LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

LWN Weekly Edition

Front page
Security
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->One big page

 

This page

Previous week
Following week

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

LWN.net Weekly Edition for March 20, 2003

A quick look at Gentoo Linux

Your editor recently needed to set up a sacrificial box for testing out code for the driver porting series. Installing a system like that is always a good opportunity to try out a new distribution, so it seemed like the right time to try to get a sense for what the Gentoo hype is about.

Little did he know that it would take a week just to get through the installation process.

Gentoo seems to be positioning itself as a Debian for the real hackers. So, for example, most of the distribution is built from source at installation time. Why? So you can control the configuration and optimization settings, of course. As a result, the process can take a while, especially if the system you are installing is relatively old and slow.

But, in fact, it takes some time to get even that far. A look at the 1.4rc3 installation instructions is a sobering experience; it takes a while just to read about all that must be done. You start with a bootable CD image, of course, but then it's a matter of:

  • Figuring out and loading whatever kernel modules are necessary to make your system work.

  • Configuring networking - perhaps by hand.

  • Going into fdisk to set up partitions.

  • Running variants of mkfs as many times as necessary to create your filesystems - be sure to get the partition names right.

  • Mounting the filesystems by hand.

  • Untarring an archive with the base system on it.

  • Issuing a manual chroot command to move into the under-construction system's filesystem.

  • Running the nice emerge tool, which will bring your base system up to date with the current packages.

  • Editing /etc/make.conf to set options on how the rest of the system will be built.

  • Running emerge again to download and build the bulk of the system. Good time to head out for coffee. Or, on slower systems, a nice weekend.

  • Choosing from a few kernel source distributions, and running make menuconfig to configure it appropriately. Make sure you set the important options correctly (for example, you need to enable devfs) - the initial configuration does not do this.

And so on...you presumably get the point by now. Installing Gentoo is essentially a process of assembling your desired system by hand. For old-time Linux users, the experience is much like going about ten years back in time, when Linux systems really were assembled by hand. At least you don't need a big stack of diskettes anymore.

The interesting thing is that, once you're done, the result is a pretty nice system. The right packages are there, the administration tools seem to be well thought out (though things like the init script system take a little getting used to), and the "portage" package system has many of the same features that make Debian's "apt" so great. And, of course, you have a system that is set up exactly how you directed it to be and optimized for your processor.

For most users, though, the pain required to get there will probably not prove to be worth it. Your editor is not a stranger to this mode of operation, having been through experiences like converting systems from a.out to ELF by hand. But, you know, that was a while ago; now I'm more interested in having the system just work. And if I'm trying to set up a dozen (or hundreds) of boxes, the Gentoo approach is simply out of the question.

There is, of course, absolutely nothing wrong with Gentoo being what it is. There are plenty of distributions out there for people who want to be able to do an installation without thinking about it. Gentoo is aimed at a different audience - those who want to get their hands quite dirty inside their Linux systems. That is, of course, one of the great things about Linux: you can get your hands as deeply into the system as you want. As the commercial distributions get flashier and generally easier to work with, the excitement and challenge of dealing with the system at the lowest level recedes a bit. Gentoo is bringing that experience back to a new generation of Linux users and hackers, and seems to be doing a very good job of it.

Comments (19 posted)

OpenOffice.org's Community Council

[This article was contributed by Joe 'Zonker' Brockmeier]

OpenOffice.org has come a long way since it was officially rolled out in October, 2000. The group has delivered a full-featured Open Source office suite that is shaping up as a viable competitor to Microsoft Office, at least in some markets.

The group is now looking to revamp its governing process. Until now, decisions have mostly been made by votes on mailing lists or by the project leads of the various projects that make up OpenOffice.org. Now the group is trying to develop a Community Council. The proposal has been kicked around for some time, and is currently being voted on.

We talked to one of the originators of the proposal, Josh Berkus. Berkus is a marketing volunteer for the OpenOffice.org project. According to Berkus, the proposal has been making the rounds for about a year before it got to the final draft that is now being voted on.

In general, he says the Council will be similar to a steering committee. It will help set release dates, coordinate efforts between the OpenOffice.org community and Sun Microsystems, and coordination between specific projects in the project. Berkus also noted that the Community Council will handle some member issues that the group was ill-suited to handle in the past.

We had a problem with somebody who specifically needed to be expelled from the project and blocked from rejoining...we didn't have any structure in place with designated authority to kick this person out, which is another thing we sort of need.

Another responsibility for the Council will be to assign resources if a company or organization wants to donate developer time to the project, without a specific feature or goal. Also, Berkus noted that the current structure is not set up to handle donations of money. "The first task is to come up with a legal structure that allows us to accept money." Berkus wasn't sure if the the organization would be seeking non-profit status or not.

The Council will consist of five project leads elected from the leads of accepted projects, Lang (language) Representatives, a Community Contributor Representative and a representative from Sun. The project leads and language reps will have twelve-month terms, and the Community Contributor will hold a six-month term. Sun's rep will be seated for whatever term Sun chooses. The goal is also to stagger elections so only half of the seats are up for election at one time.

When speaking to Berkus, he mentioned that having language group representatives was particularly important. According to Berkus, it can be extremely difficult for non-English speakers to participate in discussion lists that are conducted in English and that being effectively shut out of important lists can lead to misunderstandings and communications issues. "Having them know they have a rep on the Community Council and they have a voice, should do a lot to head off that kind of a problem...they don't have to feel alienated."

One thing that is unusual about the Community Council, for an Open Source project, is that some of the work will take place behind closed doors. In fact, the Community Council members will have to sign confidential disclosure agreements. Berkus explained that, from time to time, the group would be discussing plans that relate to Sun's StarOffice strategy and that it wouldn't be prudent to do that in the open where Microsoft could oversee the StarOffice strategy and revise theirs to match.

Berkus said that the Community Council would not be likely to dictate new features, though they could help coordinate non-technical members of the Community with the technical teams that could implement new features.

As far as new features go, we should be seeing some pretty soon. According to the public roadmap, we should be seeing a public beta of OpenOffice.org 1.1 as early as this month and a final release of 1.1 sometime in July. We all know, however, how changeable software release dates are. From the roadmap and release notes for build 643, OpenOffice.org 1.1 looks to be mostly improvements on existing features and further refinement of the program in general. However, there are a few noteable features that many users will find compelling.

At the top of the list is native PDF export capability. Filter support, in general, is also slated to improve in 1.1, including new filters for DocBook, XHTML and FlatXML. A full list of changes can be found on the OpenOffice.org site. Note that this list may be out of date, as it was last updated in September; a few more improvements are listed on the developer snapshot page.

Meanwhile, the first OpenOffice.org conference is being held at the end of this week in Hamburg, Germany. Expect more interesting news to emerge soon from this important project which has only begun to shake up the desktop Linux landscape.

Comments (none posted)

Some security notes

This has not been the greatest week for Linux from the security point of view. A new, remotely-exploitable hole in Samba threatens a great many servers worldwide (though one can only hope that there aren't that many Samba servers directly exposed to the Internet); this vulnerability is covered on this week's security page. There is also the ptrace vulnerability in 2.2 and 2.4 kernels. A local user, by attaching to a kernel thread, can obtain root access. Most distributors have patches out for both of these problems, and applying them would be a good idea.

Given the distinctly unpleasant state of world affairs at the moment, now is probably a good time for most of us to take a look at the state of our security patches. The number of attacks can only increase over the next few weeks, and some attackers may be even less discriminating than usual in their choice of targets. Some time spent checking systems now could be saved many times over in the near future.

Meanwhile, every so often, some company which is making good money selling antivirus software to Windows users decides to try to convince people running Linux that they, too, need that company's help. The latest entrant is this press release from Central Command. Their angle is that the increase in desktop Linux deployments will translate into Virus problems: "A vast majority of these new Linux users are unaware of the existence of Linux-based viruses and security risks associated with Linux..." OpenOffice is singled out for mention as a possible means by which a Linux system could be infected.

Of course, a Linux-based virus is not an impossible thing. But a virus running in the wild which bothers more than a very small number of people remains quite unlikely. All of the usual reasons for this apply, but there is one that stands out: Linux developers do not like the idea of strangers running arbitrary code on their systems. So they tend not to write code which provides that capability, and, when somebody figures out how to run something anyway, the problem gets fixed. Quickly. If the original developer won't fix the problem, somebody else will. Quickly. Linux users need not wait until their vendor figures out that letting others run code on their computers is a bad idea.

So, while we need to pay careful attention to the security of our systems, we need not accept the claims of companies trying to sell us antivirus products. Keeping systems secure is a matter of careful administration and staying on top of patches; there is no time, or need, to be distracted by companies selling solutions for problems we do not have.

Comments (none posted)

Page editor: Jonathan Corbet

Inside this week's LWN.net Weekly Edition

  • Security: The Samba hole; new vulnerabilities in the kernel, man, mysql, netpbm, openssl, ...
  • Kernel: 32-bit dev_t progress; speeding up ext2; driver porting
  • Distributions: The 'New Releases' Season is Upon Us...; (Slackware 9.0, Yellow Dog Linux 3.0 and Immunix Secured Linux 7+); New: TrustedDebian, TrX and freevix
  • Development: gmodconfig MySQL 3.23.56, PyKota 1.01, Mod_python 3.0.3, ZODB4 alpha 1, Mozilla 1.3, Galeon 1.2.9, GNOME 2.2.1, Evolution 1.4 Preview 1, Dia for GNOME 2, LyX 1.3.1, Parrot v0.0.10, PHP 4.3.2RC1.
  • Press: Spectrum For All, attacks on free software, Barlow and Guido interviews, Desktop Environment Comparison, Managing Linux Releases.
  • Announcements: New GNOME docs, Ecasound tutorials, EuroPython CFP, Accessibility Conference coverage.
  • Letters: Browser wars
Next page: Security>>

Copyright © 2003, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.