LWN Weekly EditionLeading items
Linux in the news
This pagePrevious week
The second power number, when present, indicates what is achievable with minimal tweaking: turning off wireless or letting Powertop shut things down. More invasive techniques (unloading modules, for example, or changing kernel boot parameters) are not included.
For the 2510p, the results are:
Two other distributions were tried, but did not make it all the through the survey process:
What comes out of all this work is that the Linux community now has a few good options for laptop-friendly distributions. Getting Linux running well on a laptop need no longer be an act of advanced wizardry.
That said, there's clearly still room for improvement. Even well-supported hardware does not always cooperate well. For a laptop system, in particular, it is important to be able to power down unneeded hardware without having to dig into the system configuration or unload kernel modules. If the wireless interface, FireWire port, modem, BlueTooth interface, etc. are not being used, they should not be drawing power. After all, if the laptop's user is going to have something to actually do through a long series of LinuxWorld keynotes, it's important to stretch that battery as far as possible. Progress has been made, but there is more to do.
Your editor must now make a choice as to which distribution will remain on these laptops. For the X31, the choice makes itself: Fedora. It works the best while installing only free software. One could retrofit a 2.6.25 kernel into an Ubuntu installation to get the ath5k driver, but it's nicer to not have to do that. For the 2510p, the choice is not quite so clear. It might, in the end, be Ubuntu for the slightly lower power consumption and fewer backlight hassles. The potential (not always realized) for online upgrades might also tip things a little more in the Ubuntu direction. All of that will have to be traded off against Fedora's out-of-the-box encrypted installation, though. But either Ubuntu or Fedora is a fine choice for this machine; it is nice to be in a position where there are a couple of high-quality alternatives.
Two recently announced organizations, the Open Source Computer Emergency Response Team (oCERT) and Open Source Software Security (oss-security), are both looking to assist projects with security issues in a complementary way. Each is focusing on different kinds of problems that free software projects face when trying to secure their code.
oCERT is modeled on the various national CERT organizations, but focused on free software:
The service aims to help both large infrastructures, like major distributions, and smaller projects that can't afford a full-blown security team and/or security resources. This means aiding coordination between distributions and small project contacts. The goal is to reduce the impact of compromises on small projects with little or no infrastructure security, avoiding the ripple effect of badly communicated or handled compromises, which can currently result in distributions shipping code which has been tampered with.
In addition, oCERT is doing vulnerability research on free software projects. So far, they have released four advisories after coordinating with the affected projects and distributions. It is a way for team members—or anonymous researchers—to collect their vulnerability research and push it through the process.
The oCERT team consists of five security professionals from Inverse Path, Google, and Intel, along with a two-person advisory board. Various projects have also signed up as members including several Linux distributions, security and other free software tools, as well as OpenBSD. In order to become a member, an project or organization must meet some fairly stringent membership requirements that include agreeing to the disclosure policy. Others can submit vulnerability information without becoming a member.
oss-security is more of an open group, without any formal membership, that is looking to foster more discussion of security issues:
The purpose of oss-security is to encourage public discussion of security flaws, concepts, and practices in the open source community. We don't want to simply be an information clearinghouse, or to replace any of the current security lists and groups. The goal is to fill an existing vacuum by encouraging active participation of those interested in the ideas and unique challenges in securing Open Source software. This includes activities such as flaw discovery, understanding, reporting, and overall best practices.
The oss-security mailing list is one of the focal points of the group's efforts. Some of the topics currently being discussed are helping projects with code reviews, getting CVE IDs assigned for specific vulnerabilities, and the IP address change of the "L" root nameserver.
The oss-security wiki seeks to gather relevant security information from projects and vendors in a single location. This includes security contacts, helpful mailing lists, bug tracker locations, distribution security patch repositories, and the like. If it gets fully populated and is kept up-to-date, it will be a tremendous resource for the community.
Up to a certain point, more organizations looking to improve free software security can only be a good thing. Each of these seems to have a focus that is not met by existing groups, so they can hopefully fill a need in the community. The private, vendor-sec mailing list has long been used by distributors, whereas oCERT and oss-security are more focused on the project side of the equation. With luck, that will lead to better code and more coordination for projects and distributions.
Security reportsreport on the vulnerabilities fixed between Red Hat Enterprise Linux 5.1 and 5.2. These periodic reports do a bit of analysis of the numbers of flaws as well as their impact. In addition, Cox looks at the threat mitigation provided by security technologies like SELinux and ExecShield that ship with RHEL. "Red Hat Enterprise Linux 5 shipped with a number of security technologies designed to make it harder to exploit vulnerabilities and in some cases block exploits for certain flaw types completely. For the period of this study there were two flaws blocked that would otherwise have required updates."
cbrpager: unauthorized command execution
evolution: arbitrary code execution
evolution: arbitrary code execution
imlib2: buffer overflow in the XPM loader
openssl: multiple vulnerabilities
stunnel: certificate verification issue
system-config-network: privilege escalation
Page editor: Jake Edge
The current 2.6 development kernel remains 2.6.26-rc4, released on May 26. An -rc5 release would seem to be due this week. If past history is any guide, look for it right after the LWN weekly edition is published.
Kernel development news
This is really irritating me, because this is one huge case of frickin Animal Farm. First a little was taken away, then a little bit more, and by the end you have something absolutely nobody would have agreed to from the beginning.-- David Miller on removing firmware (see below)
I'd probably make a few grammatical changes too. When you're happy with the content and your document is in the tree, I'll submit a patch :-)-- Nick Andrew
Embedded Linux is getting a lot of attention these days. A new kernel.org mailing list, linux-embedded—archived here—has been set up, with discussions and patches already being posted. In addition, Paul Gortmaker and David Woodhouse have volunteered to be the "embedded maintainers" for the kernel to help coordinate the embedded Linux community. They graciously agreed to a joint email interview to shed some light on their new roles.
LWN: What is your background with Linux, especially with embedded Linux?
David: I got involved in Linux while I was at University, and ended up working at Nortel during one of the summer vacations, on a project for networking over mains power lines. It involved Linux boxes as routers, and I was working on solid state storage for that. From that, and from the basic support we had for similar devices in the PCMCIA code base, the MTD [Memory Technology Device] subsystem grew.
After a while, I ended up working for Red Hat's engineering services division, doing board ports, drivers and other work. That's when JFFS2 was written, as part of a customer contract.
I've been at Red Hat since 2000, in various rôles including spending most of the last couple of years on OLPC. Due to HR misconduct, I handed in my notice on Monday and will be going elsewhere. I spoke to my new boss before volunteering for the 'embedded maintainer' rôle, and he was happy with that—it's another Linux-friendly company where I'll be doing kernel development, and community interaction will continue to be part of my day job.
Paul: I started using Linux back in the pre 1.0 days, and having always been one to take things apart and see how it works, being able to do that with the OS appealed to me. I put together various documents to help people back when the entry level into Linux was quite high, started fixing and writing drivers, and on it went from there. In 2005, I joined Wind River, where I've been primarily focused on kernel and board specific kernel patches, and this has given me the opportunity to be exposed to all the different architectures and lots of board variants within each architecture family.
LWN: What is the role you see for the embedded Linux maintainers for the kernel?
David: A bunch of things really. It's not like a normal maintainer rôle where we take ownership of a certain section of code; it's a bit more fluid.
To start with, one of the things we really need to do is work with the various people who are using Linux in "embedded" situations, and help them to work better with the community. That isn't just the vendors of consumer equipment—it's communities like OpenWRT, handhelds.org, OLPC too. In no other field is the development of the Linux kernel so balkanised, with people all over the place carrying their own patches or even full trees of code.
Another part of the job, which is actually something I've been doing for years anyway, is reviewing general changes in the kernel with a particular mind to how they affect embedded systems. That's not just bloatwatch, although obviously that's a part of it. It also covers things like watching the IBM zSeries folks provide execute-in-place support for block devices under z/VM, and saying "hey, how can we use the same memory management for XIP from flash?".
The other main part of it is implementing features in the core kernel which are motivated by "embedded" requirements. Like the tricks for compiling parts of the kernel with "-fwhole-program --combine" to let GCC optimise better and reduce code size, for example.
A certain amount of it, especially the new email@example.com list, I expect to be a kind of targeted kernelnewbies—but obviously with a more specific focus on embedded issues, and to a certain extent on professional developers rather than having such a high proportion of hobbyists. Although I certainly wouldn't want to discourage the hobbyists and students from getting involved with embedded. It's a good way to get people to send you cute toys, after all!
I was trying to avoid having a 'linux-embedded' git tree, but for small things like the patch Tim Bird just sent to the linux-embedded list to introduce CONFIG_CONSOLE_TRANSLATIONS, I suppose it makes sense—so I've created that at git://git.infradead.org/embedded-2.6.git.
Paul: There are several things that can be done here that will all benefit Linux and its users in the end. To start with, I'm hoping that we can close some of the entry level gap between people who don't necessarily track kernel development but yet have decided to develop on Linux with a specific embedded use case in mind, and those people who are long time Linux developers. We can also improve the linkage between people writing feature changes and some of the users of those features who are likely to be impacted, but otherwise would probably go unheard from. We can also look at externally maintained features of interest to embedded users, and try and determine what is the blocking factor that is stopping it (or parts of it) from being merged upstream, and then assist in removing those barriers where possible.
LWN: What are the specific problems that are faced by embedded developers trying to use Linux? What can you do to make that situation better?
David: I think the biggest single problem has always been the same—it's that people are too focused on getting their stuff out the door as quickly as possible without much thought to working with upstream. Managers aren't budgeting the time to get things merged, and engineers aren't talking about their design early enough that it can be improved before it's a fait accompli. That extra time isn't just about being a good citizen—failing to do it almost always comes back to bite you personally, when you come to do a new product, a product update, or even need to merge in changes from upstream to fix bugs. But everybody seems to need to learn that the hard way, it seems.
Paul: A lot of times, you get the situation where a group who is developing for an embedded platform is focused 100% on getting their product up, running and deployed. The developers involved aren't necessarily hard core Linux folks, and it usually plays out by them picking a kernel version, getting their stuff in their local tree, and that is it. They may not know git, they probably don't have insight into who the respective subsystem maintainers are, they may perceive LKML as too hostile, or they may not have management buy-in on trying to push stuff upstream. But inevitably, some time passes, and then they have a carry forward task where they try and do a big jump uprev of all their changes, and this repeats forever.
Most people who have had to endure the jump uprev vs. a continual tracking and carrying of changes will tell you the jump is not the way to go for a multitude of reasons, but it seems a lesson that everybody ends up having to learn on their own. So, I'm hoping we can get some of these people more aligned with the typical Linux developer workflow—i.e. work from the latest codebase, create logical changesets that can be submission candidates etc. I've been in a couple of meetings recently where we've had the opportunity to educate embedded developers on the advantages of doing this, and the feedback has been positive so far.
LWN: The size of the kernel is getting larger in general, is it getting too big for some embedded applications? What, if anything, should be done to remedy that situation?
David: I know there are people who'll want to take me out back and shoot me for this, but I think a large part of the solution to that is knowing when Linux is the answer, and accepting that sometimes it isn't. I've always been a bit dubious about implementing XIP support in Linux, for example, on the basis that if you care that much, you should probably have been using something like eCos anyway.
Getting back to the real question, though, there are things we can do. The smaller, more efficient "slub" memory allocator is an example, as is the --combine thing I mentioned above. The trick is to find ways to improve matters without just littering the whole thing with ifdefs.
Paul: There will always be some hardware or some use case where Linux isn't the right choice. It only makes sense to use the right tool for the job. However we do want to make sure that Linux is that right tool in as many cases as possible. On the plus side, the resources that are found on a typical embedded target today are a lot more rich than they were years ago. We just need to make sure that in optimizing for the general x86 use case, we don't inadvertently hinder these more fringe use cases coming from the embedded world.
LWN: What do you see as the priorities for kernel work to better support embedded Linux?
David: One important priority right now is replacing JFFS2. I wrote it, so I'm allowed to say that—it was good for its time, with NOR flash devices on the order of 32MiB. But having made it work on 1GiB of NAND flash in OLPC, I certainly agree with the observation that it's being pushed past its design limits. I'm very keen to get LogFS and/or UBIFS merged into the kernel and stabilised to the point where we can really start moving to them.
We need to revamp the MTD API fairly urgently too. It was derived from the PCMCIA code we had at the time without much planning, and we really need to improve on it now.
There may be a certain amount of bias in the items I've picked out, I suppose.
Paul: The embedded community as a whole is probably the biggest user of all the architectures outside of the x86 based platforms. Sometimes the functionality of certain things don't get much testing outside of the basic x86 family. For example, one of the features that there is considerable interest in is the full preempt_rt patch set. Yet once you stray outside of the x86 family, you are pretty much guaranteed to run into drivers specific to embedded targets that don't play nice once this patch set is in place. This isn't such a surprise, simply because the intersection of the two hasn't been explored yet. I think there is value here in getting these types of intersections explored sooner rather than later, by reducing some of the gap between the people working on these sorts of features, and those intending to use them on embedded platforms.
LWN: Do you have any specific goals for timelines of getting various features merged?
David: Other than "ASAP" for LogFS and UBIFS, not particularly. Stuff is merged when it's ready.
Paul: At this point in time, no. I'm not really interested in hijacking anyone's project or feature and trying to drive it towards some self-imposed merge deadline. I'd rather work with them to try and find out what the problem areas are, help with those where possible, be they logistical or technical and get them to a point where they feel that they can offer up merge candidates.
LWN: What problems do you foresee in working with other kernel developers who may have less (or no) interest in the concerns of the embedded community? Are there specific features that may be difficult or impossible to get merged?
David: I know it's fashionable to claim there's a big disconnect between embedded and big-iron users, but actually there's a lot more overlap than many people seem to realise. I mentioned XIP earlier; can you also guess who was first to implement tickless support?
A lot of the problem has been people who show up and throw their code over the wall, then run away. Or worse, those who don't even throw it over the wall at all. People seem to have forgotten how long it took us to educate the enterprise vendors and get them to work nicely with us; we're a bit behind the curve on the embedded side but we're getting there. And organisations like CELF are doing good work on that front, too.
Paul: We have to be realistic. There will always be some features that either are too invasive to be sensible merge candidates, or the particular feature has such a small user base, that it may not make sense from a carrying cost point of view to target it for inclusion in the standard kernel. Fortunately, I think the Linux developer community at large has generally been flexible in accommodating most things, while at the same time excluding things where the best interest of the kernel as a whole needed to come first.
In such cases where a feature doesn't look to be a probable merge candidate, not all is lost. We have to capitalize on the remaining value adds that come with still working with it as if it was a merge candidate. Things like cherry-picking parts of it that are of global value and thus reducing the carrying cost. Or being able to voice an opinion at the appropriate time if the maintainer of the feature notices that a proposed change somewhere else in the kernel will impact the feature that they have been maintaining independently. So I think we still want to work towards getting the people handling these "harder" features of interest to the embedded community working more in parallel with the main kernel community.
LWN: The term "embedded Linux" covers a huge spectrum of devices and uses of Linux, everything from devices where the OS is completely invisible up through internet tablets and UMPC devices that are essentially desktops squeezed into a smaller package. Where on that spectrum do your interests lie? What do you think the challenges of trying to support all of those different uses will be?
David: My interest is everywhere in that spectrum—and beyond. Too much focus on one small area is the way to ensure that you solve your own problems while pessimising things for other people. I think it's important to keep a certain amount of holistic focus, because that's how we can make sure that Linux scales well both up and down.
Paul: Absolutely. It seems that people naturally associate embedded with the small and resource constrained end of the scale. But the reality is that there are people who are wanting to use Linux in embedded applications where the baseline hardware has 16 cores and gigabytes of memory. On the one end of the scale you are interested in things like efficiency of resource usage, quick boot times, and on the other end of the scale, your interests are more likely around features relating to specific high availability features that may not be present in the standard kernel tree.
These are clearly separate problem spaces, but the common thing they both share is that you've got a group using a specific piece of hardware with a specific use case in mind. This tends to bring out the "works for us, lets get it done and shipping" mentality, and the work tends to never make it out to where others can review it and look at merging bits that make sense. I'm hoping this is where we can make a difference.
We would like to thank David and Paul for taking time to answer these questions.
Measuring which lines of code get executed and how often can be a useful tool for debugging or testing. That capability has long been available for user space programs in the form of gcov. A recent patch seeks to allow kernel hackers access to the same tool.
There are three main components to making gcov work with the kernel: changing the build to add the -fprofile-arcs -ftest-coverage gcc flags, hooking up the gcc-generated code to record the coverage information, and providing a way for the kernel to output the data to user space. The GCOV_PROFILE kconfig option governs whether to include gcov into the build, while GCOV_PROFILE_ALL activates profiling for the entire kernel. If desired, individual directories and files can be selectively included or excluded from being instrumented.
The new kernel/gcov directory contains the necessary functions to support the gcc-generated profiling code. This includes handling statically linked kernel code as well as kernel modules that are loaded. Information gathered from code in modules can be either preserved or discarded when they are unloaded. This will allow analysis of the module unloading path that could be useful for detecting resource leaks or other problems in that process.
A user space program compiled for gcov will write a binary file to the filesystem for each source file that contains the data corresponding to the execution path through that file. The kernel needs to do that differently, so instead it writes to a file in debugfs. Each source file that is compiled for gcov will store its information in /sys/kernel/debug/gcov/path/file.gcda, where /sys/kernel/debug is the debugfs mount point and path is the path to the file in the kernel tree. The individual .gcda files can also be written to, which will result in setting the accumulated data for that source file back to zero.
Once the data has been gathered, gcov can be invoked to produce a file that annotates the source showing each line with the number of times it has been executed. LCOV is a graphical tool that can also be used to examine the coverage information. LCOV and the gcov kernel patches both come from the Linux Test Project which has an extensive kernel test suite and is using gcov to expand the coverage of their tests.
As part of the patch set, the seq_file interface has been extended to allow writing of arbitrary binary data to a virtual file. Currently, the seq_file interface is somewhat character oriented, so a function has been added to fs/seq_file.c to provide that ability:
int seq_write(struct seq_file *seq, const void *data, size_t len)As the prototype implies, it writes len bytes from data to the seq_file seq.
Efforts to get gcov support into the kernel have been around since 2002, but the code was recently rewritten to be a better fit for recent kernels. In the patch, Peter Oberparleiter says "due to regular requests, I rewrote the gcov-kernel patch from scratch so that it would (hopefully) be fit for inclusion into the upstream kernel." One of the bigger changes is to move the user space interface for gcov from /proc into debugfs.
It seems that the technical issues have largely been addressed in the third version of the gcov patch. It can provide useful information, especially for increasing the reach of test coverage—something that can only help reduce kernel bugs—so it could make for a nice kernel addition. Whether it will be picked up into linux-next or -mm and pushed towards an eventual mainline merge remains to be seen.
It seems that David Woodhouse had a bit of an ulterior motive when he recently reworked the kernel firmware loader. That is not to say the work is not useful in its own right, but one of his goals is more apparent now: removing all of the firmware from the kernel source tree. By making it easy to separate the firmware blobs—while still allowing them to be statically built into kernels—he has provided a possible path for all firmware needed by any Linux driver to live in a single place.
The firmware issue is somewhat contentious, with licensing and political issues that tend to annoy the kernel developers. Arguments about the "legality" of distributing firmware with the kernel flare up from time to time. Separate from that, there are some good reasons why it makes sense to keep the firmware in its own place: some distributions need or want to distribute their kernels without firmware blobs and some hardware manufacturers will not allow their firmware to be distributed with the kernel because of concerns about the GPL. The current situation makes it harder for both users and distributors.
Woodhouse brought up the idea of pulling the firmware out of the kernel in a post to linux-kernel and ksummit-2008-discuss. The agenda for this year's Kernel Summit is under discussion, so he proposed that it be discussed there. He is clearly trying to anticipate the technical concerns that others might have:
By the time the kernel summit comes around, we should have made decent progress on moving _all_ the firmware blobs to the firmware/ directory. And at that point I'd like to remove them completely, to a separate git tree and tarball. Those who really want to build them in to their static kernel would still be able to, but it wouldn't be the default behaviour.
Unsurprisingly, there are some fairly strenuous objections. David Miller is quite annoyed:
Sorry, that's taking things too far. I've fought, like, forever, to keep the tg3 driver with it's firmware in-tree. I refuse to let the driver get broken like that, it's staying working, and that means in-tree and linked into the driver.
If debian or whoever else have these concerns and want to rip the firmware out, it is one hundred percent their problem to patch things out of the kernel tree they use.
But there are other reasons to collect firmware in one single place, as Arjan van de Ven notes:
Right now it's a royal pain for users to get all the right pieces of firmware.... having ONE place to put all that would go a long way of making that side of things easier.
If you want to argue that that should be in the kernel tarball itself, you won't hear me complain. But others will... and for that a 2nd tarball might well be the answer. Just we shouldn't need 100 tarballs.
There is a very real concern, though, that putting firmware without source into the kernel is a GPL violation. It is impossible to know for sure without a court decision, which is something that no one wants to have to deal with. Companies—and their lawyers—tend to be very conservative when it comes to inviting lawsuits, so removing unrelated, possibly actionable code from the kernel sources is of great benefit to them. As Woodhouse says:
And it isn't just the nutters. Fedora also wants to ship the firmware in a separate package from the kernel -- since the alleged GPL violation is such a _gratuitous_ risk given that we always use an initrd anyway, and because people want to be able to do 'Free' spins which don't feature the firmware at all, even in the source packages.
By making it easier to put all of the firmware in one non-GPL tree, hardware vendors—and their lawyers—may be willing to allow the firmware to be distributed. If Woodhouse's plan for supporting both compile-time and runtime loading of the firmware is successful and reasonably transparent, there should be little difference for kernel developers, but big improvements for users and distributors. It is unclear whether this is something that will be resolved in email, as Woodhouse hopes, or will require a discussion at the Kernel Summit in September, but it's an idea with a lot of merit that may find its way into the mainline at some point.
Patches and updates
Core kernel code
Filesystems and block I/O
Virtualization and containers
Page editor: Jake Edge
News and EditorialsWikipedia definition. For the Ubuntu community, the Intrepid Ibex is the next version of the operating system, and the topic under discussion at the recent Ubuntu Developer Summit (UDS) in Prague.
There are a number of YouTube videos from the UDS, with Mark Shuttleworth and others talking about Intrepid Ibex and related topics. Mark's two part video covers the various versions of Ubuntu from the server to the platform specific remixes, to collaboration with other distributions and upstream developers, and more.
The Intrepid Ibex, scheduled for release next October, will also be known as version 8.10 - 8 for the year and 10 for the month of its release. With the Hardy Heron, Ubuntu's second LTS (Long Term Support) release out the door, the Ibex marks the beginning of a new LTS cycle. As such, it is likely to be a bit wild and woolly. A time to bring in new technology and experiment with possibilities. There will be plenty of time later for stabilizing the next LTS release, Ubuntu 10.04 LTS, scheduled for release in April 2010.
This UDS had several tracks some reports are available:
Xubuntu will provide (The goal of Xubuntu is to produce) an easy to use distribution, based on Ubuntu, using Xfce as the graphical desktop, with a focus on integration, usability and performance, with a particular focus on low memory footprint. The integration in Xubuntu is at a configuration level, a toolkit level, and matching the underlying technology beneath the desktop in Ubuntu. Xubuntu will be built and developed autonomously as part of the wider Ubuntu community, based around the ideals and values of Ubuntu.
Kubuntu fans will find this entry in Jonathan Riddell's blog of interest. "Kubuntu Intrepid Version makes the decision to move to KDE 4 by default (anything else is history). KDE 3 libs will still be available for applications without a KDE 4 version, but the desktop won't be. It's a good time to move to KDE 4 since Intrepid is intended to be a more cutting edge release." The Kubuntu Intrepid wiki takes a look at some specific design goals the KDE variant. Some of the defaults for Kubuntu have been defined.
We will remove sounds for actions. Actions do not need to attract the user's attention. We would like a new, shorter, login sound, Scott Wheeler has volunteered to make one.And so on.
At the 4.1 release we will consider which default Plasmoids to include. The Desktop Plasmoid should be on by default.
Other goals for Intrepid are still somewhat fuzzy, which means there is still time to make proposals for what you want. If you run Ubuntu (or variant thereof) but it's not quite what you want it to be, get involved and help make it better.
New ReleasesThe good news is that we're closing in on the final release of 11.0, but it's not time to relax just yet. We're getting really close, so we need all hands on deck to help test this release candidate."
writes about the Fedora Bug Triage team. "It is also our hope that the bug triage team can help Fedora as project identify areas which need more attention. Some initial anger and frustration was directed at the "triage bot" for touching so many bugs and closing many others (for unmaintained releases) that had been filed but never responded to by anyone. This points to a potentially deeper problem that maybe in spite of Fedora's desire to grow its package repository it is also not staffed to address all of the resulting bug reports. The other side of this of course is that like all software projects, it simply isn't possible to fix every single bug. It is not fair to form hard conclusions on this until we have reviewed all the bugs in NEW and performed better analysis of the data."
Red Hat Enterprise LinuxIn accordance with the Red Hat Enterprise Linux Errata Support Policy, the 7 year life-cycle of Red Hat Enterprise Linux 2.1 will end on May 31, 2009. After this date, Red Hat will discontinue the technical support services, bug fix, enhancement, and security errata updates."
SUSE Linux and openSUSEnow available.
Ubuntu familyThe Ubuntu project is rapidly expanding and the previous process for approval of new Ubuntu members has been struggling to keep up with the increased participation. The list of pending membership applications was so long that the Community Council cannot focus on other issues. Also, it is often difficult or impossible for potential new members to attend Community Council meetings which do not coincide with their availability in a particular timezone. As a result three regional membership boards have been created to consider applications from contributors to the project for Ubuntu membership."
ubuntu-news-team mailing list is the single and authoritative place to submit and discuss news stories, events and meetings in the Ubuntu community. It will be used by the Ubuntu Weekly News team and the Fridge team. The ubuntu-marketing-submissions and fridge-devel mailing lists are now *closed* and have been replaced by this single list.
PDF format or HTML.
OpenSUSE Weekly News covers openSUSE 11.0 Release Candidate 1, LinuxTag 2008, People of openSUSE: Klaus Kämpf, and much more.
OpenSUSE Weekly News looks at People of openSUSE: Matthias Fehring, Interview: KDevelop and the openSUSE Build Service, Status Updates, Gabriel Burt: Banshee 1.0 Release Candidate 1, Jigish Gohil: Compiz and Compiz Fusion 0.7.6 out in wild, blogs.zdnet.com: "OpenSUSE 11 RC1: The Mercedes-Benz to Ubuntu's Volkswagen", and much more.
Mandriva Linux Community Newsletter covers Mandriva Linux releases, Mandriva Club changes, Mandriva website overhaul, Mandriva One CD packs available from the Store, partnerships, and more.
Fedora Weekly News for June 1, 2008 looks at the wiki migration, info about FUDCon Boston, the second release of the Fedora Brazil Magazine, heading for Fedora 10, and several other topics.
DistroWatch Weekly for June 2, 2008 is out. "One of the best-known and most widely-used features of FreeBSD, its CVS infrastructure designed to store all of the operating system's and userland's source code, was finally given boot last week when it was replaced with Subversion. What will this major switch mean for the FreeBSD user community? While on the surface not much will change in the foreseeable future, eventually everybody will need to get used to a new way of performing source updates. In other news, Novell reports better than expected revenue from its Linux business, Ubuntu plans universal connectivity in Intrepid Ibex, Fedora reports on the progress of integrating KDE 4 into the distribution, and BLAG's Jeff Moe explains why he continues to remove all non-free "blobs" from the Linux kernel. Also not to be missed, a first-look review of openSUSE's Zypper, probably the most advanced and comprehensive package management utility on the market. Finally, we are pleased to announce that the recipient of the DistroWatch.com May 2008 donation is the FileZilla project."
Interviewstalks with Jeff Moe, developer of blobless kernels and BLAG. "Jeff Moe is a 37 year old self-employed father. Better known as jebba, he is the main developer behind the 100% Free distribution BLAG (for BLAG Linux And GNU). He is also leading a couple of other Free software projects. He kindly agreed to give Blue GNU an interview by Jabber."
podcast with a transcript also available. "How many hats do you wear as a Gentoo developer, and tell me about them? At the beginning you mentioned a few of them, and really, it's just way too many. I'm really kind of over-obligated in Gentoo. And it's hard to manage to spend enough time working on everything. Right now, as you mentioned, I'm a council member, I'm the lead of the PR team, the desktop lead, the clustering lead, I maintain X, I'm work on the science team, and I also maintain about 50 other packages."
interviews Anurag Bhandari, founder and project leader of the Granular Linux Project. "What exactly is Granular Linux? What does the name Granular signify? Granular is an easy-to-use Linux distribution aimed at desktop users and newbies in the world of Linux. It can also be a good choice for regular Linux users. The name "Granular" signifies one of the reasons behind the creation of this distro, that is, "customizability". Granular was intended to be able to get easily customized by the end user. An all over customization can only be achieved by customizing the individual components (granules). And for that, KDE is an excellent option, combined together with the various options provided with Granular. Hence the word "Granular"."
Distribution reviewsreviews Mandriva Linux 2008 Spring. "Linux distros are a bit like buses (bear with me on this) miss one and another is bound to come along sooner or later. In the case of Mandriva Linux, it's the 2008 Spring edition that benefits from the usual long list of component updates together with full support for the Asus Eee PC, improved synchronisation with mobile devices, PulseAudio sound infrastructure and a handful of other enhancements. Lets start by getting the updates out of the way: the 2008 Spring edition is built around a 2.6.24 Linux kernel with X.org 7.3 and both 3.5.9 and 4.0 implementations of the standard KDE desktop."
compares Ubuntu 8.04 to Fedora 9. "The recent releases of Ubuntu 8.04 and Fedora 9--two top Linux distributions--mark another step forward in the evolution of the Linux desktop. I've been running both of them to see which offers the better blend of usability and advanced features."
looks at TinyMe 2008.0. "While we're all waiting for PCLOS 2008 to be released, we were treated to a kissing cousin yesterday with the release of TinyMe 2008.0. It's a small lightweight distro featuring the LXDE desktop with lots of handy apps. I thought I'd take it for a little test run this evening to see what it might be like."
Page editor: Rebecca Sobol
Matplotlib is a cross-platform numerical plotting and analysis library for Python:
matplotlib is a python 2D plotting library which produces publication quality figures in a variety of hardcopy formats and interactive environments across platforms. matplotlib can be used in python scripts, the python and ipython shell (ala matlab or mathematica), web application servers, and six graphical user interface toolkits. matplotlib tries to make easy things easy and hard things possible. You can generate plots, histograms, power spectra, bar charts, errorcharts, scatterplots, etc, with just a few lines of code.
Matplotlib version 0.71 was last examined on LWN in January, 2005. Recently, major release version 0.98.0 was announced:
matplotlib 0.98.0 is a major release which requires python2.4 and numpy 1.1. It contains significant improvements and may require some advanced users to update their code; see migration and API_CHANGES. We are supporting a maintenance branch of the older code available at matplotlib 0.91.3.
The major changes in matplotlib 0.98.0 include a complete rewrite of the transformation infrastructure and new support for user-defined transformations and projections. The full list of changes is available in the CHANGELOG file. The new matplotlib release coincides with the new release (version 1.1.0) of NumPy, the fundamental package needed for scientific computing with Python:
"This is the first minor release since the 1.0 release in October 2006. There are a few major changes, which introduce some minor API breakage. In addition this release includes tremendous improvements in terms of bug-fixing, testing, and documentation."
Looking forward to upcoming and in-progress matplotlib development, the Goals document explains a number of new matplotlib capabilities that are in the planning and development stages.
If you need to create any number of scientific data plots, matplotlib is an excellent choice for the job. It truly lives up to the claim of being easy to use. The latest matplotlib source code is available for download here.
Backup Softwareannounced. "bkupcj is a software for automatically backup your files to usb disk, samba partition or local directory. bkupcj creates mirrors of original directories, isn't incremental in order to optimize disk space. bkupcj can also be used like a cron-job."
Database SoftwareThe Postgres core team met at PGCon to discuss a few issues, the largest of which is the need for simple, built-in replication for PostgreSQL. Historically the project policy has been to avoid putting replication into core PostgreSQL, so as to leave room for development of competing solutions, recognizing that there is no "one size fits all" replication solution. However, it is becoming clear that this policy is hindering acceptance of PostgreSQL to too great an extent, compared to the benefit it offers to the add-on replication projects."
SQLObject is an object-relational mapper. Your database tables are described as classes, and rows are instances of those classes. SQLObject is meant to be easy to use and quick to get started with. SQLObject supports a number of backends: MySQL, PostgreSQL, SQLite, Firebird, Sybase, MSSQL and MaxDB (also known as SAPDB)."
Interoperabilityannounced. "This is a security release to address CVE-2008-1105. The original advisory is available online."
Networking ToolsThe netfilter project proudly presents another development release of the conntrack-tools. This release includes important improvements, new features and bugfixes: * add ICMPv6 support (Krzysztof Oledzki) * simplified conntrack update and deletion via command line * major improvements in the state synchronization code * add new best effort replication protocol"
libnetfilter_conntrack is a userspace library providing a programming interface (API) to the in-kernel connection tracking state table. This release includes new features and minor fixes."
This release includes minor bugfixes and updates."
Web Site DevelopmentMidgard is a capable open source content management system for running mid-to-high-end websites. In addition to the built-in content management features, Midgard also provides a highly object-oriented component architecture for building interactive web applications that integrate seamlessly with the website."
AccessibilityAccelerator is a GUI program that shows where keyboard accelerators should go in menu option texts and dialog labels. The program produces optimal results on the basis that the best accelerator is the first character, the second best is the first character of a word, the third best is any character, the worst is no accelerator at all, and no accelerator should be used more than once. With this program developers can help improve usability for users who can't use the mouse and for fast typists who don't want to use the mouse."
Business Applicationsannounced. "Openbravo POS is a point of sale application designed for touch screens, supports ESC/POS ticket printers, customer displays and barcode scanners. It is multiuser providing product entry forms, reports and charts. Openbravo POS 2.10 includes a large list of new functionality and bug fixes."
Desktop EnvironmentsThis is the second update to GNOME 2.22. Come and see all the bug fixing, all the new translations and all the updated documentation brought to you by the wonderful team of GNOME contributors! A lot of work has been done in the stable branch to make it even more solid than it was."
This is the third stable release in the 2.22 cycle, incorporating the GNOME 2.22.2 Desktop and Developer Platform, fine-tuned with love by the GARNOME Team. It includes a wealth of new application releases, updated translations and bug fixes as part of this GNOME release -- as well as updates and fixes after the GNOME freeze, a host of third-party GNOME packages, Bindings and the Mono(tm) Platform."
The KDE Community today announced the immediate availability of KDE 4.0.5, the fifth bugfix and maintenance release for the latest generation of the most advanced and powerful free desktop. KDE 4.0.5 is the fourth monthly update to KDE 4.0."
announced the availability of the 2007 Q3/Q4 KDE e.V. Quarterly Report (pdf). "The KDE e.V. Quarterly Report is now available for Q3 and Q4 2007, covering July to September, and October to December 2007. This document includes reports of the board and the working groups about the KDE e.V. activities of the last two quarters of 2007, as well as event summaries and future plans."
X.Org Foundation wiki.
Desktop Publishingannounced. "DocBook to LaTeX Publishing transforms your SGML/XML DocBook documents to DVI, PostScript or PDF by translating them in pure LaTeX as a first process. MathML 2.0 markups are supported too. It started as a clone of DB2LaTeX. The XeTeX backend is added to dblatex 0.2.9. XeTeX is modern a TeX engine that allows you to compile the document natively in UTF-8. All the workarounds and tricky things to handle non latin1 characters are no more needed."
announced, several new capabilities have been added. "Are you a novelist or an author? StorYBook is a summary-based software for creative writers that helps to keep the overview over characters, locations and strands while writing a book, a novel or a story. StorYBook assists you in structuring your book."
GUI Packagesit is a set of Python bindings for the Qwt C++ class library which extends the Qt framework with widgets for scientific and engineering applications. It provides a 2-dimensional plotting widget and various widgets to display and control bounded or unbounded floating point values."
Imaging Applicationsannounced. "GraphicsMagick provides a set of commandline tools and programming APIs (including C, C++, and Perl) for manipulating, editing, and converting raster and vector images. It is derived from ImageMagick, with the objective of providing a stable, reliable ... This release fixes many bugs discovered since the 1.2.1 release. Most bugs are minor."
Instant MessagingGOZERBOT, a Python IRC bot and Jabber bot, has been announced. Several new features have been added and some plugins were removed from the main distribution.
Interoperabilityhas been announced. Changes include: Bug fixes only, we are in code freeze.
Medical Applicationscovers the release of OSHIP. "The Open Source Health Information Platform (OSHIP) project is now public. It is a Python implementation of the openEHR specifications Release 1.0.1OSHIP is not a clinical application. It is a Python framework for quickly building future-proof, inter-operable healthcare applications based on a multi-level modeling principle that has already been proven in implementations."
Office SuitesIt is the first release candidate of OOo-2.4.1 and we would like to ask you for testing and reporting bugs."
Web Browsersintroduction to using the microformats API in Firefox 3. Microformats are a way to attach semantics to information displayed on a web page, for example addresses or calendar information, that can be processed more easily by programs. "The upcoming Firefox 3.0 release has built-in support for microformats in the form of an API that you can access from a Firefox extension. In this tip, you follow a simple example of how to use this API from within your extension code. You take a skeleton Hello World extension and give it the ability to store an hCard from any Web page and then use that stored hCard to populate a Web form."
Miscellaneousannounced. "Java interfaces and sample implementations for controlling a model railroad layout from a personal computer. JMRI is intended as a jumping-off point for hobbyists to build their own layout controls. Includes the DecoderPro and PanelPro applications. Test version 2.1.6 of JMRI/DecoderPro is available for download. This is a test release. Please post a note if you encounter any new or old bugs!"
announced. "The RoboCup Soccer Simulator is a research and educational tool for multi-agent systems and artificial intelligence. It enables for two teams of 11 simulated autonomous robotic players to play soccer (football). This release is the candidate of RoboCup 2008. There are some important improvements. Firstly, the physics parameters are well adjusted to make the simulation more real and stabler. Secondly, the restrict vision perceptor is used, with which the vision range is limited, but more details will be seen, i.e. the head, hands and feet of robots can be seen. Furthermore, the soccer rule and visual features are improved."
Virtual Ideal Functionality Framework is a framework for creating efficient and secure multi-party computations (SMPC). Players, who do not trust each other, participate in a joint computation based on their private inputs. The computation is done using a cryptographic protocol which allows them to obtain a correct answer without revealing their inputs -- even when some players try to cheat. Operations supported include addition, multiplication, and comparison, all with Shamir secret shared outputs."
Languages and Tools
CFramework for Modular Analysis of C (Frama-C) has been released. It is written in OCaml and uses the C Intermediate Library (CIL). Much more information can be found on the project's "more information" page. "The Frama-C development team is proud to announce the availability of Frama-C, the framework for the development of collaborating static analyzers for the C language. Many analyzers are provided in the distribution, including a value analysis plug-in that provides variation domains for the variables of the program, and Jessie, a plug-in for computing Hoare style weakest preconditions." (thanks to David Mentre)
JavaThe IcedTea project provides a harness to build the source code from OpenJDK using Free Software build tools and provides replacements libraries for the binary plugs with code from the GNU Classpath project."
PerlThis Week on perl5-porters is out with the latest Perl 5 news.
Miscellaneousannounced. "Jutty is a code generator that will produce basic classes for a variety of patterns and standard coding classes. I'm hoping to make this an Eclipse plugin in order to start all types of new files. It only contains one generator but it's a release. Read the release notes carefully."
Page editor: Forrest Cook
Linux in the news
Recommended Readingtakes a look at the legal issues in using GPL'd software. "Open source software had its origins in the free software movement. By now, most open source users understand that free refers to freedom, not to price. The new lesson is that the freedom belongs to the software, not to users. You are not free to do whatever you want with the open source software and may find yourself in a legal fight if what you do restricts the freedom of the software. Many of the things that for-profit companies strive for end up limiting some software's freedom. Any activity that leverages software for business advantage is likely to restrict the software's freedom, and the growing use of open source software by for-profit companies has been a growing irritant for free software advocates." (Thanks to Uwe Klein)
Companiescomments on the increasing popularity of smaller CPUs. ""I've not seen energy like this from our customers in a long, long time," Otellini told The Associated Press on Wednesday. "Everyone views this as being sort of hyperexpansive to the existing market." A centerpiece of the strategy is the Atom processor, which packs the power of a PC-class processor from six years ago into the smallest space yet 25 Atoms will fit on a square inch. It's intended for Mobile Internet Devices iPhone-like tablets that provide a "full" Internet experience, better than that available on cell phones. Somewhat larger than the MID is what Intel calls the "netbook," a small, cheap laptop. Taiwan's AsusTek has had a breakout hit in this category with its eeePC, which starts at $300 and uses an Intel chip."
Linux Adoptionlooks at three new KDE deployments in Germany. "The IT Service Center Berlin has announced the development of a desktop system for the public services in Germany's capital. This is yet another public body making the switch to the Free Desktop system. The announcement talks about the good integration of KDE with their current infrastructure, which is partly based on Microsoft's software."
Linux at Worknotes the launch of Fedora Nightlife. "Fedora Nightlife is a new project for creating a Fedora community grid. People will be able to donate idle capacity from their own computers to an open, general-purpose Fedora-run grid for processing socially beneficial work and scientific research that requires access to large amounts of computing power. Given the large number of Fedora users, I hope that we will eventually be able to build a community grid of over a million nodes at Fedora. This will be a great example of the power of the Fedora community, give people new and meaningful ways to contribute to Fedora, advance the development of large-scale grid software, and lead to real benefits for the world."
ResourcesJune 2008 edition of Linux Gazette is out; with articles on Deividson on Databases: Triggers, gDesklets: Beauty with a Purpose, Monitoring Function Calls, Using Crontab, USB thumb drive RAID, and much more.
an analysis of OpenOffice.org performance trends. "Some complain OpenOffice.org is slow and bloated. With each release there may be dozens of performance improvements, but there are also new features, some of which may slow things down. This the natural balance in software development, but in the end, what is the net effect on performance from one version to the next? We need a good benchmark to produce good data, but what do we measure? Let's assume the most common operations are starting OpenOffice.org, opening a Writer document, scrolling from top to bottom using the down arrow, exporting the document, and closing both the document and OpenOffice.org."
Quickies article. "Red Hat Magazine has a review of KDE 4 on the new Fedora 9. *** Linux Journal takes a look at Marble which recently gained OpenStreetMap support. *** The Fanatic Attack blog features an article on exceptional Linux programs for kids covering a good number of our own KDE Education apps. *** Another project's loss means we gained one extra summer of code project implementing the 3D part of the PDF specification for Okular. *** The Register takes a look at 4.1 Beta 1. *** SoftVision Blog reviews KDE 4 distros..."
Reviewslooks at Ubuntu Linux Remix, a lightweight version of Ubuntu aimed at "netbook" computers. "A key difference with the Remix from the standard desktop Ubuntu Linux is the inclusion of a "launcher" that allows users to start the machines and get online quickly, Carr said. "There are also lots of tweaks for the Intel Atom chips, and optimization, too, for the flash drive [rather than disk-based spinning hard drives] and for other underlying technologies. Probably the major difference ... is that this is very much a device-tied OS" aimed specifically at netbook architectures."
Page editor: Forrest Cook
Non-Commercial announcementsannounced an attempt to reach a new world record for downloads on the upcoming Download Day. The date has not yet been stated. "Mozilla today announced its intent to set a brand new Guinness World Record for the largest number of software downloads in 24 hours. The record-setting attempt is planned for the launch day for Firefox 3, also known as Download Day. Mozilla is inviting its global community to spread the word and join the effort by pledging to download Firefox 3 and hosting regional download "fests.""
Commercial announcementsannounced financial results for its second fiscal quarter ended April 30, 2008. "For the second fiscal quarter 2008, Novell reported $30 million of product revenue from Open Platform Solutions of which $29 million was from Linux* Platform Products, up 31% year-over-year. Product revenue from Identity and Security Management was $31 million of which Identity and Access Management was $27 million, up 13% year-over-year. Product revenue from Systems and Resource Management was $41 million, up 15% year-over-year. Workgroup product revenue of $92 million was down 1% year-over-year."
announced its Self-Support Suite. "SourceLabs, the company innovating open source software support, today announced that its Self-Support Suite now supports the open source Eclipse development environment. SourceLabs' Self-Support technology dramatically reduces the complexity of enterprise Linux and Java application development and maintenance, giving developers, corporate IT professionals, and solution providers an on-demand way to support web applications using the Eclipse Foundation's open source development framework."
Xandros software will include technologies from Moblin.org, the open source community for developing media and Internet solutions for Internet-centric portable and embedded devices based on Intel Atom processors."
announced the integration of NetApp Snapshot with the Zmanda Recovery Manager for MySQL. "With NetApp Snapshot, database administrators can create point-in-time copies of file systems, which can be used to protect data-from a single file to a complete disaster recovery solution. Users can protect data with no performance impact and minimal consumption of storage space."
Education and Certification
Calls for Presentations
Upcoming Eventsregistration for Akademy 2008 has been announced. "Akademy is KDE's World Summit, a week long event for all KDE contributors, industry partners and users. The week starts with a two day conference, and is set to include a tutorial day and a embedded and mobile day. As always, attendance to Akademy is free of charge, but you must register. Registration should be in by the 15th of June if you want the Akademy Team to book your accommodation for you. See you in Belgium!"
As DEFCON 16 gets closer its awesome powers, much like a kraken summoned by Dethklok, continues to grow. How do you become friends with a kraken? You get to know it. Have a beer. Below are various way you can get involved with DEFCON 16 contests and events. The Call for Papers is closed, and selections are being announced all this week, so it is a bit too late to speak, but not too late to get involved."
EuroSciPy is designed to complement the popular SciPy Conferences which have been held for the last 7 years at Caltech (the 2008 SciPy Conference in the U.S. will be held the week of August 19-24). Similarly, the EuroSciPy Conference provides a unique opportunity to learn and affect what is happening in the realm of scientific computing with Python."
Events: June 12, 2008 to August 11, 2008The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it.
Audio and Video programsreports that videos from the Linux Foundation Collaboration Summit are now available online. The article points to several videos from keynotes and roundtable panels. It looks like all the videos are available here.
Page editor: Forrest Cook
Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds