LWN.net Weekly Edition for August 14, 2003
Bringing free software to voting booths
It has been said many times that the "free" in "free software" should be understood in the sense of freedom, not economy. As has been pointed out by Lawrence Lessig and many others, software code increasingly plays a regulating role in our lives, much like the legal code does. To the extent that we can keep that code free - in view and under our control - our lives as a whole will be more free.Few acts symbolize freedom more than voting. The image of the popular vote is so strong that even the most despotic of governments feel the need to go through the motions; Kim Jong recently won an election with 100% of the vote. In most of the world, fortunately, elections tend to be just a bit more competitive than that. There is, however, a strong trend toward entrusting elections to black-box, closed-source electronic systems. Many of these systems have no auditing capability, no external record of votes cast, and, often, manufacturers with interests that do not always coincide with fair voting results. These manufacturers have resisted adding important features, such as an independent, voter-verifiable printed paper ballot. With many electronic voting systems, the only record at the end of the day is the data sitting on the system's disk. An unaudited, unbacked-up disk file created by unseen, closed-source software is a frightening way of choosing a leader. History shows that, when an opportunity for mischief presents itself, somebody will eventually take advantage of it.
Perhaps more than any other application, electronic voting cries out for the use of free software. Votes are a public resource which should never be filtered through a black box. As one looks around, however, serious projects aiming to create free election software are rare. Some of them (e.g. GNU.FREE, Voting Systems Toolbox) have gone dormant. Others (GVI) are more interested in exploring alternative voting methods. Then there are some (like the recently announced EVM project) which appear to be headed in the right direction, but which are too young to have released any useful code.
Part of the problem, certainly, is that, unlike many other free software projects, an electronic voting project cannot just put up a tarball on an FTP site and watch its software achieve World Domination. There are certification requirements, which vary across jurisdictions. Proposed standards for voting systems are stringent; see, for example, the IEEE's voting equipment standards draft. Human factors and presentation fairness issues loom big in this area. Then, there is security; activists who are concerned about electronic voting have, generally, recommended that voting systems attain a Common Criteria EAL4 rating, above and beyond the voting-specific requirements. Then there is the little matter of turning free voting software into a real product which can be sold and supported, in large numbers, to agencies in charge of running elections.
In other words, the code is not sufficient. Bringing free software to electronic voting will also require substantial amounts of money. Getting a voting system based on free software to an actual deployment will probably carry a multi-million dollar price tag - for a single jurisdiction. This is an effort which is beyond the capabilities of a group of volunteers with a SourceForge site and a bit of code.
Some free software supporters have called for widespread public funding for free software development. Others are very suspicious of increased public influence in this area. But it would seem that voting would be a natural place for governments to support a project or two. Governments are the only customers, and there is a strong public interest in the creation of voting software which is open, auditable, and worthy of trust. The potential for long-term cost savings should have some appeal as well.
Projects which set out to create a free voting system, but which limit themselves to cranking out code, are unlikely to achieve their goals. If such a project wishes to see its code deployed, it almost certainly needs a sub-group which occupies itself with the writing of funding proposals. Some success in that area could go a long way toward the preservation of freedom on a national scale.
This week in SCOland
Last week's Edition prompted a complaint or two about too much SCO coverage in LWN. It is our hope to slowly edge SCO off the front page once again, but the company makes that hard. This case is important for Linux and free software, and we need to keep an eye on it.The big news since last week's Edition, of course, is IBM's response and countersuit, which was filed on August 7. We published a look at IBM's counterclaims on that day; the full text of IBM's filing is also available. IBM's response looks, in many ways, like Red Hat's suit from a few days before, but there are a couple of important differences.
The first is that IBM makes a formal charge of GPL infringement against the SCO Group. Bringing the GPL into the case is not an entirely surprising thing for IBM to do; SCO's violation of that license seem relatively clear. But its presence in IBM's filing sets this case up to be, perhaps, the first true test of the GPL in court. Some of the noises coming out of SCO suggest that the company believes it may be possible to break the GPL in court and would like to do so. We must hope that IBM's lawyers are on top of this part of the case.
The other important difference, of course, is that IBM has alleged four counts of patent infringement. As much as many in the community are pleased with anything that causes discomfort for SCO, the use of software patents is always a cause for concern. A separate article (below) looks at the specifics of IBM's patent allegations and how Linux stands with regard to those patents.
SCO has not skimped on press releases over the last week. The company's response to IBM's counterclaims included an interesting statement:
Exactly how IBM would "move away from the GPL" is not specified. SCO has also claimed the sale of a Linux license to a Fortune 500 company - but, as is usual for SCO, they won't say who the purchaser is or what sort of deal they were offered. Finally, SCO announced the "termination" of Sequent's Unix license.
This is a reiteration of the core of SCO's claim against IBM: the Unix licenses give SCO rights over any code which has ever touched Unix, regardless of its source or ownership.
The next event in the SCO saga is likely to be the company's third-quarter earnings call, happening 9:00 MST (GMT-6) on Thursday, August 14. Among other things, the company will evidently discuss the substantial amount of insider trading which has occurred since the IBM suit was filed. Stay tuned.
IBM's patent offensive
[This article was contributed by Joe 'Zonker' Brockmeier]
IBM's response to SCO's suit last week was met with quite a bit of enthusiasm from the Linux community, but with a tinge of concern as well. Many in the Linux community are concerned about IBM's use of patents to strike back at SCO. While IBM's patent claims are not unexpected, and in fact are sound legal strategy for Big Blue, many worry that IBM may someday use its huge patent arsenal against competitors in the Linux marketplace and not simply as a defensive mechanism against legal predators like SCO.
We took a look at IBM's patent claims to see how they might affect the Linux community, and if Linux projects or vendors could be subject to claims by IBM. It seems, at first glance, a little odd that IBM has chosen to only claim infringement on four of their patents. IBM has thousands of patents, it seems very likely that it could claim that SCO infringes on dozens of patents. However, the patents IBM has chosen affect most of SCO's non-Linux products -- namely, UnixWare and Open Server, Reliant HA and SCO Manager. Users looking for SCO Manager on the SCO website will find that it's not linked to their product section anymore -- but using Google Cache it appears that sales have been suspended.
The first patent infringement claimed by IBM is patent 4,814,746: granted March 21, 1989. This patent covers an adaptive method of compression of data for communications between a host and remote terminals. IBM claims that this patent is infringed by both UnixWare and Open Server.
The second patent claim by IBM is patent 4,821,211: granted April 11, 1989. This patent covers "navigating among program menus using a graphical menu tree" using a pointing device, and IBM claims that SCO Manager infringes on the patent. This seems like a rather obvious invention, and the patent could probably be used against a number of programs. According to the patent, it is novel because of:
This claim limits the patent from being applied against just any GUI application with a menu, but certainly could be applied against applications that allow access to databases on other machines, GUI front-ends for CVS, and a number of other applications you might find being used on Linux.
IBM's third claim is patent 4,953,209: granted August 28, 1990. According to IBM, SCO is infringing on this patent with the UnixWare product. This patent covers a "self-verifying" technique to show that a user has received a data object, agreed to the conditions of the data object's receipt or use, and has installed in for reading or use. Not just the display of the license, but a method of verifying after the fact that the user has actually taken some action to indicate that they have agreed to the license.
Basically, this patent covers a method of distributing software and having the user agree to a license without the need for the vendor to distribute any physical media. A "clickwrap" license scheme, if you will. While this patent may apply to some products that run on Linux from proprietary vendors, it seems unlikely that this patent poses a serious threat to the open source community in general.
The fourth and final (at least for now) patent claim is patent 5,805,785: granted September 8, 1998. This is the only patent that IBM is using against SCO that doesn't predate Linux. IBM claims that SCO's Reliant HA high-availability clustering solution infringes on this patent. This patent covers monitoring and recovery of systems in a distributed or clustered system, and specifically the "detection of and recovery from open-ended, user defined failure events occurring in interdependent subsystems" as opposed to a set of predefined failure events. It seems likely that IBM could also make a case against several products and projects in the Linux space related to clustering with this patent -- if they chose to do so.
While IBM has an enormous patent warchest to draw on, SCO a/k/a Caldera has only one patent to its name; patent 6,529,784, granted March 4 this year. This patent covers "a method for providing system management services to a customer's network of target computers through a communications network." This patent may be of interest to Linux users, as it seems to specifically deal with package management and software dependencies. We may yet be hearing from SCO on patent matters, in addition to their other nebulous claims.
IBM has not proven eager to emulate Amazon in using its patents to damage competitors, but its hands aren't entirely clean, either. There is, for example, the oft-cited case of IBM demanding $20 million from Sun using the threat of patent litigation. While IBM has not been on the patent warpath of late, there's nothing to stop them from deciding to start using their patents against other Linux vendors or community projects that might compete with IBM for customers.
There is no evidence that IBM is gearing up to use its patents against the Linux community at this time, and it does seem unlikely that the company would be willing to squander the goodwill it has accrued thus far. However, there was a time when it seemed unlikely that SCO (née Caldera) would be attempting full-on legal warfare against Linux and the General Public License.
It might be prudent for the community to begin seeking guarantees from IBM, and other Linux vendors with substantial patent portfolios, that they will not use their patents against open source users, projects or vendors. It would also be advisable that members of the open source community work towards modification of the patent system. It seems very likely that patent threats will be the next major hurdle that Linux and open source face -- if not from IBM, then certainly from companies like Microsoft or Sun that are directly threatened by the continued adoption of Linux and open source.
A trip to LinuxWorld San Francisco 2003
LinuxWorld in San Francisco is the premiere trade show event of the year for Linux. For many companies it's a good time to announce new products and new alliances, a time of hype and press releases. LinuxWorld is also a place to network and glimpse a wider range of the IT world. LWN editor Rebecca Sobol was there and presents, My trip to San Francisco, LinuxWorld 2003.This LWN editor has very limited trade show experience. The Linux Business Expo (LBE) at Comdex 1999 and the LBE, Comdex 2000 and a couple of local shows comprise the sum total of my experience. In comparison, LinuxWorld 2003 is a smaller show than the LBEs of the past, though larger than any local show. In 1999 many small companies came to the LBE hoping to be acquired by larger companies who were planning IPOs. LWN and an Australian company called Moreton Bay were among those small companies with booths near the back of the LBE. In 2000 LWN was acquired by Tucows.com and Moreton Bay was acquired by Lineo, and life seemed pretty rosy, for a while. Now, in 2003, LWN is once again independently owned and operated, and so is Moreton Bay, with the new name of SnapGear.
At LinuxWorld 2003 SnapGear joined other survivors of that era and newer companies, with small booths to the east and north. The .org pavilion took up the northwest section, leaving the center floor near the entrance to the larger companies. IBM took up the most space, with a sprawling pavilion and additional crew in partnering booths, like those of Red Hat and SuSE. Other companies with prime real estate include Sun, Microsoft, Dell, Oracle, and Intel.
Microsoft was in a slightly smaller booth near the edge of the main space, close to the .orgs. There happy customers were eager to talk about how well Microsoft products work in their clustering, number crunching, high availability environments. Elsewhere open source and proprietary go hand in hand as applications and appliances use Linux and other open source components to power not-so-open products. A single person from the U.S. Internal Revenue Service had free (as in beer) CDs with tax preparation software for Windows and Mac.
On Monday your editor went for a long walk around the streets of San Francisco, with the old LWN camera. By Monday night it was clear that the old camera has seen better days. There may may or may not be pictures hidden inside, but if they are there they are inaccessible, so unfortunately there will be no photos to brighten this essay.
Tuesday began with Red Hat's press conference announcing the filing of a lawsuit against SCO. At the press conference Red Hat CEO Matthew Szulik also talked about the creation of a Legal Defense Fund for the open source community. Red Hat hopes that other companies who depend on open source software will add to this $1 million fund to help pay for the future legal needs of open source developers.
The next stop on my agenda was with SGI, who shares space in the Intel booth. Ginny Babbitt and the LWN fan club at SGI build multi-processor Altix systems with SGI ProPack software. Irix, SGI's proprietary UNIX, is still used for some jobs, but more and more Linux rules at SGI.
Later, in the meeting rooms Dell Director Reza Rooholamini talked about Dell's high-performance computing clusters (HPCC) with PowerEdge servers. Among Dell's HPCC customers are the National Center for Supercomputing Applications at the University of Illinois, Urbana-Champaign (NCSA). That Dell HPCC cluster runs Red Hat Enterprise Linux and ranks among the fastest supercomputers in the world. Dell can customize any system, whether a supercomputing HPCC or a home PC, with your choice of OS, including several flavors of mainstream Linux. Reza told us that Dell puts Linux on just under 30% of their sales.
Tuesday night at the SnapGear party we celebrated independence and new business models that are more realistic than, 'get acquired and make a killing at the IPO'. SnapGear makes small VPN/router boxes embedded with uClinux and other open source software, so that when you plug the box in, "it just works". They will build custom boxes too, if you want something beyond the standard models, and the boxes all come with source code.
Wednesday morning started very early, with the Linux Professional Institute (LPI) advisory board meeting. Lots of topics were discussed during the course of this not-quite-two-hour meeting. To begin with Evan Leibovitch, President of LPI talked about the the new LPI website, available in thirteen languages; and how they manage to keep all the translations current.
We also learned that many certification organizations from many different
disciplines are part of a larger group that addresses some common problems,
like cheating on tests. LPI is now a member of the Information Technology Certification
Security Council (ITCSC), a membership funded organization, formed
"to preserve the security and integrity of certification tests for
the benefit of certified professions, their employers, and those companies
granting IT certification
".
Lintraining.com is now sponsored by LPI, making it easier than ever to find the training people need to become certified.
Another topic was making exams available to everyone, not just those that can easily come up with the fee. In developing countries people are sometimes trapped in a situation where they are unable to afford certification testing, but they also cannot find a job without the certification. The other side of this is that LPI is setting up testing labs where at least a part of the test is done in a hands-on computer lab, making the testing facility more expensive.
Level 3 exams are in the works, but there are questions about the form they will take. LPI strives to create exams are that distribution neutral, but at level 3 there are system administration tasks are done very differently by different Linux vendors.
Sponsorships keep LPI running, and Evan thanked Novell for becoming it's newest sponsor. At the end of the meeting he also mentioned that SCO is still listed among LPI sponsors. Caldera was LPI's first sponsor in 1998, he told us, and many of same people are still at SCO, working in the trenches to do good things, in spite of the actions of a few people in management. So SCO's logo remains on the site to honor those Calderan's who continue to do good things from the trenches.
Later that morning, in the Oracle meeting room, I talked to Wim Coekaerts, Oracle's main kernel hacker. Oracle's customers want Linux, so Oracle has made agreements with the major Linux vendors to provide Linux along with Oracle products and services. Oracle handles all the service calls, working with the distribution vendor when necessary to resolve their customer's problems. Linux is used in-house at Oracle.
The Oracle database, however, will remain proprietary for the foreseeable future. Wim said that when Oracle released it's ClusterFS under the GPL, their customers didn't care. Not a one ever submitted a patch or paid the slightest attention to the source code. It seems that Oracle customers don't have much, if any, IT department. Instead they rely on Oracle to keep their systems running. They like Linux because it's reliable and inexpensive, not because they can see the source code. Oracle provides a total package of software, hardware and support. Open source databases like MySQL and PostgreSGL are no competition, because they really aren't in the same business.
Oracle had a statement prepared August 5, 2003 to respond to any
mention of SCO. "Oracle believes that anything that leads to a
more rapid resolution of the issues raised by SCO is good for the
industry and for the open-source community. Oracle has seen nothing
to date that has caused us to question our tremendous commitment to
Linux as a customer, promoter, supporter, and developer. We are
continuing our deep commitment to Linux and look forward to seeing
these issues resolved as quickly as possible. We will continue to
work with our close partners such as Red Hat and other Linux
distributions to promote continued adoption of Linux.
"
Booth strolling took up part of Tuesday and Wednesday. Many booths were visited and there were conversations with many people, too numerous to name here. Most people shared a desire for the swift resolution to the SCO mess. Overall, people seemed confident about the future of Linux and of their business.
Security
Brief items
Bitten by old bugs
Michal Zalewski recently publicized a couple of denial of service problems with the Postfix mailer. Distributors responded quickly; here's a quick look at who released updates and when:
| Distributor | Updated versions | Response time (days) |
|---|---|---|
| Conectiva | 7.0, 8 | 1 |
| Debian | 3.0 (woody) | 0 |
| EnGarde | Community 1.0.1, 2 Professional 1.1, 1.2, 1.5 | 1 |
| MandrakeSoft | 8.2, 9.0, Corp. Svr. 2.1 Firewall 8.2 | 1 |
| Red Hat | 7.3, 8.0, 9 | 1 |
| SuSE | 7.2, 7.3, 8.0, 8.1... | 1 |
| Trustix | 1.2, 1.5 | 3 |
(See the LWN vulnerability entry for current information on distributor updates). Here, "response time" is calculated as the number of days between the posting of Michal's advisory and the distributor update. Distributors clearly had a bit of advance notice with which to produce their updates, which is a good thing. There was very little delay before updates were made available to users.
The only problem is that, as Postfix creator Wietse Venema pointed out, both of the vulnerabilities had been fixed a long time ago. One of the problems was fixed in version 1.1.12, released in November, 2002. The other (fixed in 1.1.13) does not exist in Postfix 2.x, which has been available since February. But even relatively modern distributions (such as Red Hat Linux 9) are built with version 1.1.11, which dates back to May, 2002. It is laudable that the distributors were so quick to make updates available. But if they had stayed a little closer to the current release of Postfix, much of this scramble might have been unnecessary, at least for more recent distribution releases.
One can always come up with possible reasons for the shipping of such old software. For most distributions, only a small minority of users run Postfix, so it is probably relatively low on the prioritized list of packages to update. Switching to a new major release (2.0) is always a bit of a scary move; distributors tend not to rush into that sort of change. And, then, there is the little fact that neither fix was marked by the Postfix developers as a security fix. As we have seen in this case, distributors move quickly when a security issue is outstanding, but slowly otherwise.
The fixes were not advertised as being security related for a simple reason: the developers did not know - in either case - that a security bug was being fixed. One fix just sort of happened during a big (2.0) code reorganization, and the other fix looked like just another bug fix at the time. The end result is that, as a result of inaction on the part of both developers and distributors, users have been running vulnerable code for months when a fix was available.
GNU project FTP server compromised
As described in this statement from the FSF, the GNU FTP server was compromised, and a trojan horse was found there. Interestingly, the compromise appears to have happened last March (via an exploit of the 2.4 ptrace() vulnerability), but it has only come to light now. The project has been going through a detailed effort to compare files against known checksums, and is cautiously concluding that no source code was modified by the crackers.
New vulnerabilities
ddskk: insecure temporary file
| Package(s): | ddskk | CVE #(s): | CAN-2003-0539 | ||||
| Created: | August 11, 2003 | Updated: | August 12, 2003 | ||||
| Description: | Daredevil SKK is a simple Kana to Kanji conversion program, an input method
of Japanese for Emacs and XEmacs.
ddskk does not take appropriate security precautions when creating temporary files. This bug could potentially be exploited to overwrite arbitrary files with the privileges of the user running Emacs and skk. The Common Vulnerabilities and Exposures project (cve.mitre.org) has allocated the name CAN-2003-0539 to this issue. | ||||||
| Alerts: |
| ||||||
pam-pgsql: format string vulnerability
| Package(s): | pam-pgsql | CVE #(s): | CAN-2003-0672 | ||||
| Created: | August 11, 2003 | Updated: | October 1, 2003 | ||||
| Description: | Florian Zumbiehl reported a vulnerability in pam-pgsql whereby the username to be used for authentication is used as a format string when writing a log message. This vulnerability may allow an attacker to execute arbitrary code with the privileges of the program requesting PAM authentication. | ||||||
| Alerts: |
| ||||||
xpcd: buffer overflow
| Package(s): | xpcd | CVE #(s): | CAN-2003-0649 | ||||
| Created: | August 13, 2003 | Updated: | August 13, 2003 | ||||
| Description: | The xpcd utility contains a buffer overflow which can be exploited via over-long environment variables. | ||||||
| Alerts: |
| ||||||
zblast: buffer overflow
| Package(s): | zblast | CVE #(s): | CAN-2003-0613 | ||||
| Created: | August 11, 2003 | Updated: | October 1, 2003 | ||||
| Description: | Steve Kemp discovered a buffer overflow in zblast-svgalib, when saving the high score file. This vulnerability could be exploited by a local user to gain gid 'games', if they can achieve a high score. | ||||||
| Alerts: |
| ||||||
Resources
Phrack #61
Phrack issue 61 has been announced; it includes articles with titles like "Hijacking the Linux page fault handler," "Infecting loadable kernel modules," and "Hacking da Linux kernel network stack." Have fun...LinuxSecurity.com newsletters
The latest Linux Advisory Watch and Linux Security Week newletters from LinuxSecurity.com are available.
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current development kernel is 2.6.0-test3, released by Linus on August 8. Changes this time around include a merge of the SELinux security module, a new print_dev_t() function which is portable across architectures (and dev_t size changes), some power management and software suspend fixups, an ALSA update, a bunch of CPU frequency work, some disk readahead changes (avoiding work if the drive is too busy to do readahead anyway), and, of course, a vast number of fixes. There has also been an API change for block drivers; the Driver Porting series has been updated accordingly. The long-format changelog has the details, as usual.Linus's BitKeeper tree contains only a small number of fixes as of this writing.
The current stable kernel is 2.4.21; Marcelo released the second 2.4.22 release candidate on August 8 with another set of fixes.
Kernel development news
Coming soon: MSI support
Modern hardware manufacturers have a problem: too many pins. Often, one of the most expensive part of a chip (or bus card) is simply connecting all of the wires. A chip that should be small and take up little board space can expand to several square centimeters to make room for the large number of leads required. So the hardware folks are very interested in anything that reduces pin counts; this is part of the motivation behind serial technologies like USB and serial ATA.One target for pin-chopping engineers is interrupt lines. As a way of eliminating interrupt lines and moving further toward a "legacy free" environment, a (relatively) new PCI bus feature called "message signaled interrupts" (MSI) has been introduced. Essentially, MSI works by moving interrupts onto the data bus with the rest of the data traffic. An MSI-capable device signals an interrupt by writing a specific data value to a special address. The operating system can then trap that write and dispatch the interrupt accordingly.
Someday, in the future, all devices will do MSI and separate interrupt lines will no longer be necessary. Until then, there is one other advantage to the MSI scheme: devices can be assigned multiple message types, which can function as entirely separate interrupts. Thus a complicated device can indicate different situations with different messages, and each will be quickly routed to the appropriate service routine in the driver.
MSI is relatively new, and hardware support for MSI is just beginning to appear. The Linux kernel does not have support for MSI - yet. Tom Nguyen (of Intel) has posted a patch designed to change that state of affairs. His MSI patch is broken into two big chunks. The first adds a layer of indirection ("vector indexing") to the interrupt management code. The second then uses vector indexing to implement full MSI (and MSI-X, an extended version of MSI) support. Included in the patch is a documentation file (MSI-HOWTO.txt) describing MSI and the Linux implementation.
The MSI patch is far from inclusion into the mainline kernel; review on the linux-kernel list has brought out a lot of things that people would like to see changed first. But once things are ironed out, MSI could go in fairly quickly. It's late in the game to be reworking the 2.6 interrupt handling code, but MSI should be ready for an early 2.7 inclusion.
A different ATA driver
Much work has been done through 2.5 to improve the ATA/IDE layer. The work of Bartlomiej Zolnierkiewicz, Alan Cox, and others has brought a great deal of order and correctness to this code. Not everything that might have been hoped for at the beginning of 2.5 has been done, but things have clearly moved in the right direction.Meanwhile, Jeff Garzik has been quietly developing a completely different driver for ATA drives; he posted libata 0.70 this week. Jeff's driver concentrates on newer hardware, with an emphasis on serial ATA drives. The interesting aspect of libata, however, is the approach it takes: it essentially functions as a translation layer which makes ATA drives appear to be SCSI devices. They are managed by the SCSI layer, and do not appear as IDE drives to the user at all.
This is not as strange a thing to do as one might think. The ATA protocol is heavily influenced by SCSI, so many SCSI commands can be passed through with little processing. But the real advantage of this approach seems to be that it can take advantage of the existing SCSI mid-layer. The SCSI code takes care of a lot of the work, and already supports a number of needed features (such as hotplugging). For a developer who wants to make a new, "legacy free" driver for modern ATA hardware, plugging into the SCSI layer offers a lot of advantages. This is especially true for serial ATA, which presents a lot of SCSI-like handling issues.
libata is not intended to replace the current IDE layer; it makes no attempt to handle the wide range of hardware that the IDE code copes with. It could be, however, the driver that many of us end up using in a couple years or so. Sometimes you have to leave the old stuff behind and look to the future.
Too many threads?
In a discussion of problems in the current request_firmware() interface (discussed here last May), it was noted that firmware loads sometimes happen too slowly as a result of latency in the workqueue mechanism. The firmware interface uses the default workqueue, meaning that its tasks can wait an unknown amount of time behind other users of that queue. In some situations, at least, it seems that this delay can be too long. So a patch was posted which sets up a dedicated workqueue for firmware loading.Creating one's own work queue can help with the latency problems, but it also loads the system with another kernel thread for each processor. And some people are starting to get a little unhappy with the number of such threads in 2.6. They are proliferating a bit; a quick check on your editor's mighty dual Pentium 450 system (running -test3) shows some 21 of them:
2 ? SW 0:00 [migration/0]
3 ? SWN 0:00 [ksoftirqd/0]
4 ? SW 0:00 [migration/1]
5 ? SWN 0:02 [ksoftirqd/1]
6 ? SW< 0:00 [events/0]
7 ? SW< 0:00 [events/1]
8 ? SW< 0:00 [kblockd/0]
9 ? SW< 0:01 [kblockd/1]
10 ? SW 0:00 [khubd]
11 ? SW 0:00 [kirqd]
12 ? SW 0:00 [pdflush]
13 ? SW 0:07 [pdflush]
14 ? SW 0:17 [kswapd0]
15 ? SW< 0:00 [aio/0]
16 ? SW< 0:00 [aio/1]
17 ? SW 0:00 [scsi_eh_0]
18 ? SW 0:00 [ahc_dv_0]
19 ? SW 0:00 [kseriod]
142 ? SW 0:01 [kjournald]
143 ? SW 0:00 [kjournald]
144 ? SW 0:05 [kjournald]
Kernel threads are not that expensive, but they do take up some kernel memory and clutter up ps listings. Imagine what the listing would look like on a system with a large number of processors. More to the point, many of these threads are likely to be unnecessary, and that bugs kernel hackers.
As a result, there will probably be a rework of the workqueue mechanism at some point, when somebody feels motivated to do it. One possible change would be to turn the default workqueue into a thread pool of sorts; if no thread is available when schedule_work() is called, a new one is created to handle the task. Some sort of timeout mechanism would trim the threads down when the load drops. It has also been noted that many users of workqueues don't really need a thread for every processor; a single thread would be adequate for the job. An interface change allowing the creator to specify whether per-CPU threads are needed could cut down on the number of threads considerably.
Implementing changes of this nature would not be particularly difficult. Whether a rework of something as fundamental is the workqueue interface is appropriate at this stage of development is another question, however.
Any flavour you like
Just when you thought that we were safely done with the "spelling fixes" phase for this development series, out comes this patch changing all occurrences of "flavour" in the kernel to "flavor." The patch, of course, drew the usual complaints: spelling fixes are seen by many as useless code churn which breaks things and make it hard for developers to keep their patches in sync with the mainline. There also seems to be a special animosity aimed at anybody who suggests that there should be a preference in the kernel between British or American spelling.Linus actually jumped into this conversation. He agreed that, perhaps, a variable of type rpc_authflavor_t named authflavour could be confusing, but that was the extent of it.
For the most part, it would appear that kernel developers can continue to use whichever flavour of spelling they prefer.
Patches and updates
Kernel trees
Architecture-specific
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
New Releases from CRUX, Yoper
Earlier this week, two comparatively marginal Linux distributions - CRUX and Yoper announced new versions of their products. The Sweden-based CRUX project released version 1.2, while New Zealand's Yoper Ydesktop distribution moved on to version 1.1. Besides being considered minor distributions, the two projects have a few other things in common - both are essentially one-man projects, both are optimized for the i686 architecture and both have simple text-based installers and loyal supporters. But this is where the similarities end.CRUX www.crux.nu is the older of the two projects. Its development started in May 2000, although the first public release, version 0.5, was only made available in January 2001. Initially, updated versions were produced at a rapid pace, but recently the project has settled into a more reasonable release schedule of one new release every 4 - 6 months. CRUX is a free distribution developed and maintained by Per Lidén. The latest version comes with many package updates, inclusive of Kernel 2.4.21 and new additions of coreutils and GTK+.
Although CRUX is a Linux distribution developed from scratch and not based on
any other distribution, its development was almost certainly influenced by
Slackware Linux. This is apparent from its simplicity, use of BSD-style init
scripts and simple tar.gz-based package management with no resolution of
dependencies. However, CRUX departs from Slackware in two major areas - first
one is its i686 optimization, while the second one lies in the choice of CRUX
packages, especially the notable absence of KDE and GNOME desktop
environments and their libraries. Per Lidén: "
This approach has won CRUX many followers who prefer the simplicity and low
resource requirements of less powerful desktop environments over the
perceived bloat of both GNOME and KDE. The project's mailing lists are fairly busy and
several community web sites, including a CRUX Wiki, CRUX Community and a collection of
contributed CRUX Ports
have been set up by the fans of the distribution. Compared to many other
one-man projects, CRUX does have decent documentation in the form of the CRUX Handbook.
An older interview
with Per Lidén by OSNews is another good source of information about the
project's objectives.
Yoper www.yoper.com is a much
younger distribution; its first public development release was announced in
December 2002 and the first stable version - Yoper Ydesktop 1.0 was released
in March this year. The distribution is developed by Andreas Girardet and his
company, Yoper Limited. The author was interviewed
by DesktopLinux.com earlier this year and this is Andreas Girardet's reply to
a question about unique features of Yoper: "
Yoper's first official release was marred by a controversy
over what some members of the Linux community perceived as a flashy announcement, high cost of
the product and removal of older forum posts, all of which provoked heated
exchanges on the Yoper forum. However, as of early last month, Yoper Ydesktop
has been stripped of its commercial status and was turned into a
community project with users now contributing to the development of the
distribution. Yoper's latest release is available for download at no charge.
Yoper Ydesktop 1.1 comes with several interesting features. One of them is
support for Gentoo's Portage technology, which has been integrated into
Yoper, but other notable improvements include support for Kerberos and an
experimental update function for users of the previous release. GNOME 2.2 and
Evolution 1.4 are now available on the second CD, which also serves as
bootable live CD based on Knoppix. Yoper Ydesktop has been optimized for
speed and many users have reported increased responsiveness of Yoper's KDE,
OpenOffice and other large applications. On the negative side, Yoper's web
site is rather bare and it lacks detailed information about the product's
features as well as any solid documentation. It will be interesting to see
how the project evolves now that the product has been freed of its commercial
burden, or indeed, whether it survives in the long run.
In conclusion, the well-established CRUX distribution will appeal to those who
seek a lean and fast desktop/development Linux system based around
WindowMaker, while the newer Yoper Ydesktop will please those users who
prefer a highly optimized and full-featured KDE-centric Linux distribution.
Both CRUX 1.2 and Yoper Ydesktop 1.1 are available for free download from
their respective mirror sites.
I have no plans to
extend the current package collection that much since I believe the most
important things are there already. Things you can live without, e.g. GNOME,
KDE, linuxconf, etc, are never going to be included in CRUX.
WindowMaker is the only available window manager.
We are a high-performance
OS -- optimized for 686 and higher. We are not a general purpose
distribution, but a compact OS with ability to use packages from all other
major OS's with support for 'rpm', 'tgz-native', and 'deb' integrated. The
binaries we distribute are built from scratch using the latest original
'vanilla' sources. We use the best features from other operating systems and
keep installation time to under 10 minutes.
"
Distribution News
Debian GNU/Linux
The Debian Weekly News for August 12, 2003 is out. This week: Stephan Wehrheim wrote a document about installing Debian 3.0 on a Dell Inspiron 8200; Michael Singer looks at Open Source as a social movement; the removal of libraries from the archive; the Python 2.3 transition; and much more.On August 16th, the Debian Project will celebrate its 10th birthday with several parties around the globe. The Debian Project was officially founded by Ian Murdock on August 16, 1993.
The Debian community in Brazil has offered to host the next Debconf in Porto Alegre, Brazil. This looks like the beginnings of a great conference.
Gentoo Weekly Newsletter -- Volume 2, Issue 32
The Gentoo Weekly Newsletter for the week of August 11, 2003. This week looks at Gentoo Linux at Linux World Expo, also the Gentoo Documentation Project is looking for new lead Dutch translator.Red Hat Linux
Garrett LeSage posts on the redhat-devel-list about some recent Bluecurve updates, with screenshots. Looks pretty nice.An updated redhat-config-network package which fixes many bugs is now available for Red Hat Linux 9.
Hats off to Fedora package manager (NewsForge)
Joe Barr talks about Fedora in this NewsForge article. "Package management -- the way we install and maintain applications -- is a problem for many Linux users. One of the projects working on the problem is Fedora, a project that wants to be recognized as "the Debian of Red Hat.""
New Distributions
LocalAreaSecurity Knoppix
LocalAreaSecurity Knoppix is a 'Live CD' distribution based on Knoppix but with a strong emphasis on security tools and small footprint. The initial announcement for version 0.3b showed up on August 8, 2003. Version 0.4a was released August 12, 2003 with major feature enhancements. "Changes: This version adds the FluxBox window manager, and over 25 new tools including Lcrzoex, to increase the ISO size to 107MB. It includes the Damn Small Linux boot time X configuration to make it usable on old and newer hardware, switches ethereal for tethereal, and adds Nessus and Nessusd."
INSERT (Inside Security Rescue Toolkit)
INSERT (Inside Security Rescue Toolkit) is a complete, bootable Linux system. It comes with a graphical user interface running the fluxbox window manager while still being sufficiently small to fit on a credit card-sized CD-ROM. The first release we know of is v1.0, announced August 4, 2003. Version 1.01 seems to be the current release.
Minor distribution updates
Damn Small Linux
Damn Small Linux has released v0.4.3 with minor feature enhancements. "Changes: Desktop icons were added using the fantastically small XtDesktop X Window desktop icon manager."
Freepia
Freepia has released v0.3.7-pre2 with minor feature enhancements. "Changes: New features include software-based suspend to disk support, the freevo shutdown plugin, bootsplash support for bootlogos, the lirc package for serial stuff, and the ATI Remote Wonder. More keyboard layouts were added to keymaps.tgz. Large file support was added to busybox. The /etc/sysconfig parameters were changed to set freevo media directories."
Lunar-Linux
Lunar-Linux has released v1.3.2 with minor bugfixes. "Changes: gcc-3.2.3, gettext-0.12.1, openssl-0.9.7, binutils-2.14 were updated. glibc-2.3.2 and openssh-3.6.1p2 were recompiled. The /etc/init.d/mount script and /etc/devfsd.conf were updated. The lunar core tools were updated. The regular vim binary was added to /usr/bin, but no macros or help files are included."
MoviX
MoviX has released MoviX2 0.3.1pre2 with minor feature enhancements. "Changes: This version adds support to boot from USB pens."
Phrealon Linux
Phrealon Linux has released v0.90 with major feature enhancements. "Changes: This release has quite a few improvements over the 0.82 release. It has been upgraded to the 2.4.20 kernel via a new base taken from Slackware 9. PCMCIA is now supported. The CD is now ejected again."
ScummLinux
ScummLinux has released v0.3.1 with major feature enhancements. "Changes: Several important fixes and new features were added. Additional sound cards are supported, the generator was rewritten, Vorbis support was added, and the generator now supports multiple language versions of the games."
stresslinux
stresslinux has released v0.2.3 with major feature enhancements. "Changes: In this version, stress was updated to 0.18.1. OpenSSH, smartmontools, and EthStatus were added. The ISO version now uses ide-scsi to access the CDROM. Some updates to Tyan sensor configs and many new mainboards were added to the sl-wizard. Various other minor changes were made."
ThinStation
ThinStation has released v1.0. "Changes: Substantial reduction of the overall footprint. Better USB handling. The DHCP and TFTP server are now optional. New ica client. X keyboard handling in full-screen mode has been fixed, and there are a lot of other bugfixes."
Trinux
Trinux has released v0.890 with major feature enhancements. "Changes: This is the first release in nearly two years. It is built on Busybox-1.0.0pre1 and Linux 2.4.21, and includes single-floppy and 20 MB ISO boot images, but no support for PCMCIA networking yet. Numerous new/updated packages include packit, disco, tcpdump, dropbear, packetto, apache, lcrzoex, ippl, dnet, amap, openssh, wipe, tct, and more. New (but still incomplete) documentation is now available as well as a FreeDOS utility disk to ease hard drive (or compact flash) installation and booting via loadlin.exe."
Warewulf
Warewulf has released v1.13 with minor bugfixes. "Changes: Bugs in filtering the master node and some permission issues in the node filesystem have been fixed. There was a bug in the glance page of wwmon with the network utilization, and Tx/Rx traffic has been moved to separate monitors. Support has been added for non-standard kernel locations in nodebuild."
WISP-Dist
WISP-Dist has released v2624 with major feature enhancements. "Changes: Various new features and bugfixes, including the ability to get wireless statistics via SNMP and WDS support."
Page editor: Rebecca Sobol
Development
The GnuCash Project Needs Help
Benoit Grégoire has posted a plea for developer help for GnuCash, a popular open-source personal finance management application.![[GnuCash]](https://static.lwn.net/images/ns/gnucash.jpg){kind=small}
Apparently, the project developers added a few too many features too quickly, and now find themselves unable to cope with maintenance of the code and documentation.
- Lower the entry barrier for new developers.
- Build an up-to-date architecture and API reference.
- Put together a report writing HOWTO document.
- Fix some problems with the core capabilities of the GnuCash engine.
- Improve interoperability with new modules and other financial software packages.
- Improve the GnuCash developer environment and web site:
- Add search capabilities for the mailing lists.
- Open up web site write access to more developers.
- Implement a Wiki system.
- Deal with frequently asked questions more efficiently.
System Applications
Audio Projects
JACK Transport Design
A new document called the JACK Transport Design is available for JACK. "The JACK Audio Connection Kit provides simple transport interfaces for starting, stopping and repositioning a set of clients. This document describes the overall design of these interfaces, their detailed specifications are in <jack/transport.h>"
Planet CCRMA additions
The Change Log for the Planet CCRMA audio packaging project lists the latest new additions to the collection.
CORBA
omniORB 4.0.2 and omniORBpy 2.2 released
New versions of omniORB and omniORBpy, which provide a CORBA ORB for C++ and Python, have been announced. Change information is in the source code.
Database Software
PostgreSQL Weekly News
The August 6, 2003 edition of the PostgreSQL Weekly News is out with more PostgreSQL database news. "Well, I've been talking about for a few weeks now, and it has finally happened: 7.4 has gone beta! The tar ball was wrapped up Monday night, and by now should be available from your local mirror."
libgda/libgnomedb 0.91.0 released (GnomeDesktop)
GnomeDesktop.org has an announcement for libgda/libgnomedb 0.91.0. "libgda/libgnomedb are a complete framewok for developing database-oriented applications, and actually allow access to PostgreSQL, MySQL, Oracle, Sybase, SQLite, FireBird/Interbase, IBM DB2, mSQL and MS SQL server, as well as MS Access and xBase files and ODBC data sources."
Electronics
New releases from gEDA
The latest releases from the gEDA project (GPL Electronic Design Automation) include new versions of the gwave waveform viewer and the Icarus Verilog electronic design simulation language compiler.XCircuit 3.1.18 available
Version 3.1.18 of XCircuit, an electronic schematic drawing package, is available. Change information is in the source code.
Mail Software
ASSP Release 0.3.5 (SourceForge)
Version 0.35 of ASSP has been announced. "The Anti-Spam SMTP Proxy (ASSP) Server project aims to create an open source platform-independent SMTP Proxy server which implements whitelists and Bayesian filtering to rid the planet of the blight of unsolicited email (UCE). This release fixes two bugs."
Macho 0.1 released
Version 0.1 of Macho is available. "The first public release of Macho, version 0.1, has been released by Miles Egan. It is "an email web archiving system, similar in scope to pipermail or mhonarc" written in Common Lisp. Among its features are the possibility of generating standalone web archives, reasonable performance, easy navigation of generated archives and support for type-ahead navigation."
milter.org changes
New mail filter software on milter.org includes version 0.32 of milter-sender, and the initial release of MilterQuota.
Networking Tools
Quagga Routing Suite release 0.96
Initial version 0.96 of the Quagga Routing Suite, a fork of GNU Zebra, has been released. "This release contains many patches, from a variety of contributors, over the last GNU Zebra release, 0.93b (released over a year ago), in particular improving upon the OSPF protocol daemon ospfd. The 0.96 release of Quagga is a shakedown release, a prelude to releasing a 1.0 version at some (hopefully) not too distant stage in the future."
Printing
GSview BETA 4.41 available
Version 4.41 Beta of GSview, a graphical interface for Ghostscript, is available. "Main changes are a fix to prevent the X11 version crashing on startup and to improve responsiveness when displaying on a remote X11 server."
LinuxPrinting.org database addition
The latest addition to the LinuxPrinting.org printer support database includes improved docs for the Apple LaserWriter Pro 630 driver.
Web Site Development
Aegir CMS enters 1.0 feature freeze
The Aegir Content Management System (CMS) has reached the version 1.0 feature freeze. "Starting from Monday 11th we want to ask all of you to perform last bugfixes and heavy testing so that we could release 1.0 Stable on Monday 25th." Also, the licensing for Aegir CMS has been changed to the GPL.
Archetypes 1.0 Released (SourceForge)
SourceForge has the announcement for version 1.0 of Archetypes, a framework for the development of new Content Types in Zope/CMF/Plone. "This new release includes a whole bunch of bugfixes, improved FTP support for BaseContent-based objects with the new RFC822Marshaller (made default), slight UI cleaning, fixed handling of error messages on form validation."
Network programming with the Twisted framework, Part 3 (IBM developerWorks)
David Mertz continues his series on the Twisted Framework with part 3. "In the previous installment of this series, David looked at some higher-level techniques for writing Web services, including serving dynamic pages using the .rpy extension. In this article, he moves on to look at dynamic Web serving, and how to generate dynamic Web pages using the Woven application for templating pages."
Desktop Applications
Audio Applications
gmorgan-0.10 and 0.11 released
Version 0.10 of gmorgan, an organ synthesizer program with auto-accompaniement, is available. Changes include a new skin engine, new patterns, bug fixes, and more. Version 0.11 was released shortly afterward and features some bug fixes.
CAD
gCAD3D 0.72 released
Version 0.72 of a Linux-based CAD/CAM system called gCAD3D is available. "State is preliminary. Dokumentation is mainly german !" Thanks to James Feeney.
Desktop Environments
gDesklets - GNOME Desktop Applets (GnomeDesktop)
GnomeDekstop.org looks at gDesklets. "gDesklets provides an advanced architecture for desktop applets - tiny displays sitting on your desktop in a symbiotic relationship of eye candy and usefulness. Populate your desktop with status meters, icon bars, weather sensors, news tickers... whatever you can imagine!"
Scaffold 0.1 ''Bring on the scaffolding!'' (GnomeDesktop)
Version 0.1 of Scaffold has been announced. "The Scaffold team (formerly known as anjuta2) just released version 0.1 of the GNOME based Development Environment. Scaffold is a plugin-based IDE specifically designed for GNOME with the goal to provide an integrated development environment in which GNOME programs can be developed."
KDE-CVS-Digest for August 8, 2003
The August 8, 2003 edition of the KDE-CVS-Digest is out. Here's the content summary: "The Kopete developers release a new version. Kmail message threading is improved. Knode, a news reader, is integrated into Kontact. Korganizer printing gets improved. Koffice uses the new version of WvWare for MSWord import. Juk playlists are improved. Plus many bugfixes."
KDE Traffic #60
Issue #60 of KDE Traffic is online. KDE.News summarizes the contents: "Well, you asked for it and now you've got it, a very content-filled KDE Traffic has just been released. Covered items include KPilot, the KDE man page generator, a new KDE development book in the works, a new KInfocenter module for FireWire and proposed new features for KMail."
KDE Traffic #61
Issue #61 of KDE Traffic is online. The KDE.News summary says: "KDE Traffic #61 has been released, with news about KGhostview, KCalc, KRandr inclusion, Qt 3.2 requirement, KMail, KProcess, and more. Now let's just wait for everything but the kitchensync. Anyway, get it here, if you dare. Muahaha."
Financial Applications
CK-Ledger v.0.7.1 released (SourceForge)
Version 0.7.1 of CK-Ledger has been announced. "New features include traditional Chinese translation, simplified Chinese translation, Postgresql 7.3.2 compatibility, enhanced payroll generation process and enhanced email advice when HR staff action on timesheet and leave application. Other enhancements and bug fixes are also included. CK-Ledger (with 15 modules, Ledger Admin, Ledger, Bank Reconciliation, Inventory, Service, AP, AR, PO, SO, Quotation, POS for Cashier, POS for Manager, HR, Staff Self Service, Payroll) runs on top of phpGroupWare."
Games
PCGen 5.3.3 is available (SourceForge)
Version 5.3.3 of PCGen has been released. "PCGen is a Java-based RPG character generator and maintenance program that works on all platforms (Windows, Mac OS X, Linux, etc). All datafiles are ASCII so they can be modified by users, and are available through the pcgendm project. An XML conversion is underway. We're very pleased to announce that with this release we now include Sword and Sorcery's Relics and Rituals!"
New PyGame Tutorial
A new tutorial is available for the PyGame project. "Shandy Brown has been working on a large new tutorial. At this point it has become fairly mature, but is still looking for further review. Please read how Shandy describes the bigger picture of pygame game design."
Graphics
GIMP 1.3.18 Released
Version 1.3.18 of the GIMP is available. "After a hectic few weeks of pre-camp hacking there are a number of improvements that have been added recently. We decided that it was worthwhile commemorating the camp with a release. So here it is. Notably, the path tool has been improved, and we have several new edge detection algorithms available."
Gimp-Print 4.3.19 (development) (SourceForge)
Version 4.3.19 of Gimp-Print has been announced.
GUI Packages
Fl_Scope version 0.0.2 released
FL_Scope is an oscilloscope widget for FLTK, the Fast Light ToolKit. Version 0.0.2 is available.Create a VNC system with tclRFB (IBM developerWorks)
Cameron Laird writes about Virtual Network Computing (VNC) on IBM's developerWorks. "Suppose you have a graphical application running on a Linux box, and you've been instructed to port it to a Windows desktop or make it into a Web application. A nearly instantaneous answer is to feed the application display into a VNC server on the Linux host and rely on Windows- or Web-hosted VNC clients to view the application remotely. That achieves in an afternoon what might otherwise take weeks to port at the level of source code."
Interoperability
Wine Traffic #182
Issue #182 of Wine Traffic is available. Topics include: CrossOver Plugin 2.0, Linux Mag Blurb, Disney Uses Wine, Beginnings of Microsoft Installer Support, Windows API DB, and DirectX / Operation Flashpoint.
Office Applications
Evolution 2.0 weblog
For those of you interested in where Evolution 2.0 development is going, the Evolution Blog is now online. There's lots of information on development plans, along with the occasional screenshot. Among other things, it seems that 2.0 will have SpamAssassin built into it.
Video Applications
FreeFrame 1.0 Release (SourceForge)
An announcement for FreeFrame 1.0 is on SourceForge. "Well after a lot of work, we're there - public release of FreeFrame 1.0 - the new realtime video effects plugin format for VJ software. FreeFrame allows plugin developers to develop one plugin that will work in a variety of video programs. Today's FreeFrame release coincides with the release of versions of VJamm and Resolume featuring native support for the standard. We are also releasing today plugin developer kits for C++ and Pascal developers, in addition to sample host code for application developers wishing to support the standard."
Web Browsers
Epiphany 0.8.3 released (GnomeDesktop)
GnomeDesktop.org looks at the 0.8.3 release of the Epiphany lightweight web browser. This version features lots of bug fixes and language translations.Independent Status Reports (MozillaZine)
The Mozilla Independent Status Reports for August 11th, 2003 are out. "The latest set of status reports includes updates from QuickNote, JS Console, HON, SmoothWheel, the Creating Applications with Mozilla book, mozdev and MultiZilla."
Word Processors
AbiWord Weekly News
The August 10, 2003 issue of the AbiWord Weekly News has been published. "Dom announces the official calendar of releases until 2.0, while several peripherally Abi events occur. Within AbiLand, however, the Open Text Summarizer gets a dialogue, X/HTML gets extended, and just before 1.99.4, our SuSE builder and Documentation manager sod off for awhile! All that and a tutorial on how to summarise text in this week's AWN."
Miscellaneous
LilyPond 1.8 released
Version 1.8 of LilyPond, a musical engraving program, has been released. "This release is focused on internal and external cleanups: Scheme and LilyPond input can now be seamlessly mixed. Entry and layout of texts, chord names and chords has been revised and cleaned up entirely."
PasswordSafe 1.9.2c released (SourceForge)
Version 1.9.2c of PasswordSafe has been announced. "Password Safe is a password database utility. Users can keep their passwords securely encrypted on their computers. A single Safe Combination unlocks them all. Release 1.92c is available for download. This is a maintenance release, fixing a few minor annoyances".
Languages and Tools
Caml
Caml Weekly News
The August 5-12, 2003 edition of the Caml Weekly News has been published, take a look for new Caml language software.
Java
The Java Speech API, Part 1 (O'ReillyNet)
Mandar Chitnis and Lakshmi Ananthamurthy look at the Java Speech API in the first in a series of articles on O'Reilly. "Speech technology has advanced to the point where it's practical to consider speech synthesis and speech recognition in certain applications. In the first of two articles, Mandar Chitnis and Lakshmi Ananthamurthy explore JSAPI, an API for accessing various speech engines, building a simple application with speech synthesis."
JGraphpad 2.2.2.1 'Whiteboard' released (SourceForge)
Version 2.2.2.1 of JGraphpad has been released. "This release offers whiteboard functionality, can print across multiple pages, comes with two new layout algorithms and remembers file paths and window positions from previous sessions. JGraph is the most powerful, lightweight, feature-rich, and thoroughly documented open-source graph component available for Java."
Lisp
ECL 0.9b released
Version 0.9b of ECL (Embeddable Common-Lisp) has been released. "This version features much improved ANSI compliance, the new special form C-INLINE for inserting C/C++ code where a Lisp form is allowed, improved FFI support, new filesystem access functions, better code inlining, the AUTOLOAD extension, and more. Support for the Sparc/Solaris and Alpha/Linux platforms has also been added." Thanks to Paolo Amoroso.
Perl
This Week on perl5-porters (use Perl)
The August 4-10, 2003 edition of This Week on perl5-porters is available. "The bulk of the discussion, this week, was about platform-specific adjustments for the upcoming 5.8.1, and other testing feedback. However, don't miss the other interesting topics : v-strings (again), autoboxing, and the usual load of features and bugfixes."
Perl Design Patterns, Part 2 (O'Reilly)
O'Reilly has published part two of Phil Crow's series on Perl Design Patterns. "This is the second in a series of articles which form one Perl programmer's response to the book, Design Patterns (also known as the Gang of Four book or simply as GoF, because four authors wrote it)." You may want to start with part one first.
PHP
PHP Weekly Summary for August 11, 2003
The PHP Weekly Summary for August 11, 2003 is out. Topics include: 4.3.3 RC 3, PHP compiler, Java-like archive, cleaner HTML errors, imlib extension.PHP 4.3.3RC3 released
Version 4.3.3RC3 of PHP has been announced. "This is should be the last release candidate prior to the final 4.3.3 release. Please test this release as much as possible, so that any remaining issues can be uncovered and resolved." See the NEWS file for change details.
Python
Python-dev Summary
The July Python-dev Summary is available. It inaugurates a new format, and looks at the Python 2.3 release, the deprecation of string exceptions, CVS issues, startup times, and more.Dr. Dobb's Python-URL!
The August 7, 2003 edition of Dr. Dobb's Python-URL! has been sent out. Take a look for links to many Python articles.Dr. Dobb's Python-URL!
The Dr. Dobb's Python-URL for August 12, 2003 is out. Discussions covered this week include Python's supposed lack of proper Symmetric Multiprocessor scalability and much more.SPE (Stani's Python Editor)
Version 0.15 of spe, Stani's Python Editor, has been released. "Spe is a Python IDE for Blender with with syntax checking, autoindentation, autocompletion, interactive shell, call tips, locals and Blender browser, drag&drop, customizable menus and toolbar,...It requires a full Python installation and www.wxPython.org".
The Standard Python Library
Fredrick Lundh is writing an ongoing series that explores various components of the Standard Python Library.
Ruby
Ruby-GNOME2-0.6.0 Has Been Released! (GnomeDesktop)
GnomeDesktop.org has an announcement for version 0.6.0 of Ruby-GNOME2, the Ruby language bindings to GNOME. "New bindings include GnomeVFS and GtkHtml2. Integration with the Ruby-GStreamer project has also been successfully completed. A lot of new code in this version so, please, give it a good run through to weed out any bugs introduced."
Tcl/Tk
Dr. Dobb's Tcl-URL!
The August 8, 2003 edition of Dr. Dobb's Tcl-URL has been published. Take a look for the latest Tcl/Tk development news.Dr. Dobb's Tcl-URL!
The August 12 edition of Dr. Dobb's Tcl-URL is out with another week's worth of Tcl/Tk development news.
XML
Make the most of Xerces-C++, Part 1 (IBM developerWorks)
Rick Parrish writes about Xerces-C++ on IBM's developerWorks. "This two-part article offers an introduction to the Xerces-C++ XML library. Part 1 explains how to link the library into applications written in Linux and Windows. Ample code demonstrates parsing with the SAX API, and a sample application shows you how to create a bar graph in ASCII art. In Part 2, I'll demonstrate how to load, manipulate, or synthesize a DOM document, and you'll see how to create the same bar graph using Scalable Vector Graphics (SVG). C++ programmers who read these articles should be able to easily add XML parsing and processing capabilities to their applications."
Extensible 3D: XML Meets VRML (O'Reilly)
Len Bullard writes about X3D on O'Reilly. "The Virtual Reality Modeling Language is very much alive and being used to solve real problems. In this article, we will examine the new VRML standard, Extensible 3D (X3D), as well as software and other resources available to support it. Examples and a short tutorial on the new X3D XML-format are provided."
New and Improved String Handling (O'Reilly)
Bob DuCharme shows some techniques for dealing with strings using XSLT 2.0. "In my June column last year, I discussed XSLT 1.0 techniques for comparing two strings for equality and doing the equivalent of a "search and replace" on your source document. XSLT 2.0 makes both of these so much easier that describing the new techniques won't quite fill up a column, so I'll also describe some 1.0 and 2.0 functions for concatenating strings."
IDEs
Boa Constructor - 0.2.6 in CVS (SourceForge)
Version 0.2.6 of Boa Constructor, a cross platform Python IDE and wxPython GUI Builder, has been announced. "Since the 0.2.3 release, the following major features were added (and are available in CVS): Sizers; Support for sub-menus and separators; Alternative image handling with wxPython.tools.img2py modules; Support for BicycleRepairMan; Help projects; and Improved plug-in preferences/settings handling."
Miscellaneous
Advanced Weblications with SashXB (IBM developerWorks)
Wing Yung writes about SashXB on IBM's developerWorks. "This article is intended for developers who are familiar with SashXB. It covers several advanced topics, such as callbacks, GTK widget manipulation, and the use of several common SashXB extensions, using code examples from an LDAP-based Intranet directory navigation and search tool written for SashXB. In an earlier article, John Corwin and I gave an introduction to the architecture and use of SashXB, an open source, Linux application environment that gives JavaScript programmers access to native functionality."
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Linux's lucky lawsuit (National Post)
This National Post column says that the SCO case is a good thing for Linux. "Open-source advocates are outraged at the audacity of the lawsuit. They should instead be thankful. Linux must inoculate itself against the nasty legal toxins that are endemic in the corporate environment. And if we were to perversely pick a poison, the SCO suit has a lot going for it. SCO is strong enough to provoke a strengthening of Linux's defences but not so strong that it poses any real danger."
Open Source "State of the Union" address
Bruce Perens has sent in the notes from his Open Source "State of the Union" speech at the LinuxWorld Conference, where he discussed the SCO case. "What would the Free Software developers ask for damages? The only salable asset of SCO, the Unix copyrights. This is something that Red Hat or others who sue SCO could ask for, as well. Now, we already own a superior product to any SCO Unix that has ever been shown, so we don't consider this an extremely valuable asset. But it would be a suitable close to the SCO story for the Unix copyrights to be transferred to the Free Software Foundation."
Trade Shows and Conferences
KDE at LinuxWorld Expo San Francisco Report
Here's a look at LinuxWorld from the KDE booth, with pictures. "Users were continuously impressed by KDE, for obvious reasons. But easily the most often-asked question was "What the latest version is" (3.1.3), and the cool new features in the upcoming KDE 3.2."
Red Hat CEO Rallies Open-source Troops At LinuxWorld (TechWeb)
TechWeb covers the LinuxWorld keynote by Red Hat CEO Matthew J. Szulik. "Keynote attendees showered applause on Red Hat's Szulik as a defender of the cause at LinuxWorld where some developers prowled the show floor selling T-shirts with logos deriding SCO.Szulik took the high ground in his keynote referring only twice, indirectly, to the SCO suit. "At a time when our conversation was framed around technical improvements we have devolved to speak about litigation," Szulik said. "You should be able to look at source code without fear of being arrested," he added later, sparking wild applause."
Pundits analyze state of open source (NewsForge)
NewsForge examines a roundtable discussion that was held at LinuxWorld. "A roundtable of analysts from Forrester, DH Browne, Gartner, and IDC pondered the state of Linux and open source before a large audience at LinuxWorld Conference & Expo Wednesday. The consensus: Lack of a few key components make Linux a weaker alternative than it might be."
Linux Robot: Could Be A Hero, Could Be A Toaster (TechWeb)
What Linux trade show would be complete without a robot that runs Linux? InformationWeek takes a look at the Centibots. "At LinuxWorld in San Francisco this week, scientists from SRI International's Artificial Intelligence Center demonstrated Linux-based robots that can search for objects and people in environments unsafe for rescue workers, such as the site of a chemical spill or an earthquake-damaged building. The research project is sponsored by the U.S. Defense Advanced Research Projects Agency. Linux was chosen for the robots, called Centibots, because they require a small, reliable operating system that has drivers for a variety of devices, can be automatically installed, and have a journaling file system, says Regis Vincent, a scientist with the nonprofit research institute."
Def Con 0xB (Linux Journal)
Here's the Darth Elmo Def Con Dispatch from Linux Journal. "Def Con, of course, is the biggest and best annual hacker convention in the US. Def Cons take place in Las Vegas, Nevada, and span a three-day weekend in early August or late July. The convention is attended by thousands of information security professionals, hackers of all shapes and UNIX affiliations, law enforcement officers both federal and not, and journalists both clueful and clueless. Def Con is part security convention, part family reunion, part flea market and 100% party. This year's Def Con, the eleventh, didn't disappoint in the fun or socializing departments, and it delivered pretty well on interesting ideas and discourse, too."
Companies
HP to take care of Unix, Linux and Windows with Nimbus (Register)
The Register examines the Nimbus project from HP. "According to the docs, HP has started calling on its user base to begin beta-testing the Nimbus software. The app set is basically a souped up version of Insight Manager that lets administrators manage Unix, Linux and Windows servers from one place."
IBM files countersuit against SCO, SCO shares drop (Reuters)
IBM has filed a countersuit against SCO, according to this Reuters article. "IBM, in its countersuit filed in federal court in Utah, alleged SCO had breached the general public license for Linux and infringed on IBM patents, according to the court documents. SCO is based in Lindon, Utah. SCO shares, which have gained sharply from about $3 since it announced its suit, fell $1.27, or 10.6 percent, to $10.73 in morning Nasdaq trading. IBM gained 42 cents to $80.13." (Thanks to Robert Steinfeldt).
Big Blue files counterclaims against SCO (News.com)
News.com has some info on IBM's countersuit. "IBM said that four SCO software packages violate four of IBM's patents. The patents cover a data compression technique, a method of navigating among program menus using options arranged in a graphical tree, a method for verifying that an electronic message was received and a method for monitoring computing systems linked in a cluster." Most people will certainly welcome a counterstrike from IBM, but the deployment of software patents to shut somebody down is always a bit of a cause for concern.
SCO vs. the Linux worldÂ…what's a Linux user to do? (ZDNet)
ZDNet is running a column by lawyer Thomas Carey on SCO's case. "Any plaintiff complaining that it is being injured by wrongful conduct has a duty to mitigate its damages. In order for SCO to assert claims against Linux users, it has to take reasonable steps to lessen the harm that it is suffering. This means giving Linux users the opportunity to remove the infringing code from Linux. SCO's refusal to identify the Linux code in question is hard to defend." This is a good article to show to worried bosses.
SCO not exactly the lovable little guy (Salt Lake Tribune)
The Salt Lake Tribune is carrying a Wall Street Journal article on the SCO affair. "SCO says it won't identify all the infringing code in Linux because Linux developers would quickly replace it. But isn't that exactly what someone alleging a legal injury should, for starters, want -- to stop being injured? Damages for past injuries can always come later. Or maybe SCO knows that if it laid out its cards, people would just walk away from the table laughing at its hand -- rather than pay a license fee." The Tribune also has an article on insider trading of SCO shares.
SuSE backs rival Red Hat in SCO fight (vnunet)
Vnunet reports that SuSE backs Red Hat against SCO. "In an official statement, SuSE said: "We applaud [Red Hat's] efforts to restrict the rhetoric of the SCO Group, and the fear, uncertainty and doubt which they are trying to instil.""
Lindows continues its PC push (ZDNet)
ZDNet looks at the latest hardware offering from Lindows.com. "The company, best known for its consumer-oriented version of the Linux operating system, on Thursday launched a $449 desktop computer with a flat-panel monitor. It's the second such announcement from Lindows in just a few weeks."
SuSE Supports RedHat's Open Source Initiative
SuSE has put out a press release, stating that it stands behind Red Hat in the SCO case. "SCO has already been halted in Germany and we applaud Red Hat's actions to help end their activities in the US -- and beyond. We applaud their efforts to restrict the rhetoric of the SCO group -- and the FUD they are trying to instill -- and will determine quickly what actions SuSE can take to support Red Hat in their efforts."
Making Linux more gadget-friendly (News.com)
News.com reports that TimeSys has joined the CELF. "TimeSys, a seller of Linux designed to be embedded into various computing devices, has joined the Consumer Electronics Linux Forum, and its competitor, MontaVista Software, plans to announce a similar move next week."
Navy to draft Linux-powered Macs (News.com)
News.com reports on the sale of 260 Apple Xserve servers to the US Navy by Terra Soft Solutions. "Terra Soft Solutions said the machines will be used as part of a sonar imaging system that defense contractor Lockheed Martin is building for the Navy. Rather than using the Mac OS, the Apple servers will run Terra Soft's Yellow Dog Linux operating system."
Linux Adoption
The penguin road patrol (smh.com)
SMH.com has published an article that describes a linux-based video road inspection system that is being used to map road defects in Australia. "What Viner and his team have ended up with today is a system that uses Linux to run five video cameras from the same kind of van used as an ambulance. It is all done at a speed ranging from 80kmph to 100kmph. The cost of the annual survey has, in the process, fallen from $1.2 million to $850,000. And the system which was devised has so far generated about 1.3 terabytes of video footage with few problems."
Oracle's Infrastructure Now Fully Linux-ized (TechWeb)
TechWeb looks into Oracle's conversion to Linux. ""We run our business on Linux," Rozwat said at the LinuxWorld conference in San Francisco on Wednesday. "If you look at any IT company, Oracle is by far the leader at running Linux." Oracle chose the platform because of its strengths in security, scalability, and performance, he said. In the coming year, Oracle will move its base development platform to Linux, including putting the open-source operating system on the workstations of 8,000 developers."
Usability Study: KDE Suited for Corporate Desktop
KDE.News covers a Linux Usability Report that was performed by Relevantive AG. "The study is based on a broad test conducted with 60 people who had previous Windows knowledge but had never used Windows XP. For comparison, 20 other people were asked to try Windows XP for the first time. Both are possible migration scenarios as support for Windows NT is being dropped. The study is independent, as it was conducted without a client order."
Indian software developers adopt Linux
ZDNet is carrying a Reuters article on increasing adoption of Linux in India. "About 10 percent of India's personal computers will be sold with Linux rather than Microsoft operating systems by March, 2004, says Linux distributor Red Hat, up from nothing in January. Besides the switch of desktop operating systems to Linux, analysts say the bigger worry for Microsoft is the growing use of Linux among India's pool of an estimated 400,000 software developers, many of whom churn out code for giants such as General Motors and American Express."
Legal
GPL may be unenforceable under German law (InfoWorld)
InfoWorld reports on a study that claims that the GPL may be unenforceable under German (or perhaps EU) law. The main issue seems to be with the warranty disclaimers. "Regarding such legal principles as liability and warranty, the GPL clauses have absolutely no legal validity. Under the license, developers and distributors of open software are not liable for any problems with their products. The GPL avoids any wording that could imply liability. Such a license is simply unenforceable under German, or even European Union law for that matter." As the article notes, the study was performed for a closed-source lobbying group. (Thanks to Yusuf Goolamabbas).
Interviews
Mad as hell and not going to take it (News.com)
News.com interviews Red Hat CEO Matthew Szulik on the topic of the SCO suit. "We would like very much to see the court system provide the facts as soon as possible. We just want to know the truth. Let the facts be put on the table so they can be dealt with honestly. That's the goal. We want to see this resolved as fast as possible."
'Maddog' Bullish on Open Source (eWeek)
eWeek has posted an interview with Jon "Maddog" Hall. "I talk a lot with governments, for the most part industry has gotten it. The next really big scene will be the bulk of the independent software vendors [ISVs], and what they'll have to do to meet that marketplace. At the same time, there's a large group of the mom-and-pop businesses I call the "great unwashed." We're trying to interact more with local user groups and give them the marketing ammunition to go out and talk to business, educators and government."
George Staikos on Linux Drivers and KDE (LinMagAu)
In this LinMagAu article John Knight interviews George Staikos about the state of video and audio drivers for Linux. "Linux users need to demand drivers or hardware documentation for the hardware they buy, or do what they have a right to do - buy elsewhere. Promote the competitors' products. I think we've seen this repeatedly in the Linux world already. More Linux users demanding open specifications or drivers will mean more drivers in the end. Eventually it will become profitable." (Found at KDE.News)
Novell's Stone: NetWare's Linux future (ZDNet)
ZDNet talks with Novell vice-chairman Chris Stone about Linux, NetWare, Ximian, and more. "Mono is great. I like the idea very much of being able to run .Net applications on Linux and recompiling things written in C# to run on Linux. We will become a big advocate for Mono. I hope Microsoft views it as a good thing."
Government, ICT and Open Source Software in South Africa (OpenSector)
OpenSector talks with Nhlanhla Mabaso, the Open Source Manager at the South African Council for Scientific and Industrial Research (CSIR). "A question was recently asked on one of the mailing lists about the possibility of Nigeria's elections being conducted on an OSS platform. This raises important questions about the transparency of election processes. Will citizens, in the future, be content with a major company, aligned to some political parties, having their results counted on this company's software without being able to freely audit the software used?"
Resources
Animation in SDL: Hardware Surfaces (O'ReillyNet)
Bob Pendleton discusses SDL on O'Reilly. "SDL, the cross-platform multimedia toolkit, is powerful enough to have brought over 40 commercial games to Linux. It's also portable enough to run just about anywhere that has graphics and an operating system. In the second of a series of articles, Bob Pendleton demonstrates how to use hardware surfaces in your SDL programs."
Ultimate Linux Box: A Work in Progress (Linux Journal)
The Linux Journal continues the long process of building the 'ultimate Linux box'. "Well, I tried what passes for a downloadable x86_64 distribution. It shall remain safely nameless, to avoid embarrassing the vendor. I couldn't get X to run at all. A lot of stuff was broken. In short, it was totally unsuited to be associated with the Ultimate Linux Box. So we're going with SuSE, and pay the price for being on the leading, bleeding edge."
An introduction to open computing, open standards, and open source (IBM)
IBM's E-Zine, the Rational Edge has an introduction to all things open. "The IT industry is going through major changes. New concepts in technology, such as Web services and grid computing, are opening the door to tremendous opportunities for taking e-business to the next level of profitability. The potential of these technologies to transform business is truly remarkable, and open standards and open source software will play increasingly critical roles in this new world".
Miscellaneous
Opinion: Reasons To Shun Open Source-ry (TechWeb)
Rob Enderle strikes again on TechWeb. "The SCO lawsuits, at the very least, show that discovery is incredibly easy with an open source product. In order to sue for intellectual property violations, you often have to get your hands on the source code of the defendants' products. That requires convincing a court to force the defendant to turn over the source code in a process called "discovery"; that process can be difficult. The pain associated with getting hold of proprietary source code is one of the things that limits intellectual property lawsuits for commercial software. But with open source software, the code is already available, out in the open." You have to admire the honesty of it: the risk with free software is that plagiarism is easier to discover.
Page editor: Forrest Cook
Announcements
Commercial announcements
Comdex and open source
The Comdex organizers have put out a press release on how open source will be one of the big themes in the newly reworked Comdex event (happening November 16-20). There are a number of related activities, mostly aimed at a relatively elementary level.Lycoris Tablet OS on Toshiba Tablet PCs
Lycoris has announced the launch of De-Tablet, an integrated Toshiba Portege Tablet Platform running Lycoris Desktop L/X Tablet Edition.Metrowerks Executive Elected to Leadership Position with ELC
Metrowerks Corporation has announced that its CTO and Vice President, Berardino Baratta has been elected to the Embedded Linux Consortium's board of directors.Metrowerks Adds Linux Kernel-Level Debugging Capabilities
Metrowerks has announced kernel-level debugging capabilities to its line of development tools for Linux environments with CodeWarrior Development Studio, ARMR ISA Edition for Linux Platform Development, Version 2.0.TimeSys Joins CE Linux(R) Forum
TimeSys Corporation has announced its membership in the CE Linux Forum (CELF). "TimeSys(R) Corporation, a leader in embedded Linux(R) and development tools for embedded systems, announced today that it has joined the CE Linux Forum (CELF), an industry group that is focused on the advancement of Linux as an open source platform for consumer electronics devices."
Synergy Silver CAD/CAM for Linux
Weber Systems, Inc has announced a version of their Synergy CAD/CAM system that is available for Linux. Thanks to James Feeney.
Resources
International PHP Magazine
A publication known as International PHP Magazine is now online. Take a look for ongoing discussions of PHP and related technology.
Upcoming Events
AUUG 2003 Conference
The Australian UNIX and Open Systems User Group will hold the AUUG 2003 conference in Sydney, Australia from August 31 - September 2, 2003. "The conference will be in Sydney, at the Duxton Hotel, Milsons Point. on 3-5 September. Tutorials will be conducted prior to the conference on 31 August to 2 September."
Third International Ruby Conference
Proposals are being accepted for the Third International Ruby Conference. The event will be held in Austin, Texas from November 14-16, 2003. Presentations are due on August 20.Events: August 14 - October 9, 2003
| Date | Event | Location |
|---|---|---|
| August 18 - 21, 2003 | New Security Paradigms Workshop 2003(NSPW 2003) | (Centro Stefano Francini)Ascona, Switzerland |
| August 22 - 30, 2003 | KDE Developers' Conference | (Zamek Castle)Nove Hrady, Czech Republic |
| August 27 - 29, 2003 | International Conference on Principles and Practice of Declarative Programming(PPDP 2003) | (Uppsala University)Uppsala, Sweden |
| August 31 - September 2, 2003 | AUUG 2003 Conference | (Duxton Hotel)Sydney, Australia |
| September 3 - 4, 2003 | LinuxWorld Conference & Expo (Cancelled) | (The NEC)Birmingham, UK |
| September 8, 2003 | Boundaryless Information Flow: Open Source in the Enterprise | (Hilton London Paddington)London, UK |
| September 11 - 12, 2003 | Python for Scientific Computing Workshop(SciPy'03) | (CalTech)Pasadena, CA |
| September 15 - 18, 2003 October 7 - 8, 2003 | LogOn Web Days | Across Europe |
| September 15 - 18, 2003 | Embedded Systems Conference(ESC) | (Hynes Convention Center)Boston, Mass |
| September 26 - 27, 2003 | Third DZUG-Conference | Paderborn, Germany |
Web sites
New ALU web site announced
The Association of Lisp Users has launched their new web site. "The new site contains more information about the ALU, its conferences and activities, and how to become a member. It also provides a Lisp resources section."
BMC to unveil Linux Web site (News.com)
News.com reports on a new web site from BMC Software that focuses on Linux. "Management software company BMC Software will unveil a Linux-focused Web site called LinuxValue.com on Monday as part of an attempt to accelerate adoption of the operating system, the company said. The site will include news stories, interviews, tips, case studies, analyst views, book reviews and other information."
Computers for India (OpenSector)
OpenSector takes a look at the Computers for India site. "Computers for India is a forum for knowledge sharing and collaboration between community organizations in the United States and India, with a focus on schools and community Internet centers in India. The site includes best practices information, including guidelines for choosing between open source and proprietary software."
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Page editor: Forrest Cook
Letters to the editor
SCO, Linux and the GPL
| From: | ketil@ii.uib.no (Ketil Z. Malde) | |
| To: | letters@lwn.net | |
| Subject: | SCO, Linux and the GPL | |
| Date: | 08 Aug 2003 13:03:00 +0200 |
Hi,
Don't you lose the rights granted by the GPL if you don't abide by its
terms? Say, if you redistribute a GPL'ed piece of software on the
condition of a per-CPU license fee from all users, don't you lose the
right to use said piece of software?
>From the GPL:
| 4. You may not copy, modify, sublicense, or distribute the Program
| except as expressly provided under this License. Any attempt
| otherwise to copy, modify, sublicense or distribute the Program is
| void, and will automatically terminate your rights under this
| License.
If somebody were to distribute or sublicense, say, the Linux kernel in
a non-compliant way, could they still legally run their web server on
Linux?
http://uptime.netcraft.com/up/graph/?host=sco.com
-kzm
--
If I haven't seen further, it is by standing in the footprints of giants
SCOs IP Chart?
| From: | Greg Wilkins <gregw@mortbay.com> | |
| To: | letters@lwn.net | |
| Subject: | SCOs IP Chart? | |
| Date: | Wed, 13 Aug 2003 19:26:45 +1000 |
SCO publishes a chart of the Unix IP as they see it: http://www.sco.com/scosource/unixtree/unixhistory01.html The interesting thing here is that they show at least two arrows from linux to UnixWare and no arrows going the other direction. So this chart shows that something from linux 2.2.16 and something from linux 2.4.0 test1 was contributed to UnixWare. I'm wondering how this was done considering the terms of the GPL? -- Greg Wilkins<gregw@mortbay.com> Phone/fax: +44 7092063462 Mort Bay Consulting Australia and UK. http://www.mortbay.com
Page editor: Jonathan Corbet