LWN.net Weekly Edition for March 20, 2003
A quick look at Gentoo Linux
Your editor recently needed to set up a sacrificial box for testing out code for the driver porting series. Installing a system like that is always a good opportunity to try out a new distribution, so it seemed like the right time to try to get a sense for what the Gentoo hype is about.Little did he know that it would take a week just to get through the installation process.
Gentoo seems to be positioning itself as a Debian for the real hackers. So, for example, most of the distribution is built from source at installation time. Why? So you can control the configuration and optimization settings, of course. As a result, the process can take a while, especially if the system you are installing is relatively old and slow.
But, in fact, it takes some time to get even that far. A look at the 1.4rc3 installation instructions is a sobering experience; it takes a while just to read about all that must be done. You start with a bootable CD image, of course, but then it's a matter of:
- Figuring out and loading whatever kernel modules are necessary to
make your system work.
- Configuring networking - perhaps by hand.
- Going into fdisk to set up partitions.
- Running variants of mkfs as many times as necessary
to create your filesystems - be sure to get the partition names
right.
- Mounting the filesystems by hand.
- Untarring an archive with the base system on it.
- Issuing a manual chroot command to move into the
under-construction system's filesystem.
- Running the nice emerge tool, which will bring
your base system up to date with the current packages.
- Editing /etc/make.conf to set options on how the
rest of the system will be built.
- Running emerge again to download and build the bulk
of the system. Good time to head out for coffee. Or, on slower
systems, a nice weekend.
- Choosing from a few kernel source distributions, and running make menuconfig to configure it appropriately. Make sure you set the important options correctly (for example, you need to enable devfs) - the initial configuration does not do this.
And so on...you presumably get the point by now. Installing Gentoo is essentially a process of assembling your desired system by hand. For old-time Linux users, the experience is much like going about ten years back in time, when Linux systems really were assembled by hand. At least you don't need a big stack of diskettes anymore.
The interesting thing is that, once you're done, the result is a pretty nice system. The right packages are there, the administration tools seem to be well thought out (though things like the init script system take a little getting used to), and the "portage" package system has many of the same features that make Debian's "apt" so great. And, of course, you have a system that is set up exactly how you directed it to be and optimized for your processor.
For most users, though, the pain required to get there will probably not prove to be worth it. Your editor is not a stranger to this mode of operation, having been through experiences like converting systems from a.out to ELF by hand. But, you know, that was a while ago; now I'm more interested in having the system just work. And if I'm trying to set up a dozen (or hundreds) of boxes, the Gentoo approach is simply out of the question.
There is, of course, absolutely nothing wrong with Gentoo being what it is. There are plenty of distributions out there for people who want to be able to do an installation without thinking about it. Gentoo is aimed at a different audience - those who want to get their hands quite dirty inside their Linux systems. That is, of course, one of the great things about Linux: you can get your hands as deeply into the system as you want. As the commercial distributions get flashier and generally easier to work with, the excitement and challenge of dealing with the system at the lowest level recedes a bit. Gentoo is bringing that experience back to a new generation of Linux users and hackers, and seems to be doing a very good job of it.
OpenOffice.org's Community Council
[This article was contributed by Joe 'Zonker' Brockmeier]
OpenOffice.org has come a long way since it was officially rolled out in October, 2000. The group has delivered a full-featured Open Source office suite that is shaping up as a viable competitor to Microsoft Office, at least in some markets.
The group is now looking to revamp its governing process. Until now, decisions have mostly been made by votes on mailing lists or by the project leads of the various projects that make up OpenOffice.org. Now the group is trying to develop a Community Council. The proposal has been kicked around for some time, and is currently being voted on.
We talked to one of the originators of the proposal, Josh Berkus. Berkus is a marketing volunteer for the OpenOffice.org project. According to Berkus, the proposal has been making the rounds for about a year before it got to the final draft that is now being voted on.
In general, he says the Council will be similar to a steering committee. It will help set release dates, coordinate efforts between the OpenOffice.org community and Sun Microsystems, and coordination between specific projects in the project. Berkus also noted that the Community Council will handle some member issues that the group was ill-suited to handle in the past.
Another responsibility for the Council will be to assign resources if a company or organization wants to donate developer time to the project, without a specific feature or goal. Also, Berkus noted that the current structure is not set up to handle donations of money. "The first task is to come up with a legal structure that allows us to accept money." Berkus wasn't sure if the the organization would be seeking non-profit status or not.
The Council will consist of five project leads elected from the leads of accepted projects, Lang (language) Representatives, a Community Contributor Representative and a representative from Sun. The project leads and language reps will have twelve-month terms, and the Community Contributor will hold a six-month term. Sun's rep will be seated for whatever term Sun chooses. The goal is also to stagger elections so only half of the seats are up for election at one time.
When speaking to Berkus, he mentioned that having language group representatives was particularly important. According to Berkus, it can be extremely difficult for non-English speakers to participate in discussion lists that are conducted in English and that being effectively shut out of important lists can lead to misunderstandings and communications issues. "Having them know they have a rep on the Community Council and they have a voice, should do a lot to head off that kind of a problem...they don't have to feel alienated."
One thing that is unusual about the Community Council, for an Open Source project, is that some of the work will take place behind closed doors. In fact, the Community Council members will have to sign confidential disclosure agreements. Berkus explained that, from time to time, the group would be discussing plans that relate to Sun's StarOffice strategy and that it wouldn't be prudent to do that in the open where Microsoft could oversee the StarOffice strategy and revise theirs to match.
Berkus said that the Community Council would not be likely to dictate new features, though they could help coordinate non-technical members of the Community with the technical teams that could implement new features.
As far as new features go, we should be seeing some pretty soon. According to the public roadmap, we should be seeing a public beta of OpenOffice.org 1.1 as early as this month and a final release of 1.1 sometime in July. We all know, however, how changeable software release dates are. From the roadmap and release notes for build 643, OpenOffice.org 1.1 looks to be mostly improvements on existing features and further refinement of the program in general. However, there are a few noteable features that many users will find compelling.
At the top of the list is native PDF export capability. Filter support, in general, is also slated to improve in 1.1, including new filters for DocBook, XHTML and FlatXML. A full list of changes can be found on the OpenOffice.org site. Note that this list may be out of date, as it was last updated in September; a few more improvements are listed on the developer snapshot page.
Meanwhile, the first OpenOffice.org conference is being held at the end of this week in Hamburg, Germany. Expect more interesting news to emerge soon from this important project which has only begun to shake up the desktop Linux landscape.
Some security notes
This has not been the greatest week for Linux from the security point of view. A new, remotely-exploitable hole in Samba threatens a great many servers worldwide (though one can only hope that there aren't that many Samba servers directly exposed to the Internet); this vulnerability is covered on this week's security page. There is also the ptrace vulnerability in 2.2 and 2.4 kernels. A local user, by attaching to a kernel thread, can obtain root access. Most distributors have patches out for both of these problems, and applying them would be a good idea.Given the distinctly unpleasant state of world affairs at the moment, now is probably a good time for most of us to take a look at the state of our security patches. The number of attacks can only increase over the next few weeks, and some attackers may be even less discriminating than usual in their choice of targets. Some time spent checking systems now could be saved many times over in the near future.
Meanwhile, every so often, some company which is making good money selling
antivirus software to Windows users decides to try to convince people
running Linux that they, too, need that company's help. The latest entrant
is this press release from
Central Command. Their angle is that the increase in desktop Linux
deployments will translate into Virus problems: "A vast
majority of these new Linux users are unaware of the existence
of Linux-based viruses and security risks associated with
Linux...
" OpenOffice is singled out for mention as a possible
means by which a Linux system could be infected.
Of course, a Linux-based virus is not an impossible thing. But a virus running in the wild which bothers more than a very small number of people remains quite unlikely. All of the usual reasons for this apply, but there is one that stands out: Linux developers do not like the idea of strangers running arbitrary code on their systems. So they tend not to write code which provides that capability, and, when somebody figures out how to run something anyway, the problem gets fixed. Quickly. If the original developer won't fix the problem, somebody else will. Quickly. Linux users need not wait until their vendor figures out that letting others run code on their computers is a bad idea.
So, while we need to pay careful attention to the security of our systems, we need not accept the claims of companies trying to sell us antivirus products. Keeping systems secure is a matter of careful administration and staying on top of patches; there is no time, or need, to be distracted by companies selling solutions for problems we do not have.
Security
Brief items
The Samba Vulnerability
[This article was contributed by Tom Owen]
Samba.org's announcement of 2.2.8 last week had a eerie familiarity. Here's a release prompted by heap overflow in a major open source server component. A fortnight ago it was sendmail -- this time it's Samba, the free SMB/CIFS server. The vulnerability was spotted by the reliably hard-nosed security team at SuSE. Samba team members say there's a risk of remote root compromise; all sites are urged to plan an urgent upgrade. The LWN vulnerability entry has links to distributions' patches, and the new version 2.2.8 which contains the fix.The vulnerability dates back to 2.0.x, which is over four years old. This is the Samba version which introduced domain logon for Windows NT clients. If your server has been updated since 1999, or looks like a domain controller for NT clients then it is vulnerable.
The vulnerability is described as a buffer overflow in smbd's message fragment assembly code. Any exploit would send crafted SMB fragments to TCP port 139. Also fixed in the new release is a locally exploitable race condition.
Even in a tightly-run site, this vulnerability is a serious threat, potentially allowing root access to local users. What gets plain scary is that there are sites which expose SMB to the Internet. This can't ever be the right thing to do whether the server is Samba or Windows. The problem is not the servers but the protocol. The MS network neighbourhood browser can be easy to use but the price is that anyone can connect to a server and list users, servers and shares -- perfect background for social hacking, and an easy route to find any share which, by error or design, has less than perfect security settings. Security is easier to control down with Samba than Windows,but it is best simply not to expose it to the net at all.
The announcement goes into detail on the precautions any Samba site should be taking. They have little to do with the vulnerability -- they don't protect against a local attack -- and every site ought to be doing them anyway.
The first step is to make sure that ports for SMB and WINS are blocked at the Internet gateway. This risk is so well understood that many cheap routers include a standardised filter set (typically called something like NETBIOS) to block ports 137, 138 and 139. This is good as far as it goes, but Microsoft is moving away from these ports. More recent Microsoft servers offer SMB directly on TCP at port 445, so this is one more port to block. Samba 2.2 doesn't use 445 but the upcoming 3.0 will.
Samba's daemons are not normally run under inetd.conf and so can't be protected by TCP wrappers. The announcement shows how to use smb.conf directives to get similar control:
hosts allow = 127.0.0.1 192.168.2.0/24 192.168.3.0/24
hosts deny = 0.0.0.0/0
The above will only allow SMB connections from 'localhost'
(your own computer)
and from the two private networks 192.168.2 and 192.168.3.
All other connections will be refused connections as soon as the client
sends its first packet.
The refusal will be marked as a 'not listening on called name' error.
It seems rash to put a file server on to your Internet gateway, but a lot of home and small business hosts are setup that way. These sites can control their exposure with 'interfaces=' and 'bind interfaces only = yes' but a cheap basic filtering router is probably a better plan.
Samba servers have one extra risk not shared by Windows servers. The Samba Web Administration Tool (SWAT) runs under inetd, normally via TCP wrappers. Care is needed in inetd.conf and hosts.allow to restrict access to SWAT to the local network, and not on the Internet. Alternatively, there are instructions on how to offer SWAT over SSL.
One way this Samba vulnerability stands out from Sendmail earlier this month is that it's a bit of surprise. Despite Samba's long history and wide use, it has shown few vulnerabilities which are not a consequence of the SMB protocol. The other way is that malicious exploits appear to have been tested or used before the announcement. SuSE saw anomalous crashes in one of their public servers. Analysis of the logs was enough to persuade the Samba team to bring 2.2.8 release forward -- a truly alarming response. Site administrators should act soon, first to make sure that their SMB is not visible on the Internet, and then to upgrade Samba to 2.2.8.
(Thanks to Jeremy Allison for assistance with this article).
March CRYPTO-GRAM newsletter
Bruce Schneier's CRYPTO-GRAM newsletter for March is out. It looks at Practical Cryptography (a new book he co-authored with Niels Ferguson), the defeat of the SSL patent, and the SSL vulnerability. "By now it should be obvious that hackers don't steal credit card numbers one by one across the network; they steal them in bulk -- by the thousands or even millions -- by breaking into poorly protected networks. Many smaller e-commerce sites don't use SSL to protect their credit card transactions, and even there this kind of attack simply doesn't happen."
New vulnerabilities
kernel - ptrace-related vulnerability
| Package(s): | kernel | CVE #(s): | CAN-2003-0127 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | March 17, 2003 | Updated: | June 30, 2003 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | Versions 2.2.x and 2.4.x of the Linux kernel contain a vulnerability in ptrace() which may be exploited by a local user to obtain root access. This announcement contains the details and a patch for 2.4.20. For 2.2 users, 2.2.25 has been released which contains the fix. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
lprold - buffer overflow in lprm
| Package(s): | lprold lpd | CVE #(s): | CAN-2003-0144 | ||||||||||||||||||||
| Created: | March 13, 2003 | Updated: | May 28, 2003 | ||||||||||||||||||||
| Description: | The lprm command of the printing package lprold contains a buffer overflow. This buffer overflow can be exploited by a local user, if the printer system is set up correctly, to gain root privileges. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
lxr - input validation error
| Package(s): | lxr | CVE #(s): | |||||
| Created: | March 19, 2003 | Updated: | March 19, 2003 | ||||
| Description: | lxr fails to properly sanitize incoming filenames, with the result that an attacker can read arbitrary files on the system. | ||||||
| Alerts: |
| ||||||
man - code execution vulnerability
| Package(s): | man | CVE #(s): | CAN-2003-0124 | ||||||||||||||||
| Created: | March 19, 2003 | Updated: | May 7, 2003 | ||||||||||||||||
| Description: | Versions of man prior to 1.51 contain a code execution vulnerability which can be exploited by a carefully crafted man file. See this advisory for the details. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
mysql - configuration file vulnerability
| Package(s): | mysql mysqld | CVE #(s): | CAN-2003-0150 | ||||||||||||||||||||||||||||||||
| Created: | March 18, 2003 | Updated: | May 16, 2003 | ||||||||||||||||||||||||||||||||
| Description: | According to a report on BugTraq, a vulnerability exists in version 3.23.55 and earlier versions of the MySQL server. If the MySQL server is launched by root, as it is often done by system startup scripts, any database users with the "FILE" privilege can write a configuration file (usually my.cnf) that causes the MySQL server to run under an arbitrary user id, including the user id of the super-user, on the next restart. | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||
NetPBM: math overflow errors
| Package(s): | NetPBM | CVE #(s): | CAN-2003-0146 | ||||||||||||||||
| Created: | March 17, 2003 | Updated: | May 27, 2003 | ||||||||||||||||
| Description: | Al Viro and Alan Cox discovered several maths overflow errors in NetPBM, a set of graphics conversion tools. These programs are not installed setuid root but are often installed to prepare data for processing. These vulnerabilities may allow remote attackers to cause a denial of service or execute arbitrary code. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
openssl: local and remote extraction of RSA private key
| Package(s): | openssl, apache, mod_ssl | CVE #(s): | CAN-2003-0147 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | March 18, 2003 | Updated: | May 22, 2003 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | David Brumley and Dan Boneh of Stanford University have researched and
documented a timing attack on OpenSSL which allows local and remote
attackers to extract the RSA private key of a server. The OpenSSL RSA
implementation is generally vulnerable to these type of attacks unless RSA
blinding has been turned on. See this
paper (pdf format) for additional details.
Typically, RSA blinding is not enabled by OpenSSL based applications, mainly because it is not obvious how to do so when using OpenSSL to provide SSL/TLS. This problem affects mostly all applications using OpenSSL and have to be rebuilded against the fixed OpenSSL version (where RSA blinding is now enabled by default) or have to enable RSA blinding explicitly their own. The performance impact of RSA blinding appears to be small (a few percent only) and the RSA functionality is still fully compatible. The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2003-0147 to the problem. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
rxvt - vulnerabilities in the handling of escape sequences
| Package(s): | rxvt | CVE #(s): | CAN-2003-0022 CAN-2003-0023 CAN-2003-0066 | ||||||||||||
| Created: | March 17, 2003 | Updated: | March 26, 2003 | ||||||||||||
| Description: | Rxvt is a color VT102 terminal emulator for the X Window System. A number
of issues have been found in the escape sequence handling of Rxvt.
These could be potentially exploited if an attacker can cause carefully
crafted escape sequences to be displayed on a rxvt terminal being used by
their victim.
One of the features which most terminal emulators support is the ability for the shell to set the title of the window using an escape sequence. Certain xterm variants, including rxvt, also provide an escape sequence for reporting the current window title. This essentially takes the current title and places it directly on the command line. Since it is not possible to embed a carriage return into the window title itself, the attacker would have to convince the victim to hit enter for it to process the title as a command, although the attacker can perform a number of actions to increase the likelyhood of this happening. The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. Users of Rxvt are advised to upgrade to these errata packages which contain a patch to disable the title reporting functionality and patches to correct the other issues. | ||||||||||||||
| Alerts: |
| ||||||||||||||
samba - exploitable buffer overruns
| Package(s): | samba | CVE #(s): | CAN-2003-0085 CAN-2003-0086 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | March 17, 2003 | Updated: | April 4, 2003 | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | The SuSE security audit team, in particular Sebastian Krahmer has found a
flaw in the Samba main smbd code which could allow an external attacker to
remotely and anonymously gain Super User (root) privileges on a server
running a Samba server.
This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive. This is a serious problem and all sites should either upgrade to Samba 2.2.8 immediately or prohibit access to TCP ports 139 and 445. Advice created by Andrew Tridgell, the leader of the Samba Team, on how to protect an unpatched Samba server is given at the end of this section. The SMB/CIFS protocol implemented by Samba is vulnerable to many attacks, even without specific security holes. The TCP ports 139 and the new port 445 (used by Win2k and the Samba 3.0 alpha code in particular) should never be exposed to untrusted networks. See this article for more information. Samba-TNG users should update to version 0.3.1. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||
Resources
LinuxSecurity.com newsletters
The Linux Advisory Watch and Linux Security Week newsletters from LinuxSecurity.com are available.
Events
2003 IEEE Symposium on Security and Privacy
The schedule for the 2003 IEEE Symposium on Security and Privacy (May 11 to 14, Oakland, California) has been posted.
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current development kernel is 2.5.65, which was released by Linus on March 17. It includes a bunch of scheduler work (see last week's LWN kernel page), some IDE work, some devfs trimming, NUMA updates, a PCI update, a number of kbuild updates (including the long-awaited GTK front end for "make xconfig"), various architecture updates, and a long list of other fixes. The long-format changelog has the details.Linus's BitKeeper tree includes an interesting patch which makes the "magic sysrq" functionality available to remote users (via /proc/sysrq-trigger), a PA-RISC update, and a small number of fixes and performance improvements.
The current prepatch from Alan Cox is 2.5.65-ac1, which adds a small set of new fixes.
The current stable kernel is 2.4.20; Marcelo has released no 2.4.21 prepatches since 2.4.21-pre5, which came out on February 27.
Note that 2.4.20 contains a local root vulnerability; if you are running systems with untrusted users, you should apply an update from your vendor or the patch supplied with the vulnerability announcement.
Alan Cox has released 2.2.25, which contains the ptrace vulnerability fix (and nothing else).
Kernel development news
32-bit dev_t progress
Andries Brouwer released a new set of patches this week which brings the long-planned expansion of dev_t closer to reality. These patches rework the character device infrastructure to make it safe for much larger numbers of devices. For now, at least, it is not even necessary to change any char drivers to work properly with the new code.The first patch clears out the char device code within the filesystem area. This code included a whole structure for tracking devices, managing reference counts, etc. That structure was only used in one place, however, and Andries decided that, rather than fix it up to work with larger device numbers, he would just hack it out altogether. The rest of the kernel will not really notice its absence, for now.
The core of the work is in the second patch. Here, the longstanding static chrdevs array is removed. A static array of devices works reasonably well when there is a maximum of 255 of them; it's rather less convenient when there can be thousands of device numbers. In its place is a simple hash table with linked lists of registered char drivers.
There is a new way of registering a char driver:
int register_chrdev_region(unsigned int major,
unsigned int baseminor,
int minorct,
const char *name,
struct file_operations *fops);
The new baseminor and minorct arguments describe the range of minor numbers that the driver is prepared to deal with. Char drivers should eventually be converted to the new interface, but there is no great hurry; the register_chrdev() interface is still supported as:
int register_chrdev(unsigned int major, const char *name,
struct file_operations *fops)
{
return register_chrdev_region(major, 0, 256, name, fops);
}
So unchanged char drivers will still work, and will not be confronted with minor numbers greater than 255.
For now, drivers requesting a dynamic major number may continue to use the same mechanism: passing major as zero. The mechanism implemented in the patch is not entirely robust, however, and is marked as being temporary.
The third patch just cleans things up a bit, and removes the MAX_CHRDEV macro. For the truly adventurous, there is a fourth patch which actually changes dev_t to 32 bits, using a 16:16 split.
These patches have found their way into the -mm kernel tree, and are now in need of some serious testing. Should things work out, the 32-bit dev_t expansion may finally get crossed off the 2.5 development list.
Speeding up ext2
The 2.5 kernel development process has put a strong emphasis on scalability and performance issues. So it is somewhat interesting that the core Linux filesystems - ext2 and ext3 - have seen relatively little scalability work in 2.5. That is beginning to change, at least for ext2, but this work is raising some interesting questions about what the role of these two filesystems really is.Alex Tomas has recently been working on performance bottlenecks in ext2. His first concurrent block allocation patch attacks the problem of allocating blocks within a filesystem. The current ext2 code takes out the superblock lock before performing block allocation; this means that only one thread can be trying to allocate space in a given filesystem at a time. The first patch created a separate "allocation lock" which protects the small piece of code which actually makes allocation decisions; a later revision creates a separate lock for each block group within the filesystem, thus reducing lock contention further.
The patch was greeted with positive reviews. William Lee Irwin reported a throughput increase from
62 MB/s to 104 MB/s on a benchmark he ran, and exclaimed
"
The block allocation patch was quickly joined by a concurrent inode allocation patch and a distributed counters patch. None of these have
found their way into the mainline kernel yet, but they offer enough
performance benefits that they will likely get there eventually. Assuming
the block allocation patch can be coaxed back from its desert island
experience, that is.
A question was raised, however: is ext2 the right place for this sort of
work? ext2 is generally thought of as the relatively simple Linux
filesystem; ext3 is the place for fancy new stuff. There are a couple of
reasons why this sort of work tends to find its way into ext2 first,
though.
One of those reasons is the simple fact that ext3 still has bigger scaling
problems. The ext3 filesystem is one of the few places in the Linux kernel
that still makes heavy use of the big kernel lock (BKL). As a result, ext3
does not scale well to large systems, and tweaking things like block
allocation will not help the real problem. Until the BKL dependency is
removed from ext3, most other performance work will not make much sense.
Removing the BKL is apparently a somewhat tricky job; at this point, it may
well not happen before 2.6 is released.
The other reason is that, large-systems scaling issues notwithstanding,
ext3 is developing into the default Linux filesystem. For most users,
there is little or no incentive to prefer ext2 over ext3; all it takes is
one power failure to make the advantages of a journaling filesystem clear.
So, as Daniel Phillips put it:
The role reversal, it seems, is nearly complete. Soon, it will be the ext2
users who are living on the bleeding edge.
This patch is a godsend. Whoever's listening, please apply!.
Martin Bligh, instead, said "
SDET on
my machine (16x NUMA-Q) has fallen in love with your patch, and has decided
to elope with it to a small desert island.
" Not bad for a patch
which is really a pretty straightforward exercise in finer-grained
locking.
Driver porting
News from the driver porting series
The driver porting series continues to look at block drivers this week. Below you'll find an article on the gendisk interface, which has become rather more important in 2.5. Also available is this article which looks, in detail, at the simplest possible block driver - a naive ramdisk driver for 2.5. As always, the entire series (up to 19 articles now) can be found on this page.Driver porting: the gendisk interface
| This article is part of the LWN Porting Drivers to 2.6 series. |
Gendisk initialization
The best way of looking at the contents of a gendisk structure from a block driver's point of view is to examine what that driver must do to set the structure up in the first place. If your driver makes a disk (or disk-like) device available to the system, it will have to provide an associated gendisk structure. (Note, however, that it is not necessary - or correct - to set up gendisk structures for disk partitions).The first step is to create the gendisk structure itself; the function you need is alloc_disk() (which is declared in <linux/genhd.h>):
struct gendisk *alloc_disk(int minors);
The argument minors is the maximum number of minor numbers that this disk can have. Minor numbers correspond to partitions, of course (except the first, which is the "whole disk" device), so the value passed here controls the maximum number of partitions. If a single minor number is requested, the device cannot be partitioned at all. The return value is a pointer to the gendisk structure; the allocation can fail, so this value should always be checked against NULL before proceeding.
There are several fields of the gendisk structure which must be initialized by the block driver. They include:
- int major;
- The major number of this device; either a static major assigned to a specific driver, or one that was obtained dynamically from register_blkdev()
- int first_minor;
- The first minor device number corresponding to this disk. This number will be determined by how your driver divides up its minor number space.
- char disk_name[32];
- The name of this disk (i.e. hda). This name is used in places like /proc/partitions and in creating a sysfs directory for the device.
- struct block_device_operations *fops;
- The device operations (open, release, ioctl, media_changed, and revalidate_disk) for this device. Each disk has its own set of operations in 2.6.
- struct request_queue *queue;
- The request queue which will handle the list of pending operations for this disk. The queue must be created and initialized separately.
- int flags;
- A set of flags controlling the management of this device. They include GENHD_FL_REMOVABLE for removable devices, GENHD_FL_CD for CDROM devices, and GENHD_FL_DRIVERFS which certainly means something interesting, but which is not actually used anywhere.
- void *private_data;
- This field is reserved for the driver; the rest of the block subsystem will not touch it. Usually it holds a pointer to a driver-specific data structure describing this device.
The gendisk structure also holds the size of the disk, in sectors. As part of the initialization process, the driver should set that size with:
void set_capacity(struct gendisk *disk, sector_t size);
The size value should be in 512-byte sectors, even if the hardware sector size used by your device is different. For removable disks, setting its capacity to zero indicates to the block subsystem that there is currently no media present in the device.
Manipulating gendisks
Once you have your gendisk structure set up, you have to add it to the list of active disks; that is done with:
void add_disk(struct gendisk *disk);
After this call, your device is active. There are a few things worth keeping in mind about add_disk():
- add_disk() can create I/O to the device (to read partition
tables and such). You should not call add_disk() until your
driver is sufficiently initialized to handle requests.
- If you are calling add_disk() in your driver initialization
routine, you should not fail the initialization process after the
first call.
- The call to add_disk() increments the disk's reference count; if the disk structure is ever to be released, the driver is responsible for decrementing that count (with put_disk()).
Should you need to remove a disk from the system, that is accomplished with:
void del_gendisk(struct gendisk *disk);
This function cleans up all of the information associated with the given disk, and generally removes it from the system. After a call to del_gendisk(), no more operations will be sent to the given device. Your driver's reference to the gendisk object remains, though; you must explicitly release it with:
void put_disk(struct gendisk *disk);
That call will cause the gendisk structure to be freed, as long as no other part of the kernel retains a reference to it.
Should you need to set a disk into a read-only mode, use:
void set_disk_ro(struct gendisk *disk, int flag);
If flag is nonzero, all partitions on the disk will be marked read-only. The kernel can track read-only status individually for each partition, but no utility function has been exported to manipulate that status for single partitions.
Partition management is handled within the block subsystem in 2.6; drivers need not worry about partitions at all. Should the need arise, the functions add_partition() and delete_partition() can be used to manipulate the (in-kernel) partition table directly. These functions are used in the generic block ioctl() code; there should be no need for a block driver to call them directly.
Registering block device number ranges
A call to add_disk() implicitly allocates the a set of minor numbers (under the given major number) from first_minor to first_minor+minors-1. If your driver must only respond to operations to disks that exist at initialization time, there is no need to worry further about number allocation. Even the traditional call to register_blkdev() is optional, and may be removed soon. Some drivers, however, need to be able to claim responsibility for a larger range of device numbers at initialization time.If this is your case, the answer is to call blk_register_region(), which has this rather involved prototype:
void blk_register_region(dev_t dev,
unsigned long range,
struct module *module,
struct kobject *(*probe)(dev_t, int *, void *),
int (*lock)(dev_t, void *),
void *data);
Here, dev is a device number (created with MKDEV()) containing the major and first minor number of the region of interest; range is the number of minor numbers to allocate, module is the loadable module (if any) containing the driver, probe is a driver-supplied function to probe for a single disk, lock is a driver-supplied locking function, and data is a driver-private pointer which is passed to probe() and lock().
When blk_register_region() is called, it simply makes a note of the desired region and returns. Note that there can be more than one registration within a specific region! At lookup time, the most "specific" registration (the one with the smallest range) wins.
At some point in the future, an attempt may be made to access a device number within the allocated region. At that point, there will be a call to the lock() function (if it was not passed as NULL) with the device number of interest. If lock() succeeds, probe() will be called to find the specific disk of interest. The full prototype of the probe function is:
struct kobject *(*probe)(dev_t dev, int *partition, void *data);
Here, dev is the device number of interest, partition is a pointer to a partition number (sort of), and data is the driver-private pointer passed to blk_register_region(). The partition number is actually just the offset into the allocated range; it's the minor number from dev with the beginning of the range subtracted.
The probe() function should attempt to identify a specific gendisk structure which corresponds to the requested number. If it is successful, it should return a pointer to the kobject structure contained within the gendisk. Kobjects are covered in a separate article; for all, all you really need to know is that you should call get_disk() with the gendisk structure as the argument, and return the value from get_disk() to the caller. The probe() function can also modify the partition number so that it corresponds to the actual partition offset in the returned device. If the function cannot handle the request at all, it can return NULL.
Some probe() functions do not, themselves, locate and initialize the device of interest. Instead, they call some other function to set in motion that whole process. For example, a number of probe() functions simply call request_module() in an attempt to load a module which can handle the device. In this mode of operation, the function should return NULL, which will cause the block layer to look at the device number allocations one more time. If a "better" allocation (with a smaller range) has happened in the mean time, the probe() function for the new driver will be called. So, for example, if a module is loaded which allocates a smaller device number range corresponding to the devices it actually implements, its probe() routine will be called on the next iteration.
Of course, there is the usual assocated unregister function:
void blk_unregister_region(dev_t dev, unsigned long range);
The next step
Once you have a handle on how the gendisk structure works, the next thing to do is to learn about BIO structures.
Patches and updates
Kernel trees
Build system
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Janitorial
Memory management
Networking
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
The 'New Releases' Season is Upon Us...
[This article was contributed by Ladislav Bodnar]
It is that time of the year when commercial Linux companies are readying their new boxes full of the latest and greatest Linux software. While their programmers do the last minute debugging and marketing departments prepare for the grand product launches, for the consumers among us it's time to face the usual decisions: to upgrade or not to upgrade? And should we stick with the existing choice or try a different distribution? Let's take a look at what we can expect to come our ways within the next few weeks.
Slackware Linux, the oldest
surviving Linux distribution, is the first one to grace us with a new
release this season. What's new in 9.0? This question is best answered by
this little dialog I noted on a public forum discussing one of the
Slackware release candidates. The question: "What has Slackware
accomplished? Red Hat has given us plenty of useful utilities, SuSE has
developed YaST, Mandrake has drakconf, but what about Slackware? All they
do is compile packages that others develop and put them on a CD, nothing
extra, no major accomplishment.
" And this was one reader's reply:
"Thank you, Slackware, for not putting anything extra into your
distribution. This is why you develop the most stable, dependable and
bug-free Linux distribution on earth!
"
Yes, Slackware is like a medieval city surrounded by modern skyscrapers, a stark contrast of an installer and package management tools developed in mid-nineties, together with the most up-to-date software found in any distribution. The result is highly appealing as demonstrated by Slackware's continuing popularity as the tool of choice for many seasoned Linux users and administrators. Suggest that they switch to something else and they'll laugh at you...
MandrakeSoft will launch Mandrake Linux 9.1 shortly. Users who have tested the release candidates have reportedly been impressed with the product's stability and lack of major bugs as well as some of the new features. What can we expect? One of the main new features is the inclusion of a NTFS partition resizing tool, which makes Mandrake only the second distribution, after Xandros Desktop, offering this feature. A new theme called "Galaxy", running under both KDE and GNOME desktop environments, has been revealed to make the user interface more consistent. Another new and long overdue feature is "zeroconf" which promises to make network configuration as easy as plugging the cables into your network's workstations and servers. All this, together with the fact that the applications on offer were chosen by their users, the MandrakeClub members, and you seemingly have a winner.
Of course, there is a big question that has to be answered sooner or later. Will 9.1 be the MandrakeSoft's last release in its present form? Or will the company survive their financial woes and come out as strong as before? MandrakeSoft's practice of releasing a new version to the FTP servers at the same time it goes to the manufacturer allows many people to download the release before the boxed sets are available. This practice has pleased Mandrake users, but it also cuts into Mandrake sales. Their customer support was reported to be far from top-notch. Producing a quality distribution is the first priority, but there is much more to generating revenue. Mandrakesoft has a thin line to walk to generate the revenue they need to survive, while keeping their customers happy with cutting edge software that is freely available. If they can do that, we will likely see many more Mandrake releases in the years to come.
SuSE Linux AG has announced that a new release, version 8.2, will be available on April 3 in Europe and on April 14 in North America. Besides all the latest software, the new release claims to be the first distribution shipping a professional video editing application called MainActor. The release also provides improved wireless networking support, tools for automatic network reconfiguration for mobile computer users as well as further improvements to the YaST configuration utility and enhanced security. Certainly a very tempting bunch of features.
Other major distributions will no doubt follow soon. Red Hat, which traditionally does not pre-announce final releases, has produced three betas of its upcoming Red Hat Linux 8.1 and even the Debian developers have started talking about a package freeze of their testing branch called "Sarge". The next two months will be highly interesting for the industry while all the major players try their best to please the consumers. We will be watching the competition with great interest.
Of course it's not just the major players that are announcing new releases. Below we have new release announcements from Immunix and Yellow Dog Linux. Who knows, maybe even the long awaited Gentoo Linux 1.4 will be out soon.
Distribution News
Slackware 9.0 released
Slackware has quietly announced the release of Slackware Linux 9.0 in a change log entry. "Tue Mar 18 01:44:41 PST 2003"
Slackware 9.0 is released... happy release day!
Yellow Dog Linux 3.0 released
Yellow Dog Linux 3.0 has been released; it includes all the latest software, of course, along with improved Apple hardware and "Mac-on-Linux" support.Immunix Secured Linux 7+ Released
WireX Communications has announced the release of Immunix Secured Linux 7+. Based on Red Hat Linux 7.0, Immunix includes security updates for dozens of vulnerabilities, compiled with WireX's StackGuard and FormatGuard modifications. The 2.2.19 Linux kernel is extended with several Openwall technologies as well as WireX's SubDomain mandatory access control technologies.Mandrake Linux 9.0 for AMD 64-bit technology is available.
MandrakeSoft announced the release of Mandrake Linux 9.0 for Opteron® processors based on AMD 64-bit technology. "This development will lead to a planned release in April 2003 of the 'Mandrake Linux Corporate Server 2.1' for AMD Opteron®, a product dedicated to server deployment in medium to large accounts. Later in June 2003, MandrakeSoft will release 'MandrakeClustering' for Opteron®, an easy-to-use clustering solution designed to answer needs in the intensive calculation area that will greatly benefit from the power of AMD 64-bit technology."
Debian GNU/Linux
The Debian Weekly News for March 18, 2003 is available. This issue covers the work of the French chapter of the Free Software Foundation Europe, and others, have been doing to have Free Software classified as an intangible world cultural heritage term by the UNESCO. Also DPL elections, Debian Project at CeBIT and OOoCon, and more.Debian Planet reports that KDE 3.1 is now (finally) complete in 'sid'. Uploads of the missing pieces, kdenetwork and kdepim have been accepted into the archive.
Linux Orbit installs Debian Gnu/Linux on a Rebel NetWinder 3100 and provides a description of the process.
This Debian Planet article points to three Debian-based live-cd projects: KNOPPIX, GNOPPIX (in German), and Morphix. We've added another one, see TrX in the 'New Distributions' section, below.
Gentoo Weekly Newsletter -- Volume 2, Issue 11
The Gentoo Weekly Newsletter for March 17, 2003 is available. This week's issue contains an update from the Game Developers Conference; GWN is looking for contributors; rsync.gentoo.org shows signs of strain as Gentoo Linux continues to grow; Gentoo Linux launches a "hardened Gentoo" effort; and new items at the Gentoo Store."Learning Red Hat Linux, Third Edition" Released by O'Reilly
O'Reilly has released Learning Red Hat Linux, Third Edition. "The third edition of "Learning Red Hat Linux" eases newcomers into the world of Linux, guiding them through the process of installing and running Red Hat Linux on their PCs. Written in a friendly, easy-to-understand style, this book contains all that readers will need to get started, including the complete Red Hat 8.0 distribution on CDs. With new tutorials covering OpenOffice Tools and the desktop, this book is ideal for first-time Linux users who want to install the operating system on a new PC or convert an existing system to Linux. Throughout the book, the author addresses security issues on a level appropriate for a beginning user."
New Distributions
TrustedDebian beta release
As reported on DebianPlanet, the first TrustedDebian beta release is now available. TrustedDebian is an upgrade to Debian 3.0 which adds stack protection, address space layout randomization, FreeS/WAN, and some recent security packages. Future releases will include RSBAC mandatory access controls (which distinguishes this project from other secure Debian efforts, which are using SE-Linux).TrX
TrX is a project that aims to produce a Debian GNU/Linux-based desktop router and firewall package based on Knoppix. This Turkish distribution boots directly from CD-ROM, so there is no hard disk installation necessary. The initial Freshmeat release of TrX, version 3.2, was made available March 12, 2003.freevix
freevix is a tiny GNU/Linux distribution designed to provide a complete but small foot print environment for people wanting to build a media player system with Freevo. Initial version 0.2 was released March 12, 2003.
Minor distribution updates
Ark Linux
Ark Linux has released v1.0-0.alpha7.1. Ark Linux is designed especially for desktop use, primarily for people without prior Linux experience.MoviX
MoviX has released v0.8.0pre2 with major feature enhancements. "Changes: Menu entries to play all audio/video files of a CD/DVD drive or hard drive partition have been added. TV-out support has been improved. Many SCSI and USB modules and DHCP support have been introduced. Hardware auto-detection and audio card support has been greatly improved." MoviX v0.8.0pre3 is also available.
eMoviX is another branch of the MoviX project. This micro (7MB) Linux distribution is meant to be embedded in a CD together with all video/audio files you want. eMoviX version 0.8.0pre6 was released March 13, 2003.
Server optimized Linux
Server optimized Linux has released v16.00 with major feature enhancements. "Changes: This release contains recent packages such as the Linux kernel 2.4.20, Apache 1.3.27, Sendmail 8.12.8, OpenSSL 0.9.7a, MySQL 3.23.55, etc. There is also an update system now available."
Trustix Secure Linux
Trustix Secure Linux has released bug fixes to file, tcpdump and man.
Distribution reviews
Who Wins the Shootout? (OfB.biz)
Open for Business concludes the Penguin Shootout and announces the winner. "In our series, we've looked at Xandros Desktop Deluxe 1.0, Mandrake Linux 9.0, Red Hat Linux 8.0, SuSE Linux 8.1, and Lindows OS 3.0. Additionally, several distributions that did not receive a full review this time around but were also considered for the top spot include Lycoris Desktop/LX Amethyst, Knoppix 3.1, and Ark Linux Alpha 6 (the former two of those will join us in the next shootout)."
The state of SuSE (Register)
Robin "Roblimo" Miller interviews SuSE U.S. representative Holger Dyroff, about SuSE's new products, trends in Linux desktop/consumer use, and more. "The new announced SuSE Linux 8.2 will not be a successor of the SuSE Linux Office Desktop but a new version of our successfull Personal and Professional series!"
UnitedLinux Operating System (ZDNet)
ZDNet carries an in-depth look at UnitedLinux, from Gartner. "UnitedLinux is scalable to handle server configurations with increased processors, tasks, threads and users. As such, it supports asynchronous input/output for busy systems and methods to enhance process scheduling on symmetric multiprocessors (SMPs) and can be used to build server farms for workload management. For high availability, UnitedLinux supports Posix-compliant event logging and notification, dynamic probes for profiling and debugging, hot-plug PCI support, and record- and event-tracing mechanisms. It also provides a variety of security features, such as Kerberos network authentication and basic firewall configuration. At the foundation of UnitedLinux is a core set of components, including the Linux kernel 2.4.19, GNU Compiler Collection (GCC) 3.2, glibc 2.2.5, K Desktop Environment (KDE) 3.0 and XFree86 4.2. The 2.4.19 Linux kernel includes several hundred patches."
Page editor: Rebecca Sobol
Development
Module configuration with gmodconfig
FootNotes has an announcement for version 0.2 of gmodconfig. The 0.2 release is further documented on the gmodconfig status page. According to the gmodconfig overview:
By using gmodconfig, a user does not have to know how to modify the modules.conf configuration file in order to effect module parameter changes.
Gmodconfig has the ability to pull XML encoded module parameter information from the module's web site via an XSA file that is created by the module author. The information is used to create a dynamically built user interface for configuring the module. Gmodconfig also keeps track of the module description and available versions. There does not appear to be a large assortment of XSA files available for modules at this point in time.
Gmodconfig can control the installation, removal, and configuration of loadable modules, simplifying configuration of devices with lots of configuration options. The gnodconfig screenshots page shows some examples involving the configuration options for a USB camera driver.
More information on gmodconfig can be found in the online Manual and FAQ, the code is available for download here.
System Applications
Audio Projects
Ogg Traffic
The March 18, 2003 edition of Ogg Traffic is available with the latest Ogg Vorbis audio compression software news. Discussion topics include: It's Ogg, not OGG!, Vorbis Decoder from Scratch, Asterisk PBX supports Speex, Speex heading for the RFC Track, WinAmp needs You!, and more.
Database Software
MySQL 3.23.56 has been released
Version 3.23.56 of the MySQL database has been released. "This is a bugfix/security enhancement release for the current production version."
Printing
PyKota 1.01 available
Version 1.0.1 of the PyKota print quota system is available. "Several functionnalities were added : account only mode (no quota enforcement), possibility to choose the recipient(s) of email messages, default values for configuration. Manual pages were added, and redistribution/modification terms of the official package (paid for) are now fully GPL compliant."
Web Site Development
Apache Mod_python 3.0.3 is now available
Version 3.0.3 of mod_python, the Python language extension to the Apache web server, is available. "This release works with Apache HTTP Server 2.0. Please note that this version will not work with older releases of Apache HTTP Server." See this announcement for more information.
CMFOODocument Version 0.2 Released (ZopeMembers)
Zope Members News reports on the release of CMFOODocument. "A new feature release of OpenOffice Documents for "icoya Content & Collaboration Management" http://www.icoya.com has landed. With CMFOODocument OpenOffice Writer files can easily be integrated inside your Plone site. The OO-Documents are converted by XSL transformation into HTML."
ZODB4 alpha 1 released
The alpha 1 release of ZODB is now available. "This release contains essentially the same software that will be in the upcoming Zope3 milestone release. This version of ZODB is very different from ZODB3. The Persistent base class is a new-style class, allowing persistent objects to use many of the features of Python 2.2 new-style classes."
Desktop Applications
Audio Applications
BEAST/BSE 0.5.0 is released
FootNotes mentions that a new version of BEAST/BSE, the BeDevilled Audio SysTem/Bedevilled Sound Engine, is available. BEAST works under GTK+/GNOME.Swami 0.9.1 released
Version 0.9.1 of Swami, a MIDI instrument patch editor, has been released. "The main focus of this release is support for the new FluidSynth 1.0.0 (was called iiwusynth)."
WaveSurfer 1.5 released
Version 1.5 of WaveSurfer, an audio editing application, has been released. The changes include support for packed 24 bit files, playback highlighting for transcription lables, support for Snack 2.2.1, bug fixes, and more.
Desktop Environments
GNOME 2.2.1 released
FootNotes has an announcement for the GNOME 2.2.1 Desktop and Developer Platform.The 2.2.x series is devoted to bugfixes, translations, and general polish of our major 2.2 stable release. We strongly recommend upgrading to 2.2.1 in particular, as it contains the Best Nautilus Release Ever. Faster and more stable than ever before, the Captains of Nautilus have done it again. Bravo!" GNOME 2.2.1 is available here.
Evolution 1.4 Preview 1 available
The first preview of Evolution for Gnome 2 is available for testing.GNOME Summary
The March 3-15, 2003 GNOME Summary is out with the latest assortment of GNOME news.KDE-CVS-Digest for March 14, 2003
The March 14, 2003 edition of the KDE-CVS-Digest is out. "This week in KDE-CVS-Digest, our big feature is a review of the status of the KDE HEAD branch. We cover everything from virtual folders in KMail to Konqueror, Kontact and more."
Web Shortcut Goodness: KDE Support for Feedster
KDE.News looks at the Feedster RSS search engine, which now works under KDE. "Fortunately, adding support for Feedster (and Google News) to KDE proved to be quite trivial. The man behind Feedster was so amazed, he put up a blog entry full of praise for KDE!"
Graphics
GNOME 2 version of Dia
FootNotes looks at version 0.91 of the Dia diagram tool. "The all free Visio like diagram tool Dia is finally availble in a GNOME 2 version. After 9 months of work on changing over to Gtk 2.0 they proudly present version 0.91 of Dia."
Interoperability
Wine Weekly News
Issue #161 of the Wine Weekly News is out. Topics include: WineX 3.0 Preview, Thread Latency, Petzold Example Programs, Named Pipe Patch, Lightwave, and Need New Winsock Maintainer.
Office Applications
AbiWord Weekly News #135
Issue #135 of the AbiWord Weekly News is out. "Various issues come up for a word-processor that wants to support numerous languages. It's a good thing that such things may one day have a Twiki page to cover them. Have you noticed that to the left? Yes, under the "Support" heading, you'll notice Twiki has gained its own page."
LyX 1.3.1 is released
Version 1.3.1 of the LyX GUI interface to the TeX typesetting program has been released. "As expected this is a maintenance release, which adds some polish to the new features of LyX 1.3.0 (especially the Qt frontend) and also fixes some significant bugs in the math editor and the lyx2lyx import script. We also threw in a few new features (new textclasses, latex import improvements) for good measure."
Web Browsers
Mozilla 1.3 released
Mozilla 1.3 is out; new features include spam filtering, rich text editing, image auto-sizing, and lots of fixes; see the release notes for details.Mozilla 1.4 Alpha Coming Soon (MozillaZine)
Version 1.4 Alpha of the Mozilla browser is coming soon. "Right now the freeze is scheduled for midnight on Wednesday 26th March with the release targetted for Friday 28th March."
Galeon 1.2.9 Released (GnomeDesktop)
Version 1.2.9 of the Galeon lightweight web browser has been announced.This is a compatibility release that adds support for Mozilla 1.3 final. There is also a small fix to the gcc abi wrapper so that realplayer and other old plugins work properly even when galeon and mozilla are compiled with gcc 3.x.The code is available for download here.
Miscellaneous
French Translation of ChatZilla 0.8.24 Available (MozillaZine)
MozillaZine has an announcement for version 0.8.24 of the ChatZilla IRC client, which now supports the French language.
Languages and Tools
Caml
Caml Weekly News
The March 11-18, 2003 edition of the Caml Weekly News is out. Topics include Ocaml-beginners ML, monads for dummies, poll - need for a good introductory OCaml book, Beta release of lablgtk2, and OCaml popularity.
Java
ONJava Newsletter (O'ReillyNet)
O'Reilly has published the ONJava Newsletter for March 13, 2003. "This week we have two interesting articles that will help you reduce the amount of code you write. (As they say, you know you're on the right track when you can remove code and add functionality.)"
Getting started with JML (IBM developerWorks)
Joe Verzulli talks about JML on IBM's developerWorks. "The Java Modeling Language (JML) is a notation for detailed design that encourages a new way of thinking about methods and classes. In this primer, Java programming consultant Joe Verzulli introduces JML and some of its most important declarative constructs."
Perl
RTF::Parser: Plea for Help (use Perl)
UsePerl mentions that help is needed for the Perl RTF::Parser module. "I'm looking for people who have used it to send me code they've written using it, on which I can start to build tests for it."
The Many Dates and Times of Perl (O'Reilly)
Dave Rolsky covers a number of date and time concepts in Perl.This Week on perl5-porters (use Perl)
The March 10-16, 2003 edition of This Week on perl5-porters is out. Topics include Pseudo-hash deprecation, Posixly////, Imaginary signals, and more.This week on Perl 6 (O'Reilly)
The March 9, 2003 edition of This week on Perl 6 is out. Article topics include: Object Specs, IMCC and multiple source files, Patch Roundup, Coroutines end and DFG, SableVM, Parrot 0.0.10 freeze, Signal/slot like mechanism, and more.Parrot v0.0.10 'Juice' released (use Perl)
According to Use Perl, version 0.0.10 of Parrot has been released.
PHP
PHP 4.3.2RC1 Released
PHP 4.3.2RC1 is available. "This is the first release candidate and should have a very low number of problems and/or bugs. Nevertheless, please download and test it as much as possible on real-life applications to uncover any remaining issues."
Working with Forms in PHP, Part 1
O'Reilly has an article on working with forms in PHP. "PHP is handy for templating and displaying dynamic data, but you're missing its full power until you handle user data. John Coggeshall explains how PHP 4.3 handles form submissions securely and sanely."
PHP Weekly Summary
Topics on this week's PHP Weekly Summary include: 4.3.2 RC 1, php-dev name change, 4.3.2 Windows issues, error docref, language on PHP web site, and Iterating objects with Interfaces.
Python
Dr. Dobb's Python-URL!
The Dr. Dobb's Python-URL for March 17, 2003 is available, with weekly news and links for the Python community.Python-dev Summary
The Python-Dev summary, covering development activity for the first half of March, is available. Topics covered include the real difference between tuples and lists, capabilities, and more.
Ruby
Ruby Weekly News
Topics on the March 17, 2003 edition of the Ruby Weekly News include: Preventing method overriding, and Dynamically creating methods.
Tcl/Tk
Dr. Dobb's Tcl-URL!
The Dr. Dobb's Tcl-URL! for March 17, 2003 is available with the usual collection of useful Tcl/Tk information.
XML
Using SAX for Proper XML Output (O'Reilly)
Uche Ogbuji discusses the use of SAX on O'Reilly. "There are other tools for helping with XML generation. In this article I introduce an important one that comes with Python itself. Generating XML from Python is one of the most common XML-related tasks the average Python user will face; thus, having more than one way to complete such a common task is especially helpful."
Truth in Advertising
Kendall Grant Clark covers XML subsetting and namesetting on O'Reilly. "In this week's column I will focus on two of the bread and butter issues of the XML development community: XML subsetting and XML namespace management. While both of these issues are among the permanent topics of conversation (that is, "permathreads") on the XML-DEV mailing list, this time around there are some interesting wrinkles which make reviewing the conversations worthwhile."
Miscellaneous
MLton 20030312 released
Version 20030312 of MLton, a whole-program optimzing compiler for Standard ML that runs on X86 machines, is available. "Improvements include support for source-level profiling of both time and allocation, an updated basis library matching the 2002 specification, and new basis library modules for sockets and networking."
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Spectrum For All (CIO Insight)
Lawrence Lessig writes about wireless spectrum on CIO Insight. "The issue here is spectrum -- that swath of electromagnetic radio frequencies that is used today for everything from AM radio to Wi-Fi networks. The FCC regulates this spectrum. How they do so is about to change. The command and control model of spectrum regulation that defined FCC policy for most of the 20th century will certainly crumble. The only question is what policy will take its place."
Why Open Source Stifles Innovation (Strategy+Business)
Here's a delightful attack on free software in the Spring issue of Strategy+Business magazine (registration is required to read it). "The 'viral' quality of GPL software is intentional: Proponents happily acknowledge that the goal is to undermine incentives to create software that carries a price tag. But for those of us without ideological qualms about software as private property, the wall that GPL erects between open source and proprietary software seems unfortunate." They would, of course, be happier with a one-way wall. (Thanks to Anand Vaidya).
The commoditization of software (ZDNet)
Here's a ZDNet column on the economic effects of free software. "A large component of America's economy is information technology, and free software undermines demand for such products, thus hampering recovery and increasing the attractiveness of outsourced development. Furthermore, given the general lowering of software price expectations initiated by the popularity of free alternatives, interest in outsourced development only rises."
A study of Linux (The Boston Globe)
This Boston Globe Intelligence column visits with three members of the Boston Consulting Group's Strategy Practice Initiative, as they study a map showing most frequent contributors to Linux, with different colors indicating the number of contributions each has made. "Robert Wolf, Philip Evans, and Mark Blaxill have plenty to say on the topic of Linux. They've been studying it, and open source in general, for more than two years to see whether more general lessons can be learned from the phenomenon. When I stopped by Wednesday night, the three sounded optimistic that they were on to something."
Trade Shows and Conferences
Linux conference to launch this summer (vnunet)
Vnunet looks forward to LinuxWorld UK 2003. "LinuxWorld 2003 Expo will take place on 3 to 4 September in Birmingham. Although other technology conferences have struggled, organisers are convinced that the subject matter will guarantee a wide audience."
Companies
Michael Robertson: the Steve Case of Linux (NewsForge)
This NewsForge article compares Michael Robertson (Lindows) to Steve Case (AOL). "Lindows is to Linux as AOL is to the Internet: a cut-down, simplified version with a proprietary interface. Robertson, like Case, realizes that his market is not sophisticated users, but those who are just starting out -- in this case with Linux rather than the Internet." (Thanks to Ashwin N)
MySQL: A threat to bigwigs? (CNN)
CNN takes a look at MySQL. "MySQL is used in four million installations around the world, Mickos estimates. The product gets downloaded for free off the company's site about 30,000 times a day."
Linux Adoption
The Open Source Movement
Linda Wedemeyer, M.D. writes about The Open Source Movement from a medical point of view. "What I learned from the question that I posted to the AMIA list group is that open source for healthcare is a movement in its infancy (Shreeve, 2003). Products have been in the development stage for several years, and it is only recently that real world implementations are occurring."
Legal
New Texas Bill Moves Software Acquisition Reform Forward (Linux Journal)
Doc Searls looks at possible software acquisition policy changes in Texas in the Linux Journal. "It seems there's a fundamental problem for many state governments that want to acquire and use free software: they can't buy it. Literally. That's because the state software acquisition process doesn't know what to do with software that nobody owns or sells."
Interviews
Wrapped up in Crypto Bottles (Heise)
Heise Online interviews John Perry Barlow. "I fear that Digital Rights Management today is Political Rights Management tomorrow. That embedding these kinds of technological controls into the very architecture of computing has the capacity to become a form of political control in the not so distant future."
Why Desktop Linux Should Give Microsoft Nightmares (MicrosoftWatch)
Here's an interview with Lindows.com CEO Michael Robertson in Mary Jo Foley's MicrosoftWatch column. "Robertson: We're about choice and lower costs. Microsoft is about locking their customers into longer contracts with higher costs to try and get more milk out of the same cow. Consumers aren't stupid. They know they're being extorted to sign up for these programs, but there's been little choice. Desktop Linux now gives them real choice."
Linuxfr.org interviews Guido van Rossum
Linuxfr.org has an interview with Python creator Guido Van Rossum. "Whether you're currently programming in C, C++, Java or Perl, Python has certain advantages that you should at least be aware of: clarity of expression, readability, maintainability, all in an attractive open source package with a large standard library and an even larger supply of open source third party software." Scan down the page for the English version of the interview.
Oracle's 'Mr. Linux' (News.com)
News.com talks with Wim Coekaerts about Oracle on Linux. "How many people do you have working on Linux at Oracle? If you talk about Linux kernel stuff, there are about 1,000 people that actually do development work. It's been that way for a long time, but we just have not been very public about it. Linux is Unix. When you have a lot of Unix competency in your company, it's really very easy to switch and doesn't take too long." (Thanks to Ashwin N)
The Next Revolution: Smart Mobs (O'Reilly)
O'Reilly has an interview with Howard Rheingold on the topic of smart mobs. ""The people who make up smart mobs cooperate in ways never before possible because they carry devices that possess both communication and computing capabilities. Their mobile devices connect them with other information devices in the environment as well as with other people's telephones," he says. The result is a third computing revolution, after the PC and the Net, in which individuals once again have the power to put themselves together in collectives of their own choosing."
Reviews
The Definite Desktop Environment Comparison (OSNews)
OSNews has posted a lengthy comparison between the most popular desktop environments. "So many operating systems and so many graphical desktop environments... This article is a comparison of the UI and usability of several Desktop Environments (DEs), that have been widely used, admired and reviled: Windows XP Luna, BeOS 6 (Dano/Zeta), Mac OS X Aqua and Unix's KDE and Gnome. Read on which one got our best score on our long term test and usage."
Hackers Meet Soldiers (O'Reilly)
This O'Reilly article looks at OpenBSD. "OpenBSD has focused on security, reliability, and quality since its launch over 7 years ago. The team follows such standards as POSIX, ANSI, and most of X/Open. Since 1996, formal audits [see sidebar on security and audits] of the base system's source code have further buttressed its reputation for security. Thousands of companies, including Adobe and Network Security Technologies, Inc., use OpenBSD, although many of them keep their choice private for security reasons."
Egoboo: The Cute Way to Dungeon Role Play (O'Reilly)
Egoboo is an open source dungeon crawling game. This O'Reilly article examines the project, its history, and its future. "Aside from the OpenGL and SDL APIs, the rest of the codebase is original and was written in C by the Bishop brothers. They did borrow the Quake II model format for game characters, however, to avoid the work of writing their own modeling program from scratch. An extra, obvious benefit is that this decision makes customizing Egoboo much easier: the mod community is full of people who are familiar with creating Quake II models."
Miscellaneous
It's a Cycle of Life Thing: Managing Linux Releases (O'ReillyNet)
The O'ReillyNet explores an old idea for improving enterprise Linux adoption by separating applications from the core OS. "The release of the 2.4 series kernel made a lot more functionality available to developers, and the Linux community has taken advantage of it with wild abandon. With the release of Red Hat 7.3 (and SuSE 8.0, and most other Linux distributions from about mid-2001), I noticed a sudden bump in the number of applications available and a radical change in the dependencies in any given distribution, release after release."
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
UK Campaign for Digital Rights condemns German PC levy
Here's a press release from the UK Campaign for Digital Rights, which is fighting against a German initiative to charge a 12 Euro levy on on every PC sold. The levy -- to be imposed under a three-year old law -- will supposedly compensate copyright holders for copyright infringement by PC users.Voting: OpenOffice.org Community Council Proposal
Voting is open for the OpenOffice.org Community Council Proposal. You may want to read this voting tip before proceeding.
Commercial announcements
ActiveState Sponsors pVoice (use Perl)
Use Perl reports that ActiveState will be sponsoring development of pVoice, which allows people with disabilities to communicate with a computer.Central Command predicts Linux viable channel for virus infections
Here's a press release from Central Command, a provider of anti-virus software, warning us that Linux viruses are on the rise.Free Software behind Indian telephone directory
India's largest telephone company, Bharat Sanchar Nigam Ltd., has turned to Free Software to help it print this year's directory for its subscribers in the southern State of Kerala, the country's most literate State and the place where the Free Software Foundation of India was launched by Richard M. Stallman two years ago.Hitachi and Codehost to sell Linux-based tablet systems
Hitachi and Codehost have announced a partnership to develop and sell wireless tablets running Linux. Codehost's contribution appears to be, primarily, a handwriting recognition interface. The target market is the healthcare industry.HP and Red Hat do a deal
Red Hat and HP have announced a new deal; HP will become a "global services provider" for Red Hat's Enterprise Linux products. Red Hat will back up HP for difficult problems.IBM Linux case study: wireless trucking
IBM and Rocksteady Networks announced that the companies will provide the infrastructure for Columbia Advanced Wireless (CAW) to offer high speed wireless Internet access at more than 1,000 truck stops throughout the country. Rocksteady software loaded on IBM's Intel-based servers running Linux will enable truckers to connect to the Internet through 802.11 Wireless Local Area Networks (WLAN'S) deployed by Columbia Advanced Wireless.Lindows systems on store shelves in Canada
According to this press release, systems running Lindows can now be found on the shelves at The Brick stores across Canada.Motorola phones to run MontaVista Linux
Motorola has sent out a press release stating that Motorola's Linux-based handsets, starting with the A760, will be running MontaVista's "Consumer Electronics Edition" of embedded Linux.OpenEAI Project Releases Functional Open Source Sample Enterprise
The OpenEAI Software Foundation has released the first version of the OpenEAI Sample Enterprise, comprised entirely of open source software. The sample enterprise consists of a set of working components developed exclusively with the OpenEAI foundation APIs and supporting technologies.Plone Training in Europe : French, English, German
Zope Members' News has an announcement concerning a European training program for the Plone web platform. "Ingeniweb, leading french company for Zope hosting and engineering is proud to announce the availability of its latest training concerning the famous CMF/PLONE in 3 languages".
Progeny's Linux Platform Manager
Progeny has announced the availablity of its "Linux Platform Manager." Essentially, the Platform Manager is a web-based tool which enables the creation and maintenance of custom Linux distributions. As such, it could be useful for large IT departments which maintain a version of Linux for a company, or for companies which distribute Linux as part of a larger product. Naturally, there is a whole set of associated services available for interested companies to buy.Sleepycat Software Adds Support for Carrier Grade Linux
Sleepycat Software, Inc. has announced the immediate availability of Berkeley DB for Linux operating systems that comply with the OSDL Carrier Grade Linux (CGL) 1.1 feature set.SourceForge Sitewide update
The SourceForge Sitewide update for March 18, 2003 is out with the latest SourceForge news.Trustix business partner, SHAF secures infrastructure of Asia's largest digital TV news station
Trustix AS announced that their Indian business partner Shaf Information & Teknologies Pvt. Ltd. (SHAF), has recommended Trustix Linux Solutions for Asias largest digital television news station, Sahara TV. The solution will comprise of Trustix Firewall, Proxy, Mail and Intrusion Detection servers running on IBM eServer xSeries hardware.UnbreakableUnitedLinux
Oracle and UnitedLinux have announced that Oracle will make its "Unbreakable Linux" platform available for UnitedLinux.
Resources
''Introduction to GNOME 2.2'' available
A new version of "Introduction to GNOME", updated for GNOME 2.2, is available on the web.GNOME 2.2.1 Desktop User Guide V2.5 Released
According to FootNotes, a new version of the GNOME Desktop User Guide has been released.Evans Data on where Linux developers come from
Evans Data Corporation put out a press release on its latest study, which looks at where Linux developers are coming from. "Although Linux may have initially drawn converts from the Unix community the survey found that more than half of Linux developers, 52%, used to primarily target the various forms of Windows, 30% of developers came from some form of Unix."
Name Resolution and Browsing in Samba, Part 1
O'Reilly has made part of the book Using Samba, 2nd Edition available. "This excerpt from Chapter 7 of Using Samba, 2nd Edition focuses on name resolution using WINS, which is supported by Samba with the nmbd daemon."
Ecasound tutorials online
A new page full of Ecasound Documentation - Tutorials, Articles and Other Such Resources is available online. Ecasound is a multi-track audio recording, playback, and processing tool.Minutes of the mozilla.org Staff Meeting (MozillaZine)
MozillaZine has the minutes of the Mozilla.org staff meeting available online. "Issues discussed include Mozilla 1.3.1; plans for 1.4; changing the compiler and OS on Linux; redistributing the time periods assigned to the alpha, beta and final stages of the development cycle; distributing Mozilla to developing countries on CD; and the Why Use Mozilla documents from Mozilla University."
Upcoming Events
CFP: EuroPython Conference 2003
A Call for Participation has gone out for the EuroPython Conference 2003. The conference will be held in Charleroi, Belgium on June 25-27, 2003.KDE and the 3rd Linux Accessibility Conference
KDE.News reports on the KDE presence at the 3rd Linux Accessibility Conference, which will be held on March 20 and 21, 2003 in Los Angeles, CA.GNOME and 3rd Linux Accessibility Conference
FootNotes covers the GNOME presence at the upcoming 3rd Linux Accessibility Conference.Events: March 20 - May 15, 2003
| Date | Event | Location |
|---|---|---|
| March 20 - 21, 2003 | First OpenOffice.org Conference(OOoCon2003) | (University of Hamburg)Hamburg, Germany |
| March 20 - 21, 2003 | Conference PHP 2003 | (École Polytechnique de Montréal)Montreal, Quebec, Canada |
| March 26 - 28, 2003 | PyCon DC 2003 | (George Washington University)Washington DC |
| March 29, 2003 | First Hungarian PHP Conference | Budapest, Hungary |
| March 31 - April 2, 2003 | 2nd USENIX Conference on File and Storage Technologies(FAST '03) | (Cathedral Hill Hotel)San Francisco, CA |
| April 2 - 3, 2003 | The UK Python Conference | (Holiday Inn Oxford)Oxford, England |
| April 5, 2003 | Linux In Education Spring Conference | (Grand Prairie High School)Grand Prairie, Texas |
| April 10 - 12, 2003 | MySQL Users Conference & Expo 2003 | (Doubletree Hotel)San Jose, California |
| April 13 - 17, 2003 | RSA Conference 2003 | (Moscone Center)San Francisco, CA |
| April 14 - 15, 2003 | Samba eXPerience 2003 | (Hotel Freizeit)Göttingen, Germany |
| April 15 - 16, 2003 | LinuxUser & Developer Expo 2003 | Birmingham, UK |
| April 22 - 26, 2003 | Embedded Systems Conference(ESC) | (Moscone Convention Center)San Francisco, CA |
| April 22 - 25, 2003 | The O'Reilly Emerging Technology Conference | (Westin, Santa Clara)Santa Clara, CA |
| April 23 - 25, 2003 | PHPCon East 2003 | (Park Central Hotel)New York, NY |
| April 28 - 30, 2003 | Real World Linux 2003 | (Metro Toronto Convention Centre)Toronto, Canada |
| May 3, 2003 | International Conference on Software Engineering 2003 | Portland, Oregon |
| May 8 - 9, 2003 | International PHP Conference, 2003 | Amsterdam, the Netherlands |
| May 11 - 14, 2003 | The International Symposium on High Performance Computing Systems and Applications(HPCS 2003) | (Sherbrooke Delta Hotel)Quebec, Canada |
| May 11, 2003 | Yet Another Perl Conference, Israel(YAPC::Israel::2003) | (C.R.I.)Haifa, Israel |
| May 15 - 16, 2003 | YAPC::Canada | (Carleton University)Ottawa, Canada |
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Miscellaneous
GNOME Germany has got a mascot
According to FootNotes, GNOME Germany has selected a new mascot, Gnobble the Gnome.
Final W3C patent policy draft
The World Wide Web Consortium has released yet another patent policy draft; there is a review period going through the end of April. According to the press release: "The W3C Royalty-Free license requirements are now consistent with generally recognized Open Source licensing terms." The policy still allows patent holders to impose field-of-use requirements, however. For details, see the policy draft or the "last call issues list" which gives the working group's responses to concerns with the previous draft.
Page editor: Forrest Cook
Letters to the editor
Who says Netscape's *lost*?
| From: | "Jay R. Ashworth" <jra@baylink.com> | |
| To: | charles.cooper@cnet.com | |
| Subject: | Who says Netscape's *lost*? | |
| Date: | Fri, 14 Mar 2003 14:41:02 -0500 | |
| Cc: | letters@lwn.net |
You assume the browser war is over.
Your recent news.com.com piece <http://news.com.com/2010-1071-992568.html>
makes that clear.
I think your argument is based on a flawed premise, myself.
AOL is shipping the Gecko browser core as part of AOL8, which you may
not have noticed, since you didn't mention it in your piece. I'll
*assume* you didn't know it, since it would be horribly disingenuous
for you to fail to mention such a pertinent item in a column like that.
:-)
In any event, between that release -- which is likely to garner at
*least* 5 million desktops out of AOL's something like 30M, and Apple's
adoption of the KDE Konqueror core for it's new Safari browser -- a not
inconsequential number of seats...
and given that Moz is 100% standards compliant, and Konq is pretty
close, I don't by any means think that IE has "won" the browser war --
since *it* is *not*.
Piss off millions of AOLians and Macheads? Nope; businesses won't stay
*there* for long.
And the whole landscape will change again.
And it will be due, in large part, to Richard Stallman, Linus Torvalds
and Eric Raymond -- none of whom were getting paid for it.
A parallel irony, somehow, to the commercial explosion of the Internet,
a project spearheaded by a bunch of largely gay, longhair college
students. :-)
Cheers,
-- jra
--
Jay R. Ashworth jra@baylink.com
Member of the Technical Staff Baylink RFC 2100
The Suncoast Freenet The Things I Think
Tampa Bay, Florida http://baylink.pitas.com +1 727 647 1274
"If you don't have a dream; how're you gonna have a dream come true?"
-- Captain Sensible, The Damned (from South Pacific's "Happy Talk")
Page editor: Jonathan Corbet