its Qt application framework to version
4.6 on December 1st, adding support for
several operating systems — most notably its own mobile platforms:
the recently open source Symbian and the
Linux-based Maemo. Qt 4.6 introduces
new graphics features, new input methods, and updates to the QtScript
scripting engine. Along with the framework itself, Nokia updated its
cross-platform Qt integrated development environment (IDE) Qt Creator to
support the new features and new target platforms.
Previous releases of Qt have supported Linux, similar X11-based Unix
clones, Mac OS X, and Windows desktop operating systems, plus embedded
Linux systems and the Windows smartphone platforms (Windows CE and Windows
Mobile). Qt 4.6 updates the proprietary platform support to the latest
offerings from Apple and Microsoft: Mac OS X 10.6 and Windows 7.
More interesting to open source users is the official addition of three
mobile platforms to the line-up: Symbian S60, Maemo 5 "Fremantle," and the
still-in-development Maemo 6 "Harmattan." S60 was Nokia's platform of
choice for high-end smartphones for years, but its recent moves indicate it
is positioning Symbian as a lower-end phone operating system and
cultivating Maemo for high-end devices. "Preview" Qt releases for both S60
and Maemo 5 have been periodically released over the past year, but the
platforms' official support in 4.6 is new.
Given that the first Maemo 5 device (Nokia's N900) only started shipping
in November, support for Maemo 6 may sound premature. The early release is
in line with Nokia's past Maemo development behavior, however. The core
Nokia-developed applications in Maemo 6 will be rewritten in Qt instead of
GTK+ and Hildon, and Qt will be designated the officially supported toolkit
for application development. Nokia has long tried to get development tools
into the hands of the open source community as early as possible to
accelerate Maemo application development, and the Maemo 6 shift in toolkits
is undoubtedly a disruption the company wants to minimize.
Inside the release
The headlining new features in 4.6 are the Qt Animation
Framework and State Machine
Framework. The two APIs work together; more generally the state
machine framework allows application developers to construct their code
around state graphs, in which the system reacts to stimuli such as user
input by changing between pre-defined states — hopefully leading to
better dynamic user interfaces. As the documentation points out, writing a
state-based application is not required, and simple applications may not
see the benefit. But using the state machine does open up some other
useful APIs, including animation.
The animation framework allows developers to animate transitions between
states, rather than defining animations as timeline-based behavior
triggered by events. The animation framework automatically interpolates
between the "start" and "stop" states of the animated object, and handles
pausing, synchronizing multiple animations, and other details.
Two new input methods debut in 4.6, gesture input and multi-touch.
Multi-touch builds on the existing touch-sensitive interface of the QTouchEvent class.
Qt now handles multiple QTouchEvents simultaneously, and can send different
events to different widgets, or to the same widget. The framework
maintains backward-compatibility with older code by translating
QTouchEvents into QMouseEvents for multi-touch unaware applications.
Gestures are built on top of multi-touch, as gestures may involve
multiple touch points. The QGestureEvent
class provides gesture descriptions and handling.
class allows Qt to perform basic visual effects on arbitrary elements,
including blurring, drop-shadowing, colorization, and changing opacity.
There are also new classes in 4.6 to handle audio, and
API to simplify writing 3-D applications.
Nokia highlights several changes as "performance optimizations." Some,
like a new renderer for the QGraphicsView class, are enhancements to
existing features. Others, such as the QContiguousCache
class (which enables more efficient memory caching by keeping larger chunks
of cached data in contiguous locations) and hardware-acceleration for 2-D
vector graphics via the OpenVG
API, qualify as new features in their own right.
Several key pieces of code for web integration made their way into 4.6.
considerably faster. The QWebElement class
provides an API to access and manipulate the document object model (DOM) of
both web pages and XML documents.
Qt Creator and ... world domination?
Creator IDE was bumped to version 1.3 when Qt 4.6 was released
and supports the new features of the toolkit. The official changelog
details a long list of improvements, most of which fall under the category
of regular enhancements to a still-growing IDE: improved syntax
highlighting and semantic parsing, better searching, better code
refactoring, and so on.
It is telling, however, that here again Nokia's press releases lead off
with the fact that Qt Creator now supports Symbian as a target platform.
Nokia's corporate interest is in building Qt into a cross-platform toolkit
and SDK that can run on every platform available. Linux users may
occasionally lose sight of that fact because of the framework's prominence
in desktop projects like KDE (which will be migrating to 4.6 in
version 4.4.0). But in the broader technology market, the sheer number
of Symbian-powered phones (half of all smartphones, on the order of
hundreds of millions) dwarfs the desktop Linux market easily.
Symbian is now open source, of course, following its 2008 acquisition by
Nokia. Maemo may be the company's ace in the hole for future smartphone
products, but Qt is the tool it will use to keep the programmers developing
for those millions of smartphones from migrating to other platforms as
Fortunately for open source users, Nokia seems to be working
well with the community. In addition to its code contributions, Nokia has also opened up the
Qt development process itself, accepting around
160 code contributions from outside the company, and making the source code repository and official bug tracker publicly accessible.
Qt 4.6 adds some exciting new features, including multi-touch gestures and
an easy-to-use animation API. But the open development process that
brought it to market is just as welcome.
Comments (11 posted)
When your editor was in Tokyo recently, he had the privilege to talk with
KaiGai Kohei at some length about the SE-PgSQL patch set. This work,
developed by KaiGai for the last two years or so, integrates SELinux with
the PostgreSQL database manager, enabling fine-grained control over access
to data stored within a database. The SE-PgSQL patch has struggled to get
into the PostgreSQL mainline; it is now preparing for what may well be its
last push to be merged. Whether it's successful may, in the end, depend on
whether it receives support from potential users.
SELinux works by attaching labels to objects and roles to actors, then
enforcing rules describing what sort of access to objects with specific
labels is allowed to specific roles. It is a highly flexible system, but
also highly complex; even a minimal SELinux policy can involve thousands of
rules. The complexity of SELinux has almost certainly inhibited its
adoption in the broader Linux community; when SELinux gets in the way
of real work, figuring out how to fix it can be a nontrivial task. Over
the years, many administrators have concluded, like Ted Ts'o, that "life is too
short for SELinux."
That said, Fedora and Red Hat have slowly made progress in using SELinux to
confine parts of the system without creating too much user pain. And there
is certainly a place for more comprehensive security models in general. But once one
starts protecting data at the filesystem level, it makes sense to ask
whether data which is accessed through higher-level mechanisms - a
relational database manager, say - should also be subject to the system's
security policies. In an ideal world, the same security policy would be
operative at all levels.
That is the idea behind SE-PgSQL. With this patch, a database
administrator can assign labels to databases, schemas, rows, and columns,
then write access control rules for them. These are SELinux rules, which
are evaluated by SELinux and enforced by PostgreSQL. So access to objects
within the database can be governed by the same policy as access to objects
elsewhere in the system. On the surface, it is an elegant concept. It is
also a concept that NEC (KaiGai's employer) sees as an important component
of its future offerings based around cloud computing. For this reason, NEC
has funded this work for the last couple of years.
The world is full of free software projects which are starved for
developers and which would be overjoyed to accept a feature contribution at
this level. The PostgreSQL hackers are somewhat more finicky, though. As
is the case with a number of longstanding, successful projects, PostgreSQL
developers understand that they will be maintaining any code they accept
for many years, and that they cannot afford to accept code which might
compromise the project's reputation for stability. So they have been
balking at merging SE-PgSQL.
There would appear to be two specific objections getting in the way of
this patch: (1) it's big, complicated, and hard to understand, and
(2) it's not
clear that the benefit of merging this functionality will be worth the
To address the first qualm, KaiGai has worked to minimize the patch to the
greatest extent possible, stripping out much of the functionality in the
process. Among other things, the latest version of the code does not
support row-level labeling. He has also written some extensive
documentation which should be required reading for anybody wanting to
understand how this patch should work. The end result is a patch which
still weighs in at 13,000 lines - but the bulk of it is documentation and
PostgreSQL hacker Bruce Momjian was pleased with
the reduced patch, saying that is "exactly what I was hoping to
see." He also noted, though:
So, one big problem is that no one has agreed to review it, partly
or probably because few developers understand the SE-Linux API, and
many people who have used SE-Linux have been confused by it.
He expressed willingness to do the review, but requested help from
developers who understand SELinux better. KaiGai has offered to try to
round up such a developer, so, with luck, this particular obstacle can be
That leaves the cost/benefit question. The strongest critic of this patch
is almost certainly Tom Lane, who said:
Even if we were to accept the SEPostgres patches lock stock and
barrel tomorrow, I don't foresee that it will ever get to the point
of being useful except to an extremely small group of users who are
driven by extreme need. Nobody else is going to have the
motivation needed to develop custom security policies, and there
simply isn't any chance of anyone developing any generally useful
On the other hand, Josh Berkus noted that
he has seen interest in the feature:
PostgreSQL is the most security-conscious of the OSS databases, and
is widely used by certain groups (security software, military,
credit card processing) precisely because of this reputation.
These folks, while unlikely to speak up on -hackers, are interested
in new/further security features; when I was at the Pentagon 2
years ago several people there from HS were quite interested in
SE-Postgres specifically. Further, I've been mentioning
SE-Postgres in my "DB security talk" for the last 18 months and I
*always* get a question about it.
This unwillingness to speak up on the part of potential users could well
doom this patch. The code probably cannot be minimized much further
without becoming pointless, and even a contributor as persistent and
patient as KaiGai can only get discouraged eventually. It would not be
surprising if this PostgreSQL development cycle were the last go-round for
SE-PgSQL if it is not accepted.
Part of participating in a free software community is contributing code.
But another important part is providing feedback to the developers.
Otherwise, they are unlikely to know which development directions
make sense for many of their users, and they might just turn down patches
which their users would rather see incorporated. Companies are often
reluctant to talk about their security needs and plans. But, for potential
SE-PgSQL users, that kind of silence at this time could be
counterproductive. If nobody shows up to express a need for SELinux
integration into PostgreSQL, the developers might conclude that there is no
interest in this feature and act accordingly.
Comments (22 posted)
Here is LWN's twelfth annual timeline of significant events in the Linux
and free software world for the year.
2009 offered few surprises to those that have been following Linux and free
software for as long as we have. As expected, there were new releases of
many of the tools and
infrastructure that we use on a daily basis. There were also lawsuits over
software patents, arguments over licensing, and various security flaws
found and fixed. Distributions were packaged up and released, more phones
and other devices with Linux and free software were sold, and so forth.
All part of the march to "world domination". We look forward to
This year we will be breaking things up into quarters, and this is our
on April-June 2009. Over the next few weeks, we will be putting out
timelines of the other two quarters of the year.
First quarter timeline
This is version 0.8 of the 2009 timeline. There are almost certainly some
errors or omissions; if you find any, please send them to firstname.lastname@example.org.
LWN subscribers have paid for the development of this timeline, along with
previous timelines and the weekly editions. If you like what you see here,
or elsewhere on the site, please consider subscribing to LWN.
For those with a nostalgic bent, our timeline index page has links
to the previous eleven timelines and some other retrospective articles
going all the way back to 1998.
When I joined in 2001, Debian was The Distribution that a lot of users were
using and all my friends knowing Free Software were dreaming of
contributing to. Things have changed since then: newbies now use Ubuntu or
Fedora, and contributors can easily join their communities. Debian is too
often seen as the old distro that some old timers still use, having a
process to join which is not worth trying. The Debian value that needs to
be improved the most is changing that: putting Debian back into its place.
-- Debian project leader candidate Stefano
CentOS 5.3 released. (announcement)
Ardour, the multi-track audio editor, releases version 2.8. (announcement)
Intel turns over stewardship of Moblin to the Linux Foundation. (press
SGI acquired by Rackable Systems for $25 million. (press
Openmoko downsizes and stops work on the GTA03 to focus on
the then-mysterious "Project B" (Steve Mosher email, PDF
slides from Sean Moss-Pultz's presentation)
BIOS writers tend to have been on pain medication for so long
that they can hardly remember their own name, much less actually make sure
they follow all the documentation.
Steve McIntyre is re-elected as Debian project leader. (announcement)
Oracle buys Sun, though surely they didn't think it would be held up
in the EU regulatory process until at least December. (announcement)
GCC 4.4.0 is released. (announcement, LWN coverage)
Because I care about folks who don't make computing their life blood, I
think the consumer story is a really interesting one. So for that reason, I
think netbooks are really fascinating.
Ubuntu 9.04, "Jaunty Jackalope", is released. (announcement)
NetBSD 5.0 is released. (announcement,
Mandriva 2009 Spring (2009.1) released. (announcement)
We believe that you can't make software that pleases everyone. You can make
software that pleases experts, but most of the time non-experts hate that
-- GNOME Foundation board member Luis Villa
A patch to avoid Microsoft's VFAT patent claim, which was asserted in the
TomTom lawsuit, is proposed on
linux-kernel. (LWN article)
OpenBSD 4.5 is released. (announcement)
Debian announces a switch to EGLIBC, instead of glibc for its C
runtime library. (announcement,
The GNOME volume control exposed a lot of low-level hardware-specific
features that only a tiny minority of people actually really understood,
and the PA volume control exposed a lot of low-level software features that
a slightly larger minority of people only actually really understood.
-- PulseAudio (PA) developer Lennart Poettering
OpenOffice.org 3.1 is released. (announcement)
AMD releases 3D programming guide for R6xx/R7xx chips. (announcement)
Slackware64 is released—based on Slackware 13.0, it is the
first official 64-bit Slackware release. (announcement)
Cisco and the Free Software Foundation settle a GPL compliance
lawsuit; Cisco will appoint a Free Software Director for its Linksys
Linux Mint 7 ("Gloria") distribution is released (announcement, LWN review)
A few months ago, I had to dive into the configuration of sendmail to make
a very small change. It turns out I spent almost an hour trying to make
sense out of a maze of files that were plain unreadable.
-- OpenSMTPD developer Gilles Chehade
Wikipedia switches from the GNU Free Documentation License to the
Creative Commons attribution-sharealike license. (announcement, LWN coverage)
TurboGears 2.0 is released; it is a Python-based web application
KOffice 2.0.0 is released. (announcement)
That's like saying that a squirrel is 48% juicier than an orange - maybe
it's true, but anybody who puts the two in a blender to compare them is
kind of sick.
-- Linus Torvalds
The US Supreme Court agrees to hear the Bilski case, which
could change the software patent landscape. (SCOTUS
The 2.6.30 kernel is released with the TOMOYO security module, nilfs
filesystem, reliable datagram sockets, FS-Cache, and more. (announcement, KernelNewbies coverage)
Fedora 11 ("Leonidas") is released. (announcement)
Here, we find the quadruped
leaping to action in a flash with its 20-second startup -- and do
observe the animal's graceful form, achieved through kernel mode
setting and Plymouth. We discovered, upon further examination, that
the Leonidas maintains his sleek figure through the help of his new
Presto feature, which allows him to keep his bandwidth trim while
digesting updates that keep him healthy and content.
Frields announces Fedora 11
Intel acquires embedded Linux vendor Wind River Systems. (press
KDE audio player Amarok 2.1 is released. (announcement, LWN review)
Ubuntu announces switch to the GRUB2 bootloader for 9.10 ("Karmic
Sugar Labs announces Sugar on a Stick "Strawberry" featuring Fedora 11
and Sugar learning environment version 0.84. (announcement)
We've always said that the talent and creativity of those outside the
company is superior to that inside the company. We have stuck to these
principles. We've have opened up more than any other phone, from any
other company, in the history of this industry.
-- Openmoko CEO Sean Moss-Pultz
Richard Stallman warns about dependence on Mono and C#,which
stirs up a lot of controversy. (RMS's warning, LWN coverage)
Firefox 3.5 is released with private browsing, HTML5 video and audio
PHP 5.3 is released. (announcement)
Python 3.1 is released, focusing on the "stabilization and
optimization of the features and
changes that Python 3.0 introduced". (announcement)
The Ogg codecs (Vorbis and Theora) are dropped from HTML5, which
means there will be no standard codecs for <video> and
<audio> in HTML5. (announcement)
Comments (2 posted)
Page editor: Jonathan Corbet
Inside this week's LWN.net Weekly Edition
- Security: Pogoplug makes internet data sharing easy; New vulnerabilities in grub2, kernel, kvm, ntp,...
- Kernel: 2.6.33 merge window part 1; Minimizing instrumentation impacts; Debugging the kernel using Ftrace - part 1
- Distributions: FreeBSD 8: an evolutionary release of the unknown giant; new releases of AV Linux 3.0, Calculate Linux 10.0, Fedora 12 LXDE Spin and SimplyMEPIS 8.5 beta1; Interview with Klaus Knopper; ClearOS review.
- Development: The Twisted networking framework version 9.0.0, Mobile Firefox, Systemtap meets Python, new versions of rsplib, SQLite, moin, GNOME, LyX, Cyphesis, Wine, Thunderbird, Patchage, Pyro, Git.
- Announcements: Google Public DNS, Artifex sues Palm, Anatomy of a GPL Violation, LAM Best of 2009, Intel 48 core processor, Sugar on a Stick v2, Graphics Survey Results, DjangoSki cfp, PostgreSQL/FOSDEM cfp, Django Sprint, L2Ork debut track.