LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for July 19, 2007Apple buys cupsOne of the more strongly discussed bits of news over the last week is the announcement that Apple has bought CUPS (the Common Unix Printing system) and hired Michael Sweet, the project's primary developer. Indeed, this deal happened back in February; it just took a little while for the people involved to get around to telling the rest of the world about it. There is a great deal of concern over what this deal might mean, though most of it is probably unnecessary. Still, there are some lessons to be learned here.CUPS is an important part of our core infrastructure. Those of us who can think back to the days of trying to create lpr input and output filters to make a specific printer work can only be thankful that CUPS came along. It could easily be said that lpr lasted at least ten years longer than it should have, but, over that time, there were no real attempts to create a viable alternative. Projects like LPRng were mostly trying to create a slightly better version of the same thing. Then, there was the print system which Sun inflicted on users of early Solaris releases (who, as your editor can attest, were already suffering enough as it was); replacing that system with some version of lpr was a common thing to do. It took CUPS to implement contemporary printing protocols, support current hardware, and generally make the life of printer administrators easier - though, as any administrator who has lost a day to an obscure printer problem will say, things could get a lot better yet. CUPS has always been a corporate-owned free software project, meaning that it carries all of the potential problems that any other such project has. When a single company owns a project it can strongly control its development direction, take the code private, grant license exemptions at will, abruptly sell the code to somebody else, and so on. Many companies which own projects do many of these things. Dealing with corporations has its risks; it has often been said that the corporate personality is best compared to that of a schizophrenic adolescent. Even so, such relationships have worked out well for the free software community with very few exceptions. In this case, the ownership of CUPS has been passed from Easy Software Products (ESP) to Apple. Since contributors to CUPS are required to assign the copyrights to their work, ESP was entirely within its rights to make this sale. There are few constraints on what Apple can do with this externally-contributed code in the future; if it chooses, the company could certainly treat the code in ways that the original authors would not like. This risk is inherent in the transfer of copyrights; any free software developer who is contemplating signing a copyright transfer agreement should always think hard about who the receiving party is and what they could do in the future. The usual rule for dealing with companies - assume the person you negotiated the deal with will be immediately replaced by somebody who hates you - applies in this sort of situation. The worst thing that Apple can do, in any case, is to take future releases of CUPS private. The current, GPL-licensed releases will remain available and free. Should this happen, the community will have to pick up from the last free version and create a fork; it certainly would not be the first time such an action proved to be necessary. For now, though, the announcement of the sale says "CUPS will still be released under the existing GPL2/LGPL2 licensing terms, and I [Mr. Sweet] will continue to develop and support CUPS at Apple." Given that certain aspects of CUPS development - supporting hundreds of printers, for example - are best done in the community setting, it is not hard to believe that this state of affairs could continue indefinitely. Apple just might create enhanced versions of CUPS for its own operating system or as a commercial product. The company has already published a GPL exception policy allowing proprietary derived products to be made from CUPS - as long as they are distributed exclusively for Apple's operating systems. So Apple's version of CUPS might have shinier widgets or a few more printer drivers. Not the best of situations, but it is not all that different from the rights Sun gives itself with the OpenOffice.org code base. OpenOffice.org lacks features, fonts, and clip art found in StarOffice, but few OpenOffice.org users have complained that they felt cheated. Companies like MySQL make a nice living selling GPL exceptions to GPL-licensed code, including code contributed by outsiders. The real threat, perhaps, is that Mr. Sweet will find himself carrying a lot of Apple-specific responsibilities (his statement in the sale announcement carefully did not say how much he would continue working on CUPS) and that the rate of outside contributions might slow as developers worry about what Apple might do. That could significantly slow the rate at which CUPS moves forward, to the community's cost. One other potential problem is the CUPS trademark policy which has been announced by Apple. It requires permission to use the CUPS name with any derived product; a distributor who applies any patches at all, even security fixes, would be affected by this policy. The good news here is that, if this policy becomes a problem, the name of the print system could be changed to "mugs" or some such and few users would even notice. On the other hand, what this deal might do is bring more resources to the development of CUPS and contributions from a company which, for all its faults, is known to pay a great deal of attention to the end user's experience. Development could speed up and head in directions which make CUPS easier to use than it is now. That would be an outcome which would be hard to complain about.
A Tokyo trip reportThe free software community is truly global in scope - we are all over the world. A casual visitor might be forgiven for thinking otherwise, though: the people found on our mailing lists and in our code repositories are, to a great extent, based in Europe or North America. There is no shortage of talented developers elsewhere, but they are hard to see; they do not participate in our community at anywhere near the same level. We are clearly weaker as a result.
One attempt to improve this situation can be found in the Linux Foundation
Japan Symposium, held a few times each year in Tokyo. This event was
started by OSDL, and is being continued by the Linux Foundation. The idea
First, though, was an encounter with the Yokohama Linux Users Group, which had invited your editor to come talk seeing as he was in the neighborhood anyway. YLUG meetings, as it turns out, look much like LUG meetings just about anywhere: a couple dozen or so technical guys show up to hear somebody talk about free software. The beer and dinner (and more beer) gathering afterward was special, though; if more user groups included that sort of event, attendance at meetings would doubtless go up. The symposium itself began with presentations from your editor and Paul Menage, author of the process containers patch. One of the important features of this event is that it includes simultaneous translators; said translators were somewhat dismayed by your editor's habit of changing his talks (and slides) right up to the point where the laptop gets plugged in at the podium. Their presence is important, though: it allows attendees to follow the talks without having to struggle with a foreign language; they can also ask questions in Japanese and still have the presenters understand them. As it happens, language issues, while not on the formal agenda, were a big issue at this event. It is easy fall into the trap of believing that anybody who is sufficiently well educated to be part of our development community will, naturally, have learned the English language along the way. The truth of the matter is that there are many languages one could invest time in learning, English is a hard language (especially for those whose native language is far removed from English), and that many people who might have studied English for years have never really had a chance to use it enough to become truly proficient. English really is an obstacle for many potential contributors to our community. It slows down many developers, makes others afraid to participate in public forums, and blocks some entirely. One step which is being taken to improve this situation is the translation of a number of core kernel development documents into Japanese. The documents of interest are primarily process-oriented - those which tell prospective developers how the community works and how to get patches accepted. Translation of serious technical documentation would require quite a bit more work and would be hard to keep up to date, so that is less likely to happen. Japanese versions of the documentation seem unlikely to go into the kernel repository itself, so they will have to be hosted elsewhere; they should, in any case, provide a useful resource for Japanese developers hoping to begin with the kernel. The translators got to work in the opposite direction for a while as Akinobu Mita discussed his work on the fault injection framework. At any event designed to increase community involvement it is important to highlight the efforts of local people who have been successful; Mita-san's work, which makes it possible to find problems in difficult-to-test error recovery paths, is an important contribution to the kernel development toolkit. He has, recently, been posting fixes to a long series of bugs found through the use of fault injection, making the kernel more stable for everybody.
The second day consisted of smaller sessions where developers from Linux Foundation member companies could talk about their work and get questions answered. Fault injection was on the agenda again, as were various virtualization topics and the translation issue. Closing statements were made, and the event shut down until next time - scheduled for November. The key to building a community and keeping it together is good communication. By bringing in community developers, the Japan Symposium certainly succeeds in raising the level of communication with the Japanese community. There is no better way to learn about how a community works than to talk with those who are in the middle of it. This series of events might just be part of why contributions from Japan appear to be on the rise. A less obvious but equally important point is this: communication goes both ways. Any speaker who attends this event can only go away smarter, having learned something about how the wider world sees free software. That, too, can only be a good thing.
IBM pledges patent peace for interoperabilityIBM's recent patent pledge significantly lowers the bar for using their patents to implement software standards. Rather than specifying particular patents, IBM chose more than 150 different standards for interoperability, pledging not to assert any of their patents that are required to implement the standards. Along with the carrot of that pledge, there is also an implied stick for companies that might consider litigating over their own patents that are required to produce the standard. Software patents are generally problematic, but those which encumber technology standards can be especially so. When companies come together to form standards bodies, they have often agreed that implementations of the standard would be able to license any patents required, under so-called reasonable and non-discriminatory (RAND) terms. "Reasonable" is in the eye of the beholder, of course, and RAND terms have been used to lock out smaller companies from implementing patented standards along the way. Free and open source implementations are usually locked out, because "reasonable" terms almost always include royalties. Thus, RAND terms are usually discriminatory against free software. This has led some organizations, notably the World Wide Web Consortium (w3c), to move to an agreement that patents required to implement their standards be licensed on a royalty-free basis. This simplifies things, but requires some amount of bureaucracy as standards participants need to list relevant patents and create documents that state the nature of the royalty-free license. IBM's move circumvents all of that, by pledging not to assert patent claims against any implementation of the listed standards. The pledge not only covers free implementations, but competitive, commercial, closed source versions as well. The patents themselves do not need to be researched or listed as the pledge covers any that IBM has. It should be noted that this only applies to implementing the standards listed; IBM is not giving carte blanche to use their patented technology. The only caveat is that IBM will revoke the pledge for any implementor who asserts patent claims on a covered implementation - against IBM or any other party. For any of the standards listed, IBM is thus creating a "patent shield" for anyone who plays fairly, with the implication that unfair play - in the form of patent attacks - may be met with similar attacks from the rather extensive IBM patent portfolio. Because it is a pledge - not a license or agreement - projects or organizations that want to be covered by it need do nothing. There is no paperwork to file or license text to comply with. They will need to refrain from engaging their patent lawyers to attack others implementing the standards; this should be a constraint that most free software projects can live with. It is rather refreshing to see a company make a pledge that could plausibly reduce the amount of billable lawyer time required by technology companies. Patent lawyers may not agree, of course. The list of standards that are covered by the pledge is an impressive array of technologies, mostly web standards along with OASIS document format standards. The FAQ accompanying the pledge states that IBM will be evaluating additional standards for inclusion in the list. They clearly believe widely implemented standards are good for their customers:
IBM is making this Pledge to encourage broad adoption of open
specifications for software interoperability. Broad implementation of these
specifications can dramatically improve our customers' ability to
communicate data within and between their enterprises.
There is clearly a public relations aspect to this pledge, but one gets the sense that IBM truly does want to simplify the software patent landscape. They have, perhaps, the largest patent portfolio in the world, but they can also see the mess that software patents, especially patent trolls, are causing. If other companies make similar pledges, definite progress will have been made, at least for interoperability. Since it appears that software patents will be with us for a long time to come, at least in the US, any step forward should be cause for at least a bit of celebration.
Security SE-PostgreSQL uses SELinux for database securitySecurity Enhanced Linux (SELinux) adds layers of security on top of the traditional discretionary access control (DAC) offered by UNIX-like systems to provide more fine-grained control over the operating system objects and data. The Security Enhanced PostgreSQL (SE-PostgreSQL) project seeks to provide the same kinds of fine-grained access controls to the PostgreSQL database engine, integrating those policies with SELinux. SE-PostgreSQL has just released its 1.0 beta and is encouraging users to report any bugs before the final 1.0 release. Traditionally, database systems use a permissions model that is similar to, but separate from, the underlying operating system permissions. Users are created within the database and granted access to various database capabilities, some of which they can pass on to others (which is a feature of DAC). In addition, database management systems (DBMS) have a privileged user that bypasses all of the permissions checks. For a system running SELinux, this situation is less than desirable, as most, if not all, of the carefully crafted policies, for restricting data access, are ignored by the DBMS. SE-PostgreSQL works with SELinux to apply its policies on top of the DBMS permissions, allowing the administrator the fine-grained access control, afforded by SELinux, within PostgreSQL. SELinux relies upon "security contexts", which are attached to each object in the operating system: files, directories, sockets, processes, users, etc. These contexts are permanently attached to the various objects and the SELinux policies then dictate how the contexts interact and what kind of operations are allowed to be performed. More information about SELinux and its enforcement mechanisms can be found on the project's webpage as well as in this introductory LWN article. In a standard PostgreSQL installation, a Linux user can present the credentials (username and password) of any database user and perform the database operations allowed for that user. Using SE-PostgreSQL, SELinux security contexts are associated with each table, row and column of the database. The SELinux policy arbitrator in the kernel is consulted for each database operation and they are either allowed or denied based on the combination of the user context and the database object context. The PostgreSQL user must still have the ability to perform the requested action as the PostgreSQL permissions are checked before the SELinux policies are even consulted. This two-tiered permissions system is probably unnecessary, so SE-PostgreSQL could completely replace the database permissions in secure installations. Because security contexts are attached to objects in the operating system, SE-PostgreSQL can alleviate a common problem with data migrating from the filesystem into the database. If filesystem data that requires an elevated level of security is inserted into a database table, that row will inherit the security context of the data. This will prevent users or processes with lower access capabilities from accessing it. Also, depending on the security context of the user querying the database, certain columns or rows may not be available and SE-PostgreSQL intercepts the queries and results, filtering them appropriately. Users will be able to see the query results they are allowed to access and no others. Another related project is PostgreSQL Access Control Extension (PGACE), which provides an interface for PostgreSQL to use the facilities of a secure operating system. This allows SE-PostgreSQL to use the SELinux facilities, but will also allow PostgreSQL to use the Trusted Solaris or other security-oriented operating system facilities. It is meant to provide a common framework of hooks that PostgreSQL can call to determine whether to permit or deny access. It is similar in spirit to the Linux Security Modules (LSM) interface which allows different security implementations to be used by the kernel. The development of SE-PostgreSQL was supported by the Exploratory Software Project of Japan's Information-Technology Promotion Agency. This project is aimed at funding young developers with new ideas and SE-PostgreSQL would certainly qualify. For security conscious companies using SELinux and PostgreSQL, a look at this project should be high on the list.
Brief items Samsung printer drivers open up the systemA LinuxFR reader has sent out an alert (in French) about the Samsung SCX-4200 printer driver for Linux. It appears that the driver author had some trouble with the Linux permission model; the response was to make a few applications run setuid root. A quick look at the install script shows that the affected programs are xsane, xscanimage, and the major OpenOffice.org components. The script also replaces some CUPS executables and does some other fun things. This seems like code to avoid for anybody wanting to run a remotely secure system.
HP joins the RHEL5 security certification partyHP announced yesterday that it has been awarded Evaluation Assurance Level 4 (EAL4+) security certification for Red Hat Enterprise Linux 5 (RHEL5) running on various server and workstation platforms. HP/RHEL5 is certified with the same set of protection profiles used by in the earlier IBM/RHEL5 certification. "HP has been awarded EAL4+, the highest level of assurance for an unmodified, commercial operating system, for Labeled Security Protection Profile (LSPP), Controlled Access Protection Profile, and Role-Based Access Control Protection Profile for Red Hat Enterprise Linux 5 on HP Integrity, ProLiant and BladeSystem platforms as well as select workstations and desktops."
New vulnerabilities curl: insufficient verification methods
firefox, thunderbird, seamonkey: multiple vulnerabilities
flac123: arbitrary code execution
flash-plugin: input validation flaw
LedgerSMB: authentication bypass
mysql: multiple vulnerabilities
tomcat: cross-site scripting
xnview: buffer overflow
X.org: temp file vulnerability
Updated vulnerabilities acroread: multiple vulnerabilities
apache2: information disclosure
apache: multiple vulnerabilities
apache: cross-site scripting
Asterisk: two SIP denial of service vulnerabilities
avahi: denial of service
bugzilla: multiple vulnerabilities
clamav: denial of service
cpio: arbitrary code execution
vixie-cron: privilege escalation
cscope: buffer overflows
cscope: buffer overflows
cups: denial of service
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
dar: weak cryptography
dovecot: directory traversal
elinks: code execution
elinks: arbitrary file access
emacs21: denial of service
evolution: format string error
evolution-data-server: malicious server arbitrary code execution
pop mail man-in-the-middle attacks
fail2ban: log injection vulnerability
fail2ban: denial of service
file: integer overflow
firebird: buffer overflow
firefox: multiple vulnerabilities
freetype: arbitrary code execution
freetype: integer overflows
gcc: file overwrite vulnerability
gd: buffer overflow
gd: denial of service
gedit: format string vulnerability
gfax: insecure temporary files
gimp: multiple vulnerabilities
grip: buffer overflow
gzip: multiple vulnerabilities
HelixPlayer: arbitrary code execution
horde-kronolith: local file inclusion
ImageMagick: integer overflows
imlib2: arbitrary code execution
ipsec-tools: denial of service
jasper: denial of service
java: multiple vulnerabilities
kdebase: information leak
kdelibs: kate backup file permission leak
kdelibs: cross-site scripting
kernel: denial of service
kernel: denial of service
kernel: multiple vulnerabilities
kernel: denial of service
kernel: denial of service
kernel: denial of service
kernel: denial of service by memory consumption
kernel: denial of service
kernel: several vulnerabilities
kernel: signal handling flaw on PPC
kernel: several vulnerabilities
kernel: denial of service
kernel: denial of service
kernel: multiple vulnerabilities
krb5: multiple vulnerabilities
krb5: uninitialized pointers
krb5: local privilege escalation
krb5: multiple vulnerabilities
ktorrent: incorrect validation
lftp: shell command execution
libexif: integer overflow
libgtop2: buffer overflow
libmodplug: boundary errors
libphp-phpmailer: command execution
libpng: denial of service
libpng: buffer overflow
libpng: heap based buffer overflow
libtiff: buffer overflow
libxml2 - arbitrary code execution
libxml2: multiple buffer overflows
lookup-el: insecure temporary file
lynx: arbitrary command execution
mod_jk: proxy bypass
mod_perl: denial of service
moin: arbitrary JavaScript execution
mplayer: buffer overflow
mplayer: buffer overflow
mydns: buffer overflows
mysql: denial of service
mysql: format string bug
MySQL: privilege violations
MySQL: logging bypass
nbd: arbitrary code execution
OpenOffice.org: arbitrary code execution
OpenSSH: denial of service
openssh: remote denial of service
pam: privilege escalation
perl-Net-DNS: predictable id sequence
php: multiple vulnerabilities
php: several vulnerabilities
php: multiple vulnerabilities
php: buffer overflows
php: several vulnerabilities
phpbb2: missing input sanitizing
phpbb2: multiple vulnerabilities
phpPgAdmin: cross-site scripting
phpwiki: remote code execution
pptpd: denial of service
proftpd: authentication bypass
pulseaudio: denial of service
python: information disclosure
qemu: multiple vulnerabilities
qt: "/../" injection
quake: buffer overflow
rpm: arbitrary code execution
Mozilla: multiple vulnerabilities
snort: remote arbitrary code execution
Sun JDK/JRE: multiple vulnerabilities
tcpdump: denial of service
tetex: buffer overflow
tomcat: directory traversal
vixie-cron: weak permissions may cause errors
vlc: several vulnerabilities
wireshark: multiple vulnerabilities
XFree86 X.org: integer overflows
xfsdump: insecure temp dir
xine: format string vulnerabilities
xine-lib: arbitrary code execution
xine-lib: buffer overflow
xinit: race condition
xmms: BMP handling vulnerability
zziplib: buffer overflow
Page editor: Jake Edge Kernel development Brief items Kernel release statusThere have been no kernel releases over the last week. The 2.6.23 merge window remains open, and patches are flooding into the mainline repository; see the article below for a summary.
Kernel development news Quotes of the week
I just really _really_ wish we could have two fairly stable
releases in a row. I think 2.6.22 has the potential to be a pretty
good setup, and I'd really like to avoid having another 2.6.21
immediately afterwards.
-- Linus Torvalds
Sysfs never tried to be an ABI/API in the usual sense, parts of it are
just a nicer looking "kernel dump". :)
You have to follow _very_ special rules to extract information here in a
way that will not produce unexpected results between kernel releases, or
even a second later on the same system.
-- Kay Sievers
In my opinion any hibernation framework that doesn't take the above
requirements into account in any way will be a failure. Moreover,
the existing frameworks fail to follow some of them too, so I
consider all of these frameworks as a work in progress. For this
reason, I will much more appreciate ideas allowing us to improve
the existing frameworks in a more or less evolutionary way, then
attempts to replace them all with something entirely new.
-- Rafael Wysocki
Merged for 2.6.23Some 2600 changesets have been merged into the mainline kernel repository since last week's summary. The shape of 2.6.23 is now becoming clearer; this kernel will include:
Changes visible to kernel developers include:
It's worth noting a couple of things which will not be in 2.6.23. The first is the process containers patch, which is not quite considered to be ready yet. Some other features (notably CFS group scheduling) are waiting for process containers, so chances are good that this code will be in shape for merging by 2.6.24. The other big omission is the x86_64 clockevents, dynamic tick, and high-resolution timers code. This patch is considered by its authors to be ready (and your editor has been running it without ill effect), but, after the troubles caused by the integration of the i386 version of this code in 2.6.21, there is a desire felt by some developers to go a bit more slowly and carefully. The result was a somewhat unhappy discussion on the mailing lists and a plan to better split these patches so they can be carefully reviewed for the next development cycle.
USB device authorizationUniversal serial bus (USB) devices do not normally have much of a security model associated with them. If a user is able to plug a USB device into the system, said system assumes that the device is properly authorized to be there. There are situations where the connection of USB device causes people to worry; the usual scenario is the fear of corporate secrets being copied into some sort of USB storage device and being carried out of the building. In general, in situations where such fears run strong, the response has involved (attempted) bans of USB devices or simply filling the USB ports of accessible computers with glue.Wireless USB changes the situation slightly. This protocol allows USB devices to operate remotely, without that pesky cable to trip over; it can be thought of as occupying a niche similar to that of Bluetooth. While a typical laptop user might be expected to notice an attacker plugging a normal USB keyboard into their system, said attacker could attempt to connect a wireless USB keyboard without coming near. Clearly, some sort of security layer is required. The wireless USB specification has anticipated this need; it provides for a whole series of acronym-laden techniques for (1) ensuring that both hosts and devices authenticate themselves to each other, and (2) that wireless USB communications are sufficiently well encrypted that they cannot be eavesdropped upon. Iñaky Perez-Gonzalez is working on wireless USB support for Linux. He has come to the conclusion that the grungy details of wireless USB authentication belong in user space; the kernel cannot, on its own, keep track of which devices are known to the system and are allowed to connect. It is, however, up to the kernel to implement the authorization part of the equation: a wireless USB device which is not authorized should not be able to perform any sort of exchange with the host system. Iñaky's response to the authorization problem is this set of patches to the USB subsystem. These patches add three new flags to the usb_device structure: wusb, authorized, and authenticated. The first indicates that a device is wireless, and the last (which is not yet used) indicates that the device has passed authentication. In the middle is the authorized flag which indicates whether it is OK to talk to the device. If the device is not authorized, the kernel will not even read its configuration to find the endpoints it provides; the only thing that can happen at that point is authentication. To that end, various points in the USB stack are changed to check the authorized flag before allowing access to a USB device. User space is brought into the picture by way of the usual device-attach announcement and the creation of an associated sysfs tree. The sysfs directories for USB devices gain a new authorized attribute which corresponds to the internal flag; user space can enable access to the device by writing a non-zero value to that attribute. That infrastructure is all that is required for some sort of user-space daemon to notice the arrival of a new wireless USB device, check its database of known devices, possibly pop up some sort of pairing dialog to the user, and implement a decision on whether the device should be allowed to connect or not. Iñaky has taken things a step further by realizing that this authorization mechanism need not be limited to wireless devices; it can, in fact, be used to allow some sort of management code to pass judgment on any USB device. There is a set of per-host authorized_default flags which can be configured by the administrator; simply setting the default to zero with no other action will disallow the connection of any new devices, whether wired or not. A more complex implementation might allow only certain types of devices to connect. Keyboards and mice might be acceptable, but anything which could remove data from a system - storage devices or printers, say - would be disallowed. Or storage devices could be allowed, but only if they contain some sort of properly signed authorization certificate which can be verified by the host system. There are a number of interesting possibilities. The resulting security will be less than that which could be had by filling in the ports or simply configuring USB out of the system entirely, but it might be just what is needed at some sites. Overall, it's a relatively simple patch set which adds some interesting capabilities. Much of the hard work - authentication and encryption setup - remains, but that's a job for user space. Iñaky has asked that this code be merged for 2.6.23; it's just a bit late, though, for a relatively untested (in the wider world) chunk of code to slip through the merge window. 2.6.24 seems more likely.
Yet another approach to software suspendBack in early 2006, there was an ongoing, energetic debate over the future of the software suspend (to disk) code - a situation which remains true to this day. In the middle of it all, Andrew Morton had jumped in with a suggestion for a different approach:
If you want my cheerfully uninformed opinion, we should toss both
of them out and implement suspend3, which is based on the
kexec/kdump infrastructure. There's so much duplication of intent
here that it's not funny. And having them separate like this
weakens both in the area where the real problems are: drivers.
Eighteen months later, it looks like we might just get that "suspend3" in the form of the kexec jump patch, posted by Ying Huang. Ying's patch builds on the existing kdump facility. The purpose of kdump is to provide safe and useful crash dumps in situations where the state of the operating system is uncertain. If the system panics it is nice to be able to save its current state for post-mortem debugging. It is important, however, that the buggy kernel - which is now in an untrustworthy state - not be used to do dangerous things like write crash dump data to disk. To avoid that situation, a small "dump kernel" is placed in a reserved area of memory where, most of the time, it lurks unnoticed and unneeded. Should a panic occur, a kexec() call is made to transfer control to the dump kernel, which will be able to start up in a known state. As long as the dump kernel stays within its reserved area of memory, it will be able to write the rest of the system state to disk (or wherever) in a relatively safe way. What Andrew recognized last year is that suspend-to-disk (which is slowly being rebranded "hibernation") does essentially the same thing: system activity is stopped and the current system state is written to disk. If the dump kernel could read that state back into memory and return to the original kernel, it would be able to hibernate (and resume) the system. An implementation along these lines would have the advantage of unifying much of the kdump and hibernation code, thus concentrating development effort and generally simplifying things. Plus it would be a way to eliminate the current code, which, despite many years' tenure in the mainline, remains somewhat unloved. The current patch does not do all of that; it is really just the first step: making it possible to jump from the secondary kernel back into the original kernel. The code is relatively simple; though it does rely on much of the existing infrastructure to properly suspend and power down all devices in the system for the jump in either direction. So if device drivers are interfering with hibernation now, that problem will still exist in a kexec-based implementation. But much of the other hibernation code, including the much-maligned process freezer, would be unneeded and could be removed. There's a few little details to take care of before one can take a hatchet to the current hibernation code, though. Powering-down devices between the two kernels is not really necessary or desirable; they just need to go into a quiet "hibernate" state. A kdump kernel needs to be placed in reserved memory from the beginning; trying to load it at panic time would be far too late. A kernel used for hibernation, instead, need not occupy system memory all the time, so some sort of on-demand secondary kernel loading is needed. The actual task of saving and restoring the system image is yet to be implemented - that can all be done easily in user space, however, with very little in the way of kernel support. Making the resume process fast enough will take some work - users might take a dim view of having to wait for two kernels to boot before getting their system back. And so on. So, in other words, nobody should be holding their breath for kexec-based hibernation in the near future. But the initial response to this approach was mostly positive; there seems to be a lot of interest in simply starting over in this area. Some of that enthusiasm might fade as work progresses and it turns out that, even with a new approach, hibernation is still a difficult and somewhat grungy problem. So only time will tell if this code will develop into a better hibernation implementation.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Virtualization and containers
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials A new system log daemon for FedoraFedora 8 will be using Rsyslog instead of sysklogd. In fact, rsyslog is already in rawhide. The Fedora wiki site notes that sysklogd seems to be dead upstream and there are many new features that people have been requesting. Rsyslog seems to be the package that best meets the requirements of a feature-full yet backward compatible system log daemon.The list of rsyslog features includes native support for writing to MySQL databases, support for (plain) tcp based syslog, support for sending and receiving compressed syslog messages, support for receiving messages via reliable RFC 3195 delivery, the ability to generate file names and directories dynamically, control of log output format, good timestamp format control, the ability to reformat message contents and work with substrings, support for log files larger than 2gb, support for file size limitation and automatic rollover command execution, support for running multiple rsyslogd instances on a single machine, support for ssl-protected syslog (via stunnel), the ability to filter on any part of the message, the ability to use regular expressions in filters, support for discarding messages based on filters, the ability to execute shell scripts on received messages, control of whether the local hostname or the hostname of the origin of the data is shown as the hostname in the output, the ability to preserve the original hostname in NAT environments and relay chains, the ability to limit the allowed network senders, powerful BSD-style hostname and program name blocks for easy multi-host support, multi-threaded, experimental support for syslog-transport-tls based framing on syslog/tcp connections, a copy of klogd.c has been included under the name of rklogd for those Linux systems that need one, support for IPv6, the ability to control repeated line reduction ("last message repeated n times") on a per selector-line basis, and more. Rsyslog is actively maintained and new features are added every few days. The biggest issue in Fedora so far seem to be the upgrade path and how to replace sysklogd gracefully. Hopefully this will be resolved (or at least well documented) before the final Fedora 8 release. Those who do a clean install of Fedora 8 should have no problems whatsoever.
New Releases Ark Linux 2007.1-rc1 releasedThe Ark Linux team has announced the immediate availability of Ark Linux 2007.1-rc1, the first release candidate of the new version of its multi-purpose desktop operating system. Ark Linux can be used for office/school work, desktop publishing, graphics, multimedia entertainment/editing, gaming, software development, and more.
Distribution News openSUSE gets a new managerIt appears that former openSUSE manager Andreas Jaeger has been promoted within Novell, so the management of the openSUSE distribution has been passed to Stephan Kulow. "Stephan - known also as Coolo - the 'born release dude', has been with Novell/SUSE for five years. Before that he worked on Linux distributions at Caldera. His wide experience in Linux includes the dinosaurs (called s390), desktop technology (KDE), several build systems (including his own at Caldera), and SUSE tools like package translation."
Smolt, Open InvitationSmolt is a hardware profiling tool used by Fedora to get automated information from users who opt-in. Fedora is now announcing functional clients that work in SuSE, Debian, and Ubuntu. "But we need your help! We would like knowledgeable contributors help with our code base, especially in the scope of packaging the smolt client for SuSE, Debian, Ubuntu, Mandrake, you name it. We're hoping Smolt will grow far beyond being just a "Fedora" thing and become a "Linux" thing. If you are a member of another community and are interested in collaboration please let me know, if you know someone that might be interested, tell them!"
Rahul Sundaram on SmoltRahul Sundaram talks a bit about Smolt and its usefulness in this LiveJournal entry.
fedorapeople.org is now availablefedorapeople.org is a site where Fedora contributors can upload files for sharing with the world. It is perfect for uploading specfiles, srpms, patches, etc. Each Fedora contributor has 150M of quota-controlled space.
Fedora Engineering Steering Committee (FESCo) Elections -- voting openVoting is now open for the Fedora Engineering Steering Committee elections. All 13 seats are up for election. Click below for a list of candidates and voting instructions. The vote is open until July 22 23:59:59 UTC.
Fedora Board RecapClick below for a recap of the July 10, 2007 meeting of the Fedora board.
Handling of inactive Debian AccountsThe debian.org account database is under review a list of developer accounts that appear to be inactive is being checked. "The purpose of this review is simply to minimise the number of live but unused debian.org accounts since they (in sufficent numbers) are an active security concern. It's _not_ intended as a judgement or criticism of contributions to Debian made by those who may end up on our radar."
Debian GNU/kFreeBSD amd64 development machineThe Debian GNU/kFreeBSD porters have announced that there is now a Debian GNU/kFreeBSD amd64 machine available to the Debian developers.
Gobuntu-devel mailing list createdA mailing list has been created for the discussion of Gobuntu. "Gobuntu is a new flavour of Ubuntu that is aiming to apply the strictest possible interpretation of the Free Software Foundation's "Four Freedoms" to all content, both code and media, on the disk."
Ubuntu Server: time to get on boardThe Ubuntu Server Team is dedicated to building a stable, feature rich server platform based on the Ubuntu Linux distribution. The team is looking for help from other interested community members.
Distribution Newsletters Fedora Weekly News Issue 96The Fedora Weekly News for July 14, 2007 looks at the "new" Fedora Board, FESCo Elections, Planet Fedora articles _Attn: Content Management Geeks_, _Fedora 8 themes - Round 1_, and _RMLL07 : Alan Cox on fedora-fr booth_, and much more.
Ubuntu Weekly News: Issue #48The Ubuntu Weekly Newsletter for July 14, 2007 covers the imminent release of the next Gutsy Gibbon alpha release, Tribe 3. Mark Shuttleworth also brings us some some fresh open alternatives with Gobuntu and a proposal for a pure free-software-only laptop, the Launchpad people have released and open sources their first component, Scribes Team is highlighted for the hard work, and much much more.
DistroWatch Weekly, Issue 211The DistroWatch Weekly for July 16, 2007 is out with mini-reviews of CentOS 5.0 LiveCD, Berry 0.82 and AntiX "Spartacus"; Mandriva 2008 details, Gobuntu announced, Sabayon tidbits and Fedora 8 features; and more.
Newsletters and articles of interest Totally "free" Ubuntu? That's the plan for Gobuntu (Linux.com)Linux.com covers recently announced plans for the Gobuntu distribution. "Ubuntu founder Mark Shuttleworth has announced a new "freedom-focused flavour of Ubuntu" devoid of any proprietary software, which may hold special appeal for open source purists."
Distribution reviews With new code base, Supergamer is fun again (Linux.com)Linux.com has a review of the live DVD Supergamer VL. "Supergamer is a unique Linux distribution whose primary focus is on fun -- specifically, gaming. Supergamer VL, now based on VectorLinux, is all new, with additional games, new code base, and new look and feel. Let the games begin."
Page editor: Rebecca Sobol Development GSoC: Student Tackles Wine Direct3D 10 SupportThis is the fourth in LWN's series of Google Summer of Code (GSoC) 2007 articles. The first three articles covered the program launch, Ubuntu's projects, and the OpenMRS organization. András Kovács is spending his summer bringing the Direct3D 10 graphics framework (D3D 10) to the Windows compatibility layer Wine. Already done with his mid-term evaluation on July 16th, he's well underway with his project, but don't expect to be playing the latest Valve games on Ubuntu this September. Building on top of years of Wine D3D development, Kovács will only lay the foundation for version 10 support. Read on to learn about the past, present, and future of Wine D3D development. Henri Verbeet, a Wine D3D developer active since September 2005, explains the importance of the framework:
Quite a number of Wine's users use Wine to play games, and a significant
part of the applications listed in Wine's App DB are games. Although Direct3D
support is only a part of what's needed to support those games, it's a
rather important part. Initial support of DirectX for Wine was written by
Marcus Meissner in 1997, initial support for Direct3D was added in
1998. However, the early versions of Direct3D were quite different from the
later versions like D3D 8 and D3D 9.
The tale gets a bit contentious here. According to Verbeet, Transgaming forked Wine in 2000 to create what is now known as Cedega with a promise to return their improvements to the Wine project. Verbeet continues:
That caused Wine's Direct3D development to be essentially idle for
a long time because people were waiting for TransGaming's
patches. Somewhere in 2002 people came to the conclusion
TransGaming wasn't going to give back their changes, and
'resurrected' Wine's Direct3D implementation.
Regarding challenges involved with development, Verbeet lists non-descript application crash dialogs, debugging logs running into the gigabytes, ambiguous rendering bugs attributable to nearly any aspect of Direct3D or OpenGL, and finicky applications that refuse trivial implementation differences between Wine and the native platform. When Wine began implementing the D3D 8 protocol in 2002, they were about two years behind Microsoft. Before 2002 was out, Microsoft had released D3D 9. In 2003, Wine began catching up with D3D 9 and performing a substantial reorganization of their codebase that persists today. The wined3d library was introduced, consolidating all the code for supporting D3D 8, D3D 9, and the 2D graphics framework DirectDraw. Of the current state of Wine, Verbeet says:
D3D 8 and 9 are almost feature complete at this point, but there will still
be plenty of bugs to fix and performance improvements to make. For D3D 10
on the other hand this is 'just' the beginning, and there will be a lot of
work to be done before any D3D 10 games will be playable.
Kovács began working with the Wine team long before this summer. He explains, "I got interested when I wanted some games fixed and I was encouraged to learn about the code and fix them myself." He entered the #winehackers channel on Freenode and settled himself in amongst the development team. Kovács recalls, "[Stefan Dösinger] was the person, when I first came to IRC, that transited me into the Wine developer community." He has since submitted small patches for Wine's D3D implementation and Dösinger is now his GSoC project mentor. Dösinger shares a typical background among Wine developers, "I've been working on Wine's Direct3D support for approximately 2 years now. I started hacking on Wine to get Empire Earth running. While many, many things improved since then, Empire Earth still doesn't run." Dösinger emphasizes the position of frustrated gamers, "We've had a few developers like that, and we could use many more, since we (the main developers) can't look at every single game out there. Unfortunately it is not a weekend's job to understand how our 3D code is working, isolate a bug in a game and fix it." In early March, four days before Wine had even been accepted into the GSoC, Dösinger proposed what would become the Direct3D 10 project to the Wine development mailing list. He writes, "The idea was that starting D3D 10 is exciting work, partly due to to the hype Microsoft built up, and it allows the student to grow into Wine's Direct3D implementation without being overwhelmed by the whole code at once." Dösinger's proposal was met with some criticism. Ivan Gyurdiev wrote on the development mailing list, "I think the SoC project needs to push the participant to be creative and solve a significant obstacle in wine development, which others find challenging. Yes, I am sure wine will benefit greatly from a d3d10 stub, mapping 1-to-1 to wined3d where possible, but is it really a project that requires a lot of creativity and the whole summer to do?" Gyurdiev is himself a Wine D3D developer since 2006, whom Verbeet notes was very valuable in the development of shader support. Others indicated that they felt effort would be better expended to improve the Direct3D 9 implementation, as very little software currently requires version 10. Dösinger reiterated on the development mailing list, "One problem is nowadays that wined3d is pretty advanced already, and the learning curve is rather hard already. D3D10 is in my eyes an opportunity of an exciting project which allows a new developer to grow into wined3d." Kovács recalls the proposal, "It seemed interesting to me and Stefan encouraged me to write an application." Although Kovács had Dösinger's support and some Wine experience, he was not automatically given the reins of the project. Dösinger explains, "We had three applications for this project. One was cancelled because the student also applied for a different Wine-Based project (DIB engine), and Andras was elected because he has already worked on D3D 9 a bit and knows the culture, and he has shown that he is talented in learning new things." Like all GSoC students, Kovács was accepted on April 11th and given until May 28th to become familiar with his mentoring organization. He admits, "Unfortunately, I was only able to start my work one or two weeks ago [mid-June] because I had very serious exams." Kovács is pursuing a Informatics of Economics degree at Széchenyi István University in Gyõr, Hungary. This absence was likely not detrimental in light of his previous experience and familiarity with the Wine organization. Kovács describes his project, "First, I define all D3D 10 interfaces. The second step is to stub them out (make an empty function for each interface method). At the same time I write some tests to verify things like reference counting. Then things already supported in wined3d can be forwarded, and other features added to wined3d where needed." Asked what the average user would get out of a version of Wine compiled directly after he finished his project, Kovács replies wryly, "Instead of complaining that D3D 10 can't be found, or automatically using D3D 9, a game may find D3D 10 and attempt to use it, causing a lot of "stub!" complaints from Wine." Another task outlined in Dösinger's original mailing list proposal, which Kovács has already completed, is to add Windows Vista as a supported Wine "winver." This addition will appease applications which are exclusive to Vista. Kovács identifies his current goals, "I am defining the D3D 10 interface in Wine's headers and getting involved with the development of bigger additions in Wine." Dösinger elaborates, "The project is mainly about writing the infrastructure, so the main aspects are the headers and basic tests about non-rendering issues, like reference counting. Microsoft often violates their own rules, which has made us a lot of headache in the past. But my main hope is that András keeps working on D3D 10 after this project." Verbeet concurs, "I certainly hope András will continue working on Direct3D after SoC is finished." When asked if he would continue working with the Wine organization after the GSoC, Kovács responded, "Yes, because I like to do that." The student and mentor seem to have a good working relationship. Kovács writes, "Stefan is the most helpful person that I have seen so far. If I need help, he is available and ready for help all the time... We are in contact all the time on IRC." Dösinger comments, "While András isn't the most experienced developer, he has shown often that he is talented in learning new things, and this is in my eyes one of the main aims of SoC - to give new developers an incentive to get into an open source project, and then continue working on it." This good relationship bodes well for Kovács' mid-term evaluation. Dösinger explains, "The mentoring organizations mainly have to report how the student worked with the mentoring group (in our case the Wine Project) and whether the student should be invited back in the next GSoC." Kovács defined goals for the July 16th deadline, "I'm trying to get in the first set of patches, that will include full declaration of interfaces and methods, and start implementation of D3D10." Many GSoC students cannot expect their code to see the light of day for several releases of their mentoring organization's project, perhaps months in the future. Dösinger says of Kovács, "András is working directly on the wine tree, so his work will be integrated immediately. Currently, though, he is struggling with getting his patches accepted by our maintainer, which is the main hurdle for new developers." As for the prospect of Kovács' code sifting into the releases of Wine competitors, Verbeet writes, "I doubt we'll see much from this project in Cedega, since that would require TransGaming to either open up their own implementation or to use Wine's implementation instead of their own, both of which seem rather unlikely. For CrossOver it's pretty much guaranteed it'll end up in there, since their tree is based on WineHQ's." Comparing his project to Cedega, which he admits to not having personally used, Verbeet writes, "While our Direct3D support isn't quite perfect yet, I like to think we've come a long way in the past couple of years, and quite a number of games are pretty playable these days. The general opinion seems to be that Wine's Direct3D is quickly catching up to Cedega and at some points already surpassing it. For example, Wine had support for shader model 2 & 3 about half a year before Cedega did. A lot of people seem to have the idea that 'Wine doesn't focus on Direct3D, while Cedega does', but while that might have been true a number of years ago, these days that's simply not true anymore."
System Applications Audio Projects Rivendell 0.9.81 announcedVersion 0.9.81 of Rivendell, a radio station automation system, is out with numerous new capabilities and some bug fixes. "Rivendell is a full-featured radio automation system targeted for use in professional broadcast environments."
Clusters and Grids openMosix project shutting downThe openMosix single-system image clustering system claims tens of thousands of installations. Even so, the project has announced that it will be shutting down as of March 1, 2008. "The increasing power and availability of low cost multi-core processors is rapidly making single-system image (SSI) Clustering less of a factor in computing. The direction of computing is clear and key developers are moving into newer virtualization approaches and other projects."
Database Software MySQL Community Server 5.0.45 releasedVersion 5.0.45 of MySQL Community Server is available with bug and security fixes.
PostgreSQL Weekly NewsThe July 15, 2007 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
phpPgAdmin 4.1.3 releasedVersion 4.1.3 of phpPgAdmin has been announced. "This version further tightens up security and fixes some issues introduced in the 4.1.2 release. All users are strongly encouraged to upgrade."
Filesystem Utilities Linbox Directory Server 2.0.0 availableVersion 2.0.0 of Linbox Directory Server, "an enterprise directory platform based on LDAP designed to manage identities, access control informations, policies, application settings and user profiles", is out. This version adds new DNS/DHCP management capabilities and a Norwegian translation.
Printing New CUPS releasesThree new releases have been made by the Common Unix Printing System project (CUPS). These include CUPS 1.2.12: "CUPS 1.2.12 fixes several file typing issues, a bad error message in the scheduler, a web interface setting problem, and a bug in the PHP language binding. It also includes an updated Italian translation.", CUPS 1.3b1: "CUPS 1.3 adds Kerberos and mDNS (Bonjour) support along with over 30 new features." and CUPS Driver Development Kit 1.2.0: "The new release fixes several localization issues and adds support for many more languages."
PosteRazor 1.4 releasedVersion 1.4 of PosteRazor has been announced. "After having enthused Windows users and OSX users all around the world, this popular poster printing tool is now coming to your Linux desktop. It speaks three additional languages: Italian, Dutch and Spanish. The prebuilt Linux x86 binary is statically linked against Fltk and FreeImage."
Security Sussen 0.90 releasedVersion 0.90 of Sussen, a security and vulnerability scanner, is out. "We are getting closer to v1.0. The remaining items to do are to fix the remaining bugs in bugzilla, clean up the look/feel of the web console. The editor has been disabled for now, it won't be ready in time for 1.0, but we'll keep working on it for the 1.1/1.2 branch. We are also working on setting up an OVAL repository so we can provide updated definitions in a more timely manner."
Web Site Development curl-loader launchedThe curl-loader project has been launched. "curl-loader (also known as "omes-nik" and "davilka") is an open-source tool written in C-language, simulating application load and application behavior of thousands and tens of thousand HTTP/HTTPS and FTP/FTPS clients, each with its own source IP-address. In contrast to other tools curl-loader is using real C-written client protocol stacks, namely, HTTP and FTP stacks of libcurl and TLS/SSL of openssl, and simulates user behavior with support for login and authentication flavors. The goal of the project is to deliver a powerful and flexible open-source testing solution as a real alternative to Spirent Avalanche and IXIA IxLoad." (Thanks to Robert Iakobashvili).
DataparkSearch 4.47 releasedStable version 4.47 of DataparkSearch has been announced. "DataparkSearch is an Internet and Intranet search engine tool."
Announcing Plone 3.0-rc1Version 3.0-rc1 of the Plone web development platform has been released. "This is the first and hopefully last release candidate release beta before we release Plone 3.0-final. Since the beta3 release we have been improving migrations from previous Plone versions and we feel confident that migration is now working properly. As always third party products can affect upgrades, so make sure all your products support Plone 3 and follow their upgrade instructions when upgrading your site to Plone 3. The user interface has also been cleaned up further, making Plone even easier to use."
Desktop Applications Audio Applications New AlsaPlayer releasesNew versions of AlsaPlayer - a PCM audio player, FftScope - a visualization plugin for AlsaPlayer and python-alsaplayer - the Python bindings for the AlsaPlayer library have been released.
QjackCtl 0.3.0 (unstable-qt4) has been releasedVersion 0.3.0 of QjackCtl, a GUI control panel for the JACK Audio Connection Kit, is out. "Although the ChageLog doesn't go into many details, there were many subtle bugs fixed but plenty as more were blindly introduced, as always."
Wavebreaker 0.8.1 releasedStable version 0.8.1 of Wavebreaker is available. "This application's purpose in life is to take a wave file and break it up into multiple wave files. It makes a clean break at the correct position to burn the files to an audio cd without any dead air between the tracks. It will only read wave files, so use an appropriate tool to convert ogg, mp3, etc. files and then break them up."
Desktop Environments GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Commit-Digest (KDE.News)The July 15, 2007 edition of the KDE Commit-Digest has been announced. The content summary says: "Much work in Amarok, with the implementation of a CoverFlow-esque OpenGL album art visualisation, codenamed "CoverBling", and Service Framework and Plasmification efforts. Sample OpenGL-based applets added to Plasma,, with Plasmoids to watch for changes to files, for browsing files, and to monitor network interfaces. General progress in the 2d projection and KML in Marble, OpenPrinting, and KOrganizer Theming Summer of Code projects..."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
Electronics gEDA/gaf development snapshot 1.1.0-20070705 releasedDevelopment snapshot 1.1.1-20070708 released of gEDA/gaf, a collection of electronic CAD tools, has been announced. "The primary focus of this snapshot was to pick up some important bug fixes."
Financial Applications GnuCash 2.2.0 released (GnomeDesktop)The GnuCash development team has announced GnuCash 2.2.0, the new stable release of the GnuCash Open Source Accounting Software. This version runs on Microsoft Windows for the first time, and it also runs on GNU/Linux, *BSD, Solaris and Mac OSX. Download source code or Windows binary from this SourceForge page or get the source code from GnuCash.org.
Games Cyphesis 0.5.13 releasedVersion 0.5.13 of Cyphesis, a server for WorldForge games, has been announced. "Major changes in this version: The way rules data is handled is now much simpler to make it easier for game designers to create what they want. Lots of hard coded functionality has been removed from the compiled core program. Core functionality is now associated with properties and so can be applied to any entity. Most of Mason has been reimplemented as task scripts which are cleaner and more flexible. Add more helpful messages when inconsistencies are detected in rule data. Cyphesis now works more reliably as an autopackage."
Interoperability Wine 0.9.41 releasedVersion 0.9.41 of Wine has been announced. Changes include: A number of gdiplus functions, More complete pdh.dll implementation, Support for MSI remote calls, Messaging support in crypt32.dll and Lots of bug fixes.
Mail Clients Mozilla Thunderbird 2.0.0.4 Released (MozillaZine)MozillaZine notes the release of Mozilla Thunderbird 2.0.0.4. "This update to the Mozilla Corporation's mail client includes bug fixes but no new features. For the first time, this release of Thunderbird is available in Korean. The Thunderbird 2.0.0.4 section of the Mozilla Foundation Security Advisories page includes details about the security flaws fixed in this release while The Rumbling Edge has a complete Thunderbird 2.0.0.4 changelog."
Music Applications LoopCenter project announcedA new audio application called LoopCenter has been launched. "It is a live-looping tool with a functionality very similar to the Boss LoopStation pedal. I use it mainly as a improvisation practice tool, but it could certainly be used for more compositionally-oriented stuff. Basically, you can set a tempo, and easily record and overdub small, measurized segments of audio, and then loop them."
Qsynth 0.3.1 (unstable-qt4) releasedVersion 0.3.1 of Qsynth has been announced. "So after the great Qt4 migration, which was almost couple of weeks ago already, here comes the so-called shallowed bug-fix release of this "cutie" FluidSynth GUI".
Speech Software eSpeak 1.28 releasedVersion 1.28 of the eSpeak text to speech synthesizer is out with bug fixes and improvements to Hungarian and Romanian language support.
Web Browsers Firefox 2.0.0.5 releasedFirefox 2.0.0.5 has been released. The changes are primarily fixes for a new set of security problems, especially a code execution vulnerability resulting from the interaction of Firefox and Internet Explorer on Windows systems.
Miscellaneous GraphMonkey 1.7 releasedStable version 1.7 of GraphMonkey is available. "GraphMonkey is a GTK#-based graphing calculator. It uses a simple interface to draw curves. This software is written in C# with GTK#. The goal is to obtain a very simple and fast graphing calculator for mono. It's cross-platform: it works on GNU/Linux and Windows."
Languages and Tools Caml Caml Weekly NewsThe July 17, 2007 edition of the Caml Weekly News is out with new Caml language articles.
Java IcedTea 1.1 releasedVersion 1.1 of IcedTea is out with the stabilization of Crypto and SSL support. "The IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools and provides replacements libraries for the binary plugs with code from the GNU Classpath project."
JSP Writing Advanced JavaScript (O'ReillyNet)Howard Feldman works with JavaScript on O'Reilly. "With JavaScript toolkits like YUI and Dojo becoming the de facto method of adding interactivity to web pages, it's still worth knowing how to implement this kind of functionality yourself, if for no other reason than to have a better understanding of what the toolkits do. Howard Feldman shows how to do a few commonly requested features using nothing but bare JavaScript."
PHP PHP 4 end of life announcementThe PHP site has announced the end of life for PHP 4. "Today it is exactly three years ago since PHP 5 has been released. In those three years it has seen many improvements over PHP 4. PHP 5 is fast, stable & production-ready and as PHP 6 is on the way, PHP 4 will be discontinued. The PHP development team hereby announces that support for PHP 4 will continue until the end of this year only. After 2007-12-31 there will be no more releases of PHP 4.4. We will continue to make critical security fixes available on a case-by-case basis until 2008-08-08. Please use the rest of this year to make your application suitable to run on PHP 5."
Python Python-URL! - weekly Python news and linksThe July 16, 2007 edition of the Python-URL! is online with a new collection of Python article links.
Tcl/Tk Tcl-URL! - weekly Tcl news and linksThe July 17, 2007 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
Editors Multi Stream Editor 2.02 releasedStable version 2.02 of Multi Stream Editor has been announced. "The multi stream editor (mse) can perform basic text transformations on an input stream. It in some ways is similar to another stream editors (sed, awk) but it can process binary data as well as text. Its creation was inspired by SIL (Summer Institute of Linguistics) CC (Consistent Changes) program."
Profilers OProfile 0.9.3 releasedAlpha version 0.9.3 of OProfile is out. "This release has support for a number of new processor implementations, as well as several new features and bug fixes." See the release notes for more information.
Page editor: Forrest Cook Linux in the news Recommended Reading Guest Commentary: The converter hoax (Heise Open)The Free Software Foundation Europe speaks out on the promise of a converter for Microsoft's Office OpenXML and the vendor-independent Open Document Format. "When the standardisation effort around Open Document Format (ODF) began, Microsoft was invited to participate, and chose to remain silent. Although people implore them until today to join the global standardisation effort, Microsoft does not contribute its ideas and suggestions to the multi-vendor Open Document Format. Instead Microsoft focus[]es on MS-OOXML, which it promotes on the grounds of technical superiority and wider range of features. But if Microsoft's claims to technical superiority of MS-OOXML over ODF are true, how could one ever be converted perfectly into the other?" (Thanks to Bernhard Reiter).
It's official: OLPC and Intel become friends, collaborate (ars technica)ars technica reports on two former rivals joining forces. "The new 'peace' between Intel and OLPC will also involve the project receiving some funding from Intel, and according to a statement, 'Intel and OLPC will explore collaborations involving technology and educational content.'"
Trade Shows and Conferences Finding a Linux Job at LinuxWorld (Linux-Watch)Linux-Watch takes a look at the career fair at LinuxWorld Conference & Expo next month. "During the career fair, attendees can meet with recruiters and representatives from leading Linux and open-source companies. Attendees can pre-register for the Dice Technology and Engineering Career Fair by visiting the LinuxWorld Job Fair site."
Linux Professional Institute to host events at LinuxWorld (DesktopLinux)DesktopLinux takes a look at what the Linux Professional Institute (LPI) is planning for this year's LinuxWorld Conference & Expo in San Francisco. There are several events planned beyond the usual certification exams.
The SCO Problem Where Things Stand in IBM, Novell, and Red Hat (Groklaw)For those of us who have not been following closely in recent times: Groklaw has posted a summary of the current situation in the SCO cases. Trials start in September, so things are likely to get interesting soon. "Even if IBM wins every summary judgment motion it has filed, all of them now pending rulings from the court, their counterclaims against SCO will remain, so there will almost certainly be a trial, unless SCO were to go bankrupt and the bankruptcy trustees cry uncle and settle on terms acceptable to IBM. Bankruptcy trustees might not feel that the case is worth pursuing, because their job doesn't include FUD production, and they could even appoint new lawyers. All of this is conceivable in the context that Novell has asked the court in its Second Amended Complaint with Counterclaims, also in a motion for summary judgment awaiting a ruling by the court, to compel SCO to pay Novell what it says SCO owes them contractually, which is a sum greater than what SCO has."
Companies CUPS Purchased by Apple Inc.The Common UNIX Printing System (CUPS) project has announced its purchase by Apple, Inc. last February. "In February of 2007, Apple Inc. acquired ownership the CUPS source code and hired me (Michael R Sweet), the creator of CUPS. CUPS will still be released under the existing GPL2/LGPL2 licensing terms, and I will continue to develop and support CUPS at Apple." (Thanks to Zach Beane).
Apple now owns CUPS (Linux-Watch)Linux-Watch digs deeper into the Apple/CUPS deal. "[CUPS' creator Michael R.] Sweet licensed CUPS under the open-source GPL2/LGPL2. In his announcement of Apple buying CUPS, he said, "CUPS will still be released under the existing GPL2/LGPL2 licensing terms, and I will continue to develop and support CUPS at Apple." In the past, Sweet also worked on other open-source programs such as Ghostscript and Samba."
Microsoft disses GPLv3 (Computerworld)Computerworld's IT Blogwatch column follows a trail of articles on Microsoft's GPLv3 position. "It all began, when Microsoft last week "clarified" its position on the GPLv3: Microsoft is not a party to the GPLv3 license and none of its actions are to be misinterpreted as accepting status as a contracting party of GPLv3 or assuming any legal obligations under such license."
Linux Adoption Newest FSF board member Hill discusses free software goals (Linux.com)Linux.com profiles Benjamin Mako Hill, newest member of the Free Software Foundation board of directors. "According to Hill, free software advocates 'have tried to bring the philosophy to technical communities, to radicalize the technical communities. That's sort of the low-hanging fruit. I think there's a compelling reason to reach out to communities that are already politically aligned. There are a lot of nonprofit organizations, or people in the civil society space who believe that it's absolutely essential that people be able to control their communications environment. They are philosophically 100% aligned with free software, and, as soon as you can tell them about it, they're already on board.'"
Montecitorio hi-tech (Repubblica)This article (in Italian) from La Repubblica reports on a just-approved plan to move the Italian parliament to Linux. Infrastructure will be converted, and any member who wants a Linux system will be able to have one. "According to Pietro Folena, president of the Cultural Commission, 'we are talking about an extraordinary and highly relevant decision. The country's central institution, the Parliament, has decided not only to save money - which is an important objective on its own - but above all to make itself independent on the technological plane, adopting an open source system and thus freeing itself from the bonds of proprietary software. In this way we are meeting the needs of transparency and security which are required for a public institution'" (editor's translation).
Legal 'Owning' a Trademark - The SugarCRM et al License Debate (Groklaw)Groklaw looks at a debate going on at the SugarCRM forum page about the SugarCRM license and examines trademark law. "I keep reading sentences that OSI doesn't "own" the trademark to Open Source. I think such a sentence should be written instead that it doesn't have a *registered* trademark, but here's the thing: you don't have to register a trademark to have one. I think it's important to understand that, so let me show you some materials I've collected for you on this subject."
Interviews An interview with Jeremy Allison (LinuxWorld)LinuxWorld interviews Samba developer Jeremy Allison, covering mostly licensing issues. "Most of the comments about GPLv3 have been about the DRM issues. And to be honest, no one has ever really used Samba in that kind of way. So, I don't think this really concerned us very much. The other thing that I think we're happy about is the clarification on the patent protection."
Matthias Kretz (People Behind KDE)The People Behind KDE have interviewed Matthias Kretz. "How and when did you get involved in KDE? ...when I tried to develop using GNOME/GTK/glib. That was at the start of 2000 and I was reading all those talks about freedom and Qt not being Free enough which I couldn't quite follow. But when I started the Qt (version 1.4 then) tutorial I was immediately set on the libs I wanted to use. Also the KDE2 alphas were just being released and I managed to compile and run it. Now KDE looked better than the alternatives for certain and I began to look at aRts." (Found on KDE.News)
The LXer Interview: Sebastian Kügler of KDE (LXer)LXer's Scott Ruecker talks with Sebastian Kügler about his work on KDE. "If you ever want a glimpse of how much Sebastian Kügler does around KDE just subscribe to the kde-promo e-mail list which is as busy as it is effective, and that is just one of the many tasks that he is charged with. In his time with KDE, Sebastian has witnessed and helped facilitate some of the most sweeping changes the organization has ever seen. In our Interview we talk about those changes and more." (Found on KDE.News)
The Best Game in Town (Linux Journal)Linux Journal talks with Kai Staats, CEO of Terra Soft, about a supercomputing cluster using the Sony PlayStation 3 and Yellow Dog Linux. "In October 2006, Terra Soft announced its plan to build the world's first supercomputing cluster using the Sony PlayStation 3 (PS3), which utilizes the IBM Cell Broadband Engine and the Linux operating system. The idea emerged when Sony Computer Entertainment came knocking on Terra Soft's door, interested in showing that the PS3 is more than merely a game box. After building a 3,000-sq-ft supercomputing facility, located at Terra Soft's headquarters, and adding a heavy dose of good old-fashioned tinkering, the cluster is well underway. Terra Soft's CEO Kai Staats called the building of the PS3 cluster a "highlight of [his] time in this industry". We caught up with Kai recently for an insider's view on the PS3 cluster."
Q&A: IBM Visionary Retires (eWeek)eWeek talks with IBM's Irving Wladawsky-Berger. "In Part I of a two-part interview, Irving Wladawsky-Berger, IBM's visionary leader behind many of the company's moves into new technology and business areas, has retired to a part-time role with IBM and teaching. However, before scaling back his role last month, Wladawsky-Berger spoke with eWEEK Senior Editor Darryl K. Taft to share his thoughts on his career, the future of the industry and other issues including healthcare, energy and the war on terror." Here is part 2 of the interview.
Resources A three-pronged attack on performance (Linux.com)Federico Kereki discusses Linux performance tuning on Linux.com. "A computer running Linux can outperform the same computer running Windows XP or Vista. Even so, you may be able to make your Linux system even faster. Here are three optimizations, at different levels, that can make your Linux system perform better. As with all optimizations, you won't be able to tell whether you are really getting better results without doing some simple benchmarking."
The Power of Google Gears (Part 2) (O'ReillyNet)O'Reilly has published part two of a series on Google Gears. "Google Gears is a framework for development browser-based applications that can be used offline. In the second part of Jack Herrington's introduction to Gears, you'll see how to use Gears for data entry and batching, and learn more about how to leverage SQLite."
Getting Started with MySQL Proxy (O'ReillyNet)Giuseppe Maxia introduces MySQL Proxy on O'Reilly. "Imagine if you could make non-relational data looking like it came out of a database. Using MySQL Proxy, you can get access to such prosaic information as system uptime and virtual memory statistics, as well as being able to rewrite queries on the fly before they get to the database."
Reviews Slim Linux laptop has potential (LinuxDevices)LinuxDevices looks at the Foleo. "Palm's Linux-powered Foleo has potential, but only if Palm can stop denying that the device is actually laptop, reckons Sascha Segan of Gearlog. Palm has positioned the Foleo as a "mobile companion" for itinerant workers needing only email, document prep, and PowerPoint capabilities."
Even More Gaming In Ubuntu Feisty (Techy Stuff)Techy Stuff follows up an article we mentioned on Feisty gaming by finding even more games (with screenshots). "After recently putting together a list of 11 great games in Ubuntu, a few concerned readers politely suggested games that should have been on that list. As a result, I discovered many games I hadn't even heard of, but turned out to be fun. Instead of changing the old list, I decided to create another one, containing only the games I recently discovered."
Page editor: Forrest Cook Announcements Non-Commercial announcements Support threatened open standards in Europe before Sept 15, 2007The European Commission agency IDABC has published a document written on contract by Gartner initiating the revision of the European Interoperability Framework (EIF) and the Architecture Guidelines (AG). The revised document backs on the support of open standards. Show your support for open standards in Europe before September 15, 2007.
Commercial announcements FEI Introduces Vitrobot Mark IVFEI has announced the Vitrobot Mark IV, a cryo sample preparation tool. "The Mark IV is an easy-to-use system that features a newly-designed touchscreen user interface operated under a Linux operating system and robotics that ensures high-quality, reproducible freezing of samples. Automated transfer from the vitrification medium into the liquid nitrogen atmosphere offers more consistent and higher yield sample throughput."
Mobile and Internet Linux Project launchedThe Mobile & Internet Linux Project has been launched. "Moblin.org is an umbrella open source project focused on the development of Linux for Intel-based devices. Moblin.org is also an incubator for prototyping new ideas and building a community of developers around them. Currently, moblin.org hosts a number of projects, including an Image Creator, Browser, UI framework, power policy manager, and various non-PC oriented applications and software components. The work so far has been focused on Intel-based devices, but is open to contributions for support of other architectures."
Open-Xchange Express Edition announcedOpen-Xchange has announced Open-Xchange Express Edition, full-featured collaboration software designed for small- and medium-sized businesses. "Open-Xchange Express Edition includes all the tools required by companies to facilitate communication and efficient teamwork. The product does not require a licensed operating system or any other software prior to installation. Open-Xchange Express Edition transforms a bare metal computer into a fully-functional e-mail and groupware Server integrating the increasingly popular Ubuntu operating system."
Oracle and Symantec certify Veritas Data Center Solutions on Oracle(R) Enterprise LinuxOracle Corporation has announced certification of the Veritas data center software on the Oracle Enterprise Linux platform. "The certification spans the following six Veritas data center software products: Veritas Storage Foundation 5.0; Veritas Storage Foundation for Oracle 5.0; Veritas Storage Foundation Cluster File System 5.0; Veritas Cluster Server 5.0, Veritas NetBackup 6.0 Client and Veritas i3."
Xandros partners with NoMachineXandros has announced a partnership with NoMachine. "Xandros, the leading provider of intuitive Linux solutions, and NoMachine, the makers of NX virtualization desktop, remote access and server management software, announced that NoMachine's NX Enterprise Server is now shipping with Xandros Server. This extended Xandros-NoMachine alliance provides enhanced capabilities for secure and rapid access to graphical applications, running on any operating system across any network connection."
New Books The Family Guide to Digital Freedom is now availableThe June 2007 edition of the The Family Guide to Digital Freedom is on sale at Lulu.com. "Today your rights and the overall quality of your life depend very heavily on which software is being used around you - even if you don't care much about computers, or don't use them yet. The situation is even more serious for today's children. All the issues discussed in the Guide are already affecting their civil rights and future opportunities."
Mastering Perl--New from O'ReillyO'Reilly has published the book Mastering Perl by brian d foy.
Programming Erlang--New from Pragmatic BookshelfPragmatic Bookshelf has published the book Programming Erlang: Software for a Concurrent World by Joe Armstrong.
Securing Ajax Applications--New from O'ReillyO'Reilly has published the book Securing Ajax Applications by Christopher Wells.
Simply JavaScript--New from SitePointSitePoint has published the book Simply JavaScript by Kevin Yank and Cameron Adams.
The Book of Qt 4--New from No Starch PressNo Starch Press has published the book The Book of Qt 4 by Daniel Molkentin.
Resources FSFE NewsletterThe July 12, 2007 edition of the FSFE Newsletter is online with the latest Free Software Foundation Europe news. Topics include: FSFE's General Assembly and the first Benelux fellowship meeting, GPLv3 and LGPLv3 have been released, Free Software personal consultancy for businesses, Six questions to national standardisation bodies, Georg Greve in India, FTF useful tips translated to Asian languages, Free Software in Austrian Schools and Get your friends to support the Fellowship and FSFE.
Contests and Awards Forum Nokia Issues 'Open C Challenge' to mobile applications developersNokia has announced the first Open C Challenge contest for the S60 on Symbian OS smartphone platform. "It is aimed at encouraging open source and freeware developers to use Nokia's Open C environment, to create innovative mobile applications that will deliver the greatest value to S60 smartphone users worldwide."
2007 Open Source CMS Award LaunchedThe 2007 Open Source CMS Award features a $20,000 prize fund. "Following on from the success of the inaugural Open Source Content Management System Award, UK publisher Packt is pleased to announce details of its follow up. With new categories and an increase in prize money, the 2007 Open Source CMS Award will launch on July 16 and is expected to appeal to a broader range of projects. The 2006 Open Source CMS Award was designed to encourage, support, recognize and reward an open source Content Management System (CMS) selected by a panel of judges and visitors to www.PacktPub.com."
Help Choose the Best Open Source Projects on SourceForge.netSourceForge has announced a contest for the best open-source projects. "There's a contest going on here for the open source community to pick winners in eleven different categories of SF.net projects. They're announcing the winners at OSCON and also having a party that anyone can attend if they just RSVP."
Education and Certification LPI hosts events during LinuxWorld San Francisco 2007The Linux Professional Institute will offer discounted certification testing during the LinuxWorld Conference & Expo in San Francisco, CA on August 6-9, 2007.
Calls for Presentations Ninth real-time Linux Workshop calls for papers (LinuxDevices)LinuxDevices looks at the call for papers for the 9th Real-Time Linux Workshop. "The Real-time Linux Workshop has issued a call for papers for its ninth annual event, set for Nov. 2-4 in Linz, Austria. This year's event has a special focus on industrial case studies, but authors are invited to submit original work on a range of topics related to real-time Linux."
Upcoming Events Announcing ENOS 2007ENOS 2007 will take place in Caldas da Rainha, Leiria, Portugal on September 1, 2007. "The acronym ENOS stands for 'Encontro Nacional de openSUSE', a Portuguese expression which can be translated to 'National openSUSE Meeting', an event meant to unite the Portuguese openSUSE users. The purpose of ENOS is to give an opportunity to the Portuguese openSUSE users to be together, as well as provide the participants an insight view on the latest developments on the openSUSE project and stimulate them to take an active part on the community itself."
The Florida Linux Show 2008The Florida Linux Show 2008 will be held in Jacksonville, Florida on February 11, 2008. "This year's show will focus on moving from IPv4 to IPv6, Greener PCs, Linux and your desktop, Linux Certification, and much more."
Free GNU/Linux audio + live impro workshopA free GNU/Linux audio + live impro workshop will be held in in Arteleku, San Sebastian, Basque country Spain on July 18-20 2007. "A three day course exploring free and open source software available for live improvisation purposes such as real-time audio effects, controlers, audio and midi processing, as well as the creative possibilities of Pure Data in a live setup. The workshop is an introduction to GNU/Linux and audio for instrumentalists."
Mandriva sponsors GNOME's GUADEC 2007 conferenceMandriva has announced that it will be sponsoring the GNOME GUADEC 2007 conference and providing free Mandriva Flash bootable Linux USB keys to attending developers. More information is available on the Mandriva Blog or this press release.
KVM Forum 2007The KVM Forum 2007 will take place on August 29-31, 2007 in Tucson, AZ. "Hypervisors are complex beasts. The fact that KVM is developed by a distributed development team with people on six continents, working on a 24X7 basis, across 24 time zones amplifies the difficulty of the task at hand. Regular face to face meetings facilitate the development and overall quality of KVM. If you are a KVM developer, or thinking about joining the growing ranks of the KVM Developer Community, the place to be is Tucson, Arizona on August 29th - 31st, at the Loews Ventana Canyon Resort."
SFLC to host legal summit on software freedomThe Software Freedom Law Center has announced that it will be holding a summit on free software legal issues in New York on October 12. "The Summit will have two parts: a closed session in the morning for a private meeting of the world's foremost FOSS attorneys, and an open session in the afternoon consisting of free legal presentations to the public."
Replicate Technologies launches new LinuxWorld virtualization trackReplicate Technologies has announced a new LinuxWorld virtualization track. "Gone are the days of annual release cycle. Software companies need to operate with rapid releases while maintaining high quality and tight integration. For Software as a Service (SaaS) companies, weekly releases are the new standard. Virtualization helps SaaS companies deploy their software faster and more flexibly. At the same time, it promises faster and simpler delivery of on-premise software, competing with SaaS. Ken Novak, CEO of Replicate Technology, is honored to speak about these emerging trends at LinuxWorld in San Francisco Aug 7-9, 2007."
Projects wanted for the .ORG Village at LinuxExpo 2007Free space is available for the LinuxExpo 2007 .Org Village. The event takes place in London, England on October 23-24, 2007. "Sadly space is limited at the Expo. However unlike other LinuxWorld Expo's we do not allocate space on a first come first served basis or based on the perceived size of you .Org. Submissions are welcome up until the 31st July. At that time we will announce which entrants have been accepted. Whilst some priority will be made to UK based .Orgs the size of your Org will not be either a benefit or hindrance. Some space will be reserved specifically for small or new Orgs."
OSCON Alert: O'Reilly Radar Executive BriefingO'Reilly has announced an Executive Briefing, to be held at the 2007 Open Source Conference in Portland, OR on July 22-27. "Tuesday, July 24: Join Tim O'Reilly focus on the overall the future of open source. Intimate by design, the Executive Briefing is more about conversation than formal presentation. The full day briefing will explore trends, companies, and projects that matter today and point to what you'll need to know in the near future."
X Developers' Summit Cambridge, UKThe 2007 X Developers' Summit will take place in Cambridge, UK on September 10-12, 2007. "The X Developers' Summit will be on the 10th-12th September, and you're all invited. Currently we are planning for 40 people, but can accommodate more than that _if we know immediately_. We expect slots to fill up pretty quickly, so please do let us know soon."
Events: July 26, 2007 to September 24, 2007The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it.
Page editor: Forrest Cook
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Symposium
sign]](/images/conf/lfjs2007/sign.jpg)
is to bring a few community developers over for a couple of days and have
them talk with Japanese developers about what the community is up to and
how they can be a part of it. Your editor was lucky enough to be invited
to the July meeting where, between encounters with sushi, sake, and
Japanese beer, he was able to get some interesting work done.
![[your editor]](/images/conf/lfjs2007/jc-sm.jpg)