Your editor recently needed to set up a sacrificial box for testing out
code for the driver porting
. Installing a system like that is always a good opportunity to
try out a new distribution, so it seemed like the right time to try to get
a sense for what the Gentoo
Little did he know that it would take a week just to get through the
Gentoo seems to be positioning itself as a Debian for the real
hackers. So, for example, most of the distribution is built from source at
installation time. Why? So you can control the configuration and
optimization settings, of course. As a result, the process can take a while,
especially if the system you are installing is relatively old and slow.
But, in fact, it takes some time to get even that far. A look at the 1.4rc3
installation instructions is a sobering experience; it takes a while
just to read about all that must be done. You start with a bootable
CD image, of course, but then it's a matter of:
- Figuring out and loading whatever kernel modules are necessary to
make your system work.
- Configuring networking - perhaps by hand.
- Going into fdisk to set up partitions.
- Running variants of mkfs as many times as necessary
to create your filesystems - be sure to get the partition names
- Mounting the filesystems by hand.
- Untarring an archive with the base system on it.
- Issuing a manual chroot command to move into the
under-construction system's filesystem.
- Running the nice emerge tool, which will bring
your base system up to date with the current packages.
- Editing /etc/make.conf to set options on how the
rest of the system will be built.
- Running emerge again to download and build the bulk
of the system. Good time to head out for coffee. Or, on slower
systems, a nice weekend.
- Choosing from a few kernel source distributions, and running
make menuconfig to configure it appropriately. Make sure you
set the important options correctly (for example, you need to enable
devfs) - the initial configuration does not do this.
And so on...you presumably get the point by now. Installing Gentoo is
essentially a process of assembling your desired system by hand.
For old-time Linux users, the experience is much like going about ten years
back in time, when Linux systems really were assembled by hand. At
least you don't need a big stack of diskettes anymore.
The interesting thing is that, once you're done, the result is a pretty
nice system. The right packages are there, the administration tools seem to
be well thought out (though things like the init script system take a
little getting used to), and the "portage" package system has many of the
same features that make Debian's "apt" so great. And, of course, you have
a system that is set up exactly how you directed it to be and optimized for
For most users, though, the pain required to get there will probably not
prove to be worth it. Your editor is not a stranger to this mode of
operation, having been through experiences like converting systems
from a.out to ELF by hand. But, you know, that was a while ago; now I'm
more interested in having the system just work. And if I'm trying to set
up a dozen (or hundreds) of boxes, the Gentoo approach is simply out of the
There is, of course, absolutely nothing wrong with Gentoo being what it
is. There are plenty of distributions out there for people who want to be
able to do an installation without thinking about it. Gentoo is aimed at a
different audience - those who want to get their hands quite dirty inside
their Linux systems. That is, of course, one of the great things about
Linux: you can get your hands as deeply into the system as you want. As
the commercial distributions get flashier and generally easier to work
with, the excitement and challenge of dealing with the system at the lowest
level recedes a bit. Gentoo is bringing that experience back to a new
generation of Linux users and hackers, and seems to be doing a very good
job of it.
Comments (19 posted)
[This article was contributed by Joe 'Zonker' Brockmeier]
OpenOffice.org has come a long way since it was officially rolled out in
October, 2000. The group has delivered a full-featured Open Source
office suite that is shaping up as a viable competitor to Microsoft
Office, at least in some markets.
The group is now looking to revamp its governing process. Until now,
decisions have mostly been made by votes on mailing lists or by the
project leads of the various projects that make up OpenOffice.org. Now
the group is trying to develop a Community Council.
has been kicked around for some time, and is currently being voted on.
We talked to one of the originators of the proposal, Josh Berkus. Berkus
is a marketing volunteer for the OpenOffice.org project. According to
Berkus, the proposal has been making the rounds for about a year before
it got to the final draft that is now being voted on.
In general, he says the Council will be similar to a steering committee.
It will help set release dates, coordinate efforts between the
OpenOffice.org community and Sun Microsystems, and coordination between
specific projects in the project. Berkus also noted that the Community
Council will handle some member issues that the group was ill-suited to
handle in the past.
We had a problem with somebody who specifically needed to be expelled
from the project and blocked from rejoining...we didn't have any
structure in place with designated authority to kick this person out,
which is another thing we sort of need.
Another responsibility for the Council will be to assign resources if a
company or organization wants to donate developer time to the project,
without a specific feature or goal. Also, Berkus noted that the current
structure is not set up to handle donations of money. "The first task is
to come up with a legal structure that allows us to accept money."
Berkus wasn't sure if the the organization would be seeking non-profit
status or not.
The Council will consist of five project leads elected from the leads of
accepted projects, Lang (language) Representatives, a Community
Contributor Representative and a representative from Sun. The project
leads and language reps will have twelve-month terms, and the Community
Contributor will hold a six-month term. Sun's rep will be seated for
whatever term Sun chooses. The goal is also to stagger elections so only
half of the seats are up for election at one time.
When speaking to Berkus, he mentioned that having language group
representatives was particularly important. According to Berkus, it can
be extremely difficult for non-English speakers to participate in
discussion lists that are conducted in English and that being
effectively shut out of important lists can lead to misunderstandings
and communications issues. "Having them know they have a rep on the
Community Council and they have a voice, should do a lot to head off
that kind of a problem...they don't have to feel alienated."
One thing that is unusual about the Community Council, for an Open
Source project, is that some of the work will take place behind closed
doors. In fact, the Community Council members will have to sign confidential
disclosure agreements. Berkus explained that, from time to time, the
group would be discussing plans that relate to Sun's StarOffice strategy
and that it wouldn't be prudent to do that in the open where Microsoft
could oversee the StarOffice strategy and revise theirs to match.
Berkus said that the Community Council would not be likely to dictate
new features, though they could help coordinate non-technical members of
the Community with the technical teams that could implement new
As far as new features go, we should be seeing some pretty soon.
According to the public roadmap, we should be seeing a public beta of
OpenOffice.org 1.1 as early as this month and a final release of 1.1
sometime in July. We all know, however, how changeable software release
dates are. From the roadmap and release notes for build 643,
OpenOffice.org 1.1 looks to be mostly improvements on existing features
and further refinement of the program in general. However, there are a
few noteable features that many users will find compelling.
At the top of the list is native PDF export capability. Filter support,
in general, is also slated to improve in 1.1, including new filters for
DocBook, XHTML and FlatXML. A full list of changes can be found on the
site. Note that this list may be out of date, as it was last updated in
September; a few more improvements are listed on the
developer snapshot page.
Meanwhile, the first OpenOffice.org
conference is being held at the end of this week in Hamburg,
Germany. Expect more interesting news to emerge soon from this important
project which has only begun to shake up the desktop Linux landscape.
Comments (none posted)
This has not been the greatest week for Linux from the security point of
view. A new, remotely-exploitable hole in Samba threatens a great many
servers worldwide (though one can only hope that there aren't that
many Samba servers directly exposed to the Internet); this vulnerability is
covered on this week's security
. There is also the
in 2.2 and 2.4 kernels. A local user, by
attaching to a kernel thread, can obtain root access. Most distributors
have patches out for both of these problems, and applying them would be a
Given the distinctly unpleasant state of world affairs at the moment, now
is probably a good time for most of us to take a look at the state of our
security patches. The number of attacks can only increase over the next few
weeks, and some attackers may be even less discriminating than usual in
their choice of targets. Some time spent checking systems now could be
saved many times over in the near future.
Meanwhile, every so often, some company which is making good money selling
antivirus software to Windows users decides to try to convince people
running Linux that they, too, need that company's help. The latest entrant
is this press release from
Central Command. Their angle is that the increase in desktop Linux
deployments will translate into Virus problems: "A vast
majority of these new Linux users are unaware of the existence
of Linux-based viruses and security risks associated with
Linux..." OpenOffice is singled out for mention as a possible
means by which a Linux system could be infected.
Of course, a Linux-based virus is not an impossible thing. But a virus
running in the wild which bothers more than a very small number of people
remains quite unlikely. All of the usual reasons for this apply, but there
is one that stands out: Linux developers do not like the idea of strangers
running arbitrary code on their systems. So they tend not to write code
which provides that capability, and, when somebody figures out how to run
something anyway, the problem gets fixed. Quickly. If the original
developer won't fix the problem, somebody else will. Quickly. Linux users
need not wait until their vendor figures out that letting others run code
on their computers is a bad idea.
So, while we need to pay careful attention to the security of our systems,
we need not accept the claims of companies trying to sell us antivirus
products. Keeping systems secure is a matter of careful administration and
staying on top of patches; there is no time, or need, to be distracted by
companies selling solutions for problems we do not have.
Comments (none posted)
Page editor: Jonathan Corbet
Inside this week's LWN.net Weekly Edition
- Security: The Samba hole; new vulnerabilities in the kernel, man, mysql, netpbm, openssl, ...
- Kernel: 32-bit dev_t progress; speeding up ext2; driver porting
- Distributions: The 'New Releases' Season is Upon Us...; (Slackware 9.0, Yellow Dog Linux 3.0 and Immunix Secured Linux 7+); New: TrustedDebian, TrX and freevix
- Development: gmodconfig
MySQL 3.23.56, PyKota 1.01, Mod_python 3.0.3,
ZODB4 alpha 1, Mozilla 1.3, Galeon 1.2.9, GNOME 2.2.1,
Evolution 1.4 Preview 1, Dia for GNOME 2, LyX 1.3.1, Parrot v0.0.10,
- Press: Spectrum For All, attacks on free software, Barlow and Guido interviews,
Desktop Environment Comparison, Managing Linux Releases.
- Announcements: New GNOME docs, Ecasound tutorials, EuroPython CFP, Accessibility Conference
- Letters: Browser wars