LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for February 5, 2009Apple's touch-screen patentOn January 20, 2009, Apple was awarded patent #7,479,949, titled "Touch screen device, method, and graphical user interface for determining commands by applying heuristics." This patent potentially has the power to make life difficult for anybody developing hardware or software involving touch screens. It could also bring about an unwelcome repeat of some twenty-year-old history. But any attempt to enforce this patent risks repeating a twenty-year-old conclusion.In March, 1988, Apple filed suit against Microsoft and HP, claiming that their new window-oriented interfaces violated Apple's copyrights on the Macintosh GUI. This suit drew widespread condemnation on the net and a boycott compaign by the Free Software Foundation, which refused to incorporate Macintosh support into its software for years. Apple eventually lost, but, in the process, it cast a cloud of uncertainty over graphical interfaces for some years. More recently, Apple Chief Operating Officer Tim Cook was quoted in this way:
He went on to say that Apple will challenge any company it thinks
is infringing on its IP - which is hard to be taken any other way
than a warning to Palm, whose new Pre device is the first to
significantly incorporate multi-touch components since the iPhone.
The saber which Apple is rattling here is widely thought to be patent #7,479,949, often referred to as "the multitouch patent." Multitouch interfaces are those which can respond to simultaneous operation of two or more pointing devices. These "devices" are normally fingers on a touch screen, but it need not be that way. Apple's iPhone and iPod Touch devices have made multitouch a core component of the interface, as typified by the "pinch" gesture used to change the zoom of the object displayed on the screen. At this particular time, multitouch typifies Apple devices in much the same way that a well-developed windows-icons-menus-pointer interface did in the late 1980's. Incorporation of multitouch techniques into other products seems like it is only a matter of time - and not very much time at that. The upcoming Palm Pre device is one obvious example. The Android developers have also clearly been thinking about multitouch; current releases do not support it, but it turns out that the G1 hardware supports multitouch, much to the joy of the G1 hacking community. Whether that capability will ever be exploited by official Android releases remains to be seen, though. Google is clearly concerned about the issue, and developers have been asked not to discuss the patent on the Android lists. Whenever one deals in patents, one must look at what has actually been claimed. The first claim for Apple's patent is illustrative (if painful):
A computing device, comprising: a touch screen display; one or more
processors; memory; and one or more programs, wherein the one or
more programs are stored in the memory and configured to be
executed by the one or more processors, the one or more programs
including: instructions for detecting one or more finger contacts
with the touch screen display; instructions for applying one or
more heuristics to the one or more finger contacts to determine a
command for the device; and instructions for processing the
command; wherein the one or more heuristics comprise: a vertical
screen scrolling heuristic for determining that the one or more
finger contacts correspond to a one-dimensional vertical screen
scrolling command rather than a two-dimensional screen translation
command based on an angle of initial movement of a finger contact
with respect to the touch screen display; a two-dimensional screen
translation heuristic for determining that the one or more finger
contacts correspond to the two-dimensional screen translation
command rather than the one-dimensional vertical screen scrolling
command based on the angle of initial movement of the finger
contact with respect to the touch screen display; and a next item
heuristic for determining that the one or more finger contacts
correspond to a command to transition from displaying a respective
item in a set of items to displaying a next item in the set of
items.
Note that this claim does not address multitouch techniques at all. Some of the dependent claims do mention it, but in the specific context of using a two-thumb gesture to change the orientation of a web browser display. The iconic "pinch" technique does not appear anywhere in the claims for this patent, though it is mentioned several times in the descriptive text. Your editor is far, far removed from being a patent attorney, but he has a hard time seeing how this patent could be read against most multitouch techniques. What does appear in this patent is a heuristic for suppressing horizontal scrolling if the user makes a sufficiently steep gesture on the touchscreen. This sort of heuristic can certainly be found in the Android interface, which does just that kind of vertical-only scrolling. In your editors (again, unqualified) reading, the scrolling claims present much more potential for trouble than multitouch. If Apple were to prevail with claims based on this patent, the effects could be severe - at least, in the United States. Devices made by companies other than Apple could lose a number of important techniques which make touchscreen-based interfaces usable. Companies like Palm could conceivably license the patent from Apple (if Apple were willing), but that is almost certainly not an option for toolkits (like Android) which are based on free software. Linux World Domination for mobile devices could well suffer a major setback. Arguably, this patent would have no effect on business conducted outside of the US. Fully-capable devices could be sold elsewhere, as long as they are developed entirely outside of the United States. American users could be stuck with iPhones or devices with inferior interfaces - with the lucky few carrying devices furtively imported from elsewhere. In practice, excluding the US would make it harder for any such product to succeed. And US-based platforms, including Android and Palm webOS, would be out of luck. It may not come to that, though. Perhaps Apple does not intend to use its patents as an offensive weapon. After all, the company has done well enough by focusing on building great products, and the look-and-feel lawsuits of the 1980's did little to help Apple succeed. A new round of litigation would risk alienating developers worldwide and distracting Apple from the activities which truly benefit the company. If Apple does take the offensive, it faces a couple of severe obstacles. One is the slowly-changing attitude in the US, where legislators and judges are (belatedly) figuring out that the patent system is out of control. The bar has been raised (though not by enough), making patent enforcement more difficult than it once was. Beyond that, there is also the issue of prior art. The best reference there would appear to be this extensive history of touch-based interfaces put together by Bill Buxton at Microsoft Research. Suffice to say that, as in most other areas of endeavor, there is little that is truly new with touchscreen interfaces. (As an aside, it's also worth noting that Microsoft, by virtue of its own interest in mobile devices, could become an unlikely ally of the free software community in this particular battle, should it come to be fought.) All of that will be little comfort, though, to anybody working with touchscreen-based products in the US now. Even if a company sued by Apple were to emerge victorious, that victory would come at the cost of millions of dollars spent, much time lost, and much uncertainty sown among others who are thinking about developing for that company's platform. So, for now, the patent system continues to inhibit the innovation that it was created to encourage.
PostgreSQL's review bottleneck, episode 3As PostgreSQL gears up for its 8.4 release, contributors to the popular database project are debating on the pgsql-hackers mailing list how to handle two large patches. The immediate issue is whether to include the patches in the 8.4 or 8.5 release, but the larger issue is a review system that suffers from a shortage of peer reviewers and that has improved only marginally in the last two releases, despite concerns raised in 2007 and 2006. The current discussion offers a snapshot of the growing pains that large free software projects find themselves increasingly facing. PostgreSQL development is based upon a series of CommitFests — periods in which patches are accepted and reviewed that are followed by development releases. Between CommitFests, no new patches are accepted. The trouble is that two patches in particular, SE-PostgreSQL, which adds Security Enhanced Linux's security model, and Hot Standby, which allows queries on databases during archival recoveries, have not been fully reviewed, and have prolonged the current CommitFest. Although developer Robert Haas suggests that at least three other patches may also be delaying the release cycle, most of the discussion has centered on SE-PostgreSQL and Hot Standby. Part of the debate over the two patches concerns exactly what to do with them. As Bernd Helmle points out, with the current CommitFest already over three and a half months old, and the next one not due until May, "That means we're essentially closed to new patches for six months, which is a really long time. To put it another way, for every week the core team spends reworking the existing patches, it will be another week before someone can get feedback on any new patches submitted now." Moreover, core team member Tom Lane says, prolonging the current CommitFest until the patches are ready means that the 8.4 release will not happen until the fall of 2009, rather than in late spring. Such a release date would mean that the next release will take almost a year to produce, which is unacceptably long in most contributors' views. Given this situation, Lane says, community has to decide whether to delay the release of each of these patches to the 8.5 release, delay long enough for the patches to be properly handled, or else include only a limited feature set for each of them as a compromise solution. In the case of SE-PostgreSQL, several contributors seem open to dropping it altogether. "To be brutally honest, I don't care about the feature at all: the only thing I ever do with SE Linux is turn it off," Haas says, and one or two others agree. Unsurprisingly, this attitude sits poorly with KaiGai Kohei, the developer of SE-PostgreSQL. Demanding a rationale for the proposed rejection of his patch, Kohei notes that, given the growing popularity of cloud computing, database security is becoming increasingly important. "If we can include these features in a timely fashion," Kohei writes, "it makes PostgreSQL more attractive." Kohei is supported by Dave Page, who is concerned that delaying or rejecting SE-PostgreSQL, which is sponsored by the Exploratory IT Human Resources Project "will send a fine message to those companies that have sponsored development work — that we will arbitrarily reject large patches that have been worked on following the procedures that we require." Page is concerned that "we will rapidly find that no company wants to sponsor features for PostgreSQL in the future." In the same thread that these scheduling and content issues are being discussed, PostgreSQL contributors are also debating the reasons that the review system is not working as well as it should. Heikki Linnakangas suggests that the situation was to some extent inevitable because "big patches simply take a long time to mature." Others suggested that the problem was that final approval of all patches must be given by the core team, and the work load has simply become too large. As Helmle says, "core developers are too busy with reviewing stuff during the CommitFest. Because of this, it's really hard to get the necessary time of somebody who is able to evaluate the architecture of a new feature and (more important) its side-effects on the whole system." Under these circumstances, Helmle questions whether delaying the acceptance of features will do anything to improve the release cycle. A large part of the discussion of the review system centered on possible improvements to it. Haas raises the possibility of adding a "FeedbackFest" at the end of CommitFests to focus the entire project on patch reviews, and also a policy that, once a patch was rejected, it would be declared dead if a corrected version was not resubmitted within two weeks. In much the same vein, Jaime Casanova suggested a policy under which large patches submitted late in a CommitFest would not be guaranteed a review. "Maybe that will [encourage] authors to send patches more often and more early," Casanova writes. Another possibility, raised by Riggs is to overlap releases, so that submitters of rejected patches could move their contributions to a later release and know when it was likely to be included. However, this idea was quickly shot down by Lane, who points out that "key committers are overstressed already." In fact, in Lane's view, overlapping releases would only add to the problem because, "everyone will find it more interesting/fun to work on new patches instead" of reviewing. "The current system at least gives non-committers developers some motivation to help with that stuff, because they know their patches won't be looked at until beta is over." Much of the discussion about solutions was about a system that would automatically send reminders about the status of patches — a solution that everyone in the discussion seemed to agree would be more efficient than the present reliance on a wiki page for each CommitFest. Josh Berkus, who is co-lead for the present CommitFest agreed, writing that "My inability to systematically send reminder e-mails to submitters and reviewers — or, for that matter, even track when they were assigned or last updated — has been a significant drag on the effectiveness of the CommitFests. Some patches stalled, and I missed them." Possible solutions for notification included Patchwork and Review Board. However, as the merits of different solutions were debated, Berkus notes that "our review/commit process is so peculiar to our project that using *any* prebuilt solution would require us to change our process to support the tool. And I can't imagine this group doing that." The possibility of writing a custom application was raised by Haas, but no decisions were made to start such a project. At this point, discussion petered out into a discussion of what SE-PostgreSQL and Hot Standby required in order to be included in the 8.4 release. One possible stumbling block for SE-PostgreSQL may have been removed when Kohei explained that the security policy of the patch, which no project member apparently felt competent to review, didn't need review because it had already been tested by SE Linux, the upstream project. A decision on what to do with the two patches should be made within a week, according to Berkus. Until then, what is interesting about the discussion to outsiders is how it shows one project attempting to deal with growth. From the discussion, it seems that PostgreSQL has outgrown policies and procedures that once served it well, and is still adjusting to the change. Like many other free software projects these days, PostgreSQL is facing the challenge of its own success.
Aleutia E2: low power to the peopleGreen computing frequently makes the news either for its cost-saving potential to businesses, or as a way for eco-conscious consumers to reduce their environmental footprint. But UK-based Aleutia, Ltd takes a different approach, using green to produce ultra-low-power-consumption Linux PCs for classrooms and businesses in developing countries. The company's flagship product is the E2, a compact desktop system that consumes just 8 watts. ![[E2 front]](/images/aleutia-e2-front_sm.png)
The E2 measures 115x115x35 millimeters, is fanless, and runs from Compact Flash storage. It sports a 500 MHz VIA processor, 1GB of RAM, and comes with VGA, Ethernet, PS/2, audio-in, audio-out, and three USB ports packed onto a ruggedized aluminum enclosure. The case has screw mounts designed to match the 10x10 centimeter VESA plate on the backs of most LCD monitors, allowing for an even smaller desktop footprint. The company sent two Compact Flash cards with its review unit, one containing a standard Debian Etch installation, and the other Aleutia's customized version of Ubuntu 8.04 LTS. Other operating system choices are available, including Windows XP, although founder Michael Rosenberg says Ubuntu accounts for the overwhelming majority of customer selections. The base model that I tested retails for £199; options adding a Mini PCIe WiFi module or hard disks are available at additional cost. If you opt for the WiFi model, be prepared to either load a binary blob or to work with NDISwrapper; the card included is a VIA VT6655, which is supported by VIA-built closed drivers only. Alternatively, the Mini PCIe slot is unused in the base E2 configuration, so any other card of your choice is an option. The graphics situation is better; the onboard video for all E2s is a 32MB VIA CX700, running the openChrome driver. The Compact Flash card is ready to boot; no installation required. It uses the GNOME desktop environment and a customized suite of applications, including several not common to vanilla Ubuntu, such as the Mozilla-based Songbird audio player, Mozilla Seamonkey, and MPlayer, which Rosenberg says provided the best playback performance of the available free software video players. There are also applications from the proprietary world, such as Skype, Picasa, and Google Desktop. A local mirror of Wikipedia is included as a reference, containing 4,625 articles. Apart from these supplementary applications, however, the system is a full-fledged Ubuntu installation, capable of downloading updates through the project's official APT repositories. Rosenberg explains that the company went with the 8.04 LTS release for stability's sake on behalf of the units in the field, and that his team continues to track Ubuntu development as well as other Linux variants. ![[E2 screenshot]](/images/aleutia-e2-screenshot_sm.png)
Considering the E2's low power profile, I was surprised by some of the application selections, such the inclusion of OpenOffice over the much leaner Abiword, and Seamonkey over Firefox. Songbird is an interesting project in its own right and I find it impressive in a number of ways, but it consumes far more memory than many simpler music players. Google Desktop is a CPU drain that I have never found to be worth the trouble. At 500MHz, the E2 will strain to perform some processor- or graphics-intensive tasks. I found video playback choppy, although audio playback and Skype were flawless. Saving files to flash storage is predictably slower than writing to a hard disk, but the difference is only discernible on multi-megabyte data like downloaded audio or video. The E2 is easily capable of handling Internet and office tasks like you would expect in the classroom or in an Internet cafe. The 8 watts of electricity it consumes is roughly five percent of the power drawn by a typical desktop computer; if you did not know it was specially-engineered to be green, you might well mistake its performance for a traditional PC one generation or so behind the curve. Video performance and write speed are two particulars that the company is taking specific steps to improve as it continues to tweak the E2's system configuration. Many of the tweaks Aleutia incorporates to improve E2 performance originate with the ever-increasing pool of Linux netbook hackers. The platforms face similar issues: flash storage of limited capacity, low-speed (by desktop standards) CPUs and graphics processors, and limited RAM. Rosenberg chronicles the effort on the corporate blog, noting changes such as the adoption of the lightweight Fluxbox window manager to replace GNOME's default Metacity, filesystem tuning, and accelerating Firefox by storing the browser cache in RAM instead of writing it to flash storage. The team has recently been experimenting with supplanting GNOME itself with LXDE, although Rosenberg confides that the system is not yet stable enough to ship to customers. It is a promising alternative, though, as Aleutia has demonstrated that an E2 running LXDE is capable of playing video smoothly at full-screen. Speaking of netbooks....Despite the E2's obvious benefits from a power consumption and space perspective, once you add on the cost of a display and I/O hardware, the E2 is also similar in price to a midrange netbook -- without the portability. Thus one might well ask how Aleutia sells the E2 as a better value. Rosenberg's answer is that the E2 is designed to outperform and outlast the expensive Dell and HP Windows boxes that dominate education channel sales in developing countries, particularly in Africa. In that context, of course, a netbook's small screen and keyboard are a disadvantage. Furthermore, the E2 is designed to be easily serviced by local resellers -- a problematic board can be pulled out and replaced in a matter of minutes, unlike the more complex beige boxes. Still, considering Aleutia's stated goal of catering to underprivileged schools, comparisons to one other high-profile effort are inevitable: One Laptop Per Child (OLPC). Like OLPC, Aleutia is targeting its machines at schoolhouses in underdeveloped parts of the world -- but, unlike OLPC, Aleutia is attempting to stay profitable. ![[E2 back]](/images/aleutia-e2-back_sm.png)
The company highlights two differences between itself and the OLPC project. First, it operates as an open-to-all manufacturer. OLPC's XO laptops are available only to national governments, through specially-negotiated contracts. Aleutia can and does sell E2s in any quantity to any buyer. Second, Aleutia warranties its devices for three years and offers support and repair services. When OLPC has offered XOs to the general public through "Give One Get One" programs in the past, the laptops came with a 30 day warranty and no support. The company appears to be making its case to business and schools. It currently has resellers in six countries outside the UK, and has made sales to 37 others. Rosenberg says he just shipped a classroom set of E2s and LCD monitors to a school in Musoma, Tanzania, where they await clearing customs before they can be installed. At this point, he adds, the main hurdle Aleutia faces is marketing against the billions of dollars spent each year by the larger manufacturers. "Typically, our customers find us through blogs or just searching on Google. Internet access is much more expensive in Africa so often it's a question of [expatriates] or volunteers finding us in the UK and then putting us in touch with prospective customers back in Africa." The Musoma sale was just such a case. "The headmistress had seen the pair of E2s at the school we have case study for, contacted our local reseller, and spent the bulk of her annual budget to set up this ICT lab." The state of the art changes fast, and development continues on successors to the E2 hardware -- including the possibility of mesh networking and optical drives. Whatever the next model looks like, though, it will build on the E2's tradition of desktop performance at remarkably low power consumption, a feat that would not be possible on a closed system. Right now, the E2 would not replace a typical Linux hacker's primary workstation, but for a less demanding usage scenario it is worth considering. The low profile, minimal power draw, and rugged construction make it viable in conditions beyond those suitable for a traditional PC. And as Linux continues to evolve on low-power platforms, you can be sure its advantages will only increase.
Much hot air over blinking cursorsLike any large development project, Fedora has a number of important problems to resolve at any given time. One of those problems is power management and, in particular, power conservation; developers in the Fedora project have also often stated their desire to have a more "green" operating system. So one might think that, when Matthew Garrett came along with a proposal like this:
The blinking cursor causes the processor and GPU to be woken up
frequently. On one of my test systems, this causes somewhere in the
region of 2 Watts of extra power consumption. I'd like to change
the default for this to false. Anyone have any objections?
...that the request for objections would yield few responses. What ensued instead was a lengthy discussion (to put it charitably) which made it clear that some users value their by-default blinking cursor far above any other considerations. Blinking cursors have been targeted by developers concerned about power consumption for some time now. Every transition requires that the system wake up to make the cursor change, and wakeups increase power usage. Beyond that, though, Matthew has written a graphics driver patch that allows the system to put the graphics processor into a sleeping state as well - as long as the screen does not change. Once again, every cursor transition requires powering up the GPU; that is where much of the excess power usage comes from. This power savings comes at "idle" times, so some detractors pointed out that, on most systems, the screen saver will quickly power down everything when the system is idle. But "idle" in this context means something different: it describes times when nothing is being drawn to the screen. Such periods of idleness come about, for example, during each of your editor's frequent pauses as he ponders what to write next, what to make for lunch, or whether it wouldn't be better to just drop everything and go for a bike ride. It is a different time scale than the screen saver operates on. Idle displays will not come about if frequently-updating applications are running, but, otherwise, it's a common occurrence even on systems which are nominally busy. Accurate counts of Fedora installations are hard to come by, but most estimates seem to be in the millions. A two-watt power savings over millions of systems implies a total power savings in the megawatt range. Even if the power savings estimates are way off (and there are those who assert that this is the case), it seems like something worth reaching for. After all, it's a simple default change, and anybody who is truly attached to a blinking cursor can change it back - even if Fedora has helpfully hidden the toggle under Preferences/Hardware/Keyboard in the main menu. Besides, your editor came to a thoroughly objective conclusion many years ago that blinking cursors are an annoying distraction and that any developer implementing such behavior should be sentenced to ten years of COBOL coding under a strobe light. The arguments against this change seem to fall into two categories. One of those is that users are unable to find their cursor if it does not blink. For example:
The "wins" are massively overhyped, and the loss is users
wondering where the damn cursor is (there are good reasons it was
made to blink in the first place)
The other argument seems to be along the lines of "but we've always had a blinking cursor." Example:
Blindingly ignoring tradition is patently absurd.
We might as well change the slogan to: Fedora: stupid and proud of it! Numerous other developers have come out in favor of the change. This seems like one of those issues where a full consensus will never develop; so, if this change is to be made, somebody has to just do it despite the flames. It would appear that Matthew has done exactly that. One can only wonder how many more carbon emissions would have been avoided if he hadn't asked for objections first.
Security Android application securityRecent reports of a misbehaving Android application have rekindled concerns about the security of Android-based mobile phones. Because applications can be made available in the Android Market by anyone, without any review, it would seem to be an excellent target for malware purveyors. The Android security model is meant to sandbox applications, but some applications need more capabilities—to get them, they ask the user. While it appears that the application in question, MemoryUp, was actually innocent of what is was accused of doing, the incident highlights potential problems with Android security. Unlike the iPhone App Store, Android applications are not vetted before being placed into the Android Market. In addition, for now, Android applications must be distributed for free, though that is set to change sometime later this year. Given the problems with Apple's inconsistent and anti-competitive decisions on iPhone applications, Google's openness has some benefits. But it also has some pitfalls. Applications are required to be signed with a developer's private key, which should provide some measure of accountability. Given that it only takes a Google account and $25 to get into the developers program, it may not be very difficult for a malicious developer to get an "anonymous" (or largely untraceable) key. But there is a larger issue as well. The security model leaves it up to users to, essentially, guess whether they should allow an application to have additional privileges. As David "Lefty" Schlesinger points out in his blog, the security model in many ways faults the user: "I've commented in a variety of places about the problems with Android's security model, and how it essentially made any security problem the users' fault by asking them to approve what the application says it wants to do--in broad terms--on installation, without any policy component behind it at all." While it appears that MemoryUp neither asked for, nor received, any extra privileges, it is something that actual malware—or, worse in some ways, applications that live in the gray area between malware and benign-ware—developers will not hesitate to exploit. If an application needs network access to do its job, it will presumably be granted that access by the user at install time. But, there is nothing stopping that application from using that access in ways the user might never approve. Combining network access with access to personal data, leaves the user wide open to sharing that data in ways they might not expect—or approve of. In some ways, that is no different than Android's automatic syncing of contact information to Gmail, which ensures that Google has access to that info. Undoubtedly Google's privacy policy prohibits them doing anything overt with that information, but it is, or should be, worrisome. Mobile phones are rather sophisticated computing devices these days, with multiple connectivity choices, and lots more storage than even desktop machines had just a few years ago. Along with that sophistication goes the security risk. We have yet to train users to make sensible security decisions on their desktop machines—though it seems like it might be getting slowly better—do we truly expect them to make good decisions when "HotPhoneApp" asks for more access than it truly deserves? For Linux desktops and servers, distributors generally play the role of application examiners. In many ways, they are the first line of defense against malware. It is understandable why Google might not want to play that role, but users should keep it in mind when installing Android applications.
Brief items Linux also affected by hole in Ralink's Wi-fi driver (heise online)Ralink Wi-fi drivers have a flaw that may lead to arbitrary code execution on Linux boxes, as reported by heise online. "The flaw discovered in Ralink's Wi-fi drivers for Windows last weekend also affects the Linux drivers as already suspected. Attackers can exploit the hole to crash a computer remotely or possibly even inject and execute arbitrary code. Debian has released new packages for the rt2400, rt2500 and rt2570 models, but the packages need to be compiled by the user for the time being." Other distributions are undoubtedly vulnerable as well.
Drive-By 'War Cloning' Attack Hacks Electronic Passports, Driver's Licenses (DarkReading)DarkReading takes a look at RFID snooping and cloning of identification cards from a distance. The article is based on research by Chris Paget that will be presented at SchmooCon, which starts on February 6. "Unlike previous RFID hacks that have been conducted within inches of the targeted ID, Paget's hack can scan RFID tags from 20 feet away. 'This is a vicinity versus proximity read,' he says. 'The passport card is a real radio broadcast, so there's no real limit to the read range. It's conceivable that these things can be tracked from 100 meters -- a couple of miles.'"
New vulnerabilities audiofile: arbitrary code execution
boinc-client: incorrect use of OpenSSL API
firefox: multiple vulnerabilities
glpi: SQL injection
kernel: denial of service
libpng: memory overwrite
linux: denial of service
moin: cross-site scripting
phpMyAdmin: cross-site request forgery
rt2400: arbitrary code execution
sudo: privilege escalation
xdg-utils: arbitrary code execution
xrdp: arbitrary code execution
Page editor: Jake Edge Kernel development Brief items Kernel release statusThe current 2.6 development kernel remains 2.6.29-rc3. As of this writing, just over 500 changesets have been merged into the mainline since 2.6.29-rc3; they are dominated by fixes but there are also some UBIFS enhancements (including direct I/O support), a driver for AMD CS5536 PATA controllers, and SPARC64 NMI watchdog support. Past experience suggests that the 2.6.29-rc4 release can be expected a few milliseconds after this page is published.The current stable 2.6 kernel is 2.6.28.3, released on February 2; 2.6.27.14 was released at the same time. Both updates contain a long list of fixes for serious problems. The 2.6.28.4 and 2.6.27.15 updates are in the review process as of this writing; their probable release date is February 6.
Kernel development news Quotes of the week
The kernel is a lazy, deceitful sack of scum; this is the
fundamental principle of virtual memory. It applies in most
situations, some familiar and some surprising, but the rule is that
VMAs record what has been agreed upon, while PTEs reflect what has
actually been done by the lazy kernel.
-- Gustavo
Duartes describes memory management
-- Evgeniy Polyakov claims a slight performance advantage
Unless we uncover devastating issues with the transition from ext3
to ext4 as the default file system, Fedora 11 installed systems
will be using ext4.
-- James Laska
Dracut looks to replace the initramfs patchworkCreating initramfs images, for use by the kernel at "early boot" time, is a rather messy business. It is made more so by the fact that each individual distribution has its own tools to build the image, as well as its own set of tools inside it. At the 2008 Kernel Summit, Dave Jones spent some time discussing the problem along with his idea to start over by creating a cross-distribution initramfs. That has led to the Dracut project, which was announced by Jeremy Katz in December, and a new mailing list, aptly named "initramfs", in which to discuss it. An initramfs is a cpio archive of the initial filesystem that gets loaded into memory when the kernel is loaded. That filesystem needs to contain all of the drivers and tools needed to mount the real root filesystem. It isn't strictly necessary to have an initramfs, a minimal /dev along with the required drivers built into the kernel is another alternative. Distributions, though, all use an initramfs and, over time, each has come up with their own way to handle this process. Jones, Katz, and others would like to see something more standardized, that gets pushed upstream into the mainline kernel so that distributions can stop fussing with the problem. There are a number of advantages to that approach. Building an initramfs from the kernel sources would eliminate problems that users who build their own kernels sometimes run into. If a distribution's initramfs scheme falls behind the pace of kernel development in some fashion, users can find themselves unable to build a kernel+initramfs combination that will work. There is also hope that dracut will help speed up the boot process by using udev, as Katz puts it:
By instead moving to where we're basing everything off of uevents we can
hopefully move away from the massive shell scripts of doom, speed up
boot and also maybe get to where a more general initramfs can be built
_with the kernel_ instead of per-system.
Because initramfs is so integral to the early boot process—and so difficult to debug if problems arise—there is a concern about starting over. It is not surprising, then, that there is some resistance to throwing out years of hard-earned knowledge that is embodied in the various distributions' initramfs handling, leading Maximilian Attems to ask:
btw why do we need dracut at all?
your blog has vague allusion against initramfs-tools,
which is much better tested and has seen the field.
beside having more features and flexibility it does not hardcode udev usage, nor bash, why should it not be considered at first!? It is a question that is frequently asked, but one that Jones has a ready answer for:
"why not use the ubuntu one?"
"why not use the suse one?" they all have some good and bad tradeoffs. Distro X has feature Y which no-one else does. etc. When the project began we spent some time looking at what everyone else already does, and "lets start over and hope others participate" seemed more attractive than taking an existing one and bending it to fit. So, the Red Hat folks, at least, are proceeding with dracut. Jones recently posted a status report on his blog that outlined what is working and what still needs to be done. Though it currently is "Fedora-centric, with a few hardcoded assumptions in there, so it'll likely fall over on other distros", fixing that is clearly high on the to-do list. The status report is an effort to get people up-to-speed so that other distributions can start trying it out. In addition, he plans to start trying it on various distributions himself. In its current form, dracut is rather minimal. It has a script named dracut that will generate a gzipped cpio file for the initramfs image, as well as an init shell script that ends up in that image. Jones says that init "achieves quite a lot in its 119 lines": setting up device nodes, starting udev, waiting for the root device to show up and mounting it, mounting /proc and /sys, and more. If anything goes wrong during that process, init will drop to a shell that will allow diagnosis of the problem. So far, it only supports the simpler cases for the location of the root filesystem:
Currently, dracut supports root on raw disks (/dev/sda), lvm (/dev/mapper...),
and mounting root by label or uuid.
If you have a more esoteric rootfs setup, such as root-on-nfs, right now
it'll fail horribly.
There is only one remaining barrier to getting rid of the unlamented nash, and that is a utility to do a switch_root (i.e. switch to a new root directory and start an init from there). The plan is to write a standalone utility that would be added to the util-linux package. The environment provided by the initramfs would include util-linux, bash, and use glibc, which doesn't sit well with some embedded folks. They generally prefer a statically linked busybox environment. Kay Sievers outlines the reasons for a standard environment:
Busybox is nice as an option to be able to rescue/hack. It should
definitely be provided as an optional "plugin" for people who need it.
But there is no chance to depend on it by default, for the very same
reason klibc, or any other libc is not an option.
Full-featured distros who make their money with support, can just not afford to support tools compiled differently from the tools in the real rootfs. SUSE used klibc for one release, and stopped doing that immediately, because you go crazy if you run into problems with bootup problems on [customer] setups you can not reproduce with the tools from the real rootfs. There is plenty to do to make dracut into a real tool for creating initramfs images—at least ones that work on more than just Fedora—more root filesystem types need to be handled, hibernation signatures need to be recognized and handled, the udev rules need to be cleaned up, kdump images need to be supported, etc. But the overriding question is: will other distributions start working on dracut as well? If and when Jones (or others) get things at least limping along on Debian/Ubuntu and/or SUSE, will those distributions start getting on board? So far, there is not a lot of evidence of anyone other than Red Hat working on dracut. But, the plan is to eventually submit dracut upstream to the mainline kernel, so that make initramfs works in a standard kernel tree. It would seem that many kernel hackers see the need for standardizing initramfs and eventually moving it into the kernel, as Ted Ts'o notes:
[...] So the idea that was explored was adding a
common mkinitramfs with basic functionality into kernel sources, with
the ability for distributions to add various "value add" enhancements
if they like. This way if the kernel wants to move more functionality
(for example, in the area of resuming from hibernation) out of the
kernel into initramfs, it can do so without breaking the ability of
older distributions from being able to use kernel.org kernels.
So IMHO, it's important not only that the distributions standardize on a single initramfs framework, but that framework get integrated into the kernel sources. No one is very happy about losing their particular version of the tools to build an initramfs—if only because of familiarity—but a standardized solution is something whose time has come. Probably any of the existing tools could have been used as a starting point, but for political reasons, it makes sense to start anew. There is a fair amount of cruft that has built up in the existing tools as well, which folks are unlikely to miss, so there are also technical reasons to start over. It should come as no surprise that a project started by Red Hat might be somewhat Fedora-centric in its early form, but the clear intent is to make it distribution-agnostic. It would seem the right time for other distributions and constituencies (embedded for example) to get involved to help shape dracut into something useful for all.
Online defragmentation for ext4Any filesystem designed for use with rotating media must pay careful attention to the layout of files on the disk. If a file's blocks can be placed sequentially on the device, they can be read or written as a unit, without the need for performance-destroying head seeks in the middle. Even the most careful filesystem will sometimes fail to lay out files in a minimal number of contiguous extents, though. If a file grows, for example, and the blocks just past the previous end are not available, the filesystem has no choice other than placing the new blocks somewhere else. Depending on how full the filesystem is, those blocks could end up far away indeed. This sort of fragmentation can result in filesystems slowing down over time.Fragmentation problems can be fixed up after the fact. The most obvious way to defragment a disk is to make a new filesystem on it; after all, empty filesystems tend not to have fragmentation problems. But the new filesystem will have less fragmentation even after its old contents have been restored onto it. When the ultimate size of every file is known in advance, it's relatively easy to make good layout decisions. Knowing this, system administrators have used backup-and-restore cycles as a way of cleaning up overly fragmented disks for many years. There is, of course, a problem with this approach which goes beyond the risk of discovering that one's backup is not quite as good as one had thought. The downtime associated with rewriting a disk can be unwelcome to users; a filesystem which is down responds even more slowly than a filesystem with fragmentation problems. So it would be nice to have a way to defragment a filesystem while keeping it online and available. This online defragmentation capability has been on the ext4 "planned features" list for a long time; it is, at this point, about the only planned feature which has not yet been merged into the mainline. Some attempts at online defragmentation have been made in the past, but they have not, yet, gotten through review. Now Akira Fujita has come forward with a new ext4 online defragmentation patch which, by virtue of a different view of the problem, might just make it into the mainline. Previous attempts exposed an interface whereby a user-space application could ask the filesystem to defragment a specific file by allocating new (contiguous) blocks to it. That turned out to be a bit too much work to put into the kernel; so, with this patch, Akira has created an interface which moves a bit more of the work into user space. In the new scheme, a user-space defragmentation daemon will pick a file which, in its opinion, is too spread out on the disk. The daemon will then set about creating a new, less-fragmented file to replace it. That is done by creating a new, temporary file on the same filesystem, then unlinking it (while holding the file descriptor open). Calls to fallocate() can then be used to add the requisite number of blocks to the new file. Once the new file is up to the correct size, the daemon can use the FS_IOC_FIEMAP ioctl() to query the number of extents (fragments) it contains. If the new file is not an improvement over the old one, the daemon should just close it and give up; the filesystem simply does not have enough contiguous storage available. The daemon could, at this point, simply copy the old file into the new one, then put the newly defragmented version in the place of the old one. The problems with that approach include performance (all that data must be copied through user space) and robustness. If some other process changes the file while the copy is happening, the new file may lose those changes. Indeed, if some process has the old file open, it may never notice that the replacement has happened. So something smarter is needed. Akira's patch addresses these problems with the creation of a new, magic ioctl() call for ext4. The defragmentation application must fill out a structure like:
struct move_extent {
int org_fd; /* original file descriptor */
int dest_fd; /* destination file descriptor */
ext4_lblk_t start; /* logical offset of org_fd and dest_fd*/
ext4_lblk_t len; /* exchange block length */
};
This structure, when passed to the new EXT4_IOC_DEFRAG ioctl(), expresses a request to the kernel to move len blocks from the original file to the new one, starting at start. Essentially, it copies an extent's worth of data into the (fully allocated, nicely contiguous) space in the new file, then performs a magic block swap. The contiguous blocks from the new file are patched into the old file, while the fragmented blocks are, instead, put into the new file. Once the entire file has been treated in this way, the file will have been defragmented without having been visibly moved. The final step is to delete the "new" file, which now contains the "old" file's blocks. Since the file had been unlinked, that will cause the filesystem to recover the old blocks and the task will be complete. For the curious, Akira has posted the source for a user-space defragmentation tool which shows how this interface can be used. There have not been a whole lot of objections to the new code. Chris Mason did point out that the system will do unfortunate things if the layout of a swap file changes. He has clearly thought about the problem - to an extent:
Btrfs is currently getting around this by dropping bmap support, so
swapfiles on btrfs won't work at all. A real long term solution is
required ;)
Beyond that, there are some minor issues, such as the definition of the ABI in terms of types like int instead of architecture-independent types. Requests for separate source and destination block numbers have been made; that feature would help developers working on hierarchical storage systems. The ability to guide the allocation of blocks would be useful in situations where performance can be improved by grouping related files together on the disk. There could also be value in finding a way to move much of this functionality into the VFS layer where it could be used with other filesystems as well; that could prove to be a difficult task, though, and ext4 maintainer Ted Ts'o has little desire to take on that job. Those little issues notwithstanding, it does appear that the ext4 filesystem may be closer to getting the much-requested online defragmentation feature.
Taming the OOM killerUnder desperately low memory conditions, the out-of-memory (OOM) killer kicks in and picks a process to kill using a set of heuristics which has evolved over time. This may be pretty annoying for users who may have wanted a different process to be killed. The process killed may also be important from the system's perspective. To avoid the untimely demise of the wrong processes, many developers feel that a greater degree of control over the OOM killer's activities is required.
Why the OOM-killer?Major distribution kernels set the default value of /proc/sys/vm/overcommit_memory to zero, which means that processes can request more memory than is currently free in the system. This is done based on the heuristics that allocated memory is not used immediately, and that processes, over their lifetime, also do not use all of the memory they allocate. Without overcommit, a system will not fully utilize its memory, thus wasting some of it. Overcommiting memory allows the system to use the memory in a more efficient way, but at the risk of OOM situations. Memory-hogging programs can deplete the system's memory, bringing the whole system to a grinding halt. This can lead to a situation, when memory is so low, that even a single page cannot be allocated to a user process, to allow the administrator to kill an appropriate task, or to the kernel to carry out important operations such as freeing memory. In such a situation, the OOM-killer kicks in and identifies the process to be the sacrificial lamb for the benefit of the rest of the system. Users and system administrators have often asked for ways to control the behavior of the OOM killer. To facilitate control, the /proc/<pid>/oom_adj knob was introduced to save important processes in the system from being killed, and define an order of processes to be killed. The possible values of oom_adj range from -17 to +15. The higher the score, more likely the associated process is to be killed by OOM-killer. If oom_adj is set to -17, the process is not considered for OOM-killing.
Who's Bad?The process to be killed in an out-of-memory situation is selected based on its badness score. The badness score is reflected in /proc/<pid>/oom_score. This value is determined on the basis that the system loses the minimum amount of work done, recovers a large amount of memory, doesn't kill any innocent process eating tons of memory, and kills the minimum number of processes (if possible limited to one). The badness score is computed using the original memory size of the process, its CPU time (utime + stime), the run time (uptime - start time) and its oom_adj value. The more memory the process uses, the higher the score. The longer a process is alive in the system, the smaller the score. Any process unlucky enough to be in the swapoff() system call (which removes a swap file from the system) will be selected to be killed first. For the rest, the initial memory size becomes the original badness score of the process. Half of each child's memory size is added to the parent's score if they do not share the same memory. Thus forking servers are the prime candidates to be killed. Having only one "hungry" child will make the parent less preferable than the child. Finally, the following heuristics are applied to save important processes:
The task with the highest badness score is then selected and its children are killed. The process itself will be killed in an OOM situation when it does not have children.
Shifting OOM-killing policy to user-space/proc/<pid>/oom_score is a dynamic value which changes with time, and is not flexible with different and dynamic policies required by the administrator. It is difficult to determine which process will be killed in case of an OOM condition. The administrator must adjust the score for every process created, and for every process which exits. This could be quite a task in a system with quickly-spawning processes. In an attempt to make OOM-killer policy implementation easier, a name-based solution was proposed by Evgeniy Polyakov. With his patch, the process to die first is the one running the program whose name is found in /proc/sys/vm/oom_victim. A name based solution has its limitations:
Alan Cox disliked this solution, suggesting that containers are the most appropriate way to control the problem. In response to this suggestion, the oom_killer controller, contributed by Nikanth Karthikesan, provides control of the sequence of processes to be killed when the system runs out of memory. The patch introduces an OOM control group (cgroup) with an oom.priority field. The process to be killed is selected from the processes having the highest oom.priority value. To take control of the OOM-killer, mount the cgroup OOM pseudo-filesystem introduced by the patch:
# mount -t cgroup -o oom oom /mnt/oom-killer
The OOM-killer directory contains the list of all processes in the file tasks, and their OOM priority in oom.priority. By default, oom.priority is set to one. If you want to create a special control group containing the list of processes which should be the first to receive the OOM killer's attention, create a directory under /mnt/oom-killer to represent it:
# mkdir lambs
Set oom.priority to a value high enough:
# echo 256 > /mnt/oom-killer/lambs/oom.priority
oom.priority is a 64-bit unsigned integer, and can have a maximum value an unsigned 64-bit number can hold. While scanning for the process to be killed, the OOM-killer selects a process from the list of tasks with the highest oom.priority value. Add the PID of the process to be added to the list of tasks:
# echo <pid> > /mnt/oom-killer/lambs/tasks
To create a list of processes, which will not be killed by the OOM-killer, make a directory to contain the processes:
# mkdir invincibles
Setting oom.priority to zero makes all the process in this cgroup to be excluded from the list of target processes to be killed.
# echo 0 > /mnt/oom-killer/invincibles/oom.priority
To add more processes to this group, add the pid of the task to the list of tasks in the invincible group:
# echo <pid> > /mnt/oom-killer/invincibles/tasks
Important processes, such as database processes and their controllers, can be added to this group, so they are ignored when OOM-killer searches for processes to be killed. All children of the processes listed in tasks automatically are added to the same control group and inherit the oom.priority of the parent. When multiple tasks have the highest oom.priority, the OOM killer selects the process based on the oom_score and oom_adj. This approach did not appeal to cpuset users, though. Consider two cpusets, A and B. If a process in cpuset A has a high oom.priority value, it will be killed if cpuset B runs out of memory, even though there is enough memory in cpuset A. This calls for a different design to tame the OOM killer. An interesting outcome of the discussion has been handling OOM situations in user space. The kernel sends notification to user space, and applications respond by dropping their user-space caches. In case the user-space processes are not able to free enough memory, or the processes ignore the kernel's requests to free memory, the kernel resorts to the good old method of killing processes. mem_notify, developed by Kosaki Motohiro, is one such attempt made in the past. However, the mem_notify patch cannot be applied to versions beyond 2.6.28 because the memory management reclaiming sequence have changed, but the design principles and goals can be reused. David Rientjes suggests having one of the two hybrid solutions:
One is the cgroup OOM notifier that allows you to attach a task to
wait on an OOM condition for a collection of tasks. This allows userspace to
respond to the condition by dropping caches, adding nodes to a cpuset,
elevating memory controller limits, sending a signal, etc. It can
also defer to the kernel OOM killer as a last resort.
The other is /dev/mem_notify that allows you to poll() on a device file and be informed of low memory events. This can include the cgroup oom notifier behavior when a collection of tasks is completely out of memory, but can also warn when such a condition may be imminent. I suggested that this be implemented as a client of cgroups so that different handlers can be responsible for different aggregates of tasks. Most developers prefer making /dev/mem_notify a client of control groups. This can be further extended to merge with the proposed oom-controller.
Low Memory in Embedded SystemsThe Android developers required a greater degree of control over the low memory situation because the OOM killer does not kick in till late in the low memory situation, i.e. till all the cache is emptied. Android wanted a solution which would start early while the free memory is being depleted. So they introduced the "lowmemory" driver, which has multiple thresholds of low memory. In a low-memory situation, when the first thresholds are met, background processes are notified of the problem. They do not exit, but, instead, save their state. This affects the latency when switching applications, because the application has to reload on activation. On further pressure, the lowmemory killer kills the non-critical background processes whose state had been saved in the previous threshold and, finally, the foreground applications. Keeping multiple low memory triggers gives the processes enough time to free memory from their caches because in an OOM situation, user-space processes may not be able to run at all. All it takes is a single allocation from the kernel's internal structures, or a page fault to make the system run out of memory. An earlier notification of a low-memory situation could avoid the OOM situation with a little help from the user space applications which respond to low memory notifications. Killing processes based on kernel heuristics is not an optimal solution, and these new initiatives of offering better control to the user in selecting the process to be the sacrificial lamb are steps to a robust design to give more control to the user. However, it may take some time to come to a consensus on a final control solution.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Networking
Architecture-specific
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Sabayon Linux 4Sabayon Linux began life as a binary shortcut to a fully working Gentoo system. Early experiences with RR4 - Sabayon's original name - ranged from "nothing installed" to "data lost." Fortunately, the developers never gave up and today Sabayon is a beautiful, functional, and stable Linux desktop distribution. Booting the Live DVDSabayon Linux is comparable to Mandriva or openSUSE in that it is a large system aiming to meet the needs of a broad section of users. The first evidence of this is seen at the initial boot of the live DVD, which contains several modes of operation. Beyond the default choice that boots with music into a highly customized KDE, one can also boot an EeePC mode that provides the same KDE environment at a 640x480 resolution. You can also opt to start the installation in either graphical or text mode. You can also boot to an anonymous web browsing mode that uses Tor or boot to play Sauerbraten, a popular 3D action game. 
With most of these boot modes, the user is given the chance to enable 3D desktop effects with Compiz Fusion if their hardware is supported. Besides the native Intel support, Sabayon comes with NVIDIA and ATI proprietary accelerated graphic drivers. So, most hardware is supported - if you do not mind binary blobs. Compiz Fusion usually requires a beefy system, but basic functionality was tested successfully here with 2.0 GHz processor and 512 MB of RAM. Sabayon Linux 4 sports a tasteful new theme that starts at first boot and is consistent throughout. Gone are the gothic tones of 2.x and the gawdy bright blue of 3.x. The professional quality graphics feature gray tones with royal blue accents and is very easy on the eyes. This new theme reflects the maturity of the distribution and its developers. Installing Sabayon LinuxIt's during the installation that one can see further evidence of Sabayon's ability to meet the needs of many user types. First is the support for every language and keyboard available to Linux today. Further, there are choices which will determine the type of system installed. One can choose from several default desktops that include KDE 3.5.10, GNOME 2.24, and Xfce 4.4.3. These will result in the multipurpose system with the full complement of software and accelerated graphics. For lighter systems, Xfce for UMPC and the Fluxbox minimal desktop are offered. Sabayon Core can also be chosen which excludes any graphical environment; it is well suited for server deployments. If a server is desired, Sabayon includes software such as Apache 2.2.10, PHP 5.2, and MySQL 5.0 in its repositories. GParted, a graphical partitioning tool, makes partitioning easier by allowing users to visualize the layout of their hard drives. By default the full contents of the live DVD is installed, but packages can be deselected individually if desired. The wizard also walks users through setting up the root password, user accounts, networking, and boot options. Unlike Mandriva and openSUSE, the Sabayon installer doesn't add other operating systems that may be present to the GRUB menu. One significant change from the previous release is the opportunity to install upon an Ext4 filesystem, although,in that case, Sabayon still requires a separate Ext3 or Ext2 boot partition. For the most part, it is a typical Linux install routine; those with experience will have no difficulties, and those with no experience should have very little. The Sabayon Linux ExperienceThe new theme is carried over from the live DVD; it starts with the boot-up process and remains through log in and onto the various desktops including Xfce, Fluxbox, and LXDE. This level of continuity is usually seen only in the larger commercial distributions and adds an air of professionalism to Sabayon. In simple terms, it looks good. Sabayon Linux ships with software for everyone as well. For work, for play, and everywhere in between, the Sabayon menus are overflowing with applications. For office tasks, OpenOffice.org 3.0 leads the way. For graphic work Picasa, Inkscape, Hugin, and The GIMP stand out among the many others. Multimedia applications include MPlayer, Ardour2, Elisa Media Center, Kaffeine, VLC, and Juk. For file transfer d4x, aMule, Filezilla, and Deluge are among the choices and for communications Pidgin, Skype, Ekiga, and Evolution are available. To surf the internet Firefox 3.0.4, Konqueror, Epiphany, and Seamonkey are at the ready. The extensive menu contains lots of KDE and GNOME games as well as several 3D games such as Nexuiz and Sauerbraten. 
Aside from the expected, Sabayon offers some more unusual software too. That includes BOINC, which facilitates distributed computing and replaces Seti@home. Another is Second Life, which is a client for an immersive virtual world. Plus, there are several graphical programming environments such as Qt Designer and lots of system tools such as KMyFirewall, KlamAV, Wireshark, VirtualBox, and Wine-Doors. Sabayon comes with multimedia codecs and plugins needed to enjoy video and audio either locally or streaming over the internet. Linux kernel 2.6.27, Xorg 7.4, and GCC 4.3.2 form the foundation. 
If by some chance you require something not included within the
installed system, perhaps it is in Sabayon's repositories. Sabayon
developers have been working for quite some time to perfect their new
package management system, Entropy. Entropy installs binary packages from
Sabayon's repositories rather than compiling the source like Gentoo's
Portage. The graphical front-end, Spritz, is nearly feature complete and
has options for the most commonly needed tasks - plus a few extra. Like
other package management systems, it has a search function to check
availability and status, update feature, and even a database backup and
restore option. Sabayon is reputed to be compatible with Gentoo Portage
repositories, so Linux hardware support in general is very good these days and most hardware is auto-configured. This is true for Sabayon as well, although it goes a bit beyond by providing proprietary graphic drivers and drivers for some of the more challenging wireless ethernet cards. It was quite refreshing to have the Broadcom 43xx in my HP laptop work out of the box. With standard dhcp networking, most internet connections should work without user intervention. Screen resolutions were configured as desired here, but graphical configuration tools are available as is the xorg.conf file that has begun to disappear in may distributions with the use of Xorg 7.4. Difficulties did arise when configuring a Samba shared printer due to some issues with Samba in general. ConclusionOverall, Sabayon Linux 4 was found to be an excellent release. Over the course of several weeks very few issues emerged. Firefox crashed occasionally on streaming video sites and the Samba issue was unfortunate, but no other notable problems were experienced here. Performance and stability were above average and, frankly, much better than expected. The new look and feel make using Sabayon a sheer pleasure.AvailabilitySabayon Linux 4-r1 was released on December 31 and comes in several varieties. The flagship four gigabyte DVD is available for 32-bit and 64-bit systems. A smaller two gigabyte Media Center Edition is also offered for those whose primary interest is in multimedia. Xdelta files are available for the main system as well. The files are available for download directly from an http or ftp mirror, through rsync or torrent, or from retail outlets.
New Releases Announcing K12Linux F10 Live ServerThe K12Linux team has announced the release of K12Linux F10 Live Server. "K12Linux is Linux Terminal Server Project (LTSP.org) integrated with Fedora 10, in a convenient LiveUSB or DVD media installer. Since 1999 LTSP has empowered many schools and businesses with Linux-based terminal servers and thin clients, allowing low-cost clients or recycled computers to become powerful Linux desktop machines."
Mandriva Linux MIB-Live-prog 2009.0 available now!Mandriva has announced the availability of the new MIB-Live, called MIB-Live-prog 2009.0. This ISO is a revised version of Mandriva One 2009.0 with many applications and games. "[I]t can be used as DVD-Live, it can be installed on disk and, starting by now it can be stored to a USB pen: we can finally bring with us our Mandriva 2009.0 everywhere (it works like the One edition)!. It is very useful, when you want to install Mandriva 2009.0 on a NetBook (Asus eeePC, Acer One and so on), where the CD/DVD device is usually missing. To put it on a USB pen you have to type only the comand genusb in konsole, when the MIB-Live DVD is running on the PC."
Distribution News Debian GNU/Linux Debian Lenny release planned for February 14Following on the announcement of the second Debian installer release candidate, the release team has sent out a status update which, among other things, says that the final release is current planned for the 14th. "The intention is only to lift that date if something really critical pops up that is not possible to handle as an errata, or if we end up technically unable to release that weekend (eg., a needed machine crashes). Every other fix that doesn't make it in time will be r1 material."
Fedora Fedora Board Meeting Recap 2009-02-03This recap of the February 3, 2009 meeting of the Fedora Advisory Board includes Board Questions & Answers.
Unofficial Fedora FAQ Update: 2009-01-30The Unofficial Fedora FAQ was updated January 30, 2009. There are plenty of changes. Help spread the FAQ by providing new translations.
Gentoo Linux Gentoo Foundation 2009 elections - nominations are now openNominations are open for the Gentoo Foundations 2009 elections. "The nomination period started today and lasts until Saturday February 28th. The election polls will be open from Monday March 2nd to Sunday March 29th. The elected trustees start their term on April 1st."
Mandriva Linux Mandriva Linux Assembly announcementThe creation of the Mandriva Linux Assembly has been announced. "As announced in december, the main goal is to create a committee together with developpers, users, testers, translators and Mandriva salaries to improve our favourite distribution."
Slackware Linux KDE 4.2 is in SlackwareKDE 4.2.0 is available for Slackware current and Slackware 12.2. "KDE 4.2.0 is released -- congratulations to the KDE development team for such an amazing job on this beautiful and highly user-friendly desktop environment! Thanks also to Eric Hameleers, who did a ton of work getting KDE 4.2.0 ready for Slackware. Once again (for now), these packages are compatible with Slackware 12.2. Enjoy! :-)"
SUSE Linux and openSUSE KDE 4.2 is in openSUSEOpenSUSE has released KDE 4.2 packages. "Want to install KDE 4.2 on an existing system? Grab the packages via one-click install for openSUSE 11.1, openSUSE 11.0, or openSUSE 10.3."
Distribution Newsletters Ubuntu Weekly Newsletter #127The Ubuntu Weekly Newsletter for January 31, 2009 covers: Call for testing of DRBD: Server Team, New MOTU, Arizona LoCo installfest, Launchpad 2.2.1 released, Exporting translations upstream, PartyBoi2 interview, Ubuntu pocket guide and reference book, Ubuntu Nokia project (a community project), Technical Board Meeting, Server Team: January 2009, MOTU Council, and much more.
OpenSUSE Weekly News/57This issue of the OpenSUSE Weekly News covers openSUSE@FOSDEM2009, HP Builds on the openSUSE Education Project, Masim Sugianto: Tutorial : VirtualBox on openSUSE 11.1 Part 2, openSUSE Forums: How to install KDE 4.2, Build maemo-apps with openSUSE BuildService ? - It works ! and several other topics.
Fedora Weekly News Issue 161The Fedora Weekly News for February 1, 2009 includes an update from the Fonts SIG to bring us up to date on their work leading up to Fedora 11 and much more.
Fedora's Echo Monthly News Issue 6The January 2009 issue of the Echo Monthly News looks at the Echo Perspective starting of Fedora Hosted and New Echo Artist Scripts and Supporting Icon Artist Library.
DistroWatch Weekly, Issue 288The DistroWatch Weekly for February 2, 2009 is out. "As Linux personalities go, there is nobody more famous than Linus Torvalds, the man who started it all by developing the Linux kernel in 1991; read on for our exclusive interview with the chief architect of the most important part of your Linux distribution. In the news section, Fedora gets set to include KDE 4.2 in current and previous releases, Debian developers announce the imminent release of version 5.0 "Lenny", OpenSolaris focuses on improvements to compete with Linux, Keir Thomas releases his Ubuntu Pocket Guide and Reference book as a free download, netbook distribution Easy Peasy publishes a feature list of the upcoming version 2.0, and the Intel-sponsored Moblin project releases a new alpha build of its operating system for mobile devices. Finally, we are pleased to announce that the recipient of the DistroWatch.com January 2009 donation is the Openbox project."
Page editor: Rebecca Sobol Development Fully automated bisecting with "git bisect run"It's a common developer practice to track down a bug by looking for the change that introduced it. This is most efficiently done by performing a binary search between the last known working commit and the first known broken commit in the commit history. git bisect is a feature of the Git version control system that helps developers do just that. git bisect may also be well known by LWN readers for heated discussions on the Linux kernel mailing list about "asking" (or "forcing" depending on the point of view) users to find the bad commit when they report a regression. But a little-known addition, git bisect run, can allow a developer to completely automate the process. This can be very useful and may enable switching to interesting new debugging workflows. At each step of the binary search, git bisect checks out the source code at the commit chosen by the search. The user then has to test to see if the software is working or not. If it is, the user performs a git bisect good, otherwise they do a git bisect bad, and the search proceeds accordingly. This is different than the idea behind git bisect run, as it uses a script or a shell command to determine if the source code—which git bisect automatically checked out—is "good" or "bad". This idea was suggested by Bill Lear in March 2007, and I implemented it shortly thereafter. It was then released in Git 1.5.1. Technically, the script or command passed to git bisect run is run at each step of the bisection process, and its exit code is interpreted as "good", if it's 0, or "bad", otherwise (except 125 and values greater than 127, see the git bisect documentation for more information.) One simple and yet useful way to take advantage of that is to use git bisect run to find which commit broke the build. Some kernel developers like this very much. Ingo Molnar wrote:
for example git-bisect was godsent. I remember that years ago
bisection of a bug was a very [laborious] task so that it was
only used as a final, last-ditch approach for really nasty
bugs. Today we can [autonomously] bisect build bugs via a simple
shell command around "git-bisect run", without any human
interaction!
For example, with a not too old Git (version 1.5.2 or greater), bisecting a build bug in the Linux kernel may be just a matter of launching:
git bisect start linux-next/master v2.6.26-rc8
git bisect run make kernel/fork.o
because the git bisect start command, when it is passed two (or more) revisions, here "linux-next/master" and "v2.6.26-rc8", interprets the first one as "bad" and the other ones as "good". This works as follows: git bisect checks out the source code of a commit to be tested, then runs make kernel/fork.o. make will exit with code 0 if it builds, or with something else (usually 2) otherwise. This gets recorded as "good" or "bad" for the commit that was checked out, which will enable the binary search to continue by finding another commit to check out, then run make again, and so on, until the first "bad" commit in the history is found. But to bisect regressions that manifest themselves on the running code, as opposed to build problems, it's usually more complicated. You probably have to write a test script that should be passed to git bisect run. For example, a test script for an application built with make and printing on its standard output might look like this:
#!/bin/sh
make || exit 125 # an exit code of 125 asks "git bisect"
# to "skip" the current commit
# run the application and check that it produces good output
./my_app arg1 arg2 | grep 'my good output'
See this message from Junio Hamano, the Git maintainer, for explanations and a real world example of git bisect run used to find a regression in Git. The git bisect documentation has some short examples too. It's even trickier for kernel hackers, because you have to reboot the computer each time you want to test a new kernel, but some kernel hackers suggest that it be used anyway if the problem is "reproducible, scriptable, and you have a second box". Ingo Molnar describes his bisection environment this way:
i have a fully automated bootup-hang bisection script. It is
based on "git-bisect run". I run the script, it builds and
boots kernels fully automatically, and when the bootup fails
(the script notices that via the serial log, which it
continuously watches - or via a timeout, if the system does
not come up within 10 minutes it's a "bad" kernel), the script
raises my attention via a beep and i power cycle the test
box. (yeah, i should make use of a managed power outlet to
100% automate it)
So it's possible to use git bisect run on a wide array of
applications. This means that, for example, automatically in
your nightly builds, you can find the commit that broke the build or the test
suite, and then use information from it to send a But what may be more interesting is that fully automated bisection may enable new workflows. On the git mailing list, Andreas Ericsson, a Git developer, reported:
To me, I'd happily use any scm in the world, so long as it has
git-bisect. Otoh, I'm a lazy bastard and love bisect so much
that all our automated tests are focused around "git bisect
run". This means bugs in software released to customers are
few and far apart. When we get one reported, we just create a
new test that exposes it, fire up git-bisect and then go to
lunch. Quality costs, however. We pay that bill by using a
workflow that's perhaps more convoluted than necessary.
So it requires a little more work to make sure that every commit is small and easily bisectable. Then, to debug regressions, they follow these steps:
This may seem more complicated than a traditional workflow. But when asked about it, Andreas says:
I guess the real benefit is that "git bisect" makes the tests
so immensely valuable, and so easy to write, that we do it
gladly and quickly. The value comes *now* from almost all
test-cases instead of in some far-distant and obscure future.
So this kind of workflow is good to take advantage of test cases you write. But what about global productivity? Four months after having said that he uses git bisect run, Andreas Ericsson wrote that git bisect "is well-nigh single-handedly responsible for reducing our average bugreport-to-fix time from 4 days to 6 hours". Now, after more than one year of using it, he gives the following details:
To give some hard figures, we used to have an average
report-to-fix cycle of 142.6 hours (according to our somewhat
weird bug-tracker which just measures wall-clock time). Since
we moved to git, we've lowered that to 16.2 hours. Primarily
because we can stay on top of the bugfixing now, and because
everyone's jockeying to get to fix bugs (we're quite proud of
how lazy we are to let git find the bugs for us). Each new
release results in ~40% fewer bugs (almost certainly due to
how we now feel about writing tests). That's a huge boost in
code quality and productivity, and it earned me and my
co-workers a rather nice bonus last year :)
So quality costs, but, when using the right tools and workflows, it can bring in a rather nice return on investment!
System Applications Clusters and Grids rsplib 2.6.0 releasedVersion 2.6.0 of rsplib has been announced. "RSPLIB is the Open Source implementation (GPLv3) of the IETF's new standard for Reliable Server Pooling (RSerPool), which is described in RFC 5351 to RFC 5356. If you a looking for a Grid comput[at]ion solution which is simple, easy to setup and mostly self-configuring, you are probably looking for RSerPool".
Database Software CrunchyFrog 0.3.2 releasedVersion 0.3.2 of CrunchyFrog has been announced, it adds some new functionality and bug fixes. "CrunchyFrog is a database navigator and SQL client. Currently PostgreSQL, MySQL, Oracle, SQLite3, MS-SQL databases and LDAP servers are supported for browsing and querying. More databases and features can be added using the plugin system. CrunchyFrog is licensed under the GPLv3 and is written in Python and uses PyGTK for it's user interface."
pgAdmin gets a change of licenceThe pgAdmin project will undergo a change of license. "Effective from the 26th February 2009, the pgAdmin Development Team intend to change the licence of pgAdmin III from the Artistic Licence v1.0 to the Artistic Licence v2.0".
PostgreSQL Weekly NewsThe February 1, 2009 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
Interoperability Samba 3.2.8 maintenance release is availableMaintenance Release 3.2.8 of Samba has been announced. "This is the latest bug fix release for Samba 3.2 and is the version recommended for all production Samba servers running this release series."
Security dradis version 2.0 releasedVersion 2.0 of dradis has been released. "- dradis is an open source tool for sharing information during security assessments. - It provides a centralized repository of information to keep track of what has been done so far, and what is still ahead. - Client/server architecture with a web interface ".
Web Site Development Zope 3.4.0 ReleasedAfter two years of development, Zope 3.4, a Python-based web application server, has been released. In the future, releases are planned for every six months. "The focus of the Zope 3.4 development effort has been the conversion from a monolithic source tree, to a set of many small packages (eggs), that can be used independently of each other. The core has been further stabilized through numerous bug fixes, and many new add-on packages have been developed to provide a richer development experience." Click below for the full release announcement.
Desktop Applications Accessibility liblouis 1.5.2 has been releasedVersion 1.5.2 of liblouis has been announced, it is mainly a bug-fix release. "Liblouis is an open-source braille translator and back-translator. It features support for computer, literary and math braille, supports contracted and uncontracted translation for many, many languages. It plays an important role in an open source accessibility stack and is used by screenreaders such as NVDA and Orca. A companion project liblouisxml deals with formatting of braille."
Audio Applications Audacity 1.3.7 releasedVersion 1.3.7 of the Audacity audio editor has been announced. "This is primarily a bug-fix release which significantly improves stability and usability, especially on Mac OS X. It incorporates some new features too, including DirectSound device support for Windows.".
jack_capture 0.9.32 releasedVersion 0.9.32 of jack_capture has been announced, it includes some new features and bug fixes. "jack_capture is a program for recording soundfiles with jack. Its default operation is to capture whatever sound is going out to your speakers into a file, but it can do a number of other operations as well."
CAD Kicad 2008-08-25 released (Open Collector)OpenCollector.org has announced the release of Kicad version 2008-08-25. "Kicad is an open source (GPL) software for the creation of electronic schematic diagrams and printed circuit board artwork. Kicad is an integrated set of four programs and a project manager".
Desktop Environments The "Compiz Council" createdIn response to ongoing concerns about the future of the Compiz compositing window manager, a group of developers has formed into the "Compiz Council," which will attempt to drive the project forward. Announced plans include merging the Compiz Fusion project, moving away from freedesktop.org, and putting out a stable release sometime in August or September.
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE Commit-Digest (KDEDot)The January 18, 2009 edition of the KDE Commit-Digest has been announced. The content summary says: "A new "Crystal Desktop Search" Plasmoid, allowing searching through NEPOMUK indexes (and MediaWiki-based websites). Support for "grep-like behaviour" in the "FileWatcher" Plasma applet, and support for custom server addresses (aka. backend locations) for the "Pastebin" applet. Further developments in the "System Load Viewer" (which moves to kdereview for KDE 4.3) and "Video Player" applets..."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
GUI Packages AVC 0.7.0 releasedVersion 0.7.0 of AVC has been announced, some new features have been added. "AVC is a multiplatform, fully automatic, live connection among graphical interface widgets and application variables for the python language. AVC supports in a uniform way the most popular widget toolkits: GTK+, Qt3, Qt4, Tk, wxWidgets."
Interoperability Wine 1.1.14 announcedVersion 1.1.14 of Wine has been announced. Changes include: "Various bug fixes for Internet Explorer 7. Many crypt32 improvements, including new export wizard. Better support for windowless Richedit. Improvements to the print dialog. Many fixes to the regression tests on Windows. Various bug fixes."
Music Applications zynjacku 4 is outVersion 4 of zynjacku has been announced. "In this release: * lv2rack does no longer require PHAT (it was not really using it even in zynjacku-3 release) * Support for out of process plugin UIs (the upcomming nekobee release should use it) * Don't crash when trying to load non-existing plugin (specified by supplying plugin URI at commandline) * Don't crash with some plugins (NULL extension_data). zynjacku is JACK based, GTK (2.x) host for LV2 synths."
Office Suites OpenOffice.org NewsletterThe January, 2009 edition of the OpenOffice.org Newsletter is out with the latest OO.o office suite articles and events.
Web Browsers Firefox 3.0.6 releasedThe Firefox 3.0.6 update is out. This version fixes yet another pile of security issues and a number of other bugs as well; see the release notes for details.
Miscellaneous SimPy 2.0 releasedVersion 2.0 (major new version) of SimPy has been announced. "SimPy is a process-based discrete-event simulation language based on standard Python and released under the GNU LGPL. It provides the modeller with components of a simulation model. These include processes, for active components like customers, messages, and vehicles, and resources, for passive components that form limited capacity congestion points like servers, checkout counters, and tunnels. It also provides monitor variables to aid in gathering statistics."
Languages and Tools C GCC 4.3.3 releasedVersion 4.3.3 of GCC, the GNU Compiler Collection, has been released. "GCC 4.3.3 is a bug-fix release containing fixes for regressions and serious bugs in GCC 4.3.2."
GCC 4.4.0 Status ReportThe January 31, 2009 edition of the GCC 4.4.0 Status Report has been published. "The trunk remains Stage 4, so only fixes for regressions (and changes to documentation) are allowed. The number of P1, P2 and P3 regressions is already under 100 and the only remaining P1 has a patch approved. The old register allocator has been removed. The 4.4 branch will be created when all the P1 fixes are committed and the licensing changes (see the GCC Runtime Library Exception thread on gcc mailing list) land on the trunk."
Caml Caml Weekly NewsThe February 3, 2009 edition of the Caml Weekly News is out with new articles about the Caml language.
Java [fleXive]: 3.0.2 released (SourceForge)Version 3.0.2 of [fleXive] has been announced. "[fleXive] is a Java EE 5 framework that provides an enterprise-level persistence engine with security and versioning, a SQL-like query language, a JSF-based web administration and reusable JSF components for integration into existing applications. [fleXive] 3.0.2, the second bugfix release for [fleXive] 3.0, has been released. It contains important bugfixes for our last release, and keeps binary compatibility with 3.0.0."
IcedTea6 1.4 releasedVersion 1.4 of IcedTea6 has been announced, it includes security and bug fixes. "The IcedTea6 project provides a harness to build the source code from OpenJDK6 using Free Software build tools."
MathJ: 0.7 Released (SourceForge)Version 0.7 of Mathj has been announced. "Java library for simple managing and solving sophisticated mathematic expressions and equations, based on Reverse Polish Notation (RPN) First version of MathJ is available for download."
Inside Zero and SharkMark Wielaard has sent in this update on Gary Benson's latest work: "Gary Benson is writing a series of blog posts called about Zero and Shark. Zero is an interpreter-only port of OpenJDK that uses no assembler based on libffi. Shark is a just-in-time (JIT) compiler for Zero based on LLVM. They provide an universal architecture port of Java and are currently included in the IcedTea project. Inside Zero and Shark has published three installments this far: Java threads and state transitions, Handles and Oops, Traps and Checks and Calling Conventions and The Call Stub."
Perl This Week on perl5-porters (use Perl)The January 18-25, 2009 edition of This Week on perl5-porters is out with the latest Perl 5 news.
Python gmpy 1.04 releasedVersion 1.04 of gmpy has been announced, some new capabilities have been added. "gmpy is a wrapper for the GMP multiple-precision arithmetic library. This version of gmpy also supports the MPIR multiple-precision arithmetic library."
Announcing Pyflakes 0.3.0Version 0.3.0 of Pyflakes has been announced. "This release fixes several bugs, improves compatibility with recent versions of Python, and new flake checks. Pyflakes is a static analysis tool for Python source. It is focused on identifying common errors quickly without executing Python code. It is a handy supplement to your project's test suite."
PyMite release 06 announcedRelease 06 of PyMite has been announced. "PyMite is a flyweight Python interpreter written from scratch to execute on 8-bit and larger microcontrollers with resources as limited as 64 KB of program memory (flash) and 4 KB of RAM. PyMite supports a subset of the Python 2.5 syntax and can execute a subset of the Python 2.5 bytecodes. PyMite can also be compiled, tested and executed on a desktop computer."
Python-URL! - weekly Python news and linksThe January 27, 2009 edition of the Python-URL! is online with a new collection of Python article links.
Python 3 primer, Part 1: What's new (IBM developerWorks)IBM developerWorks introduces Python 3 in the first of a multi-part series. "Python 3 is the latest version of Guido van Rossum's powerful general-purpose programming language. It breaks backwards compatibility with the 2.x line but has cleaned up some syntax issues. This article is the first in a series that talks about the changes that affect the language and backwards compatibility, and it provides examples of new features."
Tcl/Tk Tcl-URL! - weekly Tcl news and linksThe February 3, 2009 edition of the Tcl-URL! is online with new Tcl/Tk articles and resources.
Editors python-mode.el 5.1.0 announcedVersion 5.1.0 of python-mode.el has been announced. "I've just released version 5.1.0 of python-mode.el, a Python editing mode for Emacs and XEmacs. Since 5.0.0, this contains a fix to the syntax highlighting for None and places the file under the GPLv3."
Libraries RFIDIOt 0.1w releasedVersion 0.1w of RFIDIOt, the open source python RFID library, has been announced. "I've been working on adding Global Platform functionality to non-PC/SC devices so folks with LAHF and HF ACG devices can play with JCOP cards... It's not quite there yet, but jcoptool.py is a work in progress which currently supports printing manufacturer info and card contents. I'll be working on installing/deleting applets next. Other fixes are mostly to do with e-passports..."
Version Control EasyGit (eg) 0.97 releasedVersion 0.97 of EasyGit (eg) is available. "Easy Git (eg) is an alternative frontend for git, specifically designed for former cvs and svn users in order to provide a lower learning curve and prevent common user errors. Since eg largely looks and feels like core git, eg can also serve as a training tool to teach users git (see below for similarities and how to display git commands that eg uses). There is a detailed side-by-side comparison of svn and eg to help svn users make the switch. eg is trivial to install and try out: simply download a single file and stick it in your PATH."
GIT 1.6.1.2 releasedVersion 1.6.1.2 of the GIT distributed version control system has been announced. "People with 1.6.1 or 1.6.1.1, who push into a repository that borrows objects from other repositories via "alternates" mechanism (most of the linux kernel subsystems hosted on k.org, and "forks" on various public hosting site such as repo.or.cz and github fall into this category), may want to upgrade to this version, as these two versions have a buggy "git push" that does not like such a repository served by git 1.6.1 or newer."
Page editor: Forrest Cook Linux in the news Recommended Reading OLPC 2.0: After Layoffs, One Laptop Foundation Reboots With New Focus and Big Plans (Xconomy)Xconomy examines OLPC's plans post layoff. Based on an interview with Nicholas Negroponte and OLPC President Chuck Kane, the article looks at the netbook market in comparison to OLPC, how and why the layoffs occurred, along with plans for the future. "Kane and Negroponte stressed, though, that Sugar might be able to work in conjunction with Windows, just as it does with Linux. 'Sugar is terrific software for early childhood learning,' says Kane. 'There's a lot of elements that make it very unique and very powerful.' He says OLPC hopes to keep working closely with Bender and Sugar Labs in the future. 'We believe that the future product that's produced out of there will be very instrumental in what we have to offer.'"
Linux Defenders organize to fight patent trolls (NetworkWorld)NetworkWorld takes a look at Linux Defenders and their fight against patent trolls. "If you think that the U.S. Patent and Trademark Office (USPTO) desperately needs help to clean the earwax out of its cerebral sulci, there's an excellent example from the world of Linux that would bear watching and emulating in other fields. The Open Invention Network, the Software Freedom Law Center and The Linux Foundation are sponsoring an organization called the Linux Defenders, which has three key projects..."
Trade Shows and Conferences OpenChange, KDE bring Exchange compatibility to Linux (Computerworld)Computerworld reports on a speech by KDE and OpenChange developer Brad Hards at linux.conf.au. "'In my workplace -- a major government department that shall remain nameless -- the main dependency on Outlook and Exchange is not mail, but seeing other people's calendars and making shared appointments. You can't get appointments with some people unless you send them invitations.' [...] OpenChange has client and server-side libraries for Exchange integration and relies heavily on code developed for Samba 4. It is open source software licenced under the GPL version 3. "
Linux Adoption Active Directory for Linux draws closer (iTWire)iTWire discusses upcoming Active Directory support in Samba. "You may not consider it a "killer app" but one thing restricting Linux deployment in enterprises is an implementation of Microsoft's Active Directory (AD.) However, AD for Linux is on its way in Samba version 4 and is sure to annhilate a barrier to Linux adoption in business. Active Directory is a Microsoft technology that provides a raft of network services. This includes LDAP-like directory services, Kerberos-based authentication and DNS-based machine naming."
Legal Judge's ruling that WoW bot violates DMCA is troubling (ars technica)According to this ars technica article, Blizzard has won a court ruling that evading its "warden" software (which digs through users' computers in search of game-playing bots) constitutes a violation of the DMCA. "Blizzard argued, and Judge Campbell agreed, that when users violated the World of Warcraft EULA, they no longer had a license to play the game and were therefore guilty of copyright infringement. As Siy noted in a blog post last year, Blizzard's theory, if taken literally, would mean that violating any of the rules in the EULA and Terms of Service, such as choosing a screen name that didn't meet Blizzard's guidelines, would be an act of copyright infringement." Discouraging, perhaps, but it's worth thinking about how (whether) this differs from the enforcement of the conditions in free software licenses.
Interviews Interview with Developer Dario Freddi (KDEDot)KDEDot has an interview with Dario Freddi. "So I should ask what brought you to choose Arch and KDE? Dario: Let's start with the simpler answer: the one for Arch. In my opinion Arch is a distribution you can only love or hate: in my case it has been love at first sight! Arch, if used the right way, is the distro that needs the less maintenance; thanks to its simplicity it is extremely performing and fast; and it is a rolling release. That's all I need from a distro. It's a pain that some developers doesn't behave and that I had some discussions with them."
Resources Recovering from a Hard Drive Failure (Linux Journal)This Linux Journal article covers some procedures for dealing with a bad hard drive. "So there you have it. When I started, I had a dead machine, a failing hard drive, a corrupt partition table, and a corrupt filesystem. When I had finished, I had at least recovered the important files from the system and had been able to carry on my day-to-day work without too much interruption, thanks to the Live CD. But there are some lessons to be learned here, which is why I chose to write about my experience."
How To: Build A Read-Only Linux System (Logic Supply)Logic Supply presents a tutorial on setting up a read-only Linux machine. "There seem to be a lot of people out there looking to run a custom application on a Linux-based platform running on a solid-state storage device. From time to time, we receive questions from customers looking to make their Linux platforms read-only in order to maximize the longevity of their flash devices. I thought Id take the opportunity to create a blog post describing one way to do this. There are a couple of different approaches to making a Linux system read-only. Unfortunately, it is usually not as simple as using a conventional filesystem mounted with the read-only option. Many programs assume that at least some parts of the system are writable. In some cases, these programs will fail to run correctly if this turns out not to be the case."
Reviews Defense Department sets up its own SourceForge (cnet)Over at cnet, Matt Asay takes a look at Forge.mil, the new US Defense Department open source project repository. "Despite being based on SourceForge's technology, Forge.mil has one significant difference: security. As David Mihelcic, chief technology officer for the Defense Information Systems Agency, told Federal Computer Week, the Department of Defense's code repository has been 'upgraded to meet DOD security requirements,' with smart cards used to provide log-in credentials." (Thanks to Kanchana Wickremasinghe)
Healthcheck: OpenOffice (heise online)Heise online takes a look at the state of the OpenOffice project. The article covers the history of the project as well as the current controversies and criticisms surrounding it. "The greatest obstacle to the uptake of OpenOffice is probably inertia. Nonetheless, OO.o and its derivatives, which include StarOffice, NeoOffice, Lotus Symphony and Red Flag's RedOffice, have made significant inroads into Microsoft's market share, especially in the emergent markets of the Far East, aided and abetted by localisation features and support for a wider range of Microsoft legacy data formats than any of its rivals, including Microsoft Office. Clearly, OO.o is competitive and sufficient to the requirements of most users, and its impact is likely to increase as downturns affect the global economy."
Miscellaneous Did Linus Jump Too Soon? (Linux Journal)Glyn Moody questions the timing of Linux Torvalds' recent desktop environment switch. "One of the many great things about Linus is that he doesn't bottle it up: he speaks his mind on things that matter to him, without worrying overly about what others might say as a result. And when he mentioned in the course of an interview that he had switched from KDE to GNOME, others soon had plenty to say on the subject. But I don't want to revisit those arguments about which is better today: instead, I want to explore the possibility that Linus decided to jump to GNOME at precisely the time when KDE could soon leapfrog it in important ways."
NLnet Foundation sponsors Lokalize (KDEDot)KDE.News reports on the funding of the KDE Lokalize project by the NLnet Foundation. "The Dutch NLnet Foundation, aiming to stimulate open network research and development and more general to promote the exchange of electronic information, has decided to financially support the Lokalize project of KDE. Previously NLnet, alongside sponsoring of a number KDE projects and activities, helped to develop ODF support in KOffice. This sponsorship is to support another open standard, XLIFF, in Lokalize."
Page editor: Forrest Cook Announcements Non-Commercial announcements EFF: Thousands sign petition demanding cell phone freedomThe EFF has announced a successful petition drive. "The Electronic Frontier Foundation (EFF) submitted a petition to the U.S. Copyright Office today signed by more than 8200 people demanding that the office lift the legal cloud hanging over cell phone customers who modify their phones. The petition was part of EFF's reply comment in the 2009 Copyright Office rulemaking, convened every three years to consider exemptions to the Digital Millennium Copyright Act's (DMCA) ban on circumvention of digital rights management (DRM) restrictions."
Commercial announcements Cray and atsec Achieve CC Security Certification of Cray Linux EnvironmentThe Cray Linux Environment has achieved a CC Security Certification. "ray Inc. and atsec information security announced today that the Cray Linux Environment (CLE) has been certified by the National Information Assurance Partnership's (NIAP) Common Criteria Evaluation and Validation Scheme as conformant to EAL3+ (enhanced with Flaw Remediation ALC_FLR.1). This evaluation took into consideration a number of new functionalities: the Lustre network file system, Portals high-speed Remote DMA and the application placement scheduler ALPS. The evaluation covers Cray Linux Environment 2.1 running on the Cray XT4 and Cray XT5 computer systems."
HP Builds on the openSUSE Education ProjectHP and Novell have created a repository of educational applications that is based on the work of the openSUSE Education project. From the announcement, it would seem there was some friction between the project and HP/Novell, so they are formally recognizing and thanking the project. "The openSUSE Education project provides an add-on CD for openSUSE so that schools will have the benefit of educational packages not shipped by default with openSUSE. The fact that HP has sought to include work from the Education project is testament to the outstanding quality of their work and the demand for open source education solutions." Click below for the full announcement.
LinuxForce partners with The Franklin InstituteLinuxForce has announced a partnership with The Franklin Institute. "LinuxForce, Inc., a leading Linux-based technology services firm and a thought-leader in the Linux and open-source technology spaces, today announced a major expansion of their technology partnership with The Franklin Institute. With this expansion, LinuxForce will be responsible for the maintenance, monitoring and security of three of The Franklin's key information systems including ten virtual servers. The new agreement is the culmination of a series of successful consulting projects during which LinuxForce assisted museum staff with the administration of these systems and demonstrated their ability to meet The Franklin's critical business needs."
New Books SQL and Relational Theory - New from O'ReillyO'Reilly has published the book SQL and Relational Theory by C.J. Date.
Resources Linux Gazette #159 is outLinux Gazette #159 is now available. This issue has articles about rI18N (the Real Internationalization project), using the Red Hat rescue environment, the Hyperestraier indexing program, and more.
Contests and Awards Trophees du Libre 2009 - Deadline ComingA deadline for submissions has been announced for the 2009 Trophees du Libre free software awards. "The Cetril opened the request for projects concerning the "Trophées du Libre 2009" on January 30th, 2009. More than 60 projects are submitted so far. Our goal is to have more projects in 2009 than the total of 150 accepted in 2007. Deadline for submit[t]ing your project : 15th Feb[r]uary 2009".
Education and Certification Tech Tuesdays: Free Training, Advice on Virtualizing Apps for the CloudrPath has announced the "Tech Tuesday" Webinar Series. "rPath today announced its official launch of Tech Tuesday, a series of semi-monthly webinars that provide free technical training and advice on how to build a complete virtual appliance and deploy it to Amazon Elastic Compute Cloud (EC2) using rPath's rBuilder Online. Each event is followed by an interactive Q&A session, allowing attendees to engage directly with rPath technical consultants."
Calls for Presentations BruCON call for papersA call for papers has gone out for BruCON. The event takes place on September 18-19, 2009 in Brussels, Belgium. Abstracts are due by March 15. "BruCON aims to become the best and most fun hacking (*) and security event in Belgium and W. Europe offering a high quality line up of speakers, opportunities of networking with peers, hacking challenges and workshops."
LinuxCon 2009 call for participationLinuxCon 2009 - a new event - will be held in Portland, OR from September 21 to 25; it will be co-located with the Linux Plumbers Conference. "While there are many point developer conferences for Linux today, there is not a comprehensive and high quality gathering for developers and users of Linux to come together and collaborate. LinuxCon will do just this - bringing together the best and brightest the Linux community has to offer, including core developers, administrators, end users, community managers and industry experts." The call for papers is now open, with the deadline being April 15.
CFP - 2009 Linux Storage and Filesystem WorkshopA call for papers has gone out for the 2009 Linux Storage and Filesystem Workshop. "This year's storage and filesystem workshop is being held in San Francisco on April 6th and 7th. It's being held on the Monday and Tuesday immediately preceding the Linux Foundation Collaboration Summit, in the same hotel."
PyCon Italy 2009 cfpA call for papers has gone out for PyCon Italy 2009. "PyCon Tre (http://www.pycon.it), the third edition of PyCon Italy, will take place in Florence from the 8th May to 10th May 2009. Confirmed keynote speakers so far include Guido Van Rossum, more to come. The Call for papers (http://www.pycon.it/pycon3/call-for-paper/) will be open from February, 9th, till March, 8th."
2009 Red Hat Summit and JBoss World call for papers (LinuxMedNews)LinuxMedNews has announced a call for papers for the 2009 Red Hat Summit and JBoss World. "Get your work in front of hundreds of Linux and middleware users, business owners, and industry veterans by becoming a session speaker at the 2009 Red Hat Summit and JBoss World. Both events are co-located this year at the Hilton Chicago, and will take place Sept. 1-4, 2009. Space is limited, and submissions are due Monday, March 9th."
Upcoming Events OpenOffice.org's presence at FOSDEMRepresentatives from the OpenOffice.org office suite project will be at FOSDEM. "FOSDEM - the "the biggest, bestest (sic) Free and Open Source Software Developers' meeting in Europe" - takes place on 7th-8th February in Brussels, Belgium - and OpenOffice.org will be there! Check out the FOSDEM website for details of the OpenOff[]ice.org Dev room - http://www.fosdem.org/2009/schedule/devrooms/openofficeorg - where we look forward to meeting old friends, and introducing new developers to the exciting world of OpenOffice.org coding."
Financial aid for PyCon 2009 is now availableThe Python Software Foundation has announced financial aid for PyCon 2009 attendants. "If you would like to come to PyCon but can't afford it, the PSF may be able to help you pay for registration, lodging/hotel costs and transportation".
SAHANA 09 Conference: Software for Disaster ManagementThe SAHANA 09 Conference on Software for Disaster Management will take place in Colombo, Sri Lanka on March 24-25. "The theme of the SAHANA 09 conference is "Software for Disaster Management". The conference will provide opportunities for anyone involved in Disaster and Emergency management to network and share best practices."
UKUUG Spring Conference and Kerberos TutorialThe UKUUG Spring Conference and Kerberos Tutorial has been announced. "UKUUG's annual Large Installation Systems Administration (LISA) conference and Tutorial will be held in London at the Park Crescent Conference Centre from 24th to 26th March 2009."
O'Reilly Where 2.0 Conference registration opensRegistration is open for the O'Reilly Where 2.0 Conference. "You can't go anywhere or do anything these days without finding one map or another, but location technology continues to grow far beyond those tools. See all the other directions location tech might take at the O'Reilly Where 2.0 Conference, May 19-21, 2009 in San Jose, CA. Program chair Brady Forrest has revealed the program, and registration has opened. An early registration discount remains available until March 31."
Events: February 12, 2009 to April 13, 2009The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Web sites FSFE launches Free PDF Readers campaignThe FSFE has announced its new PDFreaders.org site. "The Fellowship of the Free Software Foundation Europe is proud to announce its latest initiative: pdfreaders.org, a site providing information about PDF with links to Free Software PDF readers for all major operating systems. "Interoperability, competition and choice are primary benefits of Open Standards that translate into vendor-independence and better value for money for customers," says FSFE president Georg Greve. "Although many versions of PDF offer all these benefits for formatted text and documents, files in PDF formats typically come with information that users need to use a specific product. pdfreaders.org provides an alternative to highlight the strengths of PDF as an Open Standard.""
Audio and Video programs Embedded Linux Conference Europe 2008 videosVideos of the talks at the Embedded Linux Conference Europe 2008 (held last November) have now been posted in Theora format. There is a long list of talks on a wide variety of topics - something for everybody.
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[performance graph]](http://www.ioremap.net/gallery/dbench_pohmelfs_vs_nfs_1.png)
