LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for September 16, 2010The Grumpy Editor's Twitter experienceYour editor, being the grumpy, older sort that he is, must confess that he has never quite understood the allure of services like Twitter. 140-Character broadcasts look an awful lot like a combination of the worst features of cellular short messaging and Usenet; it's conversation via bumper sticker. A local disaster recently pushed your editor to spend more time on the site; what follows are some observations, somewhat tenuously tied to the world of free software.While grumpily working through the US Labor Day "holiday," your editor noticed that the sky, as seen through the basement window, had turned a rather sickly shade of orange; the smell of smoke followed shortly thereafter. Drawn away from the keyboard for a quick look, your editor could not miss the fact that a large fire was burning in the hills to the west. While Colorado does not do forest fires on the scale of places like California (actually, we don't do anything on a Californian scale), wildfires are still a serious threat. When the sky fills with smoke, it's natural to want to know what's going on.
Unsurprisingly, the local newspaper's web site was not particularly illuminating. Neither were the television stations. In these situations, TV can be counted on to show impressive videos of slurry bomber runs and burning houses in the evening, while the newspaper provides still photos from the same videos the next morning. The local community radio station was a bit more helpful, but, when disaster strikes in one's neighborhood, it's hard to have too much information. In desperation, your editor went to Twitter and typed in "boulder fire." The results were interesting; the Twitterati were already well engaged in conversation about this emergency. People were reporting their observations and posting pictures from various locations. Evacuation orders were being relayed through the site; given that the local "reverse-911" phone notification mechanism failed outright, it's possible that some people learned of the need to flee their houses via Twitter. A local journalism professor was listening to police and fire radio traffic and posting the interesting parts. Information on evacuation centers and shelters for large animals (horses, for example) was broadcast. The destruction of a fire truck was reported. All within the first hour or so. In other words, Twitter was carrying a great deal of useful information which was available nowhere else. It was enough to keep your editor hitting that "NNN more tweets since you started searching" link over and over again. That said, this information was not as easy to get at as one might like. The signal-to-noise ratio was quite low for a number of reasons, the first of which appears to be an artifact of how "routing" is handled in the Twitter environment. The "follower" relationships lead to a strange topology made of vast numbers of one-way links; one can only broadcast a message to those who have created inbound links. So Twitter appears to have reinvented the old Usenet flood routing mechanism, but without the "I've already seen this" feature. This mechanism, called "retweeting," comes down to people continually rebroadcasting anything that they found interesting. The result is a huge amount of duplicated content, perhaps with a trivial comment tacked on to the end. After a message has gone by 100 or more times (literally), it just isn't quite as interesting as it was the first time. But everybody somehow still feels the need to retweet it for the benefit of those people who hadn't yet caught on to the #boulderfire hash tag. This process goes on for a very long time; messages which were only relevant to the early stages of the fire were still circulating days later. Beyond that, much of what was posted was not particularly useful. Quite a few people felt the need to get into the limelight with "that #boulderfire sure sucks" posts. Local construction companies wanted to be sure we all knew that they are available for the rebuilding of destroyed houses. We were all encouraged to send texts to various numbers to donate money which, they promised, would go to fire victims. Local TV stations assured everybody that they had the best slurry bomber videos. There was also a significant traffic in posts about how all this demonstrated "the power of Twitter." A community of this size - even this sort of temporary community - must necessarily contain at least one troll and at least one nutcase; it's written in the laws of physics somewhere. The #boulderfire "channel" did not disappoint on this score, though many of the participants were quaintly surprised by the presence of these people. The troll was shouted down with impressive efficiency. The nutcase, seemingly representing a local "news" outlet, was able to sustain a regular stream of posts about discoveries of charred bodies (there were actually no serious injuries) and said news outlet's refusal to bow down to the "Twitter police." Need it be said that all of this stuff was mercilessly retweeted dozens of times? In summary, maybe one message in 50 was both original and interesting. That reduces the value of the channel considerably. For added fun, the journalism professor was blocked as a spammer, while the actual spam continued, seemingly unimpeded. Identi.ca is meant to be a free-software-friendly alternative to Twitter. Naturally, your editor had to wander over there to take a look. The good news is that the massive "retweet" traffic was absent; the bad news is that most of the useful traffic was absent as well. Information was sparse at best, and, in general, it seemed more heavily spam-laden than what was found on Twitter; one gets the sense that there is a budding industry in setting up pages allegedly related to breaking news and posting links to social networking sites. In summary: identi.ca was not a useful resource for anybody who wanted to learn about why they were breathing smoke thick enough to obscure the view of the monitor from the desk chair. One might argue that it is a matter of network effects; people post to Twitter because that's where the readers are. Your editor would respond that this situation is unsurprising: identi.ca looks an awful lot like a taillight-following exercise. It may serve as a useful demonstration platform for StatusNet, but it offers no real reason for Twitter users to switch. "Source available" is not a compelling feature for most of these users, and identi.ca lacks anything else which is sufficiently shiny to motivate them to change. In this setting, at least, identi.ca was not able to offer a competitive service. That said, your editor is still not a Twitter user. The fire is mostly controlled, so attention has returned to less noisy information sources - linux-kernel, for example. The value of Twitter is a little more clear, but what is really clear is this: there must be room to do broadcast messaging in much better ways. High-quality information about unfolding local disasters may be a bit of a limited use case - though it's one most of us are likely to want at some point in our lives - but the simple "what's going on?" question is more broadly applicable. If we, the free software community, could come up with a messaging platform which was less noisy, less subject to manipulation, not centrally controlled, and more efficient in getting news to all interested listeners, we would have something worth tweeting about.
Apple's Selective Contributions to GCCRecent discussions on the GCC mailing list have made it clear that Apple won't be assigning copyright to the FSF on its work porting Objective-C 2.0 support to GCC compiler. Apple has published its changes, but has not assigned copyright to the Free Software Foundation (FSF) or pushed its changes to the FSF server for some of its work. We may be seeing the next steps in Apple's apparent plan to move away from GCC and GPLv3-licensed software in general. Apple has clearly been working to reduce its dependency on GCC. The company has been sponsoring work on clang, a front-end for the LLVM Compiler Infrastructure that supports (at the moment) C, C++, Objective C and Objective C++. The developer preview of Xcode 4.0 seems to replace GCC with LLVM and clang. At one time, Apple was content to build on GCC for its developer tools and assign copyright to the FSF. What has changed? Apple's use of GCC for Mac OS X was compatible with the GNU GPLv2, even if the company didn't have any particular love of the FSF's principles. The launch of the iPhone and GPLv3, just a few hours apart, put Apple at odds with the GNU Project. The FSF has noted that the GPLv3 and iPhone are incompatible. Specifically, the requirement for apps to be signed to run on the iPhone runs counter to section 6 of the GPLv3, which says that signing measures cannot prevent apps from running on a device merely because they've been modified. The FSF has also been openly hostile to Apple's iPad launch and App Store as of late. Justifiably so, perhaps, but it's still not the sort of behavior that will encourage Apple to be any more cooperative than it has to. It would appear that Apple is being exactly as cooperative as it has to. The code is being published under the appropriate license - GPLv2 or later - but Apple isn't taking the next steps of pushing its changes to the FSF or assigning copyright as required to be shipped as part of an GNU project like GCC. In theory, the GCC project could pluck the changes out of Apple's sources and integrate them into GCC, but Apple employee and primary author of LLVM Chris Lattner notes that this would go against the FSF policy of requiring copyright assignment: Be aware that none of the changes that haven't been committed to the FSF trees are copyright-assigned to the FSF. In practice, since the FSF cares about copyright assignment, this probably means that you can probably merge whatever is in the apple branch on the FSF server, but you can't take things out of llvm-gcc or the apple gcc tarballs that get pushed out on opendarwin. I'm not a lawyer, so this isn't legal advice, just my understanding of FSF policies and the mechanics of how the copyright transfer works. Richard Guenther points out that some code in the GCC test suites is not FSF-owned, and that GCC/GJC uses libffi, which has Red Hat as the copyright owner. Guenther suggests that the steering committee be asked for an exception to merge the Apple-owned code. This is not, however, an apples to apples comparison. Steven Bosscher notes that the test suites and runtime libraries are not part of the compiler itself, and that the policy has been different for non-compiler components. Further, he says that the "risk of 'leakage'... would be too big," to merit inclusion. And is it really worth the effort anyway? It may be irritating to some developers that Apple will not assign copyright for its contributions to a project that it benefits from, but is it really a major loss for the GCC project? Bosscher suggests that it is not, saying that it may hurt the project more than it helps. "GNU ObjC has so few users that it seems hardly worth the effort to upgrade the GNU ObjC front end to ObjC 2.0." He also points out that Objective-C 2.0 is not a documented language standard, and that Apple's branches may not be the current Objective-C 2.0 that Apple is shipping. Even if the GCC project were to merge the code, it would likely be out of step with the most popular Objective-C 2.0 implementation and would be chasing a small audience that may not be very interested. The final word seems to be that Apple has no interest in contributing the Objective-C changes back to GCC. When asked about a contact at Apple to discuss assigning copyright to the FSF, Lattner responds that "Apple does not have an internal process to assign code to the FSF anymore. I would focus on the code that is already assigned to the FSF." Whether that can be construed as "blocking" contributions to GCC is another question. Apple's motives may not be pure, but it has published the code under the license required and it's the FSF's own copyright assignment policies that block the inclusion. The code is available and licensed appropriately for the version of GCC that Apple adopted. It might be nice if Apple took the further step of assigning copyright to the FSF, but the GPLv3 was not part of the bargain that Apple agreed to when it first started contributing to GCC.
Beta-testing SparkleShareOpen source enthusiasts who have avoided the popular Dropbox file synchronization service now have one more alternative. The SparkleShare project released its first beta last week, initially for Linux users only, but with most of the feature set already in place. The result is not an exact clone of Dropbox, but it may prove to be more useful for many in the free and open source software circle. The beta release was announced on September 4th by lead developer Hylke Bons. SparkleShare comes in a source code package only, and although Windows and Mac OS X front-ends are said to be in the works, the code only runs on Linux at the moment. The application is split into two parts — a backend that handles file transfer and synchronization, and a front end that communicates with it over D-Bus. The current front-end is tied in to the GNOME desktop, including a panel icon, notification messages, and right-click context menu extensions for the Nautilus file manager. The project's blog describes SparkleShare as a replacement for Dropbox, but considering the varied use cases that exist for Dropbox, such a description needs further examination. SparkleShare is specifically designed to enable teams of remote users to share and collaborate together on documents; it is not simply a single-user remote backup service. Nor does it handle concurrent editing; SparkleShare's model keeps a local copy of each shared folder on each team member's hard disk, and sends an updated version of each file to a central storage location when it is saved. It uses Git as its remote storage engine. The current release includes point-and-click support for Gitorious, GitHub, and the GNOME project's repository. An important side effect to note is that SparkleShare is not suitable for storing private data; all files synchronized through one of these public Git-hosting services is accessible to anyone. The choice to use Git as a storage-and-synchronization service reveals something else about SparkleShare: although it is not intended to serve as a complete distributed version control system (DVCS), it is designed to coexist with one. Specifically, SparkleShare is designed to help user interface (UI), user experience (UX), and graphic design teams to collaborate remotely with each other, and to help them collaborate on projects with software developers. The concept grew out of GNOME's London UX Hackfest in March of 2010. The team is spread around the globe, and wanted an open source alternative to Dropbox — but one that would make it easier to merge their work with that of GNOME coders. Test-driveThe beta release is designated 0.2 beta 1, and is provided as a tar archive for Linux desktops running GNOME. It is written primarily in Mono, a choice Bons tacitly admits may irritate some people (in the FAQ, he explains the use of Mono with "Because I hate freedom."). Other build dependencies also include NDesk development packages for DBus support, and Nautilus Python bindings. Runtime dependencies include Git itself and OpenSSH. Compilation is the standard ./configure, make, make install three-step. ![[SparkleShare menu]](/images/2010/sparkleshare-menu-sm.png)
Once installed, the SparkleShare service can be started from the command line ( Before SparkleShare can be used, however, you must connect it to one or more shared Git projects on one of the supported services. The first-run screen allows you to select the service you wish to use and specify the remote project name used; it identifies the user account associated with the service by auto-generating an SSH key in the background using the full name reported by the operating system for the active user account. ![[SparkleShare first-run]](/images/2010/sparkleshare-firstrun-sm.png)
The online documentation provides step-by-step instructions for Gitorius and GitHub — presumably those using GNOME Git or their own public Git repository will be able to figure out the steps through extrapolation. If you do not already have one, you must register an account at GitHub or Gitorious through the services' web sites and set up a project. You must then find and copy the auto-generated SparkleShare SSH public key and paste it into the Git-hosting service's account settings page in order to authorize access. SparkleShare allows you to link each individual project that you set up to a separate folder within your local SparkleShare folder — so you can mix and match project folders from different services and you are not required to use SparkleShare for every project that you host at one of the supported sites. As of today, setup is not entirely point-and-click. It would be nice to allow users to register new accounts at one of the supported Git-hosting sites from within the SparkleShare client; more importantly, it would be nice to simplify the SSH public key configuration process (which requires a terminal window) and to allow users to create a new Git project (shared folder) from within SparkleShare, as this is likely to be a repeated process. Once configured, however, SparkleShare is simple to use. Files copied to the ~/SparkleShare/someproject/ folder are preserved locally and silently mirrored to the Git-hosting service in the background. You can check the logs online to see timestamped commits and pushes, and when a file is updated remotely by another share user, a notification bubble announces it on the desktop, complete with the user's name and Gravatar image. You can even open old revisions of a file by right-clicking it in Nautilus; SparkleShare adds a "Get Earlier Version" menu that tags old revisions by who committed the last change. 0.2 is a small numberThere are a few minor nuisances in SparkleShare, starting with its decision to bury its launcher in GNOME's hopelessly overcrowded "Internet" application menu. Partly this is the fault of the Freedesktop.org menu specification for creating such a generic catch-all category, but SparkleShare is a file-access tool, so it really belongs in GNOME's file access menu. GNOME's file access menu has its own problems; it is the logical choice for accessing the increasing number of online file services, including Ubuntu One, Dropbox, various cloud offerings, and so on, yet all are buried in different locations in the application menu hierarchy. Considering that GNOME also burdens its file access menu with the vague and awkward "Places" moniker (which will also prove confusing when Zeitgeist's geolocation support lands), it is understandable that no application installs a launcher there, but the end result is that users have to hunt around to find their online storage. The interface for adding a project is also in need of some tweaking. SparkleShare works only with Git, which uses the terms "repository" and "project," both of which SparkleShare refers to as "folders." The goal of the application is to make the remote service function as a local folder inside Nautilus, but using different terminology — particularly in the setup process — is unnecessary user confusion. Finally, although SparkleShare is designed to enable team collaboration, you currently must manually change the ownership of a Gitorious project folder to a "team" at Gitorious's web site, and add collaborators one at a time via the web interface in order to share with other Gitorious or GitHub users. As with new account registration, rolling some of this functionality into the SparkleShare GUI would help, particularly for the non-developer target audience. There is still a long way to go before SparkleShare reaches 1.0. Windows and Mac OS X binaries are already prominently advertised as part of the roadmap. In comment threads on his blog, Bons has discussed graphical KDE client support as well as supporting other DVCS options as possible new features. There are critics who argue that Git is a poor choice for sharing large binary files, to which Bons replies that all DVCSes are poor at that task. A stand-alone "SparkleShare server" has also been requested, which Bons says he is looking into. Exactly what such a server would entail is not specified; presumably it involves a different feature set than a public Git repository's, but whether that means simpler remote access, private data, or something else, has not yet been explained. Along the same lines, simply providing instructions on setting up a compatible Git repository would be a helpful interim step — although "on my own server" is a setup option, it is not clear what configuration options are required. As a collaboration tool for designers on technical projects, SparkleShare already offers all of the necessary functionality. A team working on a large GitHub- or Gitorious-hosted project can set up a folder for design work (images, vector graphics, documentation, etc.) and enable its designers to keep in sync with its software developers; that is a big win. On the other hand, it needs to be understood that SparkleShare is not a one-stop "Dropbox replacement." People use Dropbox for a wide range of purposes (including remote backups, access to profile information from multiple desktops, and even remote scripting), some of which are a terrible fit for SparkleShare. Remember that all files stored in SparkleShare are world-readable through public Git repository services — not a good fit for your private keyring. It is also not designed to easily publish large files for public access; although GitHub and Gitorious allow HTTP access to any file, they do not offer a simple "share this" URL for emailing or microblogging a file to others. But do not let any of those use-case mismatches discourage you from trying SparkleShare for its intended purpose; it is already clearly a better option than the proprietary Dropbox for those who care about free software.
Security Remotely wiping mobile phonesA mobile phone "feature" that is touted as a way to remove data from stolen phones is also being used in far less reasonable ways. It is, or could be seen as, an anti-feature added for the benefit of companies, but without taking users' needs into consideration. The "remote wipe" available for (at least) Android, iOS, and Palm's webOS allows Exchange administrators to remotely reset logged-in mobile phones—removing all personal data and resetting them to factory defaults. The amount of sensitive information that is stored on mobile phones today—especially smartphones—is quite substantial. It is no surprise that both companies and individuals are worried about those phones falling into the wrong hands. Under those circumstances, one can well imagine that being able to remotely wipe that data as quickly as possible would be seen as a nice feature. But there are a number of concerns with the current approach. As Nathan Hamblen reports on his blog, remote wipe is currently being misused by Exchange administrators to punish users who access their corporate email from unapproved devices. In many, perhaps most, cases, those unapproved devices are the personal property of a user who is just trying to get their work done. One can understand administrators wanting to impose draconian access rules, and even to enforce them, but punishing users by deleting their photos, applications, and other personal data seems just a tad beyond the pale. Evidently the remote wipe feature was originally added for Blackberry devices to protect against loss or theft. Exchange administrators have been clamoring for the same functionality for other mobile phones as those devices added Exchange compatibility. Over time, the phone makers have complied, with Android adding (and touting) remote wipe in its 2.2 ("Froyo") release. But it's not clear that users are being warned about the power they are placing in the hands of their corporate IT staff when they connect to the Exchange server. From the comments on Hamblen's blog, it would seem that iPhones do not warn users about the remote wipe, but that Android 2.2 does. It certainly is not particularly intuitive that logging in to check your work email suddenly puts your phone at risk. If administrators do not want to provide Exchange access to mobile devices, a smaller, more focused hammer—like access restrictions of some kind—is likely to work out better in the long run. For Android phones, Exchange access—and remote wipe—are implemented in the standard email application. There is evidently no mechanism to override the server security policies via the email application settings, but there is a way to disable the remote wipe functionality for those with root access or the ability to install non-Market applications. Essentially, a securitypolicy.java file in the application bundle (i.e. the .apk file) needs to be changed to turn off security policy enforcement. It seems to be something of a historical artifact that remote wipe is tied to Exchange. Some users and administrators would undoubtedly like to have this capability without it necessarily being dependent on an active connection to an Exchange server. So, some kind of remote wipe protocol getting added into phone operating systems may be on the horizon. That will, of course, open up another set of potential issues. There are obviously situations where a connection to the Exchange server might be interrupted when a phone gets lost or stolen. One would guess that those interested in obtaining phones for corporate espionage—as opposed to the more run-of-the-mill criminal looking for a quick buck at the pawn shop—would know enough to disable Exchange immediately. For those truly concerned about mobile data security, the current remote wipe is something of a half-measure. Beyond the question of administrators wiping phones as punishment for trying to keep on top of email, there are other concerns as well. How well protected is the remote wipe command from attackers? One hopes that Microsoft (and the phone implementers) have provided strong authentication and/or encryption for that command channel. But, as we have seen before, vulnerabilities may well be found that allow random attackers to wipe phones. It's bad enough to give that kind of power over your personal phone to administrators, but putting it into the hands of script kiddies is well over the top. There is clearly a balance to be struck. Companies are rightly concerned about their proprietary information and its dispersal to devices that might end up in the clutches of competitors. On the other hand, those same companies are interested in having productive employees but it is difficult and expensive to hand out smartphones to all employees so they can check their email. Not to mention the fact that many of those people will already have a phone they like and may not be willing to carry around a second one to check their email. The problem goes further than that, though. Laptops and other non-phone devices (e.g. tablets, netbooks, possibly even home desktops) probably hold a lot more sensitive corporate data. Some of those devices can have their disks encrypted and/or require more rigorous authentication for access, but the problem still remains. There will always be windows of vulnerability and sophisticated attackers will find ways to exploit them. The problem here is with data that leaves the confines of the company, regardless of where it is stored. It has been suggested that "cloud" backups of personal data from phones might partially solve the problem as users can just restore their data after being punished for accessing their email. That seems fraught with peril as well, however, not least because the sensitive corporate email probably gets backed up right along with the photos of the user's children and the funny sign they saw on the way to work. In the end, companies that apply punitive sanctions to their employees' personal property for transgressions of the security policy may just find that folks will come up with better ways to spend their time. Perhaps taking pictures or playing games with their phones instead of keeping up with their work email.
Brief items Severe Adobe Flash vulnerabilityFor those of you using the Adobe Flash player (including on Linux or Android), and, possibly, Adobe Reader users as well: the company has announced a "critical" vulnerability which, evidently, is being actively exploited. "We are in the process of finalizing a fix for the issue and expect to provide an update for Adobe Flash Player for Windows, Macintosh, Linux, Solaris, and Android operating systems during the week of September 27, 2010. We expect to provide updates for Adobe Reader 9.3.4 for Windows, Macintosh and UNIX, and Adobe Acrobat 9.3.4 for Windows and Macintosh during the week of October 4, 2010." Even people who cannot do without this software might want to consider taking it off their systems until the update comes out.
O'Brien: Haystack vs How The Internet WorksDanny O'Brien writes about the Haystack debacle, which may have exposed many of the people it was supposed to be helping to protect. "Lessons? Well, as many have noted, reporters do need to ask more questions about too-good-to-be-true technology stories. Coders and architects need to realize (as most do) that you simply can't build a safe, secure, reliable system without consulting with other people in the field, especially when your real adversary is a powerful and resourceful state-sized actor, and this is your first major project. The Haystack designers lived in deliberate isolation from a large community that repeatedly reached out to try and help them: that too is a very bad idea. Open and closed systems alike need independent security audits."
New vulnerabilities couchdb: arbitrary code execution
cvsnt: privilege escalation
django: cross-site scripting
libglpng: arbitrary code execution
mountall: arbitrary code execution
ntop: denial of service
ocsinventory: multiple vulnerabilities
phpMyAdmin: cross-site scripting
samba: remote code execution
slim: arbitrary code execution
webkitgtk: multiple vulnerabilities
Page editor: Jake Edge Kernel development Brief items Kernel release statusThe current development kernel is 2.6.36-rc4, released on September 12. "Nothing in particular stands out, although there's been more noise in GPU development than I'd like at this point (both Radeon and i915). But that should hopefully all be just stabilization. There's also been some PCIe/firmware interaction changes, that should fix way more issues than it breaks." The short-form changelog is in the announcement, or see the full changelog for all the details.Stable updates: the 2.6.34.7 update was released on September 13. "It fixes a single bug that a number of users have reported in that their USB devices no longer work properly. Sometimes it causes lost keystrokes, and other times X refuses to boot as it can not communicate properly with some tablet devices."
Quotes of the week
People who get angry at an unexpected cc need to get a clue. Or
get slapped.
-- Andrew Morton
Nevertheless, everyone I know that has reviewed the newly released
[Broadcom] driver code is being treated for eye cancer. I wouldn't
expect to see it in F-14.
-- John Linville
In the meantime, people are quite happily shipping the 'offending'
b43 driver in all parts of the world without hearing *anything*
from the authorities. And yet the Broadcom lawyers still seem to
cling to their fantasy that a hackable Open Source driver somehow
puts them at more risk than a just-as-hackable closed-source
driver.
-- David Woodhouse
Fixing bugs and making other improvements in the closed source driver is much harder than it is in the open driver, of course -- but if all you want to do is remove restrictions on available channels and tweak things like TX power, that's actually fairly easy with the binary drivers. That's why I say 'just as hackable'.
Broadcom releases an open-source driver for its wireless chipsetsBroadcom - long seen as the last big proprietary holdout in the area of wireless networking - has announced the availability of a fully open driver for its current 802.11n chipsets. "The driver, while still a work in progress, is released as full source and uses the native mac80211 stack. It supports multiple current chips (BCM4313, BCM43224, BCM43225) as well as providing a framework for supporting additional chips in the future, including mac80211-aware embedded chips." It's going into the staging tree initially. (Thanks to Luis Rodriguez).
Citizen LinusIn the middle of a technical discussion, Linus Torvalds let slip that he has just become a citizen of the United States. He can't test patches right away, it seems, because he has to go off and register to vote.
A new combined tree for storage subsystemsOne of the outcomes from this year's Linux Storage and Filesystem Summit was a plan to create a combined tree to help ease the process of integrating changes to various storage subsystems. At the summit, James Bottomley "volunteered" himself to put the tree together, and that came to fruition with his announcement of the tree on September 10. Paralleling the discussion at the summit, there is still the lingering belief that more than just an automatically generated tree may be needed. The tree currently collects patches from several subsystem trees, scsi, libata, and block, along with patches from the dm quilt repository. It is being automatically pulled and built nightly, much like linux-next. It will also be rebased daily against the mainline which will make it somewhat harder for kernel hackers to use—also like linux-next. Because of that, Dave Chinner didn't really see the storage-tree as being all that useful: "I really don't see a tree like this getting wide use - if I enjoyed the pain of rebasing against throw-away merge trees every day, then I'd already be using linux-next." Bottomley acknowledged that complaint, noting that using linux-next had been suggested at the summit, but pointed out that the storage-tree is a much smaller target than linux-next: "The diffs to mainline in the current storage tree are still under a megabyte." Bottomley also noted that the summit participants were a bit skeptical that a tree without a "storage maintainer" to oversee it (a la Dave Miller's networking tree) might not prove to solve the problem, which was one of Chinner's concerns as well. But there are political considerations too. "Unlike net, storage has never had a single maintainer, so it's a bit more political than just doing that by fiat", Bottomley said. Chinner was of the opinion that the summit is the obvious place to have made a decision to appoint a storage maintainer, even if all of the current maintainers of the storage subsystems were not present. But its clear that those who were present wanted to move slowly, as Bottomley described:
This sort of thing doesn't get decided by fiat. If you can't get all of
the relevant parties to agree, you have to demonstrate the need. So
doing a rollup tree to test how much of the problem is solvable that way
seems like a reasonable first step.
The tree is available at git://git.kernel.org/pub/scm/linux/kernel/git/jejb/storage-tree. The nightly diffs from the mainline and log of the pull script are available as well. It is likely to take a bit of time to see if the storage-tree solves the problem with integration of cross-storage-subsystem changes, but it does provide a good starting point.
Kernel development news Improving scheduler latencyThe level of interactive response provided by the kernel's CPU scheduler is the subject of endless discussion and tweaking. It is one of those problems which, seemingly, can never be fully solved to everybody's satisfaction. Some recent discussions on the topic have shown, though, that low-hanging fruit can remain after all these years; it's just a matter of drawing attention to the right place.The CFS scheduler divides time into periods, during which each process is expected to run once. The length of the period should thus determine the maximum amount of time that any given process can expect to have to wait to be able to run - the maximum latency. That length, by default, is 6ms. If there are two processes running, those 6ms will be divided up something like this:
This assumes that both processes are completely CPU-bound, have the same priority, and that nothing else perturbs the situation, naturally. If a third ideal CPU-bound process shows up, that same period is divided into smaller pieces:
This process of dividing the scheduler period cannot continue forever, though. Every context switch has its cost in terms of operating system overhead and cache behavior; switching too often will have a measurable effect on the total throughput of the system. The current scheduler, by default, draws the line at 2ms; if the average time slice threatens to go below that length, the period will be extended instead. So if one more cranker process shows up, the result will be:
In other words, once the load gets high enough, the kernel will start to sacrifice latency in order to keep throughput up. In situations where the load is quite high (kernel builds with a lot of parallel processes are often mentioned), latencies can reach a point where users start to get truly irritable. Mathieu Desnoyers decided he could improve the situation with this patch, which attempted to shrink the minimum possible time slice until there were more than eight running processes; in this way, he hoped to improve latencies on more heavily-loaded systems. Mathieu's patch included some test results showing that the maximum latencies had been cut roughly in half. Even so, Peter Zijlstra dismissed the patch, saying "Not at all charmed, this look like random changes without conceptual integrity." That, in turn, earned a mild rebuke from Linus, who felt that the kernel's latency performance was not as good as it could be. After that, the discussion went on for a while, leading to the interesting conclusion that everybody was partly right. Mathieu's patch was based on a slightly flawed understanding of how the scheduler period was calculated, so it didn't do quite what he was expecting. Rejecting the patch was, thus, the correct thing for the scheduler maintainers to do. The patch did improve latencies, though. It turns out that the change that actually mattered was reducing the length of the minimum time slice from 2ms to 750µs. That allows the scheduler to keep the same period with up to eight processes, and reduces the expansion of the period thereafter. The result is better latency measurements and, it seems, a nicer interactive feel. A patch making just the minimum time slice change was fast-tracked into the mainline and will be present in 2.6.36-rc5. Interestingly, despite the concerns that a shorter time slice would affect throughput, there has not been a whole lot of throughput benchmarking done on this patch so far. Things don't stop there, though. One of Mathieu's tests uses the SIGEV_THREAD flag to timer_create(), causing the creation of a new thread for each event. That new thread, it seems, takes a long time to find its way into the CPU. The culprit here seems to be in the code which tries to balance CPU access between a newly forked process and its parent - a place which has often proved problematic in the past. Mike Galbraith pointed out that the START_DEBIT scheduler feature - which serves to defer a new task's first execution into the next period - has an unpleasant effect on latency. Turning that feature off improves things considerably, but with costs felt elsewhere in the system; in particular, it allows fork-heavy loads to unfavorably impact other processes. Mathieu posted a patch adding a new feature called START_NICE; if it is enabled, both processes returning from a fork() will have their priority reduced for one scheduler period. With that penalty, both processes can be allowed to run in the current period; their effect on the rest of the system will be reduced. The associated benchmark numbers show a significant improvement from this change. Meanwhile, Peter went away for a bit and came back with a rather more complex patch demonstrating a different approach. With this patch, new tasks are still put at the end of the queue to ensure that they don't deprive existing processes of their current time slices. But, if the new DEADLINE feature is turned on, each new task also gets a deadline set to one scheduler period in the future. Should that deadline pass without that process being scheduled, it will be run immediately. That should put a cap on the maximum latency that new threads will see. This patch is large and complex, though, and Peter warns that his testing stopped once the code compiled. So this one is not something to expect for 2.6.36; if it survives benchmarking, though, we might see it become ready for the next development cycle.
Dynamic writeback throttlingWriteback is the process of writing dirty memory pages (i.e. those which have been modified by applications) back to persistent storage, saving the data and potentially freeing the pages for other use. System performance is heavily dependent on getting writeback right; poorly-done writeback can lead to poor I/O rates and extreme memory pressure. Over the last year, it has become increasingly clear that the Linux kernel is not doing writeback as well as it should; several developers have been putting time into improving the situation. The dynamic dirty throttling limits patch from Wu Fengguang demonstrates a new, relatively complex approach to making writeback better.One of the key concepts behind writeback handling is that processes which are contributing the most to the problem should be the ones to suffer the most for it. In the kernel, this suffering is managed through a call to balance_dirty_pages(), which is meant to throttle a process's memory-dirtying behavior until the situation improves. That throttling is done in a straightforward way: the process is given a shovel and told to start digging. In other words, a process which has been tossed into balance_dirty_pages() is put to work finding dirty pages and arranging to have them written to disk. Once a certain number of pages have been cleaned, the process is allowed to get back to the vital task of creating more dirty pages. [PULL QUOTE: So, when the system is under memory pressure and very much needs optimal performance from its block devices, it goes into a mode which makes that performance worse. END QUOTE] There are some problems with cleaning pages in this way, many of which have been covered elsewhere. But one of the key ones is that it tends to produce seeky I/O traffic. When writeback is handled normally in the background, the kernel does its best to clean substantial numbers of pages of the same file at the same time. Since filesystems work hard to lay out file blocks contiguously whenever possible, writing all of a file's pages together should cause a relatively small number of head seeks, improving I/O bandwidth. As soon as balance_dirty_pages() gets into the act, though, the block layer is suddenly confronted with writeback from multiple sources; that can only lead to a seekier I/O pattern and reduced bandwidth. So, when the system is under memory pressure and very much needs optimal performance from its block devices, it goes into a mode which makes that performance worse. Fengguang's 17-part patch makes a number of changes, starting with removing any direct writeback work from balance_dirty_pages(). Instead, the offending process simply goes to sleep for a while, secure in the knowledge that writeback is being handled by other parts of the system. That should lead to better I/O performance, but also to more predictable and controllable pauses for memory-intensive applications. Much of the rest of the patch series is aimed at improving that pause calculation. It adds a new mechanism for estimating the actual bandwidth of each backing device - something the kernel does not have a good handle on, currently. Using that information, combined with the number of pages that the kernel would like to see written out before allowing a dirtying process to continue, a reasonable pause duration can be calculated. That pause is not allowed to exceed 200ms. The patch set tries to be smarter than that, though. 200ms is a long time to pause a process which is trying to get some work done. On the other hand, without a bit of care, it is also possible to pause processes for a very short period of time, which is bad for throughput. For this patch set, it was decided that optimal pauses would be between 10ms and 100ms. This range is achieved by maintaining a separate "nr_dirtied_pause" limit for every process; if the number of dirtied pages for that process is below the limit, it is not forced to pause. Any time that balance_dirty_pages() calculates a pause time of less than 10ms, the limit is raised; if the pause turns out to be over 100ms, instead, the limit is cut in half. The desired result is a pause within the selected range which tends quickly toward the 10ms end when memory pressure drops. Another change made by this patch series is to try to come up with a global estimate of the memory pressure on the system. When normal memory scanning encounters dirty pages, the pressure estimate is increased. If, instead, the kswapd process on the most memory-stressed node in the system goes idle, then the estimate is decreased. This estimate is then used to adjust the throttling limits applied to processes; when the system is under heavy memory pressure, memory-dirtying processes will be put on hold sooner than they otherwise would be. There is one other important change made in this patch set. Filesystem developers have been complaining for a while that the core memory management code tells them to write back too little memory at a time. On a fast device, overly small writeback requests will fail to keep the device busy, resulting in suboptimal performance. So some filesystems (xfs and ext4) actually ignore the amount of requested writeback; they will write back many more pages than they were asked to do. That can improve performance, but it is not without its problems; in particular, sending massive write operations to slow devices can stall the system for unacceptably long times. Once this patch set is in place, there's a better way to calculate the best writeback size. The system now knows what kind of bandwidth it can expect from each device; using that information, it can size its requests to keep the device busy for one second at a time. Throttling limits are also based on this one-second number; if there are not enough dirty pages in the system for one second of I/O activity, the backing device is probably not being used to its full capacity and the number of dirty pages should be allowed to increase. In summary: the bandwidth estimation allows the kernel to scale dirty limits and I/O sizes to make the best use of all of the devices in the system, regardless of any specific device's performance characteristics. Getting this code into the mainline could take a while, though. It is a complicated set of changes to core code which is already complex; as such, it will be hard for others to review. There have been some concerns raised about the specifics of some of the heuristics. A large amount of performance testing will also be required to get this kind of change merged. So we may have to wait for a while yet, but better writeback should be coming eventually.
Fast interprocess messagingAs the number of cores in systems increases, the need for fast communications between processes running on those cores will also increase. This week has seen the posting of a couple of patches aimed at making interprocess messaging faster on Linux systems; both have the potential to significantly improve system performance.The first of these patches is motivated by a desire to make MPI faster. Intra-node communications in MPI are currently handled with shared memory, but that is still not fast enough for some users. Rather than copy messages through a shared segment, they would rather deliver messages directly into another process's address space. To this end, Christopher Yeoh has posted a patch implementing what he calls cross memory attach. This patch implements a pair of new system calls:
int copy_from_process(pid_t pid, unsigned long addr, unsigned long len,
char *buffer, int flags);
int copy_to_process(pid_t pid, unsigned long addr, unsigned long len,
char *buffer, int flags);
A call to copy_from_process() will attempt to copy len bytes, starting at addr in the address space of the process identified by pid into the given buffer. The current implementation does not use the flags argument. As would be expected, copy_to_process() writes data into the target process's address space. Either both processes must have the same ownership or the copying process must have the CAP_SYS_PTRACE capability; otherwise the copy will not be allowed. The patch includes benchmark numbers showing significant improvement with a variety of different tests. The reaction to the concept was positive, though some problems with the specific patch have been pointed out. Ingo Molnar suggested that an iovec-based interface (like readv() and writev()) might be preferable; he also suggested naming the new system calls sys_process_vm_read() and sys_process_vm_write(). Nobody has expressed opposition to the idea, so we might just see these system calls in a future kernel. Many of us do not run MPI on our systems, but the use of D-Bus is rather more common. D-Bus was not designed for performance in quite the same way as MPI, so its single-system operation is somewhat slower. There is a central daemon which routes all messages, so a message going from one process to another must pass through the kernel twice; it is also necessary to wake the D-Bus daemon in the middle. That's not ideal from a performance standpoint. Alban Crequy has written about an alternative: performing D-Bus processing in the kernel. To that end, the "kdbus" kernel module introduces a new AF_DBUS socket type. These sockets behave much like the AF_UNIX variety, but the kernel listens in on the message traffic to learn about the names associated with every process on the "bus"; once it has that information recorded, it is able to deliver much of the D-Bus message traffic without involving the daemon (which still exists to handle things the kernel doesn't know what to do with). When the daemon can be shorted out, a message can be delivered with only one pass through the kernel and only one copy. Once again, significant performance improvements have been measured, even though larger messages must still be routed through the daemon. People have occasionally complained about the performance of D-Bus for years, so there may be real value in improving the system in this way. It may be some time, though, before this code lands on our desktops. There is a git tree available with the patches, but they have never been cleaned up and posted to the lists for review. The patch set is not small, so chances are good that there will be a lot of things to fix before it can be considered for mainline inclusion. The D-Bus daemon, it seems, will be busy for a little while yet.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Security-related
Virtualization and containers
Benchmarks and bugs
Page editor: Jonathan Corbet Distributions An update on openSUSE's strategy searchIn the first half of 2010, openSUSE tried to find its identity. Who is the target user? What are the long-term goals of the distribution? What is its unique selling point? The openSUSE Board ran a survey, held a series of strategy sessions on IRC, and had a strategy meeting in Nuremberg. This resulted in three possible strategies, which were discussed publicly. But at the beginning of September, openSUSE's new community manager Jos Poortvliet admitted that the whole process hasn't been a big success. The openSUSE community didn't go through all this just because they felt the need for some introspection. You can't be the best everywhere, so if you want to be successful, you need to choose your focus. By searching for its identity, openSUSE can find its strengths and build upon them to maximize its competitive advantages. Ultimately, with a better understanding of its identity, the distribution should be able to attract more users and developers. More information about the motivations behind the search for an identity and a strategy can be found in our previous coverage of the process. To reiterate: the openSUSE Strategy Meeting on the last weekend of May resulted in three possible strategies:
Back in June, one of the commenters on the wrap-up blog post made the valid observation that these proposals were either too specific or too generic. When the complete strategy proposals were published mid-June, another commenter exaggerated somewhat but nonetheless had a kernel of truth: The task was to answer the question "Why openSUSE?", to get some direction and focus and perhaps even create some form of mission statement. And what you come up with is to focus on the narrowest of narrow niches, which will make openSUSE irrelevant to 95% of people, including alienating most existing users.
In the general feedback on the discussion, the same concern was voiced by several people: these strategies were too specific, with the risk of losing a number of users for which a newly focused openSUSE doesn't offer an interesting solution anymore. The initial strategy proposalsSo let's look at these strategy proposals and how they have been received. The first one is the home for developers. With this proposal, openSUSE would deliver an integrated platform for developers of all sorts, e.g. web developers, system developers, Qt/GTK developers, Android/MeeGo/WebOS developers, and so on. This would be done by delivering an out-of-the-box experience for all popular open source IDEs and integration of related tools, including deployment tools such as the openSUSE Build Service and SUSE Studio. This proposal was discussed on the opensuse-project mailing list and on the openSUSE forum. For example, Guido Berhoerster commented: While I don't consider any of the three proposals "niche cases" they inevitably imply specialization and this in turn has the potential to alienate both existing and potential new contributors and users.
The second proposal is the base for derivatives. With this proposal, openSUSE would focus on delivering a high-quality, long-term supported (LTS) core distribution, with tools and infrastructure to easily build derivative distributions on top of it. Tools like the openSUSE Build Service, the KIWI image system, and SUSE Studio can be used then to build spin-offs. This proposal was also discussed on opensuse-project and on the forum. Martin Schlander made some critical remarks: derivative makers will not ask "What can I do for openSUSE?" but "What can openSUSE do for me?" and a successful spin-off will receive all the attention instead of openSUSE. His conclusion: "Being a good base for derivatives might be a good sub-strategy, but it's not a good main focus for the project." The third proposal is the mobile and cloud ready distribution. This is an innovative vision where openSUSE would not only embrace mobile and social network services and integrate these with the Linux desktop, but also deliver a server solution to host these services, to be less dependent on companies like Google. OpenSUSE would collaborate with Android, MeeGo and WebOS to create integrated development tools for mobile platforms, and ship tools like ownCloud and Etherpad. Once again, the proposal was discussed on opensuse-project and on the forum. Jan Engelhardt correctly pointed out that there are already enough other distributions to fill this area, so it would become difficult to have a unique selling point. Additional strategy proposalsDuring the discussion of the strategy proposals, some community members presented their own proposals, and some of these were picked up by the openSUSE board and presented for discussion. The first one was not that surprising: openSUSE as the number 1 KDE distribution, which targets essentially what openSUSE already is, but will customize, fine-tune, and polish the KDE technology in the distribution. Although this proposal sounds reasonable, Jos Poortvliet argued on his blog that it didn't make much sense as a strategy. By choosing KDE, this proposal focuses on a solution instead of a goal. Moreover, it's too specific: most users are not interested in the technology but in the result. And last but not least, Jos warned that openSUSE could lose all non-KDE contributors. Another new proposal was about openSUSE for the productive poweruser, summarized as "We cannot compete with Ubuntu for the übernoob segment, and we shouldn't compete with Fedora on being experimental bleeding edge - instead we should pick the middle ground." Another proposal is that openSUSE should become a reference platform as a base for more specific distributions (which sounds a lot like the derivatives proposal), and a last proposal, made by Jan Engelhardt, is for the status quo: quantify what openSUSE tried to do in the past and do it better. A fresh startThe additional strategy proposals are clearly less focused and also more in line with what openSUSE is now. So it's natural to ask: aren't the openSUSE users just happy with openSUSE as it is now? Last week, Jos Poortvliet wrote a strategy statement on the openSUSE blog where he admitted that the discussion had derailed: Over the last weeks there has been a lot of discussion, both internally and externally, about the strategies which have been proposed. However, we also missed a lot of voices from our community. We take responsibility for leaving many of you behind by focusing on a very corporate-management solution to the initial question which prompted this process. A question we think still is relevant: The identity of openSUSE both as a Community and as a Project.
Jos explained that the openSUSE strategy team would like to go back to the start and focus on describing what openSUSE is, as a community, instead of finding new directions. The plan is to highlight the "story" behind openSUSE, to identify who are the target users and what openSUSE offers to them, and to "connect it with the issues that matter most to our community". In an email interview, Jos explained what he means with that last sentence: We want to make sure the new description of openSUSE is wide and can get everyone enthusiastic instead of defining a narrow direction for the future of openSUSE. It also has to be current and at least to some extent forward looking - just not as much as the initial strategies did.
The openSUSE community manager also admitted that the strategy team forgot the initial question ("Why choose openSUSE?") and moved into a direction that was too abstract for the openSUSE users: Some have (maybe rightfully so) questioned that direction and even the term 'strategy' in the first place. It was a bit high and mighty for many in the community, most of which are down-to-earth engineers after all. We lost many community members somewhere in the first few paragraphs of the extensive 'strategy' documentation on the wiki... Still the initial question remained valid: what is unique about openSUSE, both as a community and as a product? So we had some discussions about this and I urged the team to try and go back to the basic questions - just trying to explain what makes openSUSE different.
The fresh start of the strategy discussion doesn't mean that all those discussions were in vain. The openSUSE project has learned a lot in the meantime and has received a lot of constructive criticism. For example, back in June, Guido Berhoerster made a suggestion to re-use the discussion material: Although I agree there has to be some direction for the whole openSUSE project, this should IMO be kept much more general. I'd rather propose that such strategies should be adopted by respective teams diving the given objectives, i.e. the KDE team could adopt the "KDE#1" strategy, the Mobile team could adopt the "Mobile and cloud ready" strategy etc. The strategy for the whole project should then be rather general and encompassing superset of these.
In any case, the strategy team will, based on the input from all those discussions and many private chats the team had over the last months, create a new document with a much simpler scope: describe what openSUSE is. The team will put that description up for discussion in segments over the coming weeks, take the input from the community into consideration, and present a unified version at the openSUSE conference in October, where it will be refined. Jos thinks that the strategy team will get it right this time: It might not be as ambitious but it will fit with what the community wants and needs. From the draft document we now have and the feedback I've gotten over the last few weeks, I feel we have something which is actually quite pronounced and powerful. OpenSUSE has a reputation of offering a stable base ("German engineering") and offering choice and flexibility (e.g. through the openSUSE Build Service0. I think these features are worthy of a professional, powerful solution for people who need to get work done. I think that's all the identity we need, and combined with the great technology we have (OBS not being the least of that) we've got a distribution to aspire to.
ConclusionOpenSUSE is not the only distribution that is struggling with its identity. Even Fedora, which is known for its "bleeding edge" approach, is still not entirely sure of who its users are or how to deliver what those users want. In contrast, Ubuntu doesn't seem to suffer from this problem, probably because it has a benevolent dictator who chooses the direction for the distribution. However, it's interesting to note that Debian also doesn't seem to struggle that much, even though the distribution doesn't have a clear identity, nor a benevolent dictator or a corporate sponsor. While openSUSE's search for a strategy has derailed, it's not fair to call it a failure. As part of the process, the strategy team has received a lot of input from the community. Maybe the most important input was that a community isn't interested in bureaucratic concepts like strategies and SWOT (strengths, weaknesses, opportunities, and threats) analyses. With luck, the strategy team will get it right this time and come up with an identity description its community can identify with.
New Releases MeeGo 1.0 Update for NetbooksThe third update for the MeeGo v1.0 Core Software Platform & Netbook User Experience is available. "This update has 60 bug fixes and is recommended for all users running MeeGo 1.0 for Netbooks."
Distribution News Debian GNU/Linux Resolution: welcome non-packaging contributors as Debian project membersDebian project leader Stefano Zacchiroli has proposed a general resolution which would cause the project to recognize non-packaging contributors as Debian developers for the first time. "The Debian project acknowledges that: [...] Active contributors of non-packaging work, which share Debian values and are ready to uphold Debian Foundation Documents, deserve the opportunity for becoming Debian project members."
Bits from keyring-maintGunnar Wolf has an update from Debian's keyring maintenance team. PGP (v3) keys are gone and the team is pushing for even stronger keys.
Bits from Publicity Team (aka: We are alive!)Debian's publicity team is alive and active. "In many ways Debian is the _how_ of Free Software, not just the _why_. Debian Publicity hopes to demonstrate the practical aspects of Free Software, how a large disparate community can work together motivated by a common cause. Debian is a project with many voices, and the Debian Publicity Team hopes to provide a channel for those voices: we help you to get your message out to many people."
Fedora Fedora defers systemd to F15The meeting summary from the September 14 FESCO meeting (click below) states that the project has decided to ship Fedora 14 with upstart, giving systemd one more development cycle to stabilize. The discussion went on for quite some time, and seemingly could have gone either way; in the end, they converged on pushing it back to F15. "<mjg59> Lennart's sufficiently stoic to cope."
FUDCon Tempe updatePaul Frields has an update about the FUDCon in Tempe, AZ (January 29-31, 2011). Included is information about lodging, pre-registration, subsidies, and technical sessions and hackfests.
Duffy: Fedora Board meetingsMáirín Duffy has a summary of both the September 3rd meeting and the September 8th meeting of the Fedora Board.Máirín has also posted recaps of the meetings held on September 8 and September 13.
New Distributions Welcome to aptosidThe distribution formerly known as sidux has changed its name to aptosid. "Today aptosid opens its gates to continue the distribution previously known as "sidux", created by the same team of volunteers developing software under the Debian Free Software Guidelines. A seamless crossgrade path from sidux to aptosid will be provided until the end of 2010. However a quick change is suggested because of potential issues outside of our influence." The first release of aptosid, v2010-02 is available.LWN last covered sidux in December 2009.
OpenIndiana launchesThe OpenIndiana distribution of OpenSolaris has announced its existence. "Lastly, we intend to enhance the OpenSolaris operating system's ease of use, such that Linux users can make the transition with as little pain as possible. Key examples of how we intend to do this include making far more free and open source software available for our distribution, working with 3rd party software projects so they compile out of the box on Solaris, and providing excellent, easy to understand documentation. We also believe OpenSolaris excels as a server platform, with enterprise features found in no other operating system, such as the ZFS filesystem, Zones, the Service Management Framework, the Fault Management system, the COMSTAR iSCSI/FCoE framework, and the Crossbow virtualised network stack. Combined with bug and security fixes, our stable branch will provide one of the best free server operating systems available on the market."
Newsletters and articles of interest Distribution newsletters
How Ubuntu is Made (LinuxPlanet)Over at LinuxPlanet, Sean Michael Kerner talks with Canonical CTO Matt Zimmerman about the tools and processes used to work with the globally distributed Canonical team. "While Zimmerman noted that he does get together face-to-face fairly regularly with his staff once a quarter, facilitating regular interaction requires a long list of common tools. For instance, Zimmerman said that Canonical engineers do a lot of work through IRC , wikis and teleconferences. The team also uses the open source Gobby tool for collaborative editing and Mumble for voice chatrooms. [...] 'Mumble is sort of like IRC for voice,' Zimmerman said. 'You have a set of channels and then people come and go from one channel to another and whatever channel you're in, there is live voice between the people that are in the room.'"
Shuttleworth: Reflections on Ubuntu, Canonical and the march to free software adoptionMark Shuttleworth responds to critiques of Canonical's (and Ubuntu's) contributions to free software. "When Ubuntu was conceived, the Linux ecosystem was in a sense fully formed. We had a kernel. We had GNOME and KDE. We had X and libc and GCC and all the other familiar tools. Sure they had bugs and they had shortcomings and they had roadmaps to address them. But there was something missing: sometimes it got articulated as "marketing", sometimes as "end-user focus". I remember thinking "that's what I could bring". So Ubuntu, and Canonical, have quite explicitly NOT put effort into things which are obviously working quite well, instead, we've tried to focus on new ideas and new tools and new components. I see that as an invigorating contribution to the broader open source ecosystem, and I hear from many people that they perceive it the same way. Those who say "but Canonical doesn't do X" may be right, but that misses all the things we do, which weren't on the map beforehand. Of course, there's little that we do exclusively, and little that we do that others couldn't if they made that their mission, but I think the passion of the Ubuntu community, and the enthusiasm of its users, reflects the fact that there is something definitively new and distinctive about the project. That's something to celebrate, something to be proud of, and something to motivate us to continue."
Debian with a Hint of Mint (Linux Magazine)Joe "Zonker" Brockmeier takes a look at Linux Mint Debian. "Right now the only edition for LMD is a 32-bit GNOME release. KDE and other desktops, and 64-bit editions, are on hold pending the success (or not) of the first release. With any luck, this will be a long-term effort from the Linux Mint project, and we'll see 64-bit and more soon. It offers a more polished experience while still leaving a direct link to the Debian project. The Mint folks are still sorting out bug reporting, etc., but it'd be fantastic if Mint encouraged more people to become directly involved in Debian (and Mint) through this edition."
Cornec: Which Mandriva is in trouble ?Bruno Cornec worries about the future of Mandriva Linux. "So it seems to me after looking at all these recent events that the orientation that will be taken is to favour the activity of software selling to the detriment of the Open Source activities. Anyway, without Olivier, Anne, Fred, Nicolas, our brasilian friends of cooker, and all the people who have recently left, I have no hope that the new Mandriva firm will be interested in maintaining a distribution anymore when so many people are leaving."
Page editor: Rebecca Sobol Development CouchDB at CouchCamp: RelaxIt's a rare developer summit which ends with a bonfire, s'mores and a sing-along. But somehow it seems appropriate for CouchDB, a new database whose motto is "relax". Last week I went to CouchCamp at Walker Creek Ranch in California, and enjoyed a different kind of conference for a different kind of database.The CouchDB Document DatabaseCouchDB is a "document database", a classic type of database which debuted in the 1960's and has periodically reappeared each decade, most recently through the various XML databases. Today, many of the new "NoSQL" databases are document databases, including Amazon SimpleDB, MongoDB, and MonetDB. Document databases make use of the intuitive concept of each item in the database as a document with a document ID and a large variety of data inside the document, including everything from blocks of text to complex nested structures. Each database is then a collection of documents, instead of tables and columns. Access to data is via either the document ID, or by various secondary indexes. As a rule, document databases do not use SQL, but rely on other interfaces like XQuery, HTTP and proprietary APIs. Unlike its predecessors, CouchDB may have a combination of features which will ensure lasting popularity. First, the database is designed to be 100% accessible and familiar to web developers, thanks to data access via RESTful HTTP interfaces, data storage using the popular JSON serialization format, and database programming in javascript. Secondly, CouchDB has extremely user-friendly asynchronous multi-master replication, designed to support multiple disconnected copies of your data. And finally, it supports the use of map/reduce functions to do multi-database queries, sharding and scaling, and even to build calculated indexes or "views". Unlike many other new non-relational databases, CouchDB supports ACID (Atomic, Consistent, Isolated and Durable) transactions like many SQL databases do, making it more appropriate as a primary data store. CouchDB is written in Erlang. The CouchDB project is a 2-year-old Apache project and recently released version 1.0 (immediately followed by a patch, version 1.0.1). While several of its developers are now working for a Berkeley startup called CouchOne, the project remains completely community-based. Nowhere was this more evident that CouchCamp. CouchCampThe Walker Creek Ranch is an hour's drive north of San Francisco through the winding roads of rural Marin County. There is no cell phone reception, Internet access is intermittent, and there are more foxes and dairy cows than people. This was a different sort of "unconference"; for one thing, the poor connectivity and isolation meant that we had to pay attention to the talks and discussion sessions. It also meant no "tweeting" about the conference sessions. Eighty or ninety people attended CouchCamp, about evenly split between database developers, contributors to CouchDB, and users of the database. In general, they came from all over the United States, with only a few coming in from Europe. CouchCamp was a community summit rather than a user conference, with a lot of the public conference activity to take place at JSConf.eu in Berlin later this month. The conference began with a campfire-lit keynote by Damian Katz, inventor of CouchDB. A former Lotus Notes developer, he wanted to create a database which encouraged sharing and collaboration. Originally he wrote CouchDB in C++, but, once he started grappling with concurrency issues, he rewrote it in Erlang. He's as surprised as anyone that it's now a full-time job and finds himself living in the San Francisco Bay Area -- but he was even more surprised when a raccoon interrupted his talk. The next two days of the conference alternated between general talks and breakout discussion sessions. The talks, given to all attendees, included Stuart Langridge of Canonical on the use of CouchDB in UbuntuOne, Ted Leung of Apache on the importance of community, and Dion Almaer of Palm on CouchDB on smart phones. Interestingly, the CouchCamp organizers also chose to include talks by Selena Deckelmann and myself about features of PostgreSQL which the CouchDB project could learn from or even "steal". In breakout sessions, I learned about GeoCouch, a new competitor to PostGIS, and Spatialite for open source geographic databases. We also discussed more technical topics, including CouchDB's security model, database "compaction" (garbage collection), the current full-text indexing work in progress, and how to create a CouchApp. Database hackers spent a lot of time in both sessions and at meals hashing out longstanding technical issues; I would not be surprised to see a rapid release of version 1.1. There were also a few announcements at or around the conference. Cloudant, a cloud host for CouchDB applications, launched BigCouch, a cloud-scaled version of CouchDB with some form of automated sharding. Couch.io announced its change of name to CouchOne, and then announced a bunch of new hires, including the former documentation lead for MySQL AB. Damian warned people about the need to use version 1.0.1 instead of 1.0.0, which includes a data corruption bug. CouchDB also now comes built-in to newer versions of Ubuntu. Of course, being in California, there were quite a few "gourmet" touches to roughing it: microbrew beers, oysters from nearby Tomales Bay and cheese from nearby Cowgirl Creamery. The only thing missing was a wine tasting; maybe I'll arrange one next time. If you develop web applications, you owe it to yourself to check out CouchDB and see if it's appropriate for your current project. Maybe you'll come out to Walker Ranch next year.
Brief items Quotes of the week
Whether a service runs on nonfree software is not a question that
directly affects the people that use the service. We don't know --
we can't tell as users -- whether there is any proprietary software
on the server. If there is, we are sorry for Google's misfortune
and encourage them to replace it soon, but that is no reason to
refuse to deal with them in the mean time.
-- Richard Stallman
It seems to me that at the present moment LLVM's frontends are
better than GCC's, and GCC's backends are better than LLVM's. By
this I mean specifically that LLVM's frontends generate better
diagnostics, whereas GCC's backends generate code that has better
runtime performance. (LLVM also appears to run faster, which is a
good feature but not in my mind a determining one.) Therefore, I
see a clear benefit to clang->gcc, but I do not see a clear benefit
to gcc->llvm. This comment is of course entirely independent of
the licensing issues.
-- Ian Lance Taylor
FMPS v1.0The Free Media Player Specifications (FMPS) are "designed to provide standard and complete ways to perform common tasks with media (especially music) metadata that may otherwise be very difficult. They aim to be as simple as possible while still being robust and useful, and to be consistent across metadata formats." Version 1.0 of this specification is out; there is also a group called the "FMPS Alliance" forming to standardize details like attribute names across media players.
GNU Radio gets a new maintainerAfter shepherding the GNU Radio project for the last ten years, Eric Blossom has announced that he is stepping aside. "After discussions with GNU Radio developers over the past several months, I'm pleased to announce that long time GNU Radio contributor Tom Rondeau has agreed to take over the GNU Radio 'Maintainer' role from me. For those of you who don't know Tom, he's the perfect person for the job."
IcedTea6 1.9 and VisualVM 1.0IcedTea6 1.9 is a major new release from the IcedTea project. One notable change is that VisualVM support has been removed from IcedTea. Instead VisualVM has been split out to allow for easier packaging, avoiding the need for OpenJDK builds to be dependent on NetBeans platform changes leading to the release of VisualVM Harness 1.0.
pgpool-II 3.0 and pgpoolAdmin 3.0 releasedpgpool-II is a PostgreSQL-based middleware system which provides features like connection pooling, replication, and load balancing. Version 3.0 has just been released. "Pgpool-II 3.0 is an important version in its history. The internal structure has been dramatically enhanced to make it more robust and easier to maintain. Also this version adopts to PostgreSQL 9.0's built-in replication. Many enhancements are added also."
Newsletters and articles Development newsletters from the last week
Issue 1 of "PET: English Translation"PET is a magazine done by "Python guys in Argentina"; the first issue has been translated to English and released. "It has been translated to english by us, and we are not native speakers. Hopefully Shakespeare will not raise from his grave to slap us for grievous offense against his language!" Topics covered include garbage collection, painless concurrency, taint mode, and more.
Page editor: Jonathan Corbet Announcements Non-Commercial announcements WordPress Foundation gets the trademarkMatt Mullenweg has announced that the ownership of the WordPress trademark has been transferred to the WordPress Foundation. "Automattic might not always be under my influence, so from the beginning I envisioned a structure where for-profit, non-profit, and not-just-for-profit could coexist and balance each other out. It's important for me to know that WordPress will be protected and that the brand will continue to be a beacon of open source freedom regardless of whether any company is as benevolent as Automattic has been thus far."
Open Clip Art Library 2.5 Increases Community ContributionThe Open Clip Art Library Version 2.5 is available. "Returning Open Clip Art Library users should quickly discover the most noteworthy feature to be added in this upgrade: an Activities Section. Upon first glance, this newly-implemented box may appear simple enough, but its functionality has become invaluable in the month since its appearance. The Activities Section will serve to keep the OCAL Community up-to-date with the latest goings-on in The Open Clip Art Library Universe. Users can expect to see various new events listed, as they become available, such as: Contests, Clip Art Packages, Tutorials, and more." The announcement also covers the Aiki Framework 0.4 release.
Commercial announcements Stephen Elop to join Nokia as President and CEOThe Nokia blog reports that Olli-Pekka Kallasvuo will be stepping down from his role as President and CEO of Nokia, to be replaced by Stephen Elop. "In a little over a week, Stephen Elop will take over as Nokia's new President and CEO. Following a thorough selection process Nokia believes it has found the right person to lead Nokia through its transformation and that Elop makes a perfect compliment to Nokia's current competencies. Previously Stephen was head of Microsoft's business division after a stint as COO of Juniper Networks and which followed his role as president of worldwide field operations at Adobe Systems Inc."
Articles of interest Will Google's Chrome OS be dead on arrival? (ComputerWorld)Here's a ComputerWorld column suggesting that ChromeOS may face a difficult future. "Chrome-based notebooks are still months away from release, but it's not at all clear that when they finally arrive, people will want them. Given that Android tablets and Windows-based netbooks will be likely available at the same price as Chrome netbooks, will anyone want to buy a device that isn't designed to run local apps?" A better question might be: how will ChromeOS change so that the first official release is competitive with the alternatives?
EFF: Magic Words Trump User RightsThe Electronic Frontier Foundation reacts to the US Ninth Circuit Court ruling stating that the first-sale doctrine does not apply to software sales. "But the potential effects of this decision don't stop there: it risks creating a situation in which violating contracts and end-user license agreements (EULAs) could result in a copyright infringement lawsuit (with the heavy club of statutory damages, attorneys fees and low standards for injunctions) rather than just a simple breach of contract claim."
FSF responds to Oracle v. Google and the threat of software patentsThe Free Software Foundation has put out a statement about Oracle's lawsuit against Google. Not surprisingly, it finds Oracle's position to be "unjustifiable", but it also comes as no surprise that it isn't completely happy with Google either. "Unfortunately, Google didn't seem particularly concerned about this problem until after the suit was filed. The company still has not taken any clear position or action against software patents. And they could have avoided all this by building Android on top of IcedTea, a GPL-covered Java implementation based on Sun's original code, instead of an independent implementation under the Apache License. The GPL is designed to protect everyone's freedom—from each individual user up to the largest corporations—and it could've provided a strong defense against Oracle's attacks. It's sad to see that Google apparently shunned those protections in order to make proprietary software development easier on Android."
Matthew Garrett files case with US Customs against Fusion GarageKernel hacker Matthew Garrett has been looking into GPL compliance on various consumer devices, and has evidently gotten fed up with responses from the Joojoo tablet maker. In the comments on the blog posting, someone purportedly from Fusion Garage asked Garrett to contact them, so maybe it will all get resolved soon. "Fusion Garage, on the other hand, are still failing to provide source and seem entirely unconcerned about it - they've failed to respond to any of my emails since the first. Augen aren't providing source because they can't, while Fusion Garage aren't providing source because they won't. Irked by this, I've decided to try Don Marti's suggestion and file a case with US Customs. I'll admit that I have absolutely no idea how seriously these cases get taken, and so I've no great expectation of any sort of interesting outcome. But even so, if you're in the US and try to buy a Joojoo then there's a chance that it'll be seized by US customs on the way in."
Novell Inc. reaches two-part sale deal (NY Post)The New York Post has a brief and vague article stating that Novell has worked out a deal to sell itself to two companies. "A strategic buyer will buy the piece of the software provider that develops and delivers Linux SUSE systems, with a private-equity firm picking up much of the rest. Both deals are expected to close simultaneously and the company will be de-listed, according to one source, who noted that the talks are in a sensitive stage and could fall apart."
New Books MongoDB: The Definitive Guide--New from O'ReillyO'Reilly has released "MongoDB: The Definitive Guide" by Kristina Chodorow and Michael Dirolf.
Calls for Presentations lca2011 Announces Successful MiniconfsThe 2011 linux.conf.au Miniconf Organisers have announced the mini-conferences that will be held at lca2011 in Brisbane, Australia. The mini-conferences will be held on January 24-25, 2011. While the call for miniconf proposals is over, it may not be too late to submit a proposal to speak at a particular miniconf. "A number of Miniconf organisers have settled on a deadline of Friday 22 October for their CFP; and are publicising that deadline in their CFP statements, and we will include that information here on our LCA2011 website. Using this common deadline is up to individual organisers, but it will make communications easier for paper submitters and also should simplify things for us on the LCA2011 team." See the individual miniconf pages for specific deadlines and requirements.
[CFP] GCC Research Opportunities Workshop 2011The 3rd Workshop on GCC Research Opportunities (GROW 2011) will be held in Chamonix, France, April 2-3, 2011. The call for papers is open until January 31, 2011.
Upcoming Events openSUSE Conference 2010 - Collaborate Across BordersHere's some news about the upcoming openSUSE Conference 2010."The openSUSE Conference brings together users, contributors and friends of the openSUSE project from 20th to 23rd October in Nuremberg, Germany. Over four days, more than seventy talks and workshops explore the theme of 'Collaboration Across Borders' in Free and Open Source software communities, administration and development."
Register For The 17th Annual Tcl/Tk Conference 2010The 17th Annual Tcl/Tk Conference (Tcl'2010) will be held in Chicago/Oakbrook Terrace, Illinois, October 11-15, 2010. The announcement (click below) contains information about registration, the conference schedule and special social activites.
OpenOffice.org HackFest 2010The OpenOffice.org HackFest will take place November 6-7, 2010 in the "Attraktor" in Hamburg, Germany. "the OOoCon just ended, and we realize how little time we can spend together face2face each year. To properly fix that problem, we hereby announce the next event around OpenOffice.org - a HackFest in Hamburg, specifically targeted to developers, to give all of us more face time & collectively work on the code."
Events: September 23, 2010 to November 22, 2010The following event listing is taken from the LWN.net Calendar.
If your event does not appear here, please tell us about it.
Page editor: Rebecca Sobol
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Fire]](/images/2010/fire-lwn-sm.jpg)
![[Scheduler time slices]](/images/ns/kernel/sched-granularity1.png)
![[Scheduler time slices]](/images/ns/kernel/sched-granularity2.png)
![[Scheduler time slices]](/images/ns/kernel/sched-granularity3.png)