weekly News: Issue #41The Ubuntu Weekly Newsletter for May 19, 2007 covers the new Torrent Team, progress of the Ubuntu Mobile and Embedded Project, newly approved members and LoCos, Community Council and Forum Council meetings, a look at the Xubuntu Team and more.
DistroWatch Weekly, Issue 203The DistroWatch Weekly for May 21, 2007 is out. "The feature story of the latest issue is a review of DeLi Linux 0.7.2, one of the few desktop distributions that targets old computers - those with as little as 8 MB of RAM. Does it really work as advertised? And are the included applications usable? Find out in our exclusive first look review by Susan Linton. In the news section, Mandriva terminates the contracts with several of its developers in order to cut costs, the openSUSE community launches an ambitious project to reduce the boot time of the distribution to 5 seconds, and Fedora removes Beagle from default install due to unresolved bugs. Finally, don't miss the stunning new desktop distribution from Brazil's Famelix project."
Newsletters and articles of interest What is new for Debian-Med in Etch. (LinuxMedNews)LinuxMedNews looks at improvments in Debian-Med, a Debian derived distribution that focuses on medical applications. "With the recent release of Debian Etch, the Debian-Med project strengthened its current three main areas of activity: imaging, bioinformatics, and medical practice."
My Great Linux System Repair Adventure (Linux-Watch)Linux-Watch presents a tale of thunderstorms, lightning strikes, fried hardware, and SystemRescueCd. "This was turning into a really bad day. So, now I pulled out my freshly burned copy of SystemRescueCd 0.35. SystemRescueCd, if you've never met it, is the best single CD bootable system repair disk I know."
Beryl, Compiz, And Metisse - The 3D Desktop on Mandriva Linux 2007 Spring (HowtoForge)HowtoForge looks at getting the most out the 3D desktop updates in Mandriva Linux 2007 Spring. "To make it easier to try out and switch between all these 3D desktop technologies, Mandriva has developed a tool available in the Mandriva Control Center and directly from the login screen. This tool offers the choice between a Metisse desktop, a '3D Cube' desktop or no 3D desktop. For expert users, advanced options exist for the '3D Cube' desktop, allowing you to manually choose Compiz or Beryl and set whether the AIGLX or Xgl underlying server technology is used."
The Perfect Desktop - Ubuntu Studio 7.04 (HowtoForge)HowtoForge sets up a Ubuntu Studio 7.04 desktop. "Ubuntu Studio is a special Linux distribution tailored to the needs of audio, video, and graphic enthusiasts or professionals. Because Ubuntu Studio is based on Ubuntu, you are not limited to this area, but can install any application that is available for Ubuntu, thus turning Ubuntu Studio in a normal desktop for everyday use. This tutorial shows how you can turn Ubuntu Studio 7.04 into a full-fledged replacement for a Windows desktop."
Distribution reviews VectorLinux SOHO: A better Slackware than Slackware (Linux.com)Linux.com reviews VectorLinux 5.8 SOHO. "VectorLinux includes its own graphical system configuration suite called the Vector Administration System Menu. The program opens a window containing a menu that lets you change your user password, set up which window manager to use, reset the skeleton files entries (skeleton files set default behaviors for an application or process to make it more functional or user-friendly) in part or as a whole for a fresh configuration, and perform deeper system configuration requiring the root password. With that fourth choice, you can configure the autodetection utility, manage users, set up the X server, start up services and boot procedures, set up hostname and networking options, configure hardware devices, and configure filesystems."
New PCLinuxOS 2007 looks great, works well (Linux.com)Linux.com reviews PCLinuxOS 2007. "PCLinuxOS is a live CD distribution that enables users to test Linux without actually having to install it. The highly anticipated new version, PCLinuxOS 2007, was released on Monday. Its intuitive selection of software, high level of stability and functionality, and the quality of the graphics make this the distribution's best release ever. PCLOS began almost four years ago as a fork of MandrakeLinux 9.2. Subsequent releases were built and updated upon the previous version. PCLOS 2007 still utilizes some source code from MandrivaLinux, as seen in the startup wizard, hard drive installer, and the PCLinuxOS Control Center."
Page editor: Rebecca Sobol Development Boo - a wrist-friendly language for the CLIImagine taking a Ford engine, a Chevrolet chassis, and a Toyota transmission, bolting them together, and discovering that they fit perfectly. In the programming world, Rodrigo Barreto de Oliveira created such a vehicle. Around the year 2003, de Oliveira was unhappy with some of the .Net/Mono languages at the time because none of the stable ones were Python-like. De Oliveira said that he missed the "wrist-friendly" Python syntax. He created his own language, Boo, and explains in the Boo Manifesto [pdf]: "I wanted a language I could extend with my own constructs. I wanted a compiler system that could be taught new things, taught how to automagically [sic] generate common code for me." The language caught on, and several sites hosted Boo projects or created communities around it. ![[Boo]](/images/ns/boolang.png)
Boo is an object-oriented, statically-typed programming language that makes use of the .Net Common Language Infrastructure. It is licensed under an open-source MIT/BSD-style license, and because it is built upon the Mono or Microsoft .Net framework, it is cross-platform and can be extended significantly. Boo supports Unicode, internationalization, and web-style applications while its language's syntax is Python-inspired. Focusing on both language and compiler extensibility, it features type inference, optional duck typing, currying, first class functions, multimethods, and generators. The language is quite flexible and adapts to many genres of programming. It can be used in or written for games, GUI applications and web frameworks (see the Boo Applications). It can interact with most Mono libraries, every CLS-compliant library and most generics. In short, it works with pretty much everything, every library, and every framework for .Net or Mono. In the game world, BooGame (a 2D, OpenGL-accelerated, game engine framework) is similar, if not almost equivalent, to PyGame. The commercial Mac OS X Unity game engine has very good support for Boo scripting for both 2D and 3D games. With Unity, Boo games can even be played from a browser. Unity is not the only 3D framework that supports Boo. The open source Tao framework supplies OpenGL, Ogre, and OpenAl bindings for Boo on both .Net and Mono. Although not too many web frameworks have been written for Boo, Apache's mod_mono makes web development possible. A popular framework is Webbness, which delivers functionality similar to Ruby on Rails and it generates code in either Boo or C#. There are several reasons to use Boo over other languages, even though many others (such as Lua) may have a larger community, have a larger software base, or may be in the news more often. Boo stands out from the crowd since it is appealing to developers due to its simple syntax and well implemented OOP functionality on the .Net/Mono platform. It differs from IronPython in several ways because it can provide features and tools that IronPython might never support (due it its very good compatibility with standard CPython). Unlike some languages, Boo is not designed to replace or be used exclusively as an alternative to C#. Instead it was designed to be extended and to interact with those languages. This allows the programmer to write once in a different languages, and use his code with Boo. In the Boo Manifesto, de Oliveira explains why he created the language. "When I was programming in full Python mode I missed some of the things I'd normally get from a more statically typed environment." He goes on to say, "what I missed the most was the well thought out .net architecture and its great support for Unicode, globalization and web style applications." Just recently Boo 0.7.7 was released, touting new features primarily involving support for consuming generic methods. For example, in Boo 0.7.6 one could only use generics with external types. Boo 0.7.7 improved generics support, allowing the programmer to use generics with internal types (which are defined in the Boo assemblies that are to be compiled). It also improved the verify pipeline, making it available on Mono (the pipeline in 0.7.6 only worked well in .Net) and optimized string handling (allowing the coder to generate Gendarme/FXcop-compliant assemblies). Type inference (which is a work in progress) was improved and the release fixed a handful of bugs, mostly inconsistencies in the Boo compiler. Boo releases come frequently (see the Boo Release Schedule). The team uploads a new sub-release every month to fix bugs and add a few features. The next major version, Boo 0.8, is in active development and the team is working on improving the compiler even more. Although there isn't much information on the upcoming 0.8 release, the bug tracker has some reported issues with the improved lexical and method syntax as well as some interpreter and duck typing improvements. Boo was created to fill gaps in Python in order to make a programmer's job even easier. Its syntax makes programming a breeze and it can be extended to work in dozens of scenarios. Whether one wants to create a game, a web site or a GUI application, Boo can lighten the load. The programmer can concentrate on nitty-gritty programing in a different language, while Boo effortlessly interacts with that language. Almost every other module can be found in the .Net/Mono framework. Resources
System Applications Database Software PostgreSQL Weekly NewsThe May 20, 2007 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
Embedded Systems BusyBox 1.5.1 releasedStable version 1.5.1 of BusyBox, a collection of command line utilities for embedded systems, is out with the following changes: "This is a bugfix-only release, with fixes to hdparm, hush, ifupdown, ps and sed."
Telecom eds-sync released as open-sourceNokia has released eds-sync as open-source software. "Eds-sync is the component that synchronizes remote Telepathy rosters (= instant messaging contact list stored on server) to a local evolution-data-server. After initial synchronization, it keeps the rosters in sync with the local addressbook. It currently will only work correctly with the Nokia specific eds-dbus, and it requires the addressbook UI components to do some special actions too."
Web Site Development Chandler Server 0.6.1 updatedRelease 0.6.1 of Chandler Server is out with new capabilities. "Chandler Server is a database, server, and web UI for storing and managing personal information such as events and tasks. It implements standards such as CalDAV, WebDAV, Atom, and Atom Publishing Protocol."
Silva 2.0 releasedVersion 2.0 of the Silva content management system has been announced. "This architectural release targets Zope 2.10 and higher and takes advantage of much of the new technology. Infrae has striven to keep Silva 2.0 almost feature identical to Silva 1.6, while refactoring and rebuilding large parts of the system under the hood, using advances in Zope and Five infrastructure. This major reworking should especially help extension developers by expanding the set of tools available to them."
Desktop Applications Audio Applications Audacity 1.3.3 beta releasedBeta version 1.3.3 of the Audacity audio editor has been released. "The Audacity Team is pleased to announce the release of Audacity 1.3.3 (beta), which contains numerous new features and capabilities beyond the 1.3.2 (beta) release. Because it is a work in progress and does not yet come with complete documentation or translations into foreign languages, it is recommended for more advanced users."
eSpeak 1.25 releasedVersion 1.25 of eSpeak, a text to speech synthesis converter, is out with improvements to the French, Czech, Slovak, Norwegian, Croatian, and Portuguese language support.
jack_mixer version 5 releasedVersion 5 of jack_mixer has been announced. "jack_mixer is GTK (2.x) JACK audio mixer with look similar to it`s hardware counterparts. It has lot of useful features, apart from being able to mix multiple JACK audio streams. Changes since version 4: fix building against older jack versions (i.e. not latest svn)"
JackMixDesk pre 0.3 releasedVersion pre 0.3 of JackMixDesk is out with the following changes: "The nasty bug that maximum volume wasn't reachable after moving the slider is gone. Made it useless. Didn't see that... The interface is prepared for knob resizing. If you use phat svn sources change the KNOB_SIZE in mixdesk_gtk.c to maybe 32. You'll also get scroll support."
XMMS2 DrJekyll releasedThe DrJekyll release of XMMS2, the rewrite of the XMMS music player, is out. "This has been one of the longest release periods in the history of XMMS2. A lot of big changes has been merged, including the long awaited Collections API. We have also switched to a new build-system. The XMMS2 Team would like to extend a big THANK YOU to all who have helped out with this release, a lot of bug testing and bug fixing by new faces has been seen. Hope to you all around for the next release!"
Desktop Environments GNOME 2.19.2 releasedVersion 2.19.2 of the GNOME desktop environment has been released. "This is our second development release on our road towards GNOME 2.20.0, which will be released in September 2007. New features are still arriving, so your mission is simple : Go download it. Go compile it. Go test it. And go hack on it, document it, translate it, fix it."
GARNOME 2.19.2 releasedVersion 2.19.2 of GARNOME, the bleeding edge GNOME distribution, is out. "This release includes all of GNOME 2.19.2 plus a bunch of updates that were released after the GNOME freeze date. This is the second release in the unstable cycle, with more features, more fixes and yet more madness added. It is for anyone who wants to get his hands dirty on the development branch, or who'd like to get a peek at future features. If you want to help spot issues in GARNOME, (or, better yet, fix 'em ;-) this release is for you as well."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE 3.5.7 releasedMaintenance release version 3.5.7 of the K Desktop Environment (KDE) is out. "This release has a renewed focus on KDE PIM applications. KAddressBook, KOrganizer and KAlarm received attention with bugfixes, while KMail additionally witnessed new features and improvements with both interface work and IMAP handling: it can manage IMAP quota and copy and move all folders."
The HIG Hunting Season Continues (KDE.News)KDE.News reports that HIG hunting continues, with a focus on spelling and font settings. "The HIG Hunting Season for KDE 4 continues. This week we focus is on the written word with a new checklist on text and fonts. Are you impatiently waiting for KDE 4? Would you like to help KDE make this release a full success? Then get involved! Read on for more details."
KDE Commit-Digest (KDE.News)The May 20, 2007 edition of the KDE Commit-Digest has been announced. The content summary says: "User-visible functionality added in Plasma. Support for animated SVG images in SuperKaramba. Kanagram becomes the latest application to adopt a scalable, SVG-based interface. Initial code imported, as a statement of intention, to support interaction with Exchange servers and the Akonadi PIM data store. Small, incremental improvements in KTorrent. A new round of Coverity fixes, particularly in KOffice and Amarok. Work on loading ODF shapes through Flake in KOffice. KDevelop gets improved support for .ui (user interface layout) files. Branches of KMail, KPPP, Konversation and Kopete created to enable the integration of Solid-based connection management and notification. KDE 3.5.7 is tagged for release early next week."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
Desktop Publishing LyX version 1.5.0 (beta 3) is releasedVersion 1.5.0 beta 3 of LyX, a GUI front-end to the TeX typesetting system, is out. "Compared with the previous beta release we have fixed several bugs and added some improvements, namely a new inset to support code listings. We have enabled the converter file cache by default. Internally we have renamed files to follow a consistent name pattern, this will allow an easier navigation of the source code thus simplifying bug fixing. Compared with the latest stable release, this is the culmination of one year of hard work, and we sincerely hope you will enjoy the results."
WIKINDX 3.6.4 Released (SourceForge)Version 3.6.4 of WIKINDX has been released, this release includes Focus Feature enhancements and minor bug fixes. "WIKINDX is a free single or multi-user research environment storing searchable bibliographies, notes and citations and integrated with a WYSIWYG word processor for the authoring of publication-ready articles automatically formatted to chosen citation styles."
Games Ember progress report (WorldForge)The WorldForge virtual world project presents a progress report on Ember, which is projected to have an 0.5.0 release soon. "The main focus of 0.5.0 is on providing better authoring tools. The goal is to allow players to edit the whole world within Ember. One major component that has been missing so far has been a working entity editor. This has now been added to Ember."
GUI Packages wxWidgets 2.8.4 releasedVersion 2.8.4 of wxWidgets, a cross-platform GUI toolkit, has been announced. "This is mainly a bug fix release".
Interoperability Wine-doors 0.1pre1 released (GnomeDesktop)GnomeDesktop.org looks at the 0.1 pre 1 release of Wine-doors. "Wine-doors is an application designed to make installing windows software on Linux, Solaris or other Unix systems easier. Wine-doors is essentially a package management tool for windows software on Linux systems. Most Linux desktop users are familiar with package management style application delivery, so it made sense to apply this model to windows software."
Medical Applications ClearHealth 2.0 Developer Preview Demo (LinuxMedNews)LinuxMedNews has announced the availability of Developer Preview 2.0 of the ClearHealth 2.0 electronic medical record system. "After more than a year of active design and development ClearHealth 2.0 is about to lift off. A developer preview demonstration is available at demo.clear-health.com but please note that it is a BETA pre-release edition of CH 2.0 undoubtedly with some rough edges remaining to be fixed."
FreeMED 0.8.4 and REMITT 0.3.3 released (LinuxMedNews)LinuxMedNews has announced the release of FreeMED 0.8.4 and REMITT 0.3.3. "FreeMED version 0.8.4 and REMITT version 0.3.3 have been formally released on Tuesday, May 22, 2007. They include support for CMS's mandated NPI standard, as well as many other improvements and community contributed bugfixes and features. FreeMED is an GPL-licensed opensource EMR/PM suite ..."
Music Applications Free Music Instrument Tuner 0.97.5 releasedVersion 0.97.5 of Free Music Instrument Tuner is out with some small updates and bug fixes.
LV2 Simple Sine Generator pluginThe LV2 Simple Sine Generator plugin project has been announced. "LV2 Simple Sine Generator is very simple plugin, generating sine when feed with notes. It should load in any host supporting midi port LV2 extension, i.e. elven, ingen, lv2_jack_host and zynjacku. Plugin should be usable for testing basic synth functionality and as simple example synth plugin to start with if you want to code your own LV2 synth plugin."
PHASEX 0.10.2 releasedVersion 0.10.2 of PHASEX, the [P]hase [H]armonic [A]dvanced [S]ynthesis [EX]periment software synthesizer is out. "This release contains many fixes, most notably better support for older GTK versions. PHASEX now works with GTK2 versions as low as 2.4.x, which should help most of the build issues on older distros."
pyliblo 0.6 announcedVersion 0.6 of pyliblo is out with a number of new features. "pyliblo is a Python wrapper for the liblo OSC library. It supports almost the complete functionality of liblo, allowing you to send and receive OSC messages using a nice and simple Python API."
Office Suites unoconv: convert between any document format supported by OpenOfficeThe first release of unoconv has been announced. "Unoconv converts between any document format that OpenOffice understands. It uses OpenOffice's UNO bindings for non-interactive conversion of documents. Supported document formats include Open Document Format (.odf), MS Word (.doc), MS Office Open/MS OOXML (.xml), Portable Document Format (.pdf), HTML, XHTML, RTF, Docbook (.xml), and more. (24 document formats in total)".
RSS Software LeafRSS 0.9 released (SourceForge)Version 0.9 of LeafRSS, a simple RSS aggregator that learns to filter out unwanted articles from multiple feeds automatically, has been announced. "We are proud to announce the release of version 0.9 or LeafRSS! This version includes full smarty template integration, as well as options to embed the articles in another web page, or even to allow the output of the filter as an RSS feed."
Web Browsers Mozilla Firefox 2.0.0.4 RC 3 announced (MozillaZine)Release candidate 3 of Mozilla Firefox 2.0.0.4 has been announced. "A third set of release candidate builds for the forthcoming Mozilla Firefox 2.0.0.4 release are now available for testing. Testers can obtain these builds from the rc3 directory on ftp.mozilla.org. Any problems discovered by users can be posted to Firefox 2.0.0.4 Release Candidate 3 announcement on quality.mozilla.org. Currently in a pre-alpha state, the QMO site was launched last week to improve the community-based Mozilla quality assurance effort. Firefox 2.0.0.4 is likely to be released simultaneously with Firefox 1.5.0.12, which will be the final release of the 1.5.0.x line before the Mozilla Corporation ends official support."
Languages and Tools Caml Caml Weekly NewsThe May 22, 2007 edition of the Caml Weekly News is out with new Caml language articles.
Python Python-URL! - weekly Python news and linksThe May 21, 2007 edition of the Python-URL! is online with a new collection of Python article links.
Tcl/Tk Tcl-URL! - weekly Tcl news and linksThe May 21, 2007 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
XML XML Parser Benchmarks: Part 2 (O'Reilly)Matthias Farwick and Michael Hafner compare XML parsers in part two of an O'Reilly article series. "In part 1 of this series we showed you the results of our event-driven parser benchmarks. The outcome of these benchmarks showed that the LIBXML2 SAX-like parser in C is superior over the other tested parsers. In second place followed the two Java pull-parser implementations Javolution and Woodstox. In this part of the series we will show you how the object model parser performed in our tests."
Libraries libnfnetlink_conntrack 0.0.75 releasedVersion 0.0.75 of libnfnetlink_conntrack, it features a lot of bug fixes and new capabilities. "libnetfilter_conntrack is a userspace library providing a programming interface (API) to the in-kernel connection tracking state table."
Version Control GIT 1.5.2 releasedVersion 1.5.2 of GIT has been announced, it adds many new capabilities and bug fixes.
Page editor: Forrest Cook Linux in the news Recommended Reading Schwartz: Censoring Free MediaSun's Jonathan Schwartz is back with a post comparing free software and free media. "Sun has what I'd argue to be the single most valuable and focused patent portfolio on the web (and yes, we'd use it to defend Red Hat and Ubuntu, both). But suing the open source community would've been tantamount to a newspaper suing the authors of their letters to the editor. We would've been attempting to censor rather than embrace a free press. It might have felt good at the time, but it wouldn't have addressed the broader challenge - community content was becoming more interesting to our customers than our professional content."
Linux vouchers, Microsoft, and GPL3: separating the signal from the noise (ars technica)ars technica takes a skeptical look at Eben Moglen's recent claim that, by distributing Novell's Linux support coupons, Microsoft has committed itself to the (yet unfinalized) terms of GPLv3. "Richard Wilder, a patent lawyer for the Association of Competitive Technology (an organization partially funded by Microsoft), argues that Microsoft isn't subject to the GPL because the company isn't literally distributing Linux or any other piece of GPL-licensed software. Speaking to the Seattle Post-Intelligencer, Wilder said, '[Microsoft is] not distributing Linux. They're providing somebody access to a service, but they're not providing copies of Linux on a disk, and they're not providing somebody access to Linux for the purpose of download, and so they're not engaged in any distribution.'"
Trade Shows and Conferences Red Hat CEO: Open Source Now Legitimate (eWeek)eWeek covers Red Hat CEO Matt Szulik in his opening address at the Open Source Business Conference. "In his address titled "The Evolution of Open Source in the Enterprise," Szulik said that enterprise companies have more opportunities today than ever to search for the capabilities they are looking for--across open and proprietary solutions."
Companies Freenode and OFTC IRC networks buddy up (Linux.com)Linux.com looks at Freenode and OFTC. "Two Internet Relay Chat (IRC) networks that are used heavily by free and open source software projects, freenode and the Open and Free Technology Community (OFTC), are building bridges by swapping staff and observing each other's operations. The rapprochement brings together two organizations that sprang from a single project, and may be a precursor for more intimate ties."
Novell and SAP partner up (Linux-Watch)Linux-Watch examines a partnership between Novell and SAP. "SAP AG and Novell announced on May 15 that they have extended their relationship to offer a new joint support solution for customers who run SAP applications on SUSE Linux Enterprise Server. These customers now have a single support entry point for the entire software stack -- from the operating system through the application -- to streamline resolution of support incidents, reduce complexity and lower the total cost of ownership. This new offering is named "SUSE Linux Enterprise Server Priority Support for SAP applications.""
Linux at Work A Linux computer in every garage? (LinuxDevices)LinuxDevices looks at a U.S. government- and automotive industry-led coalition to equip cars with wirelessly connected computers. "On the software side, the prototype OBEs [on board equipment] run Linux. The Parvus SBCs come with a basic Linux BSP. Alternatively, if OEMs want commercial support, Wind River said its General Purpose Platform, Linux Edition was selected for this purpose, in part because of the company's long-standing relationships with Delphi, Motorola, and other project participants, broad experience in automotive applications, and experience working with large ecosystems -- Eclipse's Device Software Project comes to mind here. "
Legal The Be Very Afraid Tour and a Word About that Patent Study (Groklaw)Groklaw compares the recent Microsoft patent rumblings to the SCO case. "Now Linux users are being offered a "patent peace" with Microsoft in a very similar way, only this time, it's supposedly patents backing up the threat. Or is it? Let's see if we can quantify. First, on the patent study Microsoft misquotes, here's what it actually found: No court-validated software patent is infringed by the Linux kernel. None. That may be why there has never been a patent infringement lawsuit against Linux. That means that to date, Linux doesn't infringe anybody's court-validated patents. One thing we have learned from the SCO litigation, aside from the folly of suing your own customers, is that Linux is the cleanest, most pure code on the planet."
Moglen's Slides and Talk on SUSE Vouchers and GPLv3 Available (Groklaw)Groklaw looks at the Novell-Microsoft deal and GPLv3. "Yesterday, we got the stunning news that the SUSE vouchers have no expiration date, a legal oversight that looks to be the wooden stake in the Novell-Microsoft patent peace agreement's heart. This is what will happen when someone turns in a voucher after GPLv3 code is available under the new license, which Moglen says is sure to happen."
Interviews Google Keeps Close Eye on Open Source (eWeek)eWeek interviews Chris DiBona. "Chris DiBona, open-source programs manager at Google, gave a talk called "A Year of Open Source at Google" for the Google New York speaker series. Prior to his talk, which was closed to press, DiBona spoke on May 16 with eWEEK Senior Editor Darryl K. Taft about a series of issues such as Microsoft's recent saber rattling over patents, Google's open-source development contributions and what GPLv3 means for Google."
People Behind KDE: Troy Unrau (KDE.News)KDE.News has announced a new interview in the People Behind KDE series. "For the next interview in the fortnightly People Behind KDE series we travel to North America for the first time this series to talk to an IRC veteran and the author of ground-shaking, in-depth promotional articles on the interesting road towards KDE 4 - tonight's star of People Behind KDE is Troy Unrau."
Tristan Nitot, founder and president of Mozilla Europe (LaFlecha)LaFlecha interviews Mozilla Europe president Tristan Nitot. "S.R.: Which are the most significant advancements done by Mozilla Europe since its foundation? T.N.: I think that shipping Firefox in more than 40 languages, with the official Web site translated in these languages is our major achievement. Helping Firefox gaining market share is also very important, as it makes Web developers understand that they have to test their web sites with our browser. We also hope that the content will be compatible with all modern Web browsers such as Opera and Safari." (Found on MozillaZine)
Resources Creating a simple DVD using 'Q' DVD-Author (Linux.com)Linux.com looks at 'Q' DVD-Author. "Since its beginning in 2004, 'Q' DVD-Author has matured from a basic front end for the underlying command-line Linux DVD-burning tools into a full-blown DVD authoring suite. It can now create a DVD with multiple menus, multiple audio tracks, and multiple subtitles. It offers an easy-to-use templating system, built-in transcoding, and a simple module to create slideshows from still pictures."
Ruby in May 2007 (Linux Journal)Pat Eyler takes a look at some Ruby news. "May has been a busy month in the Ruby world, and while I've been busy with work, Erlang, and other commitments I've tried hard not to lose track of things. Here are some of the things that have caught my eye."
Reviews Ardour 2.0 : A Brief Practical Introduction (Linux Journal)Dave Phillips looks at Ardour 2.0. "Ardour 2.0 is now available for download. This version is a significant improvement over the 0.99 series (1.0 was never released), with many new features and enhancements to performance and stability. The following article profiles the new Ardour as I employed it for three projects, all involving the program in the processes of composition and arranging as well as the more typical tasks of recording and editing. I've described each project in some detail, and each description includes a link to the final audio output."
Intel and PowerTOP extend Linux laptop battery life (Linux.com)Linux.com reviews Intel's GPL-licensed PowerTOP utility. An interview with PowerTOP project leader Arjan van de Ven is also included. "Intel recently released its PowerTOP utility, which builds on work done by kernel developers to make the Linux kernel power-efficient. PowerTOP gives you a snapshot of what apps are consuming the most power. Turn off these apps or modify their behavior, and you'll notice an instant increase in the battery life."
Tools for Geographically Distributed Software Development (O'ReillyNet)O'ReillyNet looks at some tools for geographically distributed software development. "The biggest risk that a GDD project faces is with its ability to effectively communicate internally. The reason that bosses want their developers in the office everyday is because that's a proven technique to build a tight, well-communicating team, which is a critical part of any project's success. GDD not only lacks face-to-face relationships but there are also language barriers which make it even more difficult. However, technology can help geographically dispersed teams achieve a level of communication as sophisticated as what develops when everyone sees each other everyday."
LogFS: A new way of thinking about flash filesystems (Linux.com)Linux.com covers LogFS. "Storage manufacturers are getting ready to start shipping solid state disks, and Linux-based devices like One Laptop per Child's XO and Intel's Classmate don't contain standard hard disks. To improve performance on the wide array of flash memory storage devices now available, project leader Jërn Engel has announced LogFS, a scalable filesystem specifically for flash devices." (LWN covered LogFS on the May 17 Kernel Page).
WindowMaker project still attracting ardorous fans (Linux in Brazil)Linux in Brazil looks at WindowMaker. "WindowMaker, the lightweight window manager that closely mimics NextStep's look and feel, was at the peak of its own popularity chart some 5 or 6 years ago, when it was shipped as default GUI in some Linux distros, and offered as a standard alternative by most of them. Since then, it was put in some sort of unofficial maintenance mode by its authors."
Page editor: Forrest Cook Announcements Non-Commercial announcements The MS message: Time to invest in Free SoftwareThe Free Software Foundation Europe has sent out a press release concerning Microsoft's latest software patent announcement. "In an attempt to inspire fear, uncertainty and doubt in the hearts of the financial world, Microsoft alledged massive patent infringement by Free Software in a recent Fortune article. According to Microsoft the Linux kernel violates 42 patents, Free Software graphical user interfaces violate 65 patents, OpenOffice.org productivity suite violates 45 patents, Free Software email clients infringe 15 patents and other unspecified Free Software programs infringe 68 patents. On the grounds of these hitherto unsubstantiated claims, Microsoft now seeks to cash in on the work of all the companies and developers that earn their living through Free Software."
Commercial announcements The Apache Software Foundation announces Apache Axis2/C v.1.0The Apache Software Foundation has announced Apache Axis2/C v.1.0. "The Apache Software Foundation's (ASF) Web Services Project today announced the release of Apache Axis2/C v.1.0, the latest version of its popular Axis2 Web Service engine architecture. Axis2/C enables systems written in the C/C++ languages to connect across a network with a wide variety of Web software -- ranging from Open Source implementations to commercial solutions from vendors that include IBM, Microsoft, Sun Microsystems, Oracle, and SAP."
Collanos releases Workplace 1.1Collanos Software has announced the release of Workplace 1.1. "Within minutes you can be sharing documents, having online discussions, and managing tasks, all in a single, consolidated space. Built on reliable peer-to-peer technology, Collanos Workplace software allows you to work anywhere, anytime, both online and offline. Collanos Workplace is free and runs on Windows, Mac and Linux!"
Funambol announces Funambol v6Funambol has announced the release of Funambol v6. "Funambol, the mobile open source software company, today announced the general availability of Funambol v6, which improves open source push email, contacts and calendar for everyone. Funambol v6 enables mobile carriers and service providers to offer a low-cost push email solution that lets mass market consumers access Yahoo! Mail, Gmail, AOL and other popular email services. It includes a new portal that automates over-the-air (OTA) provisioning of mobile devices, a new open source Java ME push email client for commodity handsets, and capabilities to ease mass deployments."
Lina previews groundbreaking technology at OSBC 2007Lina has announced the LINA product, which is scheduled to be released under the GPL. "LINA provides a major technological breakthrough in application portability. LINA brings thousands of applications to the ninety-five percent of computer users who run non-Linux operating systems. LINA allows users to run Open Source Linux applications on Windows and Mac desktops. Users experience the familiar look, feel, and functionality of their native operating systems, since LINA applications appear to the user as native applications regardless of the underlying platform."
Linspire and Parallels to Expand Desktop Linux VirtualizationLinspire, Inc. and Parallels, Inc. have announced the availability of Parallels' Workstation 2.2 desktop virtualization solution for Linspire and Freespire desktop Linux users via CNR.
Novell completes its stock option reviewNovell has announced that it has completed its review of its stock-based compensation policies. The PR doesn't say this, but the reason that this announcement is important (as heard from a Novell PR person at OSBC) is that this process was the holdup in the disclosure of the terms of Novell's deal with Microsoft. Now that the roadblock has been removed, we may see those terms by the end of the month.
The Open Group Announces Key Milestones; Membership RisesThe Open Group has announced some new milestones for the first quarter of 2007. "The Open Group saw a significant expansion of its membership with 27 new companies joining the organization from around the globe during this period. These new members represent a diverse group of organizations from across multiple industries, including Accenture, BT Group, Kestrel Technology, Nissan Motor Co. and Raytheon. The organization entered 2007 with the successful launch of The Association of Open Group Enterprise Architects (AOGEA), which aims to advance professional excellence in the enterprise architecture discipline, while increasing job opportunities for its members and providing employers with enterprise architects whose skills are based on recognized best practices and transferable between companies."
SiliconSystems announces development platformSiliconSystems, Inc. has announced the SiliconDrive Secure product family. "SiliconDrive Secure features a comprehensive suite of user-selectable security technologies that solve the critical need for robust storage security in embedded systems applications. The new SDK is an easy to use software development platform that integrates with Windows and Linux operating systems to provide OEMs access to the advanced security technologies integrated into every SiliconDrive Secure product. The SDK includes functional prototype software and programming code to speed development time and provide seamless integration."
Sourcefire and Insecure.Org announce partnershipSourcefire, Inc. and Insecure.Org have announced a licensing agreement for the parties to jointly develop open source vulnerability scanning technology based on the general purpose Nmap Scripting Engine (NSE) embedded within the popular Nmap network discovery tool.
Zenoss chosen as Novell Market Start partnerZenoss Inc. has announced they have been selected as a new member of the Novell Market Start program. Novell Market Start promotes enterprise-class solutions for small and medium business customers that run on SUSE Linux Enterprise.
New Books The Definitive ANTLR Reference - New from Pragmatic BookshelfPragmatic Bookshelf has published the book The Definitive ANTLR Reference by Terence Parr.
Learning Ruby - O'Reilly's Latest ReleaseO'Reilly has published the book Learning Ruby by Michael Fitzgerald.
No Starch Releases "Ruby by Example: Concepts and Code"No Starch Press has published the book Ruby by Example: Concepts and Code by Kevin Baird.
Education and Certification LPI exams at LinuxTag 2007 BerlinThe Linux Professional Institute will offer discounted certification exams at LinuxTag 2007 in Berlin, Germany from May 30 through June 2. Also: "The "LPI-Day" on Saturday, June 2, 2007 will feature a series of six presentations. This will include a speech by G.Matthew Rice, LPI Director of Product Development who will present on LPI's certification program including the recent LPIC-3 certification."
Calls for Presentations Chaos Communication Camp 2007 final CFPThe final call for papers has gone out for the Chaos Communication Camp 2007. The event takes place in Berlin, Germany on August 8-12, 2007. Submissions are due by June 5.
XCon2007 Call For PapersA call for papers has gone out for XCon2007, submissions are due by July 21. "XCon2007 the Sixth Information Security Conference will be held in Beijing, China, during August 28-29, 2007. This two-days conference will be held in a relaxed and cozy atmosphere, which will provide an international communion platform for the information security professionals, technicians, security supervisors, managers, and hacker technology fans"
Upcoming Events Mozilla Japan Organising Firefox Developer Conference Summer 2007 (MozillaZine)MozillaZine has announced the Firefox Developer Conference Summer 2007. "Mozilla Japan has announced the Firefox Developer Conference Summer 2007, which will be held at the Tepia Plaza in Tokyo on Saturday 16th June. The conference will focus on extension development and will feature a keynote speech from Mozilla Corporation employee Mike Shaver. The main event will run from 10:00am until 6:30pm with a get-together held afterwards."
The 2007 USENIX Annual Technical ConferenceThe 2007 USENIX Annual Technical Conference has been announced. "Leading researchers and influential technologists from companies including Google, Amazon.com, and Linden Lab, creator of Second Life, will gather to discuss the latest systems research and cutting-edge practices at the 2007 USENIX Annual Technical Conference, June 17-22, at the Santa Clara Convention Center."
Call for Participation: DIMVA 2007A call for participation has gone out for DIMVA 2007, the Fourth GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment. The event will be held in Lucerne, Switzerland on July 12 and 13, 2007.
Events: May 31, 2007 to July 30, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it.
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Matthew Szulik]](/images/conf/osbc2007/Szulik-sm.jpg)
![[Eben Moglen]](/images/conf/osbc2007/EbenMoglen-sm.jpg)