LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for August 6, 2009A default desktop for openSUSE?The choice of a Linux desktop environment, typically between the "big two": GNOME and KDE, is one that inspires enthusiastic advocacy—some might even say religious fervor—among the supporters of each choice. So, it should come as no surprise that a distribution's default choice of desktop—the one that most new users will end up running—can be contentious, as the supporters of each desktop jockey for recognition of their choice. That battle is currently playing out for openSUSE after a proposal to make KDE the default desktop was made in the openFATE feature tracker; since then, a number of rather lengthy threads on the opensuse-project mailing list, as well as postings on various web logs, have made for a lively debate. The first argument for choosing a default desktop generally centers around new users. Most seasoned Linux users will have already chosen a desktop suited to their needs; as long as that desktop is supported, they should have no trouble installing the distribution. New users, on the other hand, are generally not even aware that there is a choice of desktops for Linux. By choosing a default desktop, a distribution can ease the path for a new Linux user. Unlike most of the major distributions, openSUSE has no default desktop, so users are presented with the choice of GNOME or KDE as part of the installation process. The other major distributions default to GNOME—with the exception of Mandriva—but support KDE users with a separate distribution of some kind (e.g. Kubuntu or the Fedora KDE spin). The lack of a default for openSUSE is, to some extent, a historical artifact. When Novell bought SuSE Linux a few months after it bought Ximian, there was a bit of a culture clash. SuSE was KDE-based, but Ximian was a sponsor of GNOME (and Mono) development. According to a blog posting by KDE's Sebastian Kügler, Novell wanted to move both enterprise and desktop distributions to a GNOME default—or perhaps remove KDE entirely—but eventually decided to only do that for the enterprise releases; for desktops, there would be no default. For a while, KDE was listed ahead of GNOME in the openSUSE installation dialog, but at some point, the order of the two desktops in the installation dialog was reversed. That makes sense, at least alphabetically, but, to some, it still felt like a KDE demotion. That dialog has a short blurb associated with each desktop choice, but neither is selected, so the user must choose. The openSUSE community is largely made up of KDE users; something like two-thirds of users run either KDE 3.5 or KDE 4 according to the openSUSE 11.0 user survey [PDF]. That leads some, especially KDE fans, to suggest that openSUSE default to the desktop used by a significant majority of its users. The proposal was quickly voted as the highest rated feature request in openFATE, with roughly 90% approval, according to openSUSE board chair Michael Löffler's blog posting. KDE-default advocates note that in addition to its potential to reduce confusion for new users, making KDE the default would raise openSUSE's profile within the KDE community, which might well lead to more users, developers, and packagers for the distribution. Part of the argument is that openSUSE makes default decisions for most kinds of applications (web browsers, email readers, etc.), but leaves the desktop choice to the user, so, instead, openSUSE should make a default decision there as well. By putting KDE on an equal footing with GNOME, openSUSE is actually treating KDE as a second-class citizen. As KDE and SUSE developer Lubos Lunak puts it:
This is actually not asking to make KDE special in any way or to grant KDE
any additional [privilege]. It is the common practice in openSUSE to select
the technically best solution, and in case that is not feasible for whatever
reason, the most popular solution. Therefore GNOME has the special [privilege]
of being presented completely equally (or actually with a slight advantage by
being first) with what in all other cases would be the presented default
selection in a choice or would be used without a choice at all. The feature
asks for applying the common practice to the desktop selection, in other
words, the feature actually asks for removal of the [privilege] that GNOME
currently has.
There is also a political subtext to making KDE the default. For much of its history, openSUSE was completely controlled by Novell, but more recently it has been opening up to become more of a community-led distribution—following a similar path to that taken by Fedora a few years earlier. To some, changing to a KDE default is seen as a way to show that openSUSE has moved out from under Novell's thumb. In some ways, openSUSE has been tainted by the patent deal that Novell made with Microsoft—at least to some—so, some distancing from Novell would be welcome as Will Stephenson points out: "This would go a long way to undoing the 'Novell is evil' smell that we can't shake off." Community manager Joe "Zonker" Brockmeier is sympathetic to the idea that openSUSE show that it can "make decisions independent of Novell", but doesn't agree that changing to a KDE default is the right choice for the project. He is concerned that elevating KDE to a position above GNOME might alienate users and developers of the latter, while not providing much in the way of a boost to the numbers of openSUSE KDE folks:
If the issue was merely sending a pro-KDE message, I'd be quite in
favor. But it's not neutral to GNOME (in my opinion) because we're
effectively choosing one over the other — even if that's not the spirit in
which it's intended (and I like to think that Frank is trying to send a
pro-KDE message, not an anti-GNOME message), I'm concerned that it will be
interpreted wrongly.
I appreciate the desire to make openSUSE a welcome home for KDE developers and users. I just think we could find a better way to accomplish it. Lunak suggests that there be guidelines to help determine what default choices openSUSE will make. As he has noted several times in the threads, there aren't choices for text editor or web browser, so why is the desktop treated differently? He also points out that the current default web browser—firefox for both GNOME and KDE—might need to change at some point:
Currently we have Firefox as the clear default and we do not even offer a
choice in any prominent place. I don't think there's anything wrong with
that, but if one day Chrome has 90% users and Firefox 9%, it would be clearly
very stupid to still keep Firefox as the default without any easy way to
change it. [...] According to what we have now with desktops, we should
offer a choice to use Chrome as soon as it gets at least somewhat significant
user base, and after it [is] exceeding about 25%, we should present a page during
installation where there is nothing preselected and the user must choose.
Some guidelines, at least for the desktop case, have been proposed by former openSUSE board chair Andreas Jaeger. In his proposal—which seems to be gaining some support—he suggests that desktops be listed in alphabetical order and that the most popular be selected by default. He also suggests that the desktop choice screen should "explain that both GNOME and KDE are first class desktops and the default is based on popularity". How ties or near-ties would be broken is not specified, but there would have to be a fairly sizable shift in the openSUSE community for that to be a problem—GNOME users account for roughly 26% of those surveyed. This is not the first time distributions have struggled with this problem; Fedora went through a similar exercise back in April. The initial suggestion, made by Jóhann Guðmundsson, was to change references to "default desktop" or "Fedora desktop" to "GNOME desktop", so that the desktop choice made by the project was clear. His point was not change the default, but just to call it out so that other desktops and their users would be on an equal footing. That led to a lengthy thread—sound familiar?—discussing how to handle desktop choices at installation time (among other things). The problem is that there is no "right" decision that a distribution can make. Forcing the user to choose is bad for new users; as Naheem Zaffar put it: "Choice is only good if you are informed enough to exercise it." Distributions are expected to make these choices, and, in the end, they have to. When booting a Live CD of some distribution, the last thing a potential new Linux user wants to do is make an uninformed decision about which desktop to use. As an aside, it is interesting to note a complaint made by Josephine Tannhäuser who was unhappy to see that KDE 4.3 will be coming to Fedora 10 and 11, without a similar upgrade for GNOME (to 2.26) in Fedora 10. The stability required for GNOME as the default desktop may be part of the resistance to a major GNOME upgrade for a distribution that is getting towards the end of its lifecycle. There may be other reasons as well—the GNOME 2.26 upgrade may be more intrusive than KDE 4.2.4 to 4.3 for example—but it is likely that non-default desktops are afforded more flexibility. Clearly, some in the KDE community would like to see there be a high-profile distribution that defaults to that desktop. There are undoubtedly some who are still smarting from the perceived—or real—slight when SUSE moved from KDE to GNOME/neutral after the Novell acquisition. At some level, openSUSE seems like a good candidate for that distribution, but it could conflict with the stated goal to be "the distribution with the best GNOME desktop and the best KDE desktop", as Jaeger described. With two full-featured desktop solutions—as well as more minimal choices for those who want them—Linux can certainly meet the needs of most users. There is a hurdle to get over, though, one that the proprietary alternatives don't require. The best long-term solution is likely to involve raising the profile of the desktop choice to new users, so that they can make a reasonably informed decision—similar to the distribution choice they already have to make. How they get that information is an open question, but that question once existed for the various distributions as well. It would seem that the desktop projects may need to get better at educating users—and potential users—about the strengths of their solution. If that happens, the default desktop choice will likely become less politicized and lead to fewer lengthy mailing list threads.
Clutter 1.0 brings stability, new animation APIVersion 1.0 of the Clutter graphics library was released on July 29, sporting a stable application program interface (API) and binary interface (ABI), an animation framework, and an OpenGL abstraction library that should prove useful to developers. With Clutter set to take on a more prominent role in the GNOME 3.x series, the announcement should prove to be welcome news to application developers. Clutter is used to build user interfaces, but unlike traditional toolkits such as GTK+ or Qt, it uses a flexible "scene graph" model with "actors" and "stages" instead of the customary widgets and containers. The free-form actor elements can be placed with fixed positioning on the stage or use managed layout, and they can be easily moved, deformed, and even animated. Clutter is designed to use OpenGL as a back-end, so applications can benefit from hardware accelerated rendering. OpenGL for Embedded Systems (OpenGL ES) is supported, making Clutter a popular choice on slim-CPU mobile devices such as Nokia's Maemo tablets and Moblin's netbook Linux distribution. ![[Clutter demo]](/images/clutter_sm.png)
The project was started in 2006 at embedded Linux development firm Opened Hand, which was acquired by Intel in late 2008. Clutter has been selected as an official part of the Maemo GUI stack, beginning with the upcoming 5.0 release, called "Fremantle." Following Opened Hand's acquisition by Intel, however, more effort went into integrating Clutter as a core UI library for Moblin, which prior to April 2009, was an Intel-owned effort. The toolkit is also growing in popularity on desktop Linux systems, where it is used by GNOME games, the Mutter window manager, and the GNOME Shell project set to be featured prominently in GNOME 3.0. Although Clutter is written in C, bindings are available for a wide variety of languages, including C++, C#, Python, Ruby, Vala, JavaScript, and Perl. In addition, applications can embed traditional GTK+ elements, GStreamer video content and Cairo 2-D canvases as Clutter actors. Clutter is developed primarily for usage under X with the GLX extension, but can also use Simple DirectMedia Layer (SDL) or the Linux frame buffer if necessary. Ports to Windows and Mac OS X are also available. Using ClutterScript, Clutter applications can store and load full or partial scene graphs in JavaScript Object Notation (JSON) format. Changes in 1.0The Clutter API has undergone several important changes since the last stable series, 0.8, but the development team has declared the 1.0 API frozen for all subsequent 1.x releases. Apart from stabilizing the API, Clutter 1.0 includes a new animation framework, unified handling of all text widgets with Pango, performance improvements based on better tracking which actors in the scene graph will be painted, debugging facilities for application developers, and improvements to the Clutter OpenGL abstraction library COGL. The Clutter and COGL documentation also underwent extensive revision, including a migration guide for developers needing to port their code from Clutter 0.8 to Clutter 1.0. The Animation API has received the most attention of the changes in 1.0, being the subject of several conference talks this summer. In prior versions of Clutter, animation of actors was handled through two separate features: Behaviors and Effects. Behaviors were to be used when both the starting and ending states of the actor were known (such as moving from one predetermined position to another), and Effects could be used at any time, regardless of the state of the actor. The Effects API proved to be kludgy and difficult for application developers to use, as well as difficult for the Clutter developers to extend, so it has been dropped in favor of the Animation API. The new API is both simpler and shares base classes, such as Timeline, with the Behaviors API, which should simplify its adoption. Whereas in Effects each transformation was a separate function (e.g., rotate, fade, translate), Animation requires only specifying the desired final state of the actor with a single function call; the animation itself is performed implicitly, with all of the intermediate steps interpolated. This "tweening" behavior is similar to what is possible with JavaScript animation. The Clutter 1.0 migration guide provides some side-by-side example code demonstrating the difference between using Effects and Animation. COGL is also significant; it began as a purely internal layer for Clutter to abstract away the differences between OpenGL, OpenGL ES 1.1, and OpenGL ES 2.0, but it has since evolved into a library useful for other OpenGL-based projects. COGL attempts to make OpenGL usage as fast as possible by maintaining its own internal store of the scene rather than sending every update to the GPU separately, caching as much as possible, and minimizing the number of validations and state changes. 1.x, 2.0, and moreThe Clutter team has expressed its desire to further develop COGL into a more flexible GPU-programming library, providing a modern, object-oriented API for OpenGL programming. As for Clutter itself, the plan is to adopt a six-month release cycle, as used by other projects in the GNOME ecosystem. There will be further 1.x stable releases to improve performance and efficiency, but the guarantee is that no changes made during the 1.x cycle will break API compatibility. GNOME will reportedly ship Clutter with its 2.28 release in September, but Clutter-based tools like GNOME Shell are not scheduled to arrive until the 3.0 release six months later. The API stability guarantee is more likely to please developers with mobile platform projects like Maemo and Moblin, however, who count on longer product life cycles than those of a typical desktop Linux distribution. Independent application developers may have to wait a few more weeks before they can begin working with Clutter 1.0, though. The dependent libraries that allow embedding GTK+ widgets, GStreamer content, and Cairo canvases are a bit behind the core Clutter release, as are some of the language bindings. Fortunately, the official packages are built to be installable in parallel with Clutter 0.8, and with the documentation in place — including the migration guide — no one has an excuse to sit idly by in the meantime.
CentOS turbulence and enterprise Linux tradeoffsCentOS must seem like a dream distribution to many. Its users get the benefit of the massive team of developers that Red Hat has working on the Red Hat Enterprise Linux product without having to pay for any of it. CentOS offers a level of stability that cannot be found in any of the more community-oriented distributions; even Debian Stable requires its users to upgrade more often than CentOS does. Hosting providers have a solid, supported platform to sell to many thousands of customers, and it does not cost them even a single devalued US dollar. Many, many sites depend on CentOS, so anything which threatens the stability of that foundation is certain to raise a number of eyebrows. Unfortunately, that is exactly what happened at the end of July.CentOS has never been the most transparent of projects; its lists do not carry the kind of open discussion that can be found with Debian, Fedora, or (increasingly) openSUSE. Most CentOS users perhaps worry little about where their software comes from, but there are those who have tried to help the project and bring its workings more into the open. One of those, well-known RPM packager Dag Wieers, threw in the towel in June:
It was not an easy decision and I feel sad for having to take it,
but I decided to resign from the CentOS project. I hope the team
can fix the project's leadership, communication and transparency
issues (even within the team), because each is very important for
the health of the CentOS community.
Problems within the project became more public on July 30, when a disturbing open letter was posted on centos.org. The immediate issue was the disappearance of project founder Lance Davis, whose last post on the centos-devel mailing list was in April, 2008. Evidently Lance hadn't been heard from for some time in other parts of the project as well. A missing founder can be a problem, but it gets worse: when Lance vanished from sight, he took with him control over the project's domain name and IRC channels. Lance also had control over the project's finances. There has been a lot less noise concerning this part of the problem, but the fact remains: nobody seems to know where the money which has flowed into the project (via donations and web advertising) has gone. Quoting Dag Wieers again:
For at least three years people were donating money and sponsors
were paying for website ads while the money was not flowing into
the project, where it went to I can only guess. Raising the
question was a risk to the project so everybody stayed quiet for
the sake of the project hoping it would resolve itself.
Naturally enough, this issue failed to resolve itself; eventually the other key CentOS contributors were forced to go public with their concerns. The move appears to have been entirely effective: Lance was flushed out from wherever he was hiding and met with the team. Ownership of the domain name has been transferred. The CentOS project appears to be back on track, and, perhaps, headed toward a more democratic mode of operation. Little is being said about the financial side, beyond this:
We will be addressing these issues in the next few weeks, the plan
at this time is to not turn on the donations option or advertising
anywhere on the websites till we have such processes in place.
So the management of future revenue into the project should be handled in a more open sort of way. One could argue that CentOS users had little to worry about. In the worst possible scenario, the active CentOS developers could have forked the distribution and moved to a new domain, perhaps without even changing the name of the project. Such a move could certainly be successful. But users who have picked a distribution known for stability might just feel a little concerned about being told to change their repository pointers to a different location run by a group claiming to be the "real" CentOS. A certain amount of disruption would have been guaranteed. There is a lesson here: use of a distribution like CentOS has its risks. A system running CentOS is relying on the efforts of a relatively small group of volunteers; these volunteers are not obligated to continue to provide support to anybody. The project's governance and processes are on the murky side - even if it looks like things are about to get better. CentOS is fully dependent on Red Hat for security updates, and it necessarily imposes a delay between the release of Red Hat's fix (which discloses any vulnerability which wasn't already in the open) and the availability of a fix for CentOS. For the curious: here is the observed delay time a few recent updates:
Sometimes updates pass through the CentOS system quickly, but other times the performance is not quite as good; the "critical" firefox update languished for a full week. The point of the above text is not to criticize CentOS: that project has done an outstanding job of providing a highly stable and well-supported distribution to the community for free. How can anybody criticize that? The point, instead, is that there are tradeoffs associated with any distribution choice. A Linux user who feels the need for contractually-assured service backed up by a well-funded support operation and faster security updates would be well advised to consider purchasing support from one of the companies operating in that area. For those who do not need that level of support, instead, distributions like CentOS provide great value. A more open CentOS looks like it should be able to provide greater value yet. Also encouraging are the suggestions that CentOS could work more closely with Scientific Linux, another RHEL rebuild with very similar goals. All told, there appears to be a good chance that the recent turbulence will lead to a more solidly founded CentOS which will continue to be a firm platform for many thousands of deployed systems well into the future.
Security SSL flaws revealed at Black HatThe annual Black Hat security conference in Las Vegas is probably the premier security event each year—at least for the disclosure of new vulnerabilities. The event usually has one or more high-profile disclosures that often lead to software vendors and projects scrambling to fix the vulnerable code. This year was no exception, with Secure Sockets Layer (SSL) taking center stage. Two of the vulnerabilities led to Mozilla security updates, while others showed flaws in the certificate authority (CA) infrastructure and browser handling of Extended Validation (EV) SSL certificates. The most serious problem would seem to be a disconnect between CAs and browsers on how to handle certificates with NUL (i.e. '\0') bytes in the domain name. CAs have been willing to issue certificates for host/domain names containing NULs, but browsers were handling them in ways that made certificate spoofing much easier. Moxie Marlinspike and Dan Kaminsky independently discovered the problem and both presented about it at Black Hat. Marlinspike's example was a certificate issued for www.paypal.com\0.thoughtcrime.org, which would appear to be a legitimate PayPal certificate to the browser user. It has been argued that the CAs should not be issuing certificates of that sort, especially given that C-based programs interpret NUL as the end of string, but the browsers have a certain amount of responsibility here as well. It's hard to see a legitimate use for a certificate with a NUL byte as part of the domain name, but browsers could and should have used the string length, which is specified in the certificate to determine how to display and handle the domain name. The CAs should also stop signing such certificates, and revoke those that they have already issued, but that, of course, doesn't stop anyone from self-signing a certificate with a NUL byte in the domain name. The flaw could be exploited to do a man-in-the-middle attack against users. An attacker who could intercept network traffic—via a compromised, or just maliciously configured, wireless router for example—could present one of these certificates when a victim visited PayPal. Because the browser only looked at the host name information before the NUL, the user would believe they had a secure session with PayPal, when, in fact, they were talking to a host under the attacker's control. Marlinspike found another problem, which only seems to have affected the Firefox 3.0 series, in how wildcards were handled in the host names presented in certificates. Wildcard certificates are meant to solve the problem of multiple hosts in a given domain that need to share certificates. So, a CA could sign a single certificate that would work for webhost00.example.com through webhost99.example.com. Firefox 3.0 and earlier supported a non-standard Netscape regular expression syntax which Marlinspike found a way to exploit. That exploit would cause a heap overflow that could allow arbitrary code execution—another particularly nasty outcome. According to the Mozilla advisory: "With version 3.5 Firefox switched to the more limited industry-standard wildcard syntax instead and is not vulnerable to this flaw." Kaminsky's talk also covered a number of other issues with SSL certificate handling. Red Hat's director of security response Mark Cox summarized those problems along with their impact on various free software packages. For the most part, they had much less impact than the NUL-byte spoofing attack, which Cox notes as having been fixed in April for Firefox 3.5 in RHEL. Another presentation on SSL came from Alexander Sotirov and Mike Zusman. They showed that EV certificates can be replaced with valid, conventional (aka Domain Validated or DV) certificates without changing the browsers display to reflect the potentially reduced security. Browsers display sites using EV certificates in green in the address bar to denote the supposed higher security. By using a man-in-the-middle attack, and a valid DV certificate for the domain, they were able to send the second certificate, which caused the browser to switch encryption keys to that contained in the DV certificate. So the session was secured with the "lesser" DV certificate, which the attacker controlled, but still showed the green address bar. Zusman also gave a presentation at DefCon (which follows Black Hat) on the reliability of the web applications that CAs use for handling certificate requests. As might be guessed, they turn out to be vulnerable to the usual web application suspects: cross-site scripting and SQL injection, but he found additional problems as well. He was able to circumvent the domain name validation used by some CAs so that he could get certificates for domains that he did not control. It is rather worrisome that the CAs, who are supposedly guarding the safety of web traffic, are so lax about the security of their own applications. As Zusman noted in the article: "If you can game a CA's validation mechanism, they don't get hurt — they might even make some money. [Those] who suffer are those who use the Internet." SSL is an important part of the web infrastructure that users must rely on daily to protect their communications with sensitive sites. It is not surprising that it would be targeted by security researchers, nor is it all that surprising that problems were found. While attacks against these specific problems may be difficult to pull off in practice, they represent holes that clearly need to be filled. If security researchers are finding these kinds of problems, it's pretty likely that attackers are finding them as well—but the attackers are much less likely to tell us about it at Black Hat.
Brief items SquirrelMail plugins compromisedThe SquirrelMail team has sent out a notice saying that three plugins (sasql, multilogin, and change_pass) were compromised on the project's server. "Parts of these code changes attempts to send mail to an offsite server containing passwords. We cannot establish a timeline of when these plugins were compromised. If you are a user of these plugins, it is strongly recommended you download a fresh copy from the plugins repository." Changing passwords and looking for intrusions might also be a good idea.
New vulnerabilities django: file request forgery
drupal-date: cross site scripting
firebird: denial of service
firefox: integer overflow
firefox: heap overflow in certificate regexp parsing
firefox: compromise of SSL-protected communication
firefox: address spoofing
firefox: multiple vulnerabilities
flash-plugin: multiple vulnerabilities
kernel: denial of service
nspr, nss:weak hash signatures
pdfedit: multiple vulnerabilities
php4-eaccelerator: arbitrary code execution
sssd: privilege escalation
wordpress: cross-site scripting
xml-security-c: authentication bypass
Page editor: Jake Edge Kernel development Brief items Kernel release statusThe current development kernel is 2.6.31-rc5, released on July 31. "Apart from various regression fixes, the diffstat shows a couple of new drivers (at_hdmac, uc2322, gspca/sn9c20x, ds2782 battery driver), and some big KMS radeon changes..." Also included was the "flexible array" infrastructure (see below). See the full changelog for the details.The current stable kernel is 2.6.30.4, released (along with 2.6.27.29) on July 30. Both updates contain another long list of important fixes.
Kernel development news Quotes of the week
My great act of protest? Disabling Twitter forwarding to my
Facebook status. Ha! Take that, enormous corporation!
-- Valerie Aurora
shows them who's boss
Anyway, Andrew Morton was right, we should have merged into
mainline as soon as Tux3 was booting as root. That would have
taken a big load off me. Instead, somebody posted to LKML and
called for atomic commit as a precondition for merging. Sounds
like a good idea, sounds logical. But actually, in open source it
is counter productive, it just puts a bigger load on me, a limited
resource. We should have merged first, then got the logging and
replay working. In fact, we probably should still do that. I will
say this now: if we are invited to merge in the next major release,
or in -mm or whatever, we will happily do it. If we are not
invited to merge, nobody has any cause to complain about progress
slowing down.
-- Daniel Phillips
0 bits in the green bag, 1 bits in the black bag please
-- Alan Cox on how to recycle code
In briefTTY maintenance: Greg Kroah-Hartman, admitting that he is a glutton for punishment, has agreed to take on maintenance of the TTY layer - a job recently abandoned by Alan Cox. Patches have begun to flow toward the mainline, with Linus taking a larger-than-usual interest in getting them into shape. The fate of Alan's longer-term cleanup plans remains uncertain, but basic maintenance and bug fixing, at least, seems to be in place.Regressions. Rafael Wysocki has posted the 2.6.31-rc5 known regressions list. A total of 76 regressions have been reported in this development cycle; 28 of those remain unresolved. For this stage in the process, that is about normal, or, perhaps, just a bit better than average. Less encouraging, perhaps, is the fact that the 2.6.30 regression list still shows 39 unresolved problems. make V=1. Once upon a time, building a kernel filled the screen with vast amounts of output, including the full command line for each compilation command. Needless to say, it was hard to get much information out of that much noise; in more recent times, the kernel build system emits much more concise information about what it's doing. Sometimes, though, one needs to see what's really going on; in such cases, running "make V=1" will cause the build system to output everything it's doing. Except that, as Dave Airlie discovered, it doesn't; some commands are still hidden from view even when V=1 is specified. Build system maintainer Sam Ravnborg explained: "The problem is that V=1 is already too chatty, so people sometimes hide their stuff - as in this case." His suggestion is to implement multiple levels of verbosity, so that "V=2" could be used to view the truly full stream of commands. There's a minor problem in that "V=2" is already used to get make to print out which file caused a particular rebuild to happen. But, as Sam puts it, few people ever use that option, so maybe it could be replaced with a "be more verbose" mode. Unless somebody objects soon, that's likely to be how it goes. devtmpfs. Greg Kroah-Hartman, evidently not feeling sufficiently challenged by the TTY layer, has reposted the devtmpfs patch, suggesting that it's ready for merging into the mainline. Greg says:
For .32 it's a simple and clean patch. It's been tested and agreed
by three major distros that this is a good idea. SuSE has been
shipping this in their kernels for a while now with no problems,
and actual speedups measured on their boot times.
It would be fair to say, though, that the development community is not yet sold on the desirability of merging this patch; expect some interesting discussion in the near future. Xtables2. The future of Linux packet filtering might be nftables, but Jan Engelhardt isn't holding his breath. He has, instead, put together an immense patch set massively reworking the existing iptables mechanism. The internal data structures have been torn out and reimplemented as a more flexible linked list, setting the stage for easier single-rule changes in the future. Perhaps the biggest payoff, though, is in the unification of the IPv4, IPv6, and ARP versions of the packet-filtering engine; that, he says, enables the removal of about 50% of the code. The initial responses suggested that potential reviewers were overwhelmed by the magnitude of the change. Jan has posted a more detailed explanation of what various groups of patches do, which has helped. Eventual merging of this code will probably require breaking the sequence up into multiple steps, though. Montreal Linux power management mini-summit notes have been posted by Len Brown; they give a good (if terse) summary of recent developments in the area and what is being worked on now.
AlacrityVMWhile virtualization has been a boon for many users and data centers, it tends to suffer from performance problems, particularly I/O performance. Addressing that problem is the goal of a newly announced project, AlacrityVM, which has created a hypervisor based on KVM. By shortening the I/O path for guests, AlacrityVM seeks to provide I/O performance near that of "bare metal" hardware. The project is in a "pre-alpha" stage, according to the web page, but it is already reporting some fairly impressive results from a proof-of-concept network driver. Both for throughput and latency, the AlacrityVM guest performance compared favorably to that of 2.6.28 and 2.6.29-rc8 hosts. It also clearly out-performed the virtio drivers in a KVM guest. The major change that allows AlacrityVM to achieve those gains come from a new kernel-based virtual I/O scheme known as Virtual-Bus (or vbus). Currently, KVM guests use emulated devices—implemented in user space by QEMU—in order to handle I/O requests. That leads to multiple kernel-to-user-space transitions for each I/O operation. The idea behind vbus is to allow guests to directly access the host kernel driver, thus reducing the overhead for I/O. Using vbus, a host administrator can define a virtual bus that contains virtual devices—closely patterned on the Linux device model—which allow access to the underlying kernel driver. The guest accesses the bus through vbus guest drivers and will only be able to use those devices that the administrator explicitly instantiates on that vbus. The vbus interface supports only two "verbs": call() for synchronous requests, and shm() for asynchronous communication using shared memory. A document [PDF] by AlacrityVM developer Gregory Haskins describes how to configure and use vbus. Vbus provides a sysfs interface that an administrator can use to create container-like objects that will constrain guests so that they can only access those devices specifically configured for their use. That helps alleviate one of the potential problems with guests accessing kernel drivers more-or-less directly: security. The vbus web page has a look at the security issues and how they are handled. The main concerns are ensuring that guests cannot use the vbus mechanism to escape their isolation from other guests and processes, as well as making sure that guests cannot cause a denial of service on the host. The bus can only be created and populated on the host side, and each lives in an isolated namespace, which reduces or eliminates the risk of a cross-bus exploit to violate the isolation. In addition, each task can only be associated with one vbus—enforced by putting a vbus reference in the task struct—so that a guest can only see the device ids specified for that bus. Care was taken in the vbus implementation to punish guests for any misbehavior, rather than the host. The two areas mentioned are for guests that, maliciously or otherwise, mangle data structures in the shared memory or fail to service their ring buffer. A naïve implementation could allow these conditions to cause a denial of service by stalling host OS threads or by creating a condition that might normally be handled by a BUG_ON(). Vbus takes steps to ensure that the host to guest path is resistant to stalling, while also aborting guests that write garbage to the ring buffer data structures. Haskins has posted a series of patches to add the vbus infrastructure, along with a driver for accelerated ethernet. So far, the patches seem to be fairly well-received, though there are not, yet, very many comments. The web page makes it clear that the project's goal is "to work towards upstream acceptance of the project on a timeline that suits the community". The flexibility shown in that goal should serve the project well in getting mainline acceptance down the road. The project sums up its status and future plans on the web page as well: "we have a working design which includes the basic hypervisor, linux-guest support, and accelerated networking. We will be expanding this to include other areas of importance, such as accelerated disk-io, IPC, real-time extensions, and accelerated MS Windows guest support." As one might guess, the web page also has mailing lists for users and developers as well as kernel and user-space git trees available for interested folks. AlacrityVM and vbus both look to be interesting projects, that are probably worth investigating as potential virtualization solutions sometime in the future. The performance gains that come with vbus make it likely to be useful to other projects as well.
The realtime preemption endgameThere has been relatively little noise out of the realtime preemption camp in recent months. That does not mean that the realtime developers have been idle, though; instead, they are preparing for the realtime endgame: the merger of the bulk of the remaining patches into the mainline kernel. The 2.6.31-rc4-rt1 tree recently announced by Thomas Gleixner shows the results of much of this work. This article will look at some of the recent changes to -rt.The point of the realtime preemption project is to enable a general-purpose Linux kernel to provide deterministic response times to high-priority processes. "Realtime" does not (necessarily) mean "fast"; it means knowing for sure that the system can respond to important events within a specific time period. It has often been said that this cannot be done, that the complexity of a full operating system would thwart any attempt to guarantee bounded response times. Of course, it was also said that free software developers could never create a full operating system in the first place. The realtime hackers believe that both claims are equally false, and they have been working to prove it. One of the long-term realtime features was threaded interrupt handlers. A "hard" interrupt handler can monopolize the CPU for as long as it runs; that can create latencies for other users. Moving interrupt handlers into their own threads, instead, allows them to be scheduled like any other process on the system. Thus, threaded interrupt handlers cannot get in the way of higher-priority processes. Much of the threaded interrupt handling code moved into the mainline for the 2.6.30 release, but in a somewhat different form. While the threading of interrupt handlers is nearly universal in a realtime kernel, it's an optional (and, thus far, little-used) feature in the mainline, so the APIs had to change somewhat. Realtime interrupt handling has been reworked on top of the mainline threaded interrupt mechanism, but it still has its own twists. In particular, the kernel can still be configured to force all interrupt handlers into threads. If a given driver explicitly requests a threaded handler, behavior is similar to a non-realtime kernel; the driver's "hard" interrupt handler runs as usual in IRQ context. Drivers which do not request threaded handlers get one anyway, with a special hard handler which masks the interrupt line while the driver's handler runs. Interrupt handler threads are per-device now (rather than per-IRQ line). All told, the amount of code which is specific to the realtime tree is fairly small now; the bulk of it is in the mainline. Software interrupt handling is somewhat different in the realtime tree. Mainline kernels will normally handle software interrupts at convenient moments - context switches or when returning to user space from a system call, usually. If the software interrupt load gets too heavy, though, handling will be deferred to the per-CPU "ksoftirqd" thread. In the realtime tree (subject to a configuration option), all software interrupt handling goes into ksoftirqd - but now there is a separate thread for each interrupt line. So each CPU will get a couple of ksoftirqd threads for network processing, one for the block subsystem, one for RCU, one for tasklets, and so on. Software interrupts are also preemptable, though that may not happen very often; they run at realtime priority. The work which first kicked off the realtime preemption tree was the replacement of spinlocks with sleeping mutexes. The spinlock technique is difficult to square with deterministic latencies; any processor which is spinning on a lock will wait an arbitrary period of time, depending on what code in another CPU is doing. Code holding spinlocks also cannot be preempted; doing so would cause serious latencies (at best) or deadlocks. So the goal of ensuring bounded response times required the elimination of spinlocks to the greatest extent possible. Replacing spinlocks throughout the kernel with realtime mutexes solves much of the problem. Threads waiting for a mutex will sleep, freeing the processor for some other task. Threads holding mutexes can be preempted if a higher-priority process comes along. So, if the priorities have been set properly, there should be little in the way of the highest-priority process being able to respond to events at any time. This is the core idea behind the entire realtime preemption concept. As it happens, though, not all spinlocks can be replaced by mutexes. At the lowest levels of the system, there is still a need for true (or "raw") spinlocks; the locks which are used to implement mutexes are one obvious example. Over the years, a fair amount of effort has gone into the task of figuring out which spinlocks really needed to be "raw" locks. At the code level, the difference was papered over through the use of some rather ugly trickery in the spinlock primitives. Regardless of whether a raw spinlock or a sleeping lock was being used, the code would call spin_lock() to acquire it; the only difference was where the lock was declared. This approach was probably useful during the early development phases where it was often necessary to change the type of specific locks. But ugly compiler trickery which serves to obfuscate the type of lock being used in any specific context seems unlikely to fly when it comes to merger into the mainline. So the realtime hackers have bitten the bullet and split the two types of locks entirely. The replacement of "spinlocks" with mutexes still happens as before, for the simple reason that changing every spinlock call would be a massive, disruptive change across the entire kernel code base. But the "raw" spinlock type, which is used in far fewer places, is more amenable to this kind of change. The result is a new mutual exclusion primitive, called atomic_spinlock_t, which looks a lot like traditional spinlocks:
#include <linux/spinlock.h>
DEFINE_ATOMIC_SPINLOCK(name)
atomic_spin_lock_init(atomic_spinlock_t *lock);
void atomic_spin_lock(atomic_spinlock_t *lock);
void atomic_spin_lock_irqsave(atomic_spinlock_t *lock, long flags);
void atomic_spin_lock_irq(atomic_spinlock_t *lock);
void atomic_spin_lock_bh(atomic_spinlock_t *lock);
int atomic_spin_trylock(atomic_spinlock_t *lock);
void atomic_spin_unlock(atomic_spinlock_t *lock);
void atomic_spin_unlock_irqrestore(atomic_spinlock_t *lock, long flags);
void atomic_spin_unlock_irq(atomic_spinlock_t *lock);
void atomic_spin_unlock_bh(atomic_spinlock_t *lock);
These new "atomic spinlocks" are used in the scheduler, low-level interrupt handling code, clock-handling, PCI bus management, ACPI subsystem, and in many other places. The change is still large and disruptive - but much less so than changing ordinary "spinlock" users would have been. [PULL QUOTE: One might argue that putting atomic spinlocks back into the kernel will reintroduce the same latency problems that the realtime developers are working to get rid of. END QUOTE] One might argue that putting atomic spinlocks back into the kernel will reintroduce the same latency problems that the realtime developers are working to get rid of. There is certainly a risk of that happening, but it can be minimized with due care. Auditing every kernel path which uses spinlocks is clearly not a feasible task, but it is possible to look very closely at the (much smaller) number of code paths using atomic spinlocks. So there can be a reasonable degree of assurance that the remaining atomic spinlocks will not cause the kernel to exceed the latency goals. (As an aside, Thomas Gleixner is looking for a better name for the atomic_spinlock_t type. Suggest the winning idea, and free beer at the next conference may be your reward.) Similar changes have been made to a number of other kernel mutual exclusion mechanisms. There is a new atomic_seqlock_t variant on seqlocks for cases where the seqlock writer cannot be preemptable. The anon_semaphore type mostly appears to be a renaming of semaphores and their related functions; it is a part of the continuing effort to eliminate the use of semaphores in any place where a mutex or completion should be used instead. There is also a rw_anon_semaphore type as a replacement for rw_semaphore. Quite a few other realtime-specific changes remain in the -rt tree. The realtime code is incompatible with the SLUB allocator, so only slab is allowed. There is also an interesting problem with kmap_atomic(); this function creates a temporary, per-CPU kernel-space address mapping for a given memory page. Preemption cannot be allowed to happen when an atomic kmap is active; it would be possible for other code to change the mapping before the preempted code tries to use it. In the realtime setting, the performance benefits from atomic kmaps are outweighed by the additional latency they can cause. So, for all practical purposes, kmap_atomic() does not exist in a realtime kernel; calls to kmap_atomic() are mapped to ordinary kmap() calls. And so on. As for work which is not yet even in the realtime tree, the first priority would appear to be clear:
We seriously want to tackle the elimination of the PREEMPT_RT
annoyance #1, aka BKL. The Big Kernel Lock is still used in ~330
files all across the kernel.
At this point, the remaining BKL-removal work comes down to low-level audits of individual filesystems and drivers; for the most part, it has been pushed out of the core kernel. Beyond that, of course, there is the little task of getting as much of this code as possible into the mainline kernel. To that end, a proper git tree with a bisectable sequence of patches is being prepared, though that work is not yet complete. There will also be a gathering of realtime Linux developers at the Eleventh Real-Time Linux Workshop this September in Dresden; getting the realtime work into the mainline is expected to be discussed seriously there. As it happens, your editor plans to be in the room; watch this space in late September for an update.
Flexible arraysKernel developers must keep in mind many constraints which are unique to that programming environment; one of those is that memory allocations become less reliable as they get larger. Single-page allocations will, for all practical purposes, always succeed. A request for two physically-contiguous pages has a high probability of working, but each doubling of the size decreases the chances of a successful allocation. The fragmentation of memory which occurs over the system's life time makes it increasingly hard to find groups of groups of physically-contiguous pages on demand. So large allocations are strongly discouraged.Kernel programmers will sometimes respond to this problem by allocating pages with vmalloc(). Memory allocated this way is virtually contiguous, but physically scattered. So, as long as physically-contiguous pages are not needed, vmalloc() looks like a good solution to the problem. It's not ideal, though. On 32-bit systems, memory from vmalloc() must be mapped into a relatively small address space; it's easy to run out. On SMP systems, the page table changes required by vmalloc() allocations can require expensive cross-processor interrupts on all CPUs. And, on all systems, use of space in the vmalloc() range increases pressure on the translation lookaside buffer (TLB), reducing the performance of the system. So it would be nice to have a mechanism which could handle the allocation of large arrays in a manner which (1) is reliable, and (2) does not use vmalloc(). To date, any such mechanisms have generally been pieced together by developers solving a specific problem; there has been nothing designed for more general use. That has changed, though, with the merging of the "flexible array" mechanism, written by Dave Hansen, for 2.6.31-rc5. A flexible array holds an arbitrary (within limits) number of fixed-sized objects, accessed via an integer index. Sparse arrays are handled reasonably well. Only single-page allocations are made, so memory allocation failures should be relatively rare. The down sides are that the arrays cannot be indexed directly, individual object size cannot exceed the system page size, and putting data into a flexible array requires a copy operation. It's also worth noting that flexible arrays do no internal locking at all; if concurrent access to an array is possible, then the caller must arrange for appropriate mutual exclusion. The creation of a flexible array is done with:
#include <linux/flex_array.h>
struct flex_array *flex_array_alloc(int element_size, int total, gfp_t flags);
The individual object size is provided by element_size, while total is the maximum number of objects which can be stored in the array. The flags argument is passed directly to the internal memory allocation calls. With the current code, using flags to ask for high memory is likely to lead to notably unpleasant side effects. Storing data into a flexible array is accomplished with a call to:
int flex_array_put(struct flex_array *array, int element_nr, void *src, gfp_t flags);
This call will copy the data from src into the array, in the position indicated by element_nr (which must be less than the maximum specified when the array was created). If any memory allocations must be performed, flags will be used. The return value is zero on success, a negative error code otherwise. There might possibly be a need to store data into a flexible array while running in some sort of atomic context; in this situation, sleeping in the memory allocator would be a bad thing. That can be avoided by using GFP_ATOMIC for the flags value, but, often, there is a better way. The trick is to ensure that any needed memory allocations are done before entering atomic context, using:
int flex_array_prealloc(struct flex_array *array, int start, int end, gfp_t flags);
This function will ensure that memory for the elements indexed in the range defined by start and end has been allocated. Thereafter, a flex_array_put() call on an element in that range is guaranteed not to block. Getting data back out of the array is done with:
void *flex_array_get(struct flex_array *fa, int element_nr);
The return value is a pointer to the data element, or NULL if that particular element has never been allocated. Note that it is possible to get back a valid pointer for an element which has never been stored in the array. Memory for array elements is allocated one page at a time; a single allocation could provide memory for several adjacent elements. The flexible array code does not know if a specific element has been written to; it only knows if the associated memory is present. So a flex_array_get() call on an element which was never stored in the array has the potential to return a pointer to random data. If the caller does not have a separate way to know which elements were actually stored, it might be wise, at least, to add GFP_ZERO to the flags argument to ensure that all elements are zeroed. There is no way to remove a single element from the array. It is possible, though, to remove all elements with a call to:
void flex_array_free_parts(struct flex_array *array);
This call frees all elements, but leaves the array itself in place. Freeing the entire array is done with:
void flex_array_free(struct flex_array *array);
As of this writing, there are no users of flexible arrays in the mainline kernel. The functions described here are also not exported to modules; that will probably be fixed when somebody comes up with a need for it.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Virtualization and containers
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials A tale of two shells: bash or dashA reoccurring topic on Debian lists is the use of dash (Debian Almquist Shell) as opposed to bash (GNU Bourne-Again Shell). Currently /bin/sh defaults to bash on a Debian system, but some would like the default to be dash. Ubuntu made this switch three years ago, with the release of Ubuntu 6.10. Note that the default login shell remains bash, only the default /bin/sh used in shell scripts has been changed. Why did Ubuntu make this change?
The major reason to switch the default shell was
efficiency. bash is an excellent full-featured shell appropriate
for interactive use; indeed, it is still the default login
shell. However, it is rather large and slow to start up and operate by
comparison with dash. A large number of shell instances are
started as part of the Ubuntu boot process. Rather than change each of
them individually to run explicitly under /bin/dash, a change
which would require significant ongoing maintenance and which would be
liable to regress if not paid close attention, the Ubuntu core
development team felt that it was best simply to change the default
shell. The boot speed improvements in Ubuntu 6.10 were often incorrectly
attributed to Upstart, which is a fine platform for future development of
the init system but in Ubuntu 6.10 was primarily running in System V
compatibility mode with only small behavioural changes. These
improvements were in fact largely due to the changed /bin/sh.
The Debian EeePC project also notes that dash provides faster boot times. So why hasn't Debian already made this switch? In fact this was a release goal for Lenny. Part of the problem is "bashisms" - use of non-standard bash features - in shell scripts. There is a lengthy list of bugs tagged with goal-dash that contain bashisms. These are being worked on, package by package. While some users report that they have already made the switch without problems, others will find many of their user scripts will have bashisms. One can use checkbashisms (man page) to look for bashisms, but for users with lots of scripts using /bin/sh this could be a long and painful process. Here's a sample of checkbashisms output for the package apertium:
checkbashisms' output:
> possible bashism in ./usr/bin/apertium-preprocess-corpus-lextor line 47
> ('((' should be '$(('): if ((length(w)>0) && (index(w,"^")>0)) {
> possible bashism in ./usr/bin/apertium line 9 ('function' is useless):
> function message
Examples of bashisms include use of $RANDOM, the select, let, and source keywords, shell arithmetic, the -e option to echo, and many other things. Debian policy looks at SUSv3 Shell Command Language and states:
If a shell script requires non-SUSv3 features from the shell interpreter
other than those listed above, the appropriate shell must be specified in
the first line of the script (e.g., #!/bin/bash) and the package
must depend on the package providing the shell (unless the shell package
is marked "Essential" [policy 3.6], as in the case of bash).
You may wish to restrict your script to SUSv3 features plus the above set when possible so that it may use /bin/sh as its interpreter. If your script works with dash (originally called ash), it probably complies with the above requirements, but if you are in doubt, use /bin/bash. This raises the issue of whether dash should be "essential" [see Debian policy section 3.8]. bash is "essential" meaning that it must be installed on every Debian system. If dash does not become "essential" then every script with /bin/sh as its interpreter must depend on dash to insure that it is installed and usable by /bin/sh (once the change is made). That this change will be made is mostly not under debate, it is more a matter of when it will be fully implemented. Those that oppose the move simply want a choice, which exists using dpkg-reconfigure dash. Meanwhile users should be looking at their own scripts to see if they will break once /bin/sh defaults to dash.
New Releases Announcing NetBSD 5.0.1NetBSD 5.0.1 has been released. "NetBSD 5.0.1 is the first security/critical update of the NetBSD 5.0 release branch. It represents a selected subset of fixes deemed critical in nature for security or stability reasons. All users are encouraged to upgrade."
Mandriva Linux 2010 alpha 2 is availableThe second alpha of Mandriva Linux 2010 is available for testing. "For this second release you will still find only Free DVD isos, 32 and 64 bits."
KDE Four Live 1.3.0"KDE Four Live" 1.3.0 is an installable Live-CD with openSUSE 11.1 and KDE 4.3.0.
Distribution News Debian GNU/Linux Some backpedaling on Debian freeze datesBuried deep within a "bits from the release team" posting to the Debian development community is this text: "Based on feedback of the community on the plan to freeze in December 2009 and the ambitious Release Goals we set for ourselves, we are revisiting the decision to freeze December 2009. We'll be consulting all key teams within Debian to see how their plans and schedules can fit into a new timeline. Before the end of August we hope to have finished this process of consultation and be able to present the new plan to you." The message also reiterates the idea of regular December freezes, though; it will be interesting to see where this consultation goes.
Shuttleworth: On cadence and collaborationMark Shuttleworth has joined into the discussion on Debian release cycles; it's a rather lengthy attempt to make peace. "We're already seeing a growing trend towards cadence in free software, which I think is a wonderful move. Here, we are talking about elevating that to something that the world has never seen in proprietary software (and never will) - an entire industry collaborating. Collaboration is the primary tool we have in our battle with proprietary software, we should take the opportunities that present themselves to make that collaboration easier and more effective."
news.debian.net launchesThe announcement has gone out for a new Debian-oriented news service located at news.debian.net. "For a long time, debian-devel-announce and debian-announce were enough but they are reserved to the very important stuff (at least they are supposed to) that is mandatory for developers to know. With the project growing over the years, every day we generate interesting bits about our project that are nice to know, but it is not always so important that it justifies an email to announce."
Fedora Fedora Board RecapClick below for a brief recap of the July 30, 2009 meeting of the Fedora Advisory Board. The main topic was website redesign.
Recent Fedora IRC ClassesThe Fedora IRC Classroom has had a number of Classes recently. You can find the logs on the Classroom wiki page. Recent topics include An intro to rsync, Introduction to Koji (build system) and Bodhi (updates system) in Fedora infrastructure, A tour of the Xfce desktop, and Using preupgrade.
Ubuntu family Ubuntu Patent PolicyThe Ubuntu Technical Board has discussed and agreed on the project's policy with regard to software patents. "The Ubuntu project strives to deliver a free and complete Operating System fit for general use. Over the years the topic of software patents and their impact on Open Source have been controversial in some parts of the world. This policy outlines the agreed set of of standards and procedures surrounding software patents and Ubuntu." Click below for the entire text of the patent policy.
Other distributions Bootable Yellow Dog Linux USB drive for PLAYSTATION3Fixstars has announced the availability of "YDL on a Stick," a USB flash drive containing a bootable version of Yellow Dog Linux v6.2 for the Sony PS3. ""YDL on a Stick" comes with a customized version of YDL v6.2 on a 16GB OCZ Diesel Flash drive. Chosen for being high quality and durable, the Diesel flash drive has achieved 31.18 MB read performance and 30.78 MB write performance in recent DiskBench performance benchmarks."
Distribution Newsletters Arch Linux NewsletterArch Linux Newsletter for July 2009 is out. "This issue contains an interview with Andrea Scarpino, the KDE maintainer for the i686 architecture. Also, we are bringing all our kernel enthusiasts a tips and tricks section that should be of special interest. Finally, even though we went without a mention in the media this month, we provide an analysis as to why Arch Linux has been so prevalent in media coverage the last few months. And so, without further ado, the Newsletter Team proudly presents the July 2009 issue of the Arch Linux Newsletter. Please, enjoy!"
DistroWatch Weekly, Issue 314The DistroWatch Weekly for August 3, 2009 is out. "The most controversial news of the week was the open letter written by several developers of CentOS, one of the distributions on the DistroWatch's top ten list, to the project's co-founder, pleading for the resolution of a number of key issues. This was taken to the public as a way of getting attention after failing to resolve the issues internally. It turned out to be a good solution; by the end of the week all has seemingly returned to normal in the CentOS land. Another piece of news that stirred much interest on the Internet was the Debian announcement about its planned switch to a time-based freeze model. This was often incorrectly misinterpreted as a switch to a time-based release model, but as many Debian developers were quick to point out, nothing has changed in the "released when ready" Debian release strategy. As for our feature article this week, it is a quick look at the "Core" edition of Slax, a minimalist distribution in 50 MB, which can be a surprisingly good rescue and educational tool. Finally, we are pleased to announce that the recipients of the DistroWatch.com June and July 2009 donations are LiVES and Osmo. Happy reading!"
Fedora Weekly News 187The Fedora Weekly News for August 2, 2009 is out. "This week's issue kicks off with updated details on the Fedora 12 (Constantine) schedule, including an update on feature set scheduled for this week. From the Fedora Planet, tips on how to create your own system branding when building Fedora, lots of detail on debugging random screen blanking in Fedora, and thoughts on why to hate quick software benchmarking. From the Quality Assurance team, details from a discussion around Phoronix's Linux distribution benchmarking in relation to Fedora, fixes to the Test Day live image, and many updates on the weekly meetings related to QA. In Ambassador news, a report from the Congress of Free Software in Caracas, Venezuela and the Venezuela Fedora Team's presence there. In translation news, several updates to translation.fedoraproject.org, details on the Fedora 12 Translation schedule, and new translations for the Quick Start Guide in eighteen different languages. From the Art team, updates on theming Fedora 12 Alpha and details on cutting the Fedora logo on a steel plate. This week issue comes to a finale with news on virtualization, including discussion of how to distribute I/O load across guests, and details on new releases of virt-manager, virtinst, and virt-viewer. These are just a few highlights of this week's FWN. Enjoy!"
The Mint Newsletter - issue 90This issue of the Mint Newsletter covers the release of Mint 7 KDE and more.
OpenSUSE Weekly News/82This issue of the openSUSE Weekly News covers Milestone 4 released, Hackweek IV Results, Vincent Danen: System monitoring with Conky, Joe Brockmeier: Does openSUSE need a default desktop?, openSUSE Forums: Firefox and _64 Java Issue, and more.
Ubuntu Weekly Newsletter #153The Ubuntu Weekly Newsletter for August 1, 2009 is out. "In this issue we cover: Canonical to Offer Ubuntu Desktop Support & Services, Free Books for Approved LoCo teams, DC LoCo Bug Jam, Atlanta Linux Fest & Mini Ubucon, Ubuntu Pennsylvania & FreeGeekPenn, Sharing translations between different releases, Open Mind & Launchpad, More power to the release manager, Writing code for Launchpad, Exporting translations to a Bazaar branch, New layout for kubuntu-de.org, Ubuntu Podcast Quickie #10, Ubuntu Teams Meeting Summary for July, and much, much more!"
Interviews Interview Gentoo Developer Robin H. JohnsonDavid Abbott has interviewed Robin H. Johnson (robbat2), Gentoo Developer, Gentoo Trustee board member, head of the infrastructure team, and more. "Could you give me an overview of the Gentoo infrastructure? Nearly 50 percent of the infrastructure hardware is taken up by web applications, because we have a lot of separation between web applications that have a high security exposure. Admittedly some of the web services are a very big deal for Gentoo, like our Bugzilla service, running on 4 machines sponsored by the Dutch social network, Hyves. Very recently we've gotten new hardware for Forums, sponsored by Gossamer Threads. The next largest slice after that is the machines that provides rsync.gentoo.org service. Only then do we get down to individual machines for purposes. There's some cases where having more hardware as fail-over in case we lose a machine would be nice, but I think the place that'd we would benefit the most presently would be a newer mail server infrastructure, so that we can deploy heavier spam filtering."
Page editor: Rebecca Sobol Development Mutter: a window manager for GNOME 3GNOME 3 is the GNOME project's ambitious effort to take its desktop into the future. A key component of the desktop is the window manager, which defines much of the overall feel of the system. Thomas Thurman, the maintainer of Metacity—GNOME's current window manager—is looking ahead to "Mutter" as the window manager for GNOME 3. Metacity 2 will gradually be phased out in favor of Mutter; in GNOME 2.28 it will be an alternative window manager, while in GNOME 3, it will take over the reins from Metacity. The GNOME Shell, responsible for the new user experience in GNOME 3, runs as a plugin for Mutter. Started as a fork of Metacity, Mutter uses the Clutter toolkit. Clutter does its rendering using OpenGL or OpenGL ES, so using it in Mutter makes hardware acceleration for the window manager possible. Meanwhile, Clutter has just announced its 1.0 release. 500 bugs to squashWith Mutter becoming the new kid in town for GNOME 3, Metacity 2 will not be actively developed any more, except for bug fixes. This makes Mutter essentially Metacity 3. Of course people who would like Metacity 2 to continue because they don't like the Clutter backend may fork it, but it remains to be seen if that would happen. On his blog, Thurman welcomes anybody to do that and offers them "as much support in doing so as possible", but he will switch to working on Mutter himself. Besides all the work that has been done over the years on Metacity, Mutter has 12 contributors with at least three commits. The project is maintained by Owen Taylor and Tomas Frydrych. This fork, however, has one big problem: what to do with the more than five hundred bugs open against Metacity? As Thurman describes on his blog, "this is more than one maintainer can humanly tackle." The simplest "solution" is to close them all, a mistake that GNOME has made in the past with the switch from GNOME 1.4 to GNOME 2. Jamie Zawinski called this the cascade of attention-deficit teenagers model. Thurman proposes a better solution: work through all the bug reports, then decide what to do with each bug. Enhancement requests will not be fixed, unless Mutter or GNOME Shell could use it. Bugs that can be reproduced in Mutter should be reassigned. Bugs that are already fixed in Mutter, such as enhancement requests, should be marked as already fixed. Thurman kindly asks his readers to help him with this painstaking work, for which no volunteers seem to have stepped up yet. New directions for a window managerThe development of GNOME 3 seems to be bringing new ideas from many different directions. Thurman has been doing some investigation into switching to a CSS-based format for Metacity themes; as Mutter is just the new incarnation of Metacity, many of these considerations directly carry over into Mutter: I am convinced that the current theme format is far
too complicated (or, it could be said, far too powerful) for the job it
does. Designing window border themes is not a very complicated matter, but
the current format makes it complicated through requiring complicated
algebraic expressions for placement.
Thurman is proposing a switch to CSS, or at least the use of CSS as an alternative format. He sees several advantages of this approach:
Thurman is also imagining a theme designer, with a simple mode that is a wizard: it would ask the user a series of questions and would then produce some CSS code. An advanced mode would let the user edit each CSS rule individually, and reflect the changes on the screen. He is also working on a wiki, which he'll announce soon, that allows users to enter CSS and render it to an image of the window borders: The idea here is that people who like to play with
theme design are not necessarily the same people who like to build
experimental software, so this lets them test it out using only a web
browser.
Owen Taylor explains another new direction: Mutter will get application-aware window management. More specifically it will get knowledge about tabs: Dave Jordan is working on a GNOME Shell Google Summer
of Code project to let applications export information about their tabs to
Mutter via window properties. This will allow, for example, switching
directly to a specific web browser tab, rather than switching to the
window, then switching to the tab.
Another developer, Sam Hoffstaetter, is working on letting the user group together arbitrary windows as tabs, something that so-called tabbed window managers offer. Each application would think it had multiple windows open, but the user would see them as tabs. The reasoning, which your author is very sympathetic to, is as follows: Being part of
the window-manager, every application would make use of tabs without having
to re-invent them specifically for that application. It has always struck
me that tabs were something that belonged into the window manager, not in
browsers, terminals, editors, etc.
Some issues with MutterInteresting as the new directions may be, some people fear that Mutter will not run on older hardware. For example, the Sugar developers didn't choose Mutter, and went for Metacity instead, exactly because of this fear. However, Taylor puts that in perspective: Our target for Mutter is to provide a good GL-based
compositor. This does exclude machines, like the first generation XO, that
have no 3D hardware. Almost any desktop or standard laptop built within the
last 5 years has sufficiently good graphics.
Another fear that has been expressed is that Mutter will be too tightly coupled with GNOME 3. As GNOME Shell is a Mutter plugin, it depends on it, so users will not be able to use another window manager with GNOME Shell. According to Taylor, this integration is not coincidental but by design. For example, supporting Compiz instead of Mutter would require a window management abstraction layer that "greatly increases the amount of work". However, this approach is problematic for some use cases, as Sam Spilsbury, one of the Compiz developers, pointed out a few months ago: If users were to use compiz with GNOME, they would
lose a significant chunk of essential functionality. This is the dilemma I
am sure a lot of other desktop-agnostic window managers are facing as
well. It would essentially mean that users _must_ use your window manager
in order to use their desktop as normal.
Of course it will perfectly be possible to create a GNOME desktop using another window manager, but then the user would miss out on the new desktop experience of GNOME Shell. For example, users will not be able to swap GNOME's window manager with a flexible window manager such as xmonad and still leave all GNOME functionality intact. Accessibility growing painsThe fact that GNOME Shell and Mutter use Clutter directly makes support for accessibility features such as AT-SPI (Assistive Technologies Service Provider) tricky, because Clutter has no accessibility support at the moment. GTK applications, on the other hand, have ATK (Accessibility Toolkit) which talks with the AT-SPI daemon. However, there's no inherent reason that a switch to a Clutter-based composited user interface should pose any problem for accessibility. The switch in toolkits will need a certain amount of reimplementation. That said, Taylor maintains that some accessibility features such as good magnification could become much easier in Mutter. An active project to provide accessibility interfaces for Clutter is Cally (the name stems from Clutter + a11y), originally funded by Nokia that uses Clutter in Maemo 5. The main developer, Alejandro Piñeiro Iglesias, explains the work he has done:
Cally implements Gnome's ATK interfaces for the basic Clutter objects, but
if you are using a custom Clutter object with extra functionality in your
application, probably extra accessibility support would be required, like
HAIL was required to implement the extra accessibility support for Hildon
widgets.
Cally would be useful to implement accessibility support in Mutter and GNOME Shell, but Iglesias says he should check the code first and see what he needs to implement and how. He presented Cally [PDF.GZ] at the recent Gran Canaria Desktop Summit. A fresh startAccording to Taylor, Mutter is not that exciting in isolation, but it is meant to provide a platform for building exciting user interfaces like Moblin and GNOME Shell: "I'm personally pretty interested in getting applications and the compositor properly synchronized so the user sees everything drawn as smoothly and cleanly as possible." Thurman is excited about the opportunity to get a fresh start and rethink how to interact with the user: We have been working for ten
years in a mindset which is now, of course, ten years old. There's only so
far you can go in a purely evolutionary line of development. That said, I'm
very glad the existing Metacity codebase is being integrated into Mutter
and not thrown away.
The new directions of CSS-based themes and application-aware window management finally make GNOME's window manager more than a dull but necessary component. However, the developers have made some decisions under the hood that will not be popular in some circles. There is no fallback option for those that cannot or do not want to use compositing, and the integration of GNOME Shell with Mutter shuts out alternative window managers. But maybe this is the price that must be paid for innovation.
System Applications Database Software Firebird 2.1.3 RC2 releasedVersion 2.1.3 RC2 of the Firebird DBMS has been announced. "The Team is pleased to announce that the second (hopefully final) release candidate builds are ready to field-test. Builds for 32-bit and 64-bit Linux, Windows and MacOSX Intel are available."
MySQL Server 5.1.37 has been releasedVersion 5.1.37 of MySQL Community Server has been announced, it includes numerous bug fixes and a security fix.
PostgreSQL Weekly NewsThe August 2, 2009 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL DBMS articles and resources.
Embedded Systems BusyBox 1.14.3 releasedStable version 1.14.3 of BusyBox, a collection of command line utilities for embedded systems, has been announced: "Bug fix release. Contains fixes in df (fix for "df /"), ls (problems with colored output in some configurations), ping6 (was not suid, unlike ping), test (parameter to "not" operator is optional), udhcpd (fixed lease file restore routine)."
Filesystem Utilities Tahoe 1.5 releasedVersion 1.5 of Tahoe, the Lofty-Atmospheric Filesystem, has been released. "The Tahoe-LAFS team is pleased to announce the immediate availability of version 1.5 of Tahoe, the Lofty Atmospheric File System. Tahoe-LAFS is the first cloud storage technology which offers security and privacy in the sense that the cloud storage service provider itself can't read or alter your data."
Interoperability Samba 3.3.7 is availableVersion 3.3.7 of Samba has been announced. "This is the latest stable release of the Samba 3.3 series".
Miscellaneous upstart 0.6.3 releasedVersion 0.6.3 of upstart, an event-based replacement for the /sbin/init daemon, has been announced. "The biggest disadvantage to people actually using your software is that they find bugs, this one's a doozy because it looks like it affects older 0.3 releases as well. Now seems as good a time as any to repeat my recommendation that distributions, mobile and embedded appliance developers using Upstart consider using 0.6 in their next release rather than sticking with 0.3".
Desktop Applications Desktop Environments GNOME 2.27.5 releasedVersion 2.27.5 of GNOME has been announced. "It's a good release to get a first feeling of what will be in GNOME 2.28, with the new modules now being integrated and new features popping here and there, in many differents modules. Ah, if only it could do something for the temperature ;-) Please note that this milestone marks the beginning of the feature freeze."
RunPON 0.3 releasedVersion 0.3 of RunPON has been announced. "RunPON is a small Python program useful to run the pon/poff scripts. It shows the elapsed connection time and periodically checks if a given network interface is still active. It can run as a stand-alone application (with a status icon in the tray) or as a Gnome panel applet (and compatible panels)."
GNOME Software AnnouncementsThe following new GNOME software has been announced this week:
KDE 4.3.0 Released: CaizenThe KDE Community has announced the immediate availability of KDE 4.3 "Caizen". "KDE 4.3 continues to refine the unique features brought in previous releases while bringing new innovations. With the 4.2 release aimed at the majority of end users, KDE 4.3 offers a more stable and complete product for the home and small office."
KDE Software AnnouncementsThe following new KDE software has been announced this week:
Xorg Software AnnouncementsThe following new Xorg software has been announced this week:
Games pygame 1.9.0 releasedVersion 1.9.0 of pygame, a Python-based game development platform, has been announced. "Summary of changes: many, many fixes and improvements. The largest amount of changes has gone into this release than any other pygame release."
GUI Packages PyQwt 5.2.0 releasedVersion 5.2.0 of PyQwt has been announced, it includes support for Qwt 5.2.0, bug fixes and more. "it is a set of Python bindings for the Qwt C++ class library which extends the Qt framework with widgets for scientific and engineering applications. It provides a 2-dimensional plotting widget and various widgets to display and control bounded or unbounded floating point values."
Multimedia Miro 2.5 releasedVersion 2.5 of Miro, a video player and podcast client, has been announced. "Yes! We have just released Miro 2.5, a major update with new features, faster performance, audio podcasts, and lots of polish."
Music Applications Guitar-ZyX-0.3 LiveOS announcedThe Guitar-ZyX-0.3 LiveOS is available. "Guitar-ZyX(tm) is a LiveDVD/USB operating system distribution, that can immediately boot both your Nintendo(tm)-DS or DSi, and your x86/64 PC, into a guitar pre-amp f/x processing appliance, complete with wireless dual touchscreen remote control, that you could even velcro or embed in your guitar if you were so inclined. In addition to switching among 80 different f/x presets, the NDS remote control's touchscreen can also linearly control any two of about a hundred independent f/x parameters in real-time. For now, I'm calling the result a 'supertouchwhammypad'."
Office Applications Leo 4.6.2 releasedVersion 4.6.2 of Leo has been announced, it includes bug fixes and other improvements. "Leo is a text editor, data organizer, project manager and much more."
Pyspread 0.0.12 releasedVersion 0.0.12 of Pyspread has been announced, it includes new features and bug fixes. "Pyspread is a cross-platform Python spreadsheet application. It is based on and written in the programming language Python. Instead of spreadsheet formulas, Python expressions are entered into the spreadsheet cells. Each expression returns a Python object that can be accessed from other cells. These objects can represent anything including lists or matrices."
Web Browsers Firefox 3.5.2 and 3.0.13 fix SSL security problemsFirefox updates for two nasty security problems are now available for the 3.0 and 3.5 series. The two problems were recently reported at the Black Hat security conference by Moxie Marlinspike and Dan Kaminsky and can lead to arbitrary code execution via crafted SSL certificates or allow SSL certificate spoofing. "We strongly recommend that all Firefox users upgrade to this latest release." Click below for the full announcement.
Miscellaneous FLiP 1.0 releasedVersion 1.0 of Flip, the Logical Framework in Python, has been announced. "A logical framework is a library for defining logics and writing applications such as theorem provers. One Flip application is a proof checker for entering and editing proofs in natural deduction style".
Languages and Tools C GCC 4.3.5 Status ReportThe August 4, 2009 edition of the GCC 4.3.5 Status Report has been published. "The 4.3.4 release has been created and the final bits of the release process will be carried out soon. The 4.3 branch is now open again for checkins under the usual release branch rules (regression and documentation fixes only). A 4.3.5 release is expected shortly after the 4.4.2 release."
GCC 4.5 Status ReportThe July 29, 2009 edition of the GCC 4.5 Status Report has been published. "Trunk is in Stage 1. We expect that Stage 1 will last through at least the end of August. Pending large merges include at least Graphite, LTO and VTA and these will be considered in deciding when to move to Stage 3. All these merges will need the usual technical review of patches where not already approved by maintainers of the relevant parts of the compiler."
Editors Emacs 23.1 releasedThe Emacs 23.1 release has happened. There's a lot of new stuff in this release, including the much-anticipated (by some, dreaded by others) antialiased font rendering, better Unicode support, an improved daemon mode, a PDF viewer, and more. The NEWS file contains the full list of changes.
Test Suites pylib/py.test 1.0.0 releasedVersion 1.0.0 of pylib/py.test is out. "I am happy to announce pylib/py.test 1.0.0, a MIT-licensed library geared towards advanced testing and elastic distributed programming with Python. It features the mature cross-project py.test automated testing tool with many new features..."
Page editor: Forrest Cook Linux in the news Recommended Reading Don Becker On The State Of HPCLinux Magazine interviews Don Becker about high-performance computing topics. "Another thing that did not really pan out is Linux BIOS (or coreboot as it is now called). For HPC coreboot is not a good thing. For commodity systems, it puts us back to depending on the intimate details of the BIOS,, The current BIOS structure, while it could be improved, is workable. What we can hope for is that the BIOS is gone in less than a second. Right now it gone in a few seconds and I dont see it as an important feature in HPC. Customers asking why not coreboot? may want to consider that at Penguin we were tasked with maintaining a coreboot machine and found that the best solution to get the machine usable was to burn a new standard BIOS."
1 Million Linux Kernels Booted for Vast Botnet Simulation (Linux Insider)Linux Insider covers an experiment at Sandia National Laboratories. "Computer security researchers still don't know much about how botnets work. At Sandia National Laboratories, though, scientists are preparing for a massive experiment. They've booted up 1 million Linux kernels as virtual machines, which will allow them to observe the behavior of a simulated network of 10 million computers online at once -- complete with users who get infected with botnets."
Companies Canonical Expands Ubuntu Linux Landscape (InternetNews.com)Sean Michael Kerner looks at Canonical's Landscape. ""Canonical's Landscape Dedicated Server is a software appliance that is installed on the users' hardware. Updates will be made available by download on an as-needed basis when major kernel/security patches become available," Ken Drachnik, Landscape manager at Canonical, told InternetNews.com. "Of course, this points out one of the major differences between the Hosted edition and Dedicated edition -- users will need to provide hardware and a trained resource to manage Landscape on-site.""
Mentor unveils Android, Linux strategy at DAC (EDN)EDN covers several Linux-related moves by Mentor Graphics. "Mentor Graphics announced its acquisition of Embedded Alley Solutions as a key component of its Android and embedded Linux strategy Wednesday afternoon at the Design Automation Conference. Mentor also announced the integration of its Nucleus Graphical User Interface tool with the ARM Mali graphics processing unit; it announced the availability of a Linux and Nucleus operating-system combination for the Marvell Sheeva MV78200 dual-core embedded processor; and it said that it is extending Embedded Alley's Android mobile-applications platform to support Freescale Semiconductor's QorIQ and PowerQUICC III processors."
Motorola Pledges Cheaper Android Phones (PCMag)PCMag reports that Motorola is planning on releasing more Android-based phones. "Android smart phones. Cheap Android phones. Android phones on the Nextel/Boost iDen network. Motorola CEO Sanjay Jha said many of next year's Motorola phones will run the Google Android OS in a call with analysts today, continuing a big bet on the Linux-based system. "The majority of our new devices will be smartphones, as we expand Android across a broader set of price points," Jha said."
Legal Company Receives Patent for Podcasting (ReadWriteWeb)ReadWriteWeb reports that VoloMedia has patented podcasting. "VoloMedia, a podcast analytics, advertising, and distribution company, just received a patent for "providing episodic media," including podcasts. According to the company, which filed for the patent in November 2003, U.S. Patent 7,568,213 covers all episodic media downloads, not just the RSS-dependent downloads that power today's podcasts. VoloMedia CEO Murgesh Navar says that the company doesn't plan to go after individual podcasters, but that the company plans to "work collaboratively with key participants in the industry." We do wonder, however, if VoloMedia can really claim to have invented podcasting in 2003, given that the concept was already under development by Dave Winer and others in late 2000 and early 2001." (Thanks to Don Marti).
A Jesuit's Guide to Open Standards (Computerworld UK)Over at Computerworld UK, Glyn Moody describes the push to add patent-encumbered technology to "open" standards. "The logic here seems to be that there would be an 'imbalance' in open standards if it were insisted that patents terms were excluded — because balance obviously means having standards with and without patents. While it's true that creates a 'balance', it's a purely linguistic one; the fact is that patent-encumbered standards requiring licensing fees cannot, by definition, be open. That's because they do not create level playing fields: there is always one or more players who occupy a privileged position. So the balance is entirely specious."
Interviews Is free the new pay? (BBC News)BBC News talks with Red Hat's Matthew Szulik. "Mr Szulik was not at Red Hat from day one. "Red Hat used to be a magazine business when I joined," he told Peter Day on the BBC World Service's Global Business programme. The business now accounts for 80% of the open-source market, a fact that has led to some people calling it the Microsoft of the open source world." (Thanks to Neil Sheed)
Resources Will Geolocation Find a Home on Linux Desktops? (Datamation)Bruce Byfield looks at geolocation, coming to a desktop near you. "This year, a new dimension is appearing on the Linux desktop. It's geolocation: the capability to detect and record where you and other people are, and to use the information to enhance the desktop. Potentially affecting everything from the metadata stored with files to the mechanics of social networking, geolocation is already starting to arrive in GNOME and KDE. But the first implementations are only a hint of the features that geolocation might soon provide."
Reviews A first look at KDE 4.3 (ComputerWorld)Steven J. Vaughan-Nichols looks at KDE 4.3 on openSUSE 11.1. "The new desktop style, Plasma Air, is both very attractive and very flexible. It's a nice combination. I'm both happy with its default look and feel, and I appreciate that I can easily set it to working the way I want it to work. One interesting improvement, which you'll need to look closely for, is that you can now reset the System Settings window so that it looks and acts like the KDE 3.x Control Center. Since, I still find that tree-view to be far more useful than the KDE 4.x default, I welcomed this change."
Hands-on: Linux appliances made easy with SUSE Studio (ars Technica)ars Technica reviews SUSE Studio. "Novell has launched a new Web service called SUSE Studio that simplifies the process of building Linux-based software appliances. It provides a convenient interface for creating custom versions of Novell's SUSE Linux distribution with specialized configurations. The service is part of Novell's broader SUSE Appliance Program initiative."
Waddling Past The Windows (Linux Journal)Linux Journal covers an Ubuntu bootable USB key in the shape of an emperor penguin. "Perhaps best about the product, though, is that it gives back more than just your data. AMP [Active Media Products] has partnered with the World Wildlife Fund on the drives, and will be donating five percent of the retail price of each drive to the WWF -- with the commitment of a minimum contribution of $25,000 annually. The company has partnered with the WWF on two other endangered-species drives, for polar bears and pandas."
Miscellaneous GNOME Decides to Ditch Drawings (Linux Journal)Linux Journal covers a recent decision to simplify menus by leaving out the icons. "According to a blog post by Andreas Nilsson of the GNOME Art Team, a new policy on icon use has been adopted for future versions. In addition to adding larger icons for certain locales, the team has decided that the default value of the gtk-menu-images property in future GNOME releases will be changed to false, eliminating most of the icons used in menus. (This would include those used to represent "Open," "Save," and other similar dialogues.) The team feels it will produce a "visually more attractive default and that it will result in a cleaner and more efficient interface.""
The White House Sends an Invitation: PCAST Meeting Aug. 6 and 7 (Groklaw)Groklaw has been invited to a meeting of the President's Council of Advisers on Science and Technology (PCAST), to be held August 6-7, 2009. "PCAST is a group of scientists and engineers who advise the President and the Office of the President, providing policy recommendations. The purpose of the meeting is to set priorities for the coming year. I know many of you are stakeholders, CEOs and executives of companies and leaders and contributors to software projects, but you don't have to be: the general public can contribute also."
Page editor: Forrest Cook Announcements Non-Commercial announcements Coalition launches petition over Amazon/Kindle DRMThe FSF has announced a campaign against digital restrictions management on the Amazon Kindle electronic book reader. "The Free Software Foundation's DefectiveByDesign.org campaign, supported by prominent authors, journalists, and librarians, has launched a petition against the Amazon Kindle's use of digital restrictions management (DRM). "The freedom to read without supervision or interference is central to a free society," said FSF executive director Peter Brown. "When ebook products like the Kindle use DRM to restrict what users can do with their books, that is a clear threat to the free exchange of ideas.""
The FSF launches a "freedom to read" petitionDefectiveByDesign.org has launched a petition to protest Amazon's handling of George Orwell's 1984. "We believe in a way of life based on the free exchange of ideas, in which books have and will continue to play a central role. Devices like Amazon's are trying to determine how people will interact with books, but Amazon's use of DRM to control and monitor users and their books constitutes a clear threat to the free exchange of ideas."
OpenBTS injunction liftedThe injunction against distribution of the OpenBTS cellular base station system has now been lifted. The main effect for the moment appears to be the opening up of the project's internal discussion mailing list. "Also, we'll be updating the gnuradio-based OpenBTS repository and site sometime in September. We'd do it sooner, but we're busy getting ready for this year's experimentation of OpenBTS at Burning Man 2009." See this article from February for a description of some of the problems surrounding OpenBTS.
Commercial announcements Canonical to Offer Ubuntu Desktop support and servicesCanonical will be offering Ubuntu Desktop support and services. "Canonical, the founder of the Ubuntu project, announced today it has launched new support services for individuals using Ubuntu desktop and small businesses looking for cost effective alternatives to Microsoft Windows and Apple Mac. Ubuntu is the fastest growing open source desktop with millions of users around the world using it at home and work. Support from Canonical's team of experts enables users to take full advantage of the powerful Ubuntu operating system. The services include installation support, as well as ongoing assistance with configuration and applications"
Linux Foundation introduces Linux-branded credit cardThe Linux Foundation has announced a new Linux-branded credit card. "The Linux Foundation, the nonprofit organization dedicated to accelerating the growth of Linux, today announced it will offer an affinity Visa Platinum credit card for people who want to contribute to advancing the Linux operating system through Linux Foundation initiatives. This credit card is in response to requests by individuals who want to get involved and support the Linux Foundations community activities, said Jim Zemlin, executive director at The Linux Foundation. Some people write code while others work on marketing or defending Linux. The Linux-branded credit card is an easy way for anyone to contribute to the growth of Linux and identify themselves as supporters of the community by carrying Tux in their pocket."
MIPS makes Android source code publicMIPS has announced the release of the source code for the MIPS architecture port of Android. "MIPS Technologies, Inc., a leading provider of industry-standard processor architectures and cores for home entertainment, communications, networking and portable multimedia markets, today announced it has met a key milestone in driving the Android(tm) platform beyond mobile handsets. Just two months after announcing its port of the Android platform to the MIPS(r) architecture, the company is making the source code publicly available."
MUSA Technology Partners introduces Linux/Open Source service deskMUSA Technology Partners has announced new service support for Linux. "MUSA Technology Partners, a leading provider of technology products, services and support, announced today that it is now offering its Linux and Open Source support services to all businesses. While MUSA's Service Desk currently offers specifically Linux and Open Source support, the firm will be rapidly incorporating additional services over the next six months."
New Books Head First Data Analysis--New from O'ReillyO'Reilly has published the book Head First Data Analysis by Michael Milton.
O'Reilly publishes book excerptsO'Reilly has published a number of new book excerpts including: Afterword: The Language Challenge - Natural Language Processing with Python, Writing Backward-Compatible Code - Ruby Best Practices, Ruby Worst Practices - Ruby Best Practices, Leveraging Ruby's Standard Library - Ruby Best Practices and Parrot Reference - Perl 6 and Parrot Essentials.
Resources Linux Gazette #165 is outIssue #165 of the Linux Gazette has been published. Topics include: "Talkback, 2-Cent Tips, News Bytes, by Deividson Luiz Okopnik and Howard Dyckoff, Away Mission: June - JavaOne, SemTech, and Velocity, by Howard Dyckoff, Away Mission - LinuxWorld Morphs into OpenSource World - August 2009, by Howard Dyckoff, Software Development on the Nokia Internet Tablets, by Bruce Forsberg, Linux Layer 8 Puppet, by Lisa Kachold, GNOME and Red Hat Linux Eleven Years Ago, by Oscar Laycock, Encryption with TrueCrypt, by Ariel Maiorano, Real World Cases For Apache's mod_rewrite, by Anderson Silva and The Linux Launderette."
Linux on the Intel iMac - Triple bootingScott Dowdle presents a HOWTO on Triple booting Linux on the Intel iMac. "Apple realized some time ago that people might want to dual-boot their new machines so they created Boot Camp. Indeed, Boot Camp does make it easy to dual-boot and they even give you all of the drivers needed to make Windows support their hardware... but what about triple-booting? Maybe someday the Boot Camp developers will implement triple-booting but for now it only supports dual-boot."
ODBMS.org publishes panel discussionODBMS.org has released the transcripts from a recent panel discussion. "ODBMS.ORG, a vendor-independent non-profit group of high-profile software experts lead by Prof. Roberto Zicari, has exclusively published the panel discussion "A New Renaissance for ODBMSs?"."
Contests and Awards PHP TestFest 2009 winners announcedThe winners of the PHP TestFest 2009 have been announced. "A group of winners of PHP elePHPhants or TestFest mugs have been picked at random from the people that contributed the 887 tests during the 2009 PHP TestFest."
Red Hat awards Fedora ScholarshipRed Hat has announced the reward of a scholarship program to John McLean. "The Fedora Project, a Red Hat, Inc. sponsored and community-supported open source collaboration, today announced that John McLean is the recipient of the 2009 Fedora Scholarship, a program now in its second year. The Fedora Scholarship program recognizes college and university-bound students across the globe for their contributions to free software and the Fedora Project. McLean was selected from an impressive applicant pool and plans to attend Duke University this fall and double major in computer science and religion."
Surveys Ongoing Oxygen Icons Usability Survey: KDevelop (KDEDot)KDE.News has announced a new Oxygen Icons Usability Survey. "Every few weeks Nuno Pinheiro and the KDE Oxygen Icons team are publishing a new usability survey online to get feedback from users on the look and feel of icons. In particular, the Oxygen team is looking for feedback from individuals that have had no exposure to KDE, so if you are at home or at work, poke your friends and family and have them complete the survey, or simply take the survey yourself."
Meeting Minutes Minutes for GNOME+KDE meeting at GUADECThe minutes from the GNOME+KDE meeting at GUADEC have been published. (Thanks to Brian Cameron).
Calls for Presentations 5th European Conference on Computer Network Defence CFPA call for papers has gone out for EC2ND 2009, the 5th European Conference on Computer Network Defence. "The 5th European Conference on Computer Network Defence will take place in November 2009 at the Politecnico di Milano technical university in Milano, Italy. The theme of the conference is the protection of computer networks. The conference will draw participants from academia and industry in Europe and beyond to discuss hot topics in applied network and systems security." Submissions are due by September 15.
Upcoming Events Feds to host NHIN software code-a-thon (Health IT)The Health and Human Services Department will sponsor a "code-a-thon" on August 27, 2009. "The code-a-thon is expected to foster personal connections and help expand the talent pool of developers that might contribute to the CONNECT project, according to Brian Behlendorf, an open source advocate and a contractor on the administration's Open Government initiative team headed White House chief technology officer Aneesh Chopra."
OpenSource World: we got r0mlRobert "r0ml" Lefkowitz will deliver a keynote at OpenSource World, the event takes place on August 11-13 in San Francisco. "Finally, we get to hear about the missing angle for open source in IT departments. When you drag peer production code and ideas into the Corporate IT Department, can you actually MAKE NEW STUFF with it, or is open source just a snoozy cheaper/more reliable way to do the same old IT projects you were going to do anyway?"
openSUSE Conference Keynote announcementThe openSUSE Conference keynote has been announced. "The opening keynote will be given by Leslie Hawthorn of Google. Leslie is a program manager for Google's Open Source Programs Office, and community manager for the Google Summer of Code. The topic of the keynote is "Mentoring for Fun and Profit," and the full description can be found on the openSUSE Conference Web site."
Events: August 13, 2009 to October 12, 2009The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it. Web sites New KDE Buzz (KDEDot)KDE.News has announced the launch of buzz.kde.org. "While you wait for the KDE 4.3 gates to open, you may be interested in our new buzz.kde.org site, using an experimental "LifeStream" tracking KDE on identi.ca and Twitter, Picasaweb, Flickr and Youtube. Check out buzz.kde.org for the stream for who's saying what about the hottest Free Desktop release this year!"
Audio and Video programs Embedded Linux Conference videos postedThe folks at Free Electrons have posted videos from the Embedded Linux Conference, held in early April. Videos from 45 talks have been posted; they are in high-definition Theora format.
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
