LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for October 23, 2003Bernstein wins, sort ofNot with a bang, but a whimper. That's how Daniel Bernstein's fight with the federal government over cryptography regulations has wound to a close. It is an unsatisfying end to the eight years of court battles over the constitutionality of export restrictions on cryptography.Bernstein may be better-known to the community as the author of qmail, djbdns, ezmlm and a number of other popular (if not quite free) packages. Bernstein, now an associate professor in the department of Mathematics, Statistics, and Computer Science with the University of Illinois, first filed suit against the Department of State in 1995. Before the first suit was filed, Bernstein was a PhD candidate working in the field of cryptography at the University of California at Berkeley. Bernstein had produced "Snuffle," a private-key encryption system and requested a decision in June, 1992 from the Department of State as to whether the source code could be published on the "sci.crypt" newsgroups. The response was that Snuffle was a "defense item" and Bernstein would need licenses for export of Snuffle. After additional correspondence over the next three years, Bernstein and the Electronic Frontier Foundation filed suit against the Department of State and a number of individuals. Bernstein argued that the International Traffic In Arms Regulations (ITAR) requiring licensing for export of cryptographic software were unconstitutional. The Bernstein case produced a landmark ruling that recognized code as a form of speech. The Department of State asked Judge Marilyn Hall Patel to dismiss the case, arguing (among other things) that export controls on encryption software do not constitute a prior restraint of free speech. Patel, in refusing to dismiss the case, issued an opinion in the case that source code is to be protected as speech under the First Amendment:
This court can find no meaningful difference between computer language,
particularly high-level languages as defined above, and German or
French...Like music and mathematical equations, computer language is
just that, language, and it communicates information either to a
computer or to those who can read it...For the purposes of First
Amendment analysis,
this court finds that source code is speech.
Patel's ruling was the first that recognized source code as speech with regards to consideration under the First Amendment. Courts had previously recognized code as something that could be protected under copyright law, but not as communication to be protected under the First Amendment. Eventually, Bernstein won his case against the Department of State, with Patel agreeing with Bernstein in 1996 that the regulations were unconstitutional. The victory, however, was short-lived. Regulation of encryption shifted from the Department of State under ITAR to the Commerce Department and a new set of regulations, the Export Administration Regulations (EAR). Bernstein challenged EAR, and Patel also found that the EAR was unconstitutional and enjoined the Department of State and the Commerce Department from enforcing it. The government appealed and the Ninth Circuit upheld Patel's decision, finding that "encryption software, in its source code form and as employed by those in the field of cryptography, must be viewed as expressive." After failed appeals, the government changed the regulations and the case was remanded back to Patel. Instead of requiring Bernstein or other crypto researchers to acquire a license for every viewer of the information, the government now wanted encryption items sent to the Bureau of Industry and Security (BIS) for export approval. However, the changes in EAR were still not satisfactory to Bernstein or the EFF, and the legal battles continued. Unfortunately, in the U.S. judicial system, it is apparently not enough to merely show that a particular law may be unconstitutional. One must also show that the law in question may be used against you. Patel dismissed Bernstein's case against the Department of Commerce on July 28 of this year for lack of standing. Patel also dismissed Bernstein's case against the Department of State last week, after the Bush administration said it would not attempt to enforce some of the encryption export regulations. Though Bernstein seems safe from prosecution, at least at the moment, the problem is that the export regulations remain on the books. There is nothing stopping the government from prosecuting others for violation of EAR at this time. Anyone seeking to export "encryption software" to any country other than Canada must seek a license from the Commerce Department, barring encryption software used for "authentication or digital signature" functions alone. Since this includes any distribution of software online, and even "technical assistance" with the development of encryption software subject to EAR, the EAR restrictions continue to pose at least a potential threat to open source developers working with encryption in the U.S. Violations of EAR could result in fines of up to $250,000 or ten years in prison, so the threat is not one to be taken lightly. While it would be nice to believe that the regulations will be unenforced, it would have been a much better result if Bernstein could have succeeded in having them thrown out entirely. For now, we will have to settle for a partial victory.
The EU Open Source Migration GuidelinesThe European Union Interchange of Data between Administrators project has (with the help of NetProject) published a document on how to migrate over to open source software. This document is available as a 148-page PDF file.Much of this document will seem like basic common sense to many readers. Remember, however, that the target readership is high-level management, and one should not make too many assumptions with that crowd. Thus, for example, we have suggestions like "have a clear understanding of the reasons to migrate," "start with non-critical systems," and "ensure that there is active support for the change from IT staff and users." All of which is undoubtedly good advice. The guidelines repeatedly suggest that, even if no changes are foreseen in the near future, it is still a good idea to avoid doing things that would make such a change harder in the future. Thus, web pages should be written to work with all browsers, excessive use of scripts and macros in documents should be avoided, standard file formats should be used, etc. This suggestion, by itself, would make life a lot easier for many people even if they never switch to free software. The guidelines make specific suggestions for software to migrate to. These include OpenOffice.org (best Office replacement, can run on Windows), Evolution, Galeon (or Mozilla if it has to run on Windows too), MySQL, Exim (Postfix is "an acceptable alternative"), PhpGroupWare, Apache, and Zope. The report recommends GNOME over KDE ("netproject considers that [GNOME] has a better architecture and believes it has a better future"). A great many migration scenarios are provided; here the guidelines begin to resemble a system administration book. If you are looking for instructions on how to export your Access data for ingest into MySQL or how to convert your Word templates, this document has something for you. As a general rule, the information provided will not be sufficient for those who do not already have some expertise in making this sort of transition. It does, however, show that the transition is possible and highlight some of the potential pitfalls. The document concludes with 50 pages of appendices. There is a lengthy list of available case studies, a detailed description of how mail systems are put together, some fairly useless tables of package versions, a Red Hat kickstart file for installing systems using the French language, and a glossary. The Open Source Migration Guidelines may well prove to be a useful document for managers trying to plan (or decide on) a change to free software in their organizations. Its real value, however, may be found in a different area. What the Guidelines provide is a convincing demonstration that this transition can be done, and that the required tools exist. And that may be what many people pondering free software need more than anything else.
Catching up with SCOThere have been a few developments in the SCO case over the last week or so; time to check in and see what they are up to.Much noise was made about the $50 million equity investment that the company received. This money was presented as being from BayStar, a venture capital firm. In fact, BayStar was the minority investor, having put in $20 million. The rest came from the Royal Bank of Canada. This is not a straightforward equity investment. The investors will be getting "Series A convertible preferred stock," which brings no voting rights. The holders of the stock do, however, get veto power over a number of possible corporate actions, including taking on large debts or sales of assets. The preferred stock can be converted to common stock at $16.93/share whenever the investors wish. The investors can also force SCO to buy back the stock (with cash) under certain conditions, including delisting of the stock or financial problems that suggest bankruptcy is near. After one year, SCO must pay an 8% dividend on the preferred stock; that dividend goes up 2% per year to a maximum level of 12%. Starting next year, SCO will have to come up with $4 million in cash flow to service this dividend requirement. In summary, SCO has tied itself to an investment scheme that is rather more expensive than a straightforward stock issue would have been. For those who are interested, the full agreement is online at the SEC. Meanwhile, in the courtrooms, the story is mostly one of motions going back and forth. The company has submitted a new brief in support of its motion to dismiss the Red Hat suit; this brief has been analyzed in great detail over at Groklaw. Suffice to say that PJ was not particularly impressed. We'll not duplicate the analysis on Groklaw, but there is one paragraph (from the opening page) which is worthy of note:
Red Hat, despite the complete absence of any ownership rights
whatsoever in the Linux kernels, seeks a declaration that these
Linux kernels do not infringe SCO's intellectual property rights.
Similarly, Red Hat seeks redress based upon Lanham Act and state
law claims, despite the fact that the Linux kernel is provided to
any and all comers for free. This lack of ownership, combined with
a careful review of complete quotations and accurate statements of
law, makes clear that Red Hat's claims must fail.
A quick grep through the kernel source turns up an awful lot of Red Hat copyright statements. Red Hat indisputably has ownership rights in the Linux kernel. The fact that the relevant code has been placed under a license that allows free redistribution under certain conditions does not change that fact. What is going on here is that the SCO Group, despite its ongoing bluster about intellectual property rights, is trying to deprive those who have contributed to the Linux kernel of their rights. This denial of Red Hat's rights goes along with SCO's attacks on the GPL. SCO would like nothing better than to invalidate all rights on the kernel - except, of course, those it claims to own itself. As long as others have rights to the kernel and the GPL holds, SCO cannot make a serious go at a general Linux tax. The court records in Delaware show that SCO has filed to change its legal representation in the Red Hat case. Such a change in the middle of an ongoing case is generally unexpected. According to Groklaw, SCO is using some of its BayStar money to trade up to a higher-class, better-connected law firm. In Utah, SCO is trying to fight (or at least delay) IBM's "motion to compel" the company to disclose the exact nature of its claims. From IBM's latest filing opposing a request from SCO for a delay:
There is nothing for SCO to say in response to IBM's motion except
that it will provide all of the information IBM has requested. As
stated in IBM's motion, SCO does not claim the right to withhold
responsive information based on any of its boilerplate objections
to these interrogatories. By contrast, further delay will compound
the prejudice imposed upon IBM by SCO's delay of more than three
months. This case has been pending more than seven months, and SCO
has still failed to disclose what its claims are about.
Again, see Groklaw (where else?) for the details. SCO has a new agreement with Boies, Schiller & Flexner, the law firm representing it in the IBM case. The company's recent 8K filing describes the new deal:
As part of this modification, which is subject to a definitive
agreement, the law firm would receive a contingent fee of 20
percent of the proceeds from certain events related to is
protection of SCO's intellectual property rights, including certain
licensing fees, settlements, judgments, equity financings or a sale
of SCO during the pendancy of litigation or through settlement,
subject to certain agreed upon credits for amounts received as
discounted hourly fees or prior contingency payments. In addition,
this modification may result in the payment to such law firm of up
to $1,000,000 and the issuance of up to 400,000 shares of SCO's
common stock.
In other words, Boies et al. are no longer willing to work for a straight contingency deal. The 20% fee could yet be lucrative - it is not clear whether it includes the $50 million from BayStar and RBC - but Boies is now getting $1 million and almost $7 million worth of stock as well regardless of the outcome of any litigation. SCO's lawyers win whether its client does or not. The 8K filing also notes that Microsoft has pumped another $8 million worth of "licensing fees" into SCO. SCO has backed down from its threats to "cancel" SGI's Unix license. At the latest conference call, Darl McBride noted that SCO was happy with the (about 200 lines) of code that SGI has removed from the kernel; he seems to have stopped talking about the XFS filesystem. Mr. McBride also, in response to a question, stated that SCO did not have any other Unix vendors in its sights. He did, however, make a rather chilling statement about SCO's several thousand end-user Unix licensees. There is, apparently, something in those contracts which makes those users - if they also use Linux - look like especially tempting targets. SCO remains a good company to avoid signing contracts with.
Time for another Europatent pushAs described in this FFII alert, the software patent proposal recently voted in the European Parliament may yet get pushed aside. "If UK ministers cannot be convinced otherwise before 10 November, it is believed they will push for the Council to adopt a November 2002 draft text, which is even worse than the infamous McCarthy report. The European Parliament's rules for second reading make it very difficult for MEPs to fix a bad text from the Council." There will be a meeting of "patent officials from across Europe" held on October 23 to work out the next steps for the establishment of software patents in Europe. FFII is requesting that everybody who can contact their (national) Parliament members to help them understand why software patents are a bad idea. This battle is not yet over. (Thanks to James Heald)
Security Brief items Blocking forgeries and spam with SPFAnybody who has spent any amount of time dealing with spam (i.e. just about anybody with an email address) knows that a great deal of it comes with forged return addresses. Email worms attacking certain proprietary systems also have a habit of generating mail with fake return addresses. If there were a way to filter out mail with bogus sender addresses, a great deal of spam and other unpleasant mail could be automatically removed from our mailboxes.A technique called "Sender Permitted From" (SPF) is being readied to attempt to make this sort of filtering possible. Those looking for details can find them in the draft RFC, but the core concept is simple: the DNS database for each domain should be augmented with information on which systems are authorized to originate email for that domain. This information is added as a DNS "text" record, so no changes to the DNS protocol are required. So, for example, the DNS zone file for a domain which never, ever sends mail could be made SPF-compliant by adding one line:
example.com IN TXT "v=spf1 default=deny"
The "v=spf1" portion indicates that this is an SPF version 1 entry, and the rest says to deny all mail from that domain. In most interesting cases, however, people will want to be able to send mail from a domain. So the SPF entry must be modified to tell mail recipients which systems can send mail for the domain. The simplest way of doing that, perhaps, is to simply state that the domain's MX servers can originate mail:
example.com IN TXT "v=spf1 mx default=deny"
There are, of course, many ways of specifying, in great detail, exactly which systems can legitimately send mail for the domain of interest; see the RFC for details. None of this will work until receiving systems perform SPF tests, of course. One of the nice features of SPF is that the check can be done before the body of a message is received. If the message will be filtered, this filtering can be done at the SMTP level and a meaningful message returned to the sender - if, indeed, there is a real sender. Patches exist for a number of MTAs now; expect more as the SPF specification solidifies. There are also plans to add SPF support in other places; apparently SpamAssassin 2.70 will support it, for example. SPF certainly will not solve the spam problem; spammers will just use domains that lack SPF information, open relays, or throwaway domains of their own. But it does place one more obstacle in their way, and will doubtless reduce the flow somewhat. The real value of SPF may be in its ability to make the forgery of email more difficult. In a fully SPF-compliant world, Linux users would no longer be flooded with "virus notifications" every time a new worm starts digging through peoples' address books. A dedicated attacker would probably still be able to forge email from a specific victim, but the days of easy, casual forgery would, one hopes, be over. And that is worth something.
New vulnerabilities fetchmail may crash on specially crafted message
fileutils/wu-ftpd: denial of service
gdm: local attacker may crash or freeze gdm
ircd: denial of service vulnerability
Updated vulnerabilities 2.4 kernel - several vulnerabilities
apache2: Denial of Service vulnerability
ethereal: security problems in Ethereal 0.9.12
Filename disclosure vulnerability in fam
fetchmail: buffer overflow
glibc - buffer overflow
glibc: DNS stub resolvers contain buffer overflow vulnerability
gnupg: key validation
gtkhtml: malformed messages cause crash
KDE: Two issues in KDM
kernel-utils: setuid vulnerability
libpng, libpng3: buffer overflow
mikmod: buffer overflow
mplayer: remotely exploitable buffer overflow vulnerability
Nessus NASL scripting engine security issues
net-snmp: denial of service vulnerability
nfs-utils xlog() off-by-one bug
openssh: timing attack leads to information disclosure
openssl: vulnerabilities in ASN.1 code
postfix: denial of service vulnerabilities
PostgreSQL - more buffer overflows
proftpd: remote root shell
Multiple-use vulnerability in Safe.pm
sane-backends: several vulnerabilities
sendmail: remotely exploitable buffer overflow
stunnel: signal handler reentrancy DoS
File overwrite vulnerability in tar and unzip
Multiple vendor telnetd vulnerability
tomcat4: denial of service vulnerability
unzip: directory traversal vulnerability
vim - modeline vulnerability
webmin: session ID spoofing
wget: buffer overflow
XFree86 4.3.0 integer overflows in font libraries
xinetd: Memory leak in xinetd 2.3.10
Resources Linux Security WeekThe October 20 issue of Linux Security Week from LinuxSecurity.com is available.
Events DallasCon Wireless Security Conference 2004The third annual DallasCon Wireless Security Conference is happening in Dallas, Texas on May 1 and 2, 2004. Papers are being accepted now; see the announcement for details.
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current development kernel is 2.6.0-test8, which was released by Linus on October 17. This patch includes a working NFS direct I/O implementation, a workaround for the Athlon prefetch bug, various architecture updates, working signal handling for kernel threads, an ALSA update, some software suspend work, and numerous other fixes. The long-format changelog has the details.Linus's BitKeeper repository is full of stability fixes, as is appropriate for his current goal of getting 2.6.0 in shape. It also includes an SGI Altix serial console driver and Jeff Garzik's libata driver (covered here last August). The current stable kernel is 2.4.22; Marcelo has not released any 2.4.23 prepatches since 2.4.23-pre7 on October 9.
Kernel development news The unfinished SCSI jobThe repository for SCSI patches has just been forked into two separate trees. One of them is a bugfix-only repository, with its contents meant to get past Linus's "stability fixes only" filter and into the 2.6.0-test kernel. The other is for everything else, which will be held for 2.7, or, at least, a post-2.6.0 release.This change brought out the question: what about expanding the number of SCSI disks (and partitions) that can be supported by the kernel? That was, after all, one of the reasons for expanding the dev_t type in the first place. The larger device numbers are now in place, but there are no patches in the mainline to make more SCSI disks available. There are, as it turns out, a few remaining issues that must be addressed before the SCSI expansion can be completed. One of those is naming. Currently, the first 26 SCSI drives are called sda through sdz. Then a second letter is added, making sdaa through sdzz available. The default plan seems to be to go to sdaaa thereafter, and sdaaaa if need be. Is the number of partitions per drive to be expanded? The current limit of fifteen is apparently constraining to some. As a result, there has been persistent talk of raising the limit to 63. That change, however, would create interesting numbering challenges. The current numbering scheme divides the (eight-bit) minor number in half; the upper nibble is the drive number, and the lower nibble is the partition number. To support more partitions, the portion of the (now 20-bit) minor number dedicated to the partition number would have to be expanded. A naive implementation would simply remap the minor number so that bits 0..5 describe the partition, and bits 6..19 the drive number. The only problem with that approach is that it would break all existing SCSI device nodes. The kernel hackers have a sense that they might get a complaint or two if they did that, so they are fairly strongly committed to ensuring that old device numbers continue to work. As a result, there have been proposals for more complicated schemes, with the two new partition bits being placed, for example, up at the high end of the minor number. This approach would put an end to the manual creation of device nodes for large SCSI devices - who wants to figure out what number to give to mknod? - but there was not likely to be much of that going on anyway. A better long-term approach might be to go to one or more completely new major numbers for SCSI drives. The block layer could then assign numbers dynamicly as the drives are discovered, with a tool like udev creating device nodes on demand. For sites that need old numbers to work, a small compatibility module could map between the old and new numbers at device open time. That is all certainly 2.7 material, however. For 2.6.0, the most likely scenario might be the merging of a simple patch (like Badari Pulavarty's patch found in the -mm tree) which expands the number of disks supported in a relatively unintrusive way. The complete solution can come later.
The cpuset mechanismA set of patches has been making the rounds for the last month or so which implements a concept known as a "cpuset." A cpuset is simply an arbitrary collection of processors in an SMP system; cpusets can be used to partition a large system into smaller virtual machines in a flexible sort of way. This patch was originally posted by Simon Derr; more recent versions (found in the "patches" section, below) have been sent out by Stephen Hemminger at OSDL.Internally, the patch creates a hierarchy of cpusets. At boot time, the root set is created containing all of the system's processors. System calls can then be used to create child sets. The creation of a cpuset is not a privileged task, but no process can expand beyond the set of processors initially assigned to it. Thus, for example, the system administrator can create a cpuset for a particular group of processes which will be confined to the designated processors. Those processes can, however, further partition the set for their own purposes. In normal use, one would expect cpusets to correspond to the underlying hardware; all processors in a set would normally be part of the same NUMA node, for example. There is nothing in the patch that requires users to do things that way, however; cpusets can be any arbitrary subset of the available processors. Processors can also belong to multiple cpusets, so cpusets can overlap each other in arbitrary ways. There is, however, a "strict" flag which can be set to disallow the sharing of processors in this way. There are a few new system calls created by this patch:
Processes running within a cpuset have no view of the processors which are not contained within that set. Processors in a cpuset are renumbered to appear to be the only processors on the system; thus, for example, system calls like sched_setaffinity() will only bind processes within their particular cpuset. This patch has generated a certain amount of interest in the large-systems community. It clearly does not fall within the 2.6.0-test "stability patches only" mandate, but there may be pressure to get it into the kernel not much after 2.6.0 is released.
Driver porting kobjects and sysfs
To use the functions described below, you will need to include both <linux/kobject.h> and <linux/sysfs.h> in your source files.
How kobjects get sysfs entriesAs we saw in the previous article, there are two functions which are used to set up a kobject. If you use kobject_init() by itself, you will get a standalone kobject with no representation in sysfs. If, instead, you use kobject_register() (or call kobject_add() separately), a sysfs directory will be created for the kobject; no other effort is required on the programmer's part.The name of the directory will be the same as the name given to the kobject itself. The location within sysfs will reflect the kobject's position in the hierarchy you have created. In short: the kobject's directory will be found in its parent's directory, as determined by the kobject's parent field. If you have not explicitly set the parent field, but you have set its kset pointer, then the kset will become the kobject's parent. If there is no parent and no kset, the kobject's directory will become a top-level directory within sysfs, which is rarely what you really want.
Populating a kobject's directoryGetting a sysfs directory corresponding to a kobject is easy, as we have seen. That directory will be empty, however, which is not particularly useful. Most applications will want the kobject's sysfs entry to contain one or more attributes with useful information. Creating those attributes requires some additional steps, but is not all that hard.The key to sysfs attributes is the kobject's kobj_type pointer. When we looked at kobject types before, we passed over a couple of sysfs-related entries. One, called default_attrs, describes the attributes that all kobjects of this type should have; it is a pointer to an array of pointers to attribute structures:
struct attribute {
char *name;
struct module *owner;
mode_t mode;
};
In this structure, name is the name of the attribute (as it will appear within sysfs), owner is a pointer to the module (if any) which is responsible for the implementation of this attribute, and mode is the protection bits which are to be applied to this attribute. The mode is usually S_IRUGO for read-only attributes; if the attribute is writable, you can toss in S_IWUSR to give write access to root only. The last entry in the default_attrs list must be NULL. The default_attrs array says what the attributes are, but does not tell sysfs how to actually implement those attributes. That task falls to the kobj_type->sysfs_ops field, which points to a structure defined as:
struct sysfs_ops {
ssize_t (*show)(struct kobject *kobj, struct attribute *attr,
char *buffer);
ssize_t (*store)(struct kobject *kobj, struct attribute *attr,
const char *buffer, size_t size);
};
These functions will be called for each read and write operation, respectively, on an attribute of a kobject of the given type. In each case, kobj is the kobject whose attribute is being accessed, attr is the struct attribute for the specific attribute, and buffer is a one-page buffer for attribute data. The show() function should encode the attribute's full value into buffer, being sure not to overrun PAGE_SIZE. Remember that the sysfs convention requires that attributes contain single values or, at most, an array of similar values, so the one-page limit should never be a problem. The return value is, of course, the number of bytes of data actually put into buffer or a negative error code. The store() function has a similar interface; the additional size parameter gives the length of the data received from user space. Never forget that buffer contains unchecked, user-supplied data; treat it carefully and be sure that it fits whatever format you require. The return value should normally be the same as size, unless something has gone wrong. As you can see, sysfs requires the use of a single set of show() and store() functions for all attributes of kobjects of the same type. Those functions will, usually, maintain their own array of attribute information to enable them to find the real function charged with implementing each attribute.
Non-default attributesIn many cases, the kobject type's default_attrs field describes all of the attributes that kobject will ever have. It does not need to be that way, however; attributes can be added and removed at will. If you wish to add a new attribute to a kobject's sysfs directory, simply fill in an attribute structure and pass it to:
int sysfs_create_file(struct kobject *kobj, struct attribute *attr);
If all goes well, the file will be created with the name given in the attribute structure and the return value will be zero; otherwise, the usual negative error code is returned. Note that the same show() and store() functions will be called to implement operations on the new attribute. Before you add a new, non-default attribute to a kobject, you should take whatever steps are necessary to ensure that those functions know how to implement that attribute. To remove an attribute, call:
int sysfs_remove_file(struct kobject *kobj, struct attribute *attr);
After the call, the attribute will no longer appear in the kobject's sysfs entry. Do be aware, however, that a user-space process could have an open file descriptor for that attribute, and that show() and store() calls are still possible after the attribute has been removed.
Symbolic linksThe sysfs filesystem has the usual tree structure, reflecting the hierarchical organization of the kobjects it represents. The relationships between objects in the kernel is often more complicated than that, however. For example, one sysfs subtree (/sys/devices) represents all of the devices known to the system, while others represent the device drivers. These trees do not, however, represent the relationships between the drivers and the devices they implement. Showing these additional relationships requires extra pointers which, in sysfs, are implemented with symbolic links.Creating a symbolic link within sysfs is easy:
int sysfs_create_link(struct kobject *kobj,
struct kobject *target,
char *name);
This function will create a link (called name) pointing to target's sysfs entry as an attribute of kobj. It will be a relative link, so it works regardless of where sysfs is mounted on any particular system. The link will persist even if target is removed from the system. If you are creating symbolic links to other kobjects, you should probably have a way of knowing about changes to those kobjects, or some sort of assurance that the target kobjects will not disappear. The consequences (dead symbolic links within sysfs) are not particularly grave, but they would not do much to create confidence in the proper functioning of the system either. Symbolic links can be removed with:
void sysfs_remove_link(struct kobject *kobj, char *name);
Binary attributesThe sysfs conventions call for all attributes to contain a single value in a human-readable text format. That said, there is an occasional, rare need for the creation of attributes which can handle larger chunks of binary data. In the 2.6.0-test kernel, the only use of binary attributes is in the firmware subsystem. When a device requiring firmware is encountered in the system, a user-space program can be started (via the hotplug mechanism); that program then passes the firmware code to the kernel via binary sysfs attribute. If you are contemplating any other use of binary attributes, you should think carefully and be sure there is no other way to accomplish your objective.Binary attributes are described with a bin_attribute structure:
struct bin_attribute {
struct attribute attr;
size_t size;
ssize_t (*read)(struct kobject *kobj, char *buffer,
loff_t pos, size_t size);
ssize_t (*write)(struct kobject *kobj, char *buffer,
loff_t pos, size_t size);
};
Here, attr is an attribute structure giving the name, owner, and permissions for the binary attribute, and size is the maximum size of the binary attribute (or zero if there is no maximum). The read() and write() functions work similarly to the normal char driver equivalents; they can be called multiple times for a single load with a maximum of one page worth of data in each call. There is no way for sysfs to signal the last of a set of write operations, so code implementing a binary attribute must be able to determine that some other way. Binary attributes must be created explicitly; they cannot be set up as default attributes. To create a binary attribute, call:
int sysfs_create_bin_file(struct kobject *kobj,
struct bin_attribute *attr);
Binary attributes can be removed with:
int sysfs_remove_bin_file(struct kobject *kobj,
struct bin_attribute *attr);
Last notesThis article has described the low-level interface between kobjects and sysfs. Unless you are implementing a new subsystem, however, you are unlikely to work with this interface directly. Each subsystem typically implements its own set of default attributes, and, perhaps, a mechanism for interested code to add new ones. This mechanism is generally a straightforward wrapper around the low-level attribute code, however, so it should look familiar to readers of this page.
Patches and updates Kernel trees
Core kernel code
Device drivers
Filesystems and block I/O
Architecture-specific
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials No More Free Beer?It is no secret that many commercial Linux companies are struggling to survive in a market often dominated by the perception that Linux is free. Much of the blame can of course be attributed to the unfortunate use of "free" in English, which, unlike most other languages, makes no distinction between the two common meanings of the word - free as in speech and free as in beer. Fighting off this perception is not easy and many Linux distributions are trying hard to find new ways to throttle the the free beer tap or to restrict access to it.MandrakeSoft released its latest Mandrake Linux, version 9.2, last week. It was the first time in the company's 5-year history that the final product was withheld until the box sets are ready for shipment. Only those who had joined MandrakeClub were given a privileged access to the three ISO images - via the BitTorrent file sharing technology. Not every member was happy about it - those on a dial-up connection or some of those behind firewalls find themselves excluded from the party. But while public FTP servers will only carry the ISO images at the end of this month, MandrakeSoft has made the entire 9.2 directory tree available for those wishing to upgrade an existing installation directly from FTP servers. Like Mandrake, Lycoris also restricted the public availability of their recently released Desktop/LX Update 3. According to notes on the distribution's mirrors, the ISO images will only be uploaded in November, more than 2 months after the official release. However, the online system upgrade has not been restricted, so anybody who previously installed an older beta release can perform a simple but unsupported upgrade to the latest stable version. SuSE has always tried hard to convince users about the value of their boxed sets. Firstly, the product's best-known utility (YaST) comes with a somewhat hard-to-interpret, non-GPL license, which prevents users from distributing the ISO images. Secondly, SUSE does not provide ISO images as a matter of company policy, with the exception of some products made for less widely used architectures. Even beta testing is closed to public. However, SuSE does supply a means to install the distribution directly from FTP servers, usually about 1 - 2 months after the official release. Many other commercial distributions have much more restrictive policies. The latest releases from Libranet, Lindows.com and Xandros are only available from their respective online stores. Of the three, only Libranet provides any form of free download - that of an outdated and stripped-down edition. It is interesting to note that cheap illegal copies of LindowsOS and Xandros have reportedly been spotted on the streets of Thailand and other Asian countries, right next to pirated Microsoft products. Although Linux distributions seem increasingly inclined to restrict, or at least delay, the free availability of their products, all is not bad news. Slackware still provides complete and unrestricted access to their product immediately after release; in fact of the major and well-established commercial distributions, Slackware is the only one with such a policy. This is largely due to the fact that Slackware is a small (2-person) company with minimal development costs and a relatively large and loyal user base. Then there is Red Hat. Always innovative and always different from the rest, Red Hat has decided to buck the trend and turn their distribution over to the Fedora community for further development. The Fedora Project has yet to establish itself and there are some rough bumps on the transition road (Fedora 0.95 ISOs were released without the usually meticulous release notes!), but freeing the distribution from its commercial shackles will almost certainly result in a better and more user-oriented product. Of course, Linux is about choice and those unable to accept any form of commercialization or restrictions on availability from a Linux distribution can always turn to non-commercial Debian, Gentoo or any of the dozens of smaller projects for all their needs. If in doubt, talk to the wise or the penniless to find out which of the pubs still serve free beer...
Distribution News Debian GNU/LinuxThe Debian Weekly News for October 21, 2003 covers the deployment of 100 new Debian GNU/Linux systems at the audit court of the German province Mecklenburg-Vorpommern, the Dutch robot soccer team Mission Impossible Twente's use of Debian woody, Debian and the LPI, Debian in the News, a Package Policy Checker, and much more.Martin Michlmayr reflects on his last six months as Debian Project Leader with news about Debian internal management, Debian finance and legal matters, Publicity & events and Partner relations. Debian developers have until October 29, 2003 to vote on a General Resolution to amend the Debian Constitution to disambiguate section 4.1.5. Here's an early status report with additional information. Martin Michlmayr talks about Debian and the Linux Professional Institute (LPI), which has certification tests available using Debian tools such as dpkg. DebianPlanet reports that registration is open for Debian MiniConf3, taking place in Adelaide, South Australia on January 12 - 13, 2004 (right before the 2004 linux.conf.au).
Gentoo Weekly Newsletter -- Volume 2, Issue 42The Gentoo Weekly Newsletter for the week of October 20, 2003 is out. This issue has an update on GLEPs (Gentoo Linux Enhancement Proposal), a look at featured developer Peter Johanson, and more.
Mandrake LinuxA few LWN readers have mentioned that the Mandrake 9.2 ISO images do not include a kernel source package. We asked Gaël Duval for an explanation. He said they simply ran out of room on the binary CDs, so they pushed the kernel source to the CDs with all of the other source code.There are new nss_ldap packages available for Mandrake Corporate Server 2.1. LDAP authentication did not work properly on the x86_64 platform due to the wrong location of the nss_ldap and pam_ldap libraries. This update corrects the problem.
Red Hat Linux / FedoraHere is Red Hat's press release on the availability of Red Hat Enterprise Linux 3. This release includes the Native POSIX Threading Library, greater scalability, and a wider range of supported architectures.There are updated sane packages available for Red Hat Linux 9 that prevent possible hardware damage to Epson 1260 scanners. A freeze schedule for Fedora Core 1 has been posted, showing October 28, 2003 as the date the entire tree will be frozen. Get your bug reports and changes in now.
Minor distribution updates Damn Small LinuxDamn Small Linux has released v0.4.10 with minor feature enhancements. "Changes: This version includes new Xvesa and Xfbdev Xservers from CVS, in which the mouse scroll is better, and there is no need to re-map the mouse buttons any more. A fun addition for this release is TuxNES, and an assortment of public domain games. The Firebird install script is updated to 0.7, and there is a new Fluxbox theme, "Lawn". Also new is Nano-tiny. It is now possible to dynamically load usb-storage only when mounting USB drives."
Local Area Security LinuxL.A.S. Linux has released version 0.4 MAIN. "Changes in this latest version of L.A.S. include the addition of the 'toram' boot option allowing the user to boot the whole CD image into RAM. Allowing for the removal of the CD to free up the CDROM for burning etc." Many new packages were added as well.
Recovery Is Possible! (RIP)Recovery Is Possible! (RIP) has released v6.5 with minor feature enhancements. "Changes: NFS server support was added, and some of the software was updated. A few bugs were fixed."
rpm-livelinuxcdrpm-livelinuxcd has released 1.0 RC 2. "Changes: This is a Red Hat 9.0=based live CD with X11/KDE, samba, Mozilla Firebird, and several other tools. It supports including home directories from a Samba server, as well as a basic 'profile' mechanism. It is a prototype for a networked workstation that gets additional resources such as office (OpenOffice.org) or groupware (OpenGroupware.org) from a server. The bzip2 package is about 193 Mb in size."
SnootixSnootix has released v0.4 beta with minor feature enhancements. "Changes: This version now has a framework of shell scripts in place to install BLFS and Snootix packages. Users are now able to install KDevelop."
Page editor: Rebecca Sobol Development The Freedesktop.org ProjectFreedesktop.org has been quietly working since March 2001 to improve interoperability between X desktops. Unlike ostensibly similar groups like the Free Standards Group freedesktop is not a standards organization. Freedesktop's mission is achieved by getting developers to informally hash out ways to interoperate rather than legislating formal standards documents. Its specifications are hammered out quickly on mailing lists or IRC, instantly tested in real-world code and patched accordingly. This speedy, informal approach allows developers to build interoperability specs without having to disrupt projects with interim hacks while a standard is finalized. The expectation at freedesktop.org is that the de facto standards created this way will eventually get "blessed" by an organization with a mandate to legislate standards.The benefits of interoperability are often ignored. Nowadays, we take it for granted that we will be able to cut-and-paste or drag-and-drop between GNOME and KDE applications. This casual acceptance is a good thing. Applications should "just work" whether or not they are on their native desktop. Thanks to freedesktop, they mostly do. Contrast this with life under very early versions of GNOME and KDE. Standards simplify the lives of developers trying to be desktop-neutral. The standardization of desktop entries and menus, for example, allow ISVs to easily install icons for their applications without having to worry about the end-user's desktop environment. The developers of a skinned media player can be assured that their app will look and behave the same under all compliant window managers if they use the hints defined in the Window Manager Spec. Freedesktop.org has published several specifications that have wide acceptance across X desktops. For example, the Window Manager Spec, which defines window manager behavior, is supported by GNOME, KDE, XFce and many other window managers. The qt and GTK+ supported XEmbed spec is a protocol to embed one application's controls into another. The clipboard spec is a consensus on using the X clipboard. Several draft specifications haven't been widely implemented. For example, the one that defines application menus has only been implemented by GNOME, but KDE and XFce have indicated support in future releases. The Shared MIME Database creates a common library of MIME types to be used file handling tools. It's currently implemented only by ROX Filer and slated to be part of GTK+ 2.4. Recently, freedesktop decided to expand the scope of its work to hosting desktop oriented projects, especially those that provide needed infrastructure to desktops. The DRI project recently moved its CVS repository to freedesktop.org, for example. Other projects hosted on freedesktop include Cairo - a vector graphics library, D-BUS - a message bus system, fontconfig and pkgconfig. A particularly interesting new project is HAL, which aims to create a standard abstraction layer through which desktops can configure and use hardware devices. It's an ambitious project, but one well worth the effort.
System Applications Audio Projects ALSA 0.9.8 releasedVersion 0.9.8 of the ALSA sound driver is available. Change information is in the source code.
LADCCA 0.3.2 availableVersion 0.3.2 of LADCCA, a session management system for JACK and ALSA audio applications, is available. This release fixes a minor bug.
LADCCA 0.4.0 and ALSA Patch Bay 1.0.0Bob Ham has sent out a multiple announcement for version 0.4.0 of LADCCA and version 1.0.0 of ALSA Patch Bay. "LADCCA's now reached a state where I reckon it's worth releasing again. It's pretty stable for me, and it now seems to do what it should without any hiccups. I'm releasing alsa patch bay and jack rack along with it as the only changes are support for the new ladcca version."
Database Software knoda 0.6.1 releasedVersion 0.6.1 of knoda, a KDE-based database front end, has been released. "Main feature of this version is the scripting support in forms and reports. Hk_classes is also available as a Python module."
phpMyAdmin 2.5.4 is released! (SourceForge)Version 2.5.4 of phpMyAdmin has been announced. "The development team is proud to announce the availability of this version, with over 12 improvements and 20 bug fixes. phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the http://www."
PostgreSQL Weekly NewsThe PostgreSQL Weekly News for October 15, 2003 is out, with a look at some of the issues that have been found in beta4.
Upgrading a MySQL Application (O'ReillyNet)Russell Dyer covers database design issues relating to upgrades on O'Reilly. "Most developers design MySQL databases for their own use or for the use of their employers. Occasionally, though, a developer will design a database for use by others, for sale as an application. Since an application developer usually isn't present when his application is installed and used, he must consider many factors when designing the database."
Mail Software Hotwayd 0.7 released (SourceForge)Version 0.7 of Hotwayd, a POP-3 to HTTPMail gateway daemon, is out. "This release introduces fully functional proxy support. This means that should your ISP require that you use a proxy server you can now tell hotwayd about it and it will route all the HTTP requests via the specified proxy server. It is now possible to download folders other than your inbox by specifying it as part of your user name."
milter-sender version 0.41 releasedVersion 0.41 of milter/sender, an email spam filtering system, is available. "It has some significant modifications namely -m is removed, auto-whitelist added, and successful sender cache expire policy changed."
POPFile v0.20.0 release (SourceForge)POPFile v0.20.0 has been announced on SourceForge. "POPFile is an email classification tool with a Naive Bayes classifier, a POP3 proxy and a web interface. It runs on most platforms and with most email clients. v0.20.0 is a major update to POPFile with the focus being on performance."
Printing New GhostScript SoftwareThe GhostScript site lists new versions of GSview, a PostScript previewer, and Epstool, which adds and removes previews from Encapsulated PostScript files.
Common UNIX Printing System 1.1.20rc4Version 1.1.20rc4 of CUPS, the Common UNIX Printing System, has been announced. "In accordance with the CUPS Configuration Management Plan, you now have until Thursday, October 30th to test this release candidate to determine if there are any high-priority problems and report them using the Software Trouble Report form".
Web Site Development The Atom APIMark Pilgrim looks at the Atom API on O'Reilly. "Atom is an up-and-coming format for editing, syndicating, and archiving weblogs and other episodic web sites. The final details are still being hashed out, but that's never stopped me before, having written several articles about XHTML 2. To understand the problems that Atom is designed to solve, we should look briefly at what came before it."
mod_security 1.7 releasedVersion 1.7 of mod_security is available. "Mod_security is an Apache module whose purpose is to protect vulnerable applications and reject human or automated attacks. It is an open source intrusion detection and prevention system for Apache."
Create Web applets with Mozilla and XML (IBM developerWorks)Nigel McFarlane covers XML web applications on IBM's developerWorks. "To go beyond simple HTML, historically the only options have been to use Java technology or plug-ins. Now, you have a new way -- write and display applications natively in XML. The Mozilla platform provides such a mechanism. In this article, Nigel McFarlane introduces XUL (the XML User-interface Language). XUL is set of GUI widgets with extensive cross-platform support that are designed for building GUI elements for applications that have traditional, non-HTML GUIs."
Documentation Albert 0.4.7 releasedVersion 0.4.7 of Albert, a Common Lisp DocBook documentation generator, is available. "This version provides control of symbol presentation based on package export, support for including license boilerplate, more user-configurable settings, support for MK-DEFSYSTEM and CLISP, and several more fixes."
Desktop Applications Audio Applications Announcing Gnomoradio (GnomeDesktop)GnomeDesktop.org has an announcement for the initial release of Gnomoradio. "Gnomoradio is rapidly becoming a fully-featured music playing system for Gnome. In addition to playing mp3s, it can read Creative Commons licenses in RDF format, and download and share music that is freely available."
Helix Player 1.0 Milestone 1 releaseThe first Helix Player 1.0 milestone release is now available. "The Helix Player is designed for Linux and Solaris desktops, built using GTK+, and includes a Mozilla browser plug-in. It supports local file playback and streaming over RTSP/RTP, RTSP/RDT, and HTTP. It supports video zoom in original, double size and full screen, and has support for the following media types in open source: SMIL 2.0, MP3, Ogg Vorbis, H.263 video, JPEG, GIF, PNG, and RealPix. Additionally, RealVideo (RV9, RV8, RV7, RVG2), and RealAudio (RA8, G2 audio) are available in binary form." This is still a testing release; the project hopes to get a stable version out early next year.
Desktop Environments KDE-CVS-DigestThe KDE.News summary and comments for the October 17, 2003 KDE-CVS-Digest says: "Disconnected IMAP fixed in KMail. KHTML now supports jng image format. KDevelop has a Subversion plugin. KDE has global settings for mouse gestures. Kopete has new "Away" and plugin configuration dialogs. KControl has a new style configuration dialog. Plus many bugfixes in KMail and KHTML."
New Module Proposal Time (GnomeDesktop)Developers who wish to include new modules into GNOME 2.6 should read this announcement on GnomeDesktop.org.
GSwitchIt XKB toolkit 2.5.0 is released (GnomeDesktop)GnomeDesktop.org has an announcement for a new release of GSwitchIt. "In the preparation of merging into GNOME 2.6, the very first release in 2.5 series of GSwitchIt is out. International GNOME users get real hope for proper xkb support straight out of the GNOME box".
Electronics gEDA NewsThe latest news from the gEDA project includes the release of new versions of the Covered Verilog code coverage analysis tool, the Gerber viewer, and the Icarus Verilog compiler.
Games Gnocatan 0.8.0 Released (GnomeDesktop)Version 0.8 of Gnocatan, a clone of the game Settlers of Catan, is available. "The program was ported to GTK2/GNOME2, among many other changes found in version 0.8.0."
Graphics New Dia release (GnomeDesktop)GnomeDesktop.org has an announcement for version 0.92 of Dia, a graphical diagram, graphing, and chart tool. "Dia 0.92 has been released featuring numerous bug fixes a new features."
Multimedia GStreamer 0.7.1 Released (GnomeDesktop)Version 0.7.1 of GStreamer has been announced. "The new 0.7.x branch has a lot of improvements compared to the 0.6 branch, especially for video applications as it supports more formats both for decoding/demuxing and for muxing/encoding. It also features good error handling, better typefinding, a framework for interactivity to handle such things as DVD menu's and Flash and soon a new metadata system."
XMMS GTK2 Port (GnomeDesktop)A preview release of the XMMS multimedia system has been announced for GTK2. "Here's a 'preview' release, since many things aren't done yet, but it compiles and works, and if you currently don't need more than OSS output and vorbis and MP3 playing, you're ready to go."
Music Applications ALSA MIDI Metronome 0.4 availableVersion 0.4 of ALSA MIDI Metronome has been released. Change information is in the source code.
RTSynth 1.9.2 releasedVersion 1.9.2 of RTSynth, a midi event triggered musical synthesizer, has been released. "This is mainly a clean-up and speed-up version."
Digital Photography libgphoto2/gphoto2 2.1.3 released (SourceForge)Version 2.1.3 of libgphoto2 and gphoto2 has been announced. "libgphoto2/gphoto2 2.1.3 are out, featuring support for lots of new cameras and bug fixes. gPhoto is a program and library framework that lets users download pictures from their digital cameras."
Web Browsers Mozilla 1.4.1 Released (MozillaZine)According to MozillaZine, version 1.4.1 of Mozilla is available. "Mozilla 1.4.1 contains around 100 additional bug fixes but no new features." Despite that statement, a new spell checker has been included in this release.
Word Processors AbiWord Weekly NewsIssue #166 of the AbiWord Weekly News was published on October 19, 2003. Here's the summary: "More on the new features, no bloat AbiWord and dependency hell, Johnny Lee's final speed-up patch, Win32 in a week or two and some CVS bragging. Plusse, editor negotiates AWN readability."
Miscellaneous Disc-O-Matic 0.3 Released (GnomeDesktop)Version 0.3 of Disc-O-Matic, a GTK+ DVD/CD-ROM archiving tool, has been announced. "In release 0.3 glade has been removed in favor of pure gtk. It now also supports DVD's through dvdrecord, and basic error checking for burning has been implemented."
Languages and Tools C GCC 3.3.2 has been releasedVersion 3.3.2 of GCC, the GNU Compiler Collection, has been released. See the changes document for a long list of fixed bugs.
Caml Caml Weekly NewsThe October 14-21, 2003 edition of the Caml Weekly News has been published, take a look to see what's been happening with Caml this week.
Java JBoss 3.2.2 released (SourceForge)Version 3.2.2 final of JBoss, a J2EE based application server, is available.
Magic with Merlin: Dynamic event listener proxies (IBM developerWorks)John Zukowski explains Java's EventHandler class on IBM's developerWorks. "Many developers create anonymous inner classes for event handling. For simple event handling, inner classes can be a real hassle. Luckily, Java 1.4 introduces the EventHandler class, which relies on the dynamic generation of listeners to ease the task at hand. Though the new features are typically meant for the IDE vendor to use, in this article columnist John Zukowski shows you how you can use them for hand coding, too."
Configuration Blues (O'Reilly)Craig Castelaz covers Java application configuration issues on O'Reilly. "Have you ever noticed how some applications seem to configure themselves? I don't mean that they auto-detect their settings; rather, the configuration process and tools are so well designed that they are a pleasure to use. Like most things in development, this level of functionality didn't appear by accident. 'Application configuration deserves careful design -- perhaps even more than application code.' (Halloway, 02) If we want to offer a similar experience to all our users, we need to stop treating configuration as an afterthought."
Lisp CL-PDF 2.0 releasedVersion 2.0 of CL-PDF, a Common Lisp library for generating pdf documents, is out.
Perl This Week on perl5-porters (use Perl)The October 13-19, 2003 edition of This Week on perl5-porters has been published. "What happens in the post-5.8.1 world ? Read about the plans for the (nearest than you may think) 5.8.2, 5.8.1-specific problems, and other Perl language and implementation questions."
PHP PHP 4.3.4RC2 releasedVersion 4.3.4 RC2 of PHP has been released. "This release candidate is hopefully the final release candidate prior to the 4.3.4 release and should be very stable. Please test this release as much as possible, so that any remaining issues can be uncovered and resolved prior to the final release."
PHP Weekly Summary for October 20, 2003The PHP Weekly Summary for October 20, 2003 is out. Topics include: PHP 5 Beta 2 coming, BIND 9 problems, Documentation translations, Adding a regex operator?, WDDX 64-bit test, ZE2 Memory Cache.
The PHP Scalability Myth (O'ReillyNet)Jack Herrington addresses PHP Scalability issues on O'Reilly. "PHP scales. There, I said it. The word on the street is that "Java scales and PHP doesn't." The word on the street is wrong, and PHP needs someone to stand up and tell the truth: that it does scale."
PHP Performance Profiling (Linux Journal)Jonathan Oxer writes about PHP performance profiling on Linux Journal. "Due to the incredible growth of PHP in the last couple of years, it's now being used for tasks ranging from tiny scripts to large-scale Web applications. Some Web applications contain hundreds of thousands of lines of PHP code, and the fact that PHP can scale to these levels is a great testament to its design and the efficient Zend Engine that actually manages PHP code execution. Of course, bigger and more complex projects result in more load on your servers, and when you throw a database into the mix you have even more potential performance bottlenecks to track."
Python This week's Python-URLDr. Dobb's Python-URL for October 22 is out; it looks at Python performance, portability, Powerpoint-like applications, and more.
PyUMLGraph initial releaseThe initial release of PyUMLGraph, a Python-based debugger, is available. "PyUMLGraph is a Python debugger that produces UML diagrams by inspecting running Python programs. The output is in Graphviz's dot language, and dot can produce pictures in many popular formats, such as PNG, PDF, SVG, and others. The UML diagrams can contain information about class inheritance relationships, references to other classes, class methods and return types, as well as class attributes and types."
Tcl/Tk Dr. Dobb's Tcl-URL!The October 20, 2003 edition of Dr. Dobb's Tcl-URL! has been published. Take a look for a summary of the week's Tcl/Tk development news.
XML Three More For XML Output (O'Reilly)Uche Ogbuji examines three more Python-based XML tools on O'Reilly. "This column has touched on some advanced XML processing topics, but I keep coming back to basics. The reason for this is that the two most common XML processing tasks for Python users are to extract particular data fields from XML files and to generate XML in order to feed another program."
XML security: Implement security layers, Part 1 (IBM developerWorks)Manish Verma discusses XML security issues with part one of an IBM developerWorks series. "This article focuses on the basic plumbing technologies, defining security in an XML context, XML canonicalization, and PKI infrastructure, and providing a step-by-step guide to generating keys."
microdom: an XML DOM Designed For HTML (O'Reilly)Itamar Shtull-Trauring Introduces microdom on O'Reilly. "This article introduces microdom, a XML DOM implementation written in Python which was designed for dealing with HTML's legacy issues both when parsing and when generating documents."
Cross Assemblers gputils-0.11.7 ReleasedVersion 0.11.7 of gputils, a cross-assembler and tool set for Microchip's PIC processors, has been released. The Changes statement says: "Fixed 18xx gplink bugs and added support for 18xx config and idlocs sections in gpasm."
Editors Leo 4.0 final releasedVersion 4.0 of Leo, a programmer's outlining editor and flexible browser, has been released. This version brings a long list of changes including an improved derived file format, better error handling, new commands, and more.
Profilers Smashing performance with OProfile (IBM developerWorks)Prasanna S. Panchamukhi explains OProfile on IBM's developerWorks. "Analyzing the performance of the Linux operating system and application code can be difficult due to unexpected interactions between the hardware and the software, but profiling is one way you can identify such performance problems. This article looks at OProfile, a profiling tool for Linux that will be included in the upcoming stable kernel."
Page editor: Forrest Cook Linux in the news Recommended Reading Open Source Everywhere (Wired)Wired examines the open source model as it spreads from software into other industries. "A decade ago, Michael Eisen slogged through swamps in Costa Rica studying the mating behavior of frogs. That's what biologists did, he figured - and if he had to fight off a few leeches along the way, so be it. Now he's all about coding, crafting blocks of genetic data and churning them through his computer. "It's a great time to be a biologist," says Eisen, a computational scientist at Lawrence Berkeley National Laboratory. "Origin of Species is the best thing ever written in biology. But you just wish Darwin knew about genomics." Yet if biology is in a renaissance, there are still relics of a medieval age." (Thanks to Andrew Willson)
Linux not accountable for security, Ballmer says (SearchWin2000)SearchWin2000 reports from a talk by Steve Ballmer, CEO of Microsoft. "What sets Windows apart from Linux in terms of development, security and patching, Ballmer said, is that Microsoft has an infrastructure that takes responsibility for Windows. 'There's no roadmap for Linux. Nobody is held accountable for security problems with Linux.'" Hey Steve, who can we hold accountable for all that worm mail clogging our lines and mailboxes?
Business Technology: About Linux: An Open Letter to Microsoft (TechWeb)CMP's Editor in Chief has posted an open letter to Microsoft. "First, customers will deploy both Windows and Linux. Second, they will ideally want all of their systems to be able to work together without requiring 5,000 man-years of workarounds. Third, your value to those customers will decline if you continue to give them reason to believe that you are intentionally refusing to take the steps necessary to help them run their businesses, including their heterogeneous systems, more effectively."
Trade Shows and Conferences A Historic Moment in Boston (Linux Journal)Linux Journal looks forward to the Desktop Linux Conference, coming to Boston next month. "The Desktop Linux Conference aims to drive home the message that for the first time in computing history, a legitimate desktop alternative is available that is better, faster and cheaper. As an extension of the newly formed Desktop Linux Consortium's mission of providing "wide scale understanding and adoption of the Linux operating system and its applications for use on the desktop", the program offers key champions of Linux: Bruce Perens, Nat Friedman, Jeremy White, Sam Greenblatt, Mark Hinkle, Mark Westerman, Havoc Pennington, Amy D. Wohl, Shuji Sado and many more."
KDE at Linux Expo UK 2003 Report (KDE.News)KDE.News reports on the KDE activities at the Linux Expo UK 2003. "Almost everyone wanted to know if/when their distribution would be shipping KDE 3.2, how they could upgrade and whether we had the code available on CD. It's clear that many users do not know how to upgrade to the latest release and some are still running KDE 2. The difficulty of software upgrades and installation was one of the general GNU/Linux grumbles people kept mentioning. The others were drivers for some hardware (caused by manufacturers who do not work with the open source development process) and the integration issues which HAL aims to fix."
University students in Mexico promote free software (NewsForge)NewsForge covers the Congreso Software Libre y Nuevas Tecnologias, which was held last week in Villahermosa, Mexico. "Windows is nearly universal in Villahermosa. There is hardly any sign of Mac life. And there is little publically visible Linux action, although there are obviously enough people interested in free software -- particularly Linux -- to put on a free software conference. There is also a local Linux Users Group that gets between 20 and 30 people at most meetings and tutorial session and claims a total membership of about 400."
The SCO Problem SCO backs off Linux invoice plan (News.com)According to this News.com story, the SCO Group has, once again, decided that the time is not right to start sending out invoices to Linux users. "'The executives have said we haven't had to do it yet,' SCO spokesman Blake Stowell said of the invoice plan. 'They're happy with progress in the licensing program.'" Procrastinators will be happy to know that the "half price introductory period" has been extended through the end of the month.
SCO Backs Down on Invoicing and SGI (Computer Business Review)Computer Business Review reports on the latest climbdowns by SCO. Apparently SCO said there was never any threat of action against Linux users. "Meanwhile, SCO has also extended indefinitely Silicon Graphics Inc's deadline of October 14 to remedy alleged contractual violations also affecting its Unix IP. The deadline was extended following 'discussions'." How much fun it would have been to hear those "discussions"...
SCO license currently for biggest users only (IDG)According to IDG, SCO has decided that it will only be selling "Linux licenses" to big companies for now. "SCO may be proceeding cautiously with licensing sales for fear of litigation from an entity like the Free Software Foundation which has intellectual property claims to Linux, said IDC analyst Dan Kusnetzky. 'As soon as they sell the first one, litigation will be started from all quarters,' he predicted. 'I think the people from The SCO Group realized that if they opened that box, they'd never be able to close it again.'"
Linux Adoption China urged to join Asian Linux push (AustralianIT)AustralianIT covers Asian efforts to promote Linux. "In China, programmers developed a homegrown Linux version called Red Flag Linux a few years ago. That software has been touted by Beijing as a secure alternative to Windows. But the latest multi-government attempt to promote Linux is unprecedented in its scope, although some remain sceptical about its prospects."
Open Source: The Whole Product (O'Reilly)Bernard Golden examines the processes behind the adoption of open-source technology. "In Geoffrey Moore's book on technology strategy, Crossing the Chasm, he describes a similar process in the life cycle of technology adoption: a first wave of adventurers and a later wave of settlers, whom he calls Early Adopters and Pragmatists. Each type has different product requirements that they demand when adopting a technology. The Early Adopter seeks advantage in new technologies. The Pragmatist seeks stability with established technologies. Moore's book is a classic technology strategy book but does it make sense in a world of open source?"
Interviews Interview: Jon 'maddog' Hall (NewsForge)NewsForge talks with Jon 'maddog' Hall. "NewsForge: What about patent and other infringement threats a la SCO? Are you hearing about any potential corporate Linux users pulling back because of this problem?maddog: I heard about one or two. But then other companies who are in the multi-operating system business, so have no real ax to grind with respect to Linux, tell me that more and more companies are now moving. I think that the SCO thing caught people off guard. But the more people think about it, the more that SCO fails to deliver "the smoking gun", the more that people apply business and legal logic to it, the less they fear it."
Resources An Easy Way to Avoid Spam (Linux Journal)The Linux Journal has found another spam filter. "Testmail, the filter discussed in this article, is a Perl filter of average size and moderate complexity. It checks e-mail messages available at the POP3 server, filters them according to defined rules and, depending on the selected method, sends messages to the local mailbox or removes them from the server."
Writing Audio Applications With JACK - A tutorial/journalJames Shuttleworth has written a tutorial on developing audio applications for JACK, the JACK Audio Connection Kit. "The first thing I did when I decided to bite the bullet and have a crack at this was to look for a nice introductory tutorial - something that would cover the basics and give me an idea of how all of this fit together. I couldn't find exactly what I wanted, and saw lots of posts suggesting that the way to learn was to look at the source code or the example clients and other JACK apps. And I did. And then I realised that if I just documented my exploration, I'd end up with exactly the document that I was looking for. That's what you have here."
Reviews NeL: The Software Behind the Next Great MMORPG? (O'ReillyNet)O'ReillyNet takes a look at NeL, an open source gaming engine for massive multi-player online role-playing games. "NeL (for Nevrax Library) is a toolkit for the creating 3D-graphic MMORPGs or similar online game-play environments that require both client and server code. It runs on the Linux and Windows OSes, using OpenGL as its 3D graphics renderer."
MySQL Breaks Into the Data Center (COMPUTERWORLD)COMPUTERWORLD examines the adoption of MySQL by database users. "NASA's Clark compared MySQL's performance against Oracle's for his application, and it averaged 28% faster during the battery of tests he hammered it with. He adds that unlike competing products, 'MySQL was not a machine resources hog.'"
Miscellaneous Researchers take debugging to the masses (News.com)News.com covers researchers at the University of California and Stanford University who have released versions of several open-source software packages modified to send debugging information to a central site. "One key part of the project is ensuring the sampler software doesn't bog down the program; the project's goal was to slow performance only by as much as 5 percent, Liblit said. To avoid this degradation, the sampler software records information only occasionally, based on a randomization scheme. One thing that's recorded every time, though, is whether the program exited properly or crashed."
Remembering Multics (OSViews)Here's one for the history buffs: OSViews looks at the Multics OS. "Multics is an acronym for "Multiplexed Information and Computing Service." It was a timesharing operating system which began its life as far back as 1965. Although the OS is relatively unknown today, many might be surprised that the OS has several direct influences on many operating systems commonly used today."
Page editor: Forrest Cook Announcements Non-Commercial announcements GNU-Darwin: Bounty hunters search for proprietary codeThe GNU Darwin project, in cooperation with the Free Software Foundation, wants to wipe out any proprietary code in the Darwin code base. Click below for more information.
2003 GNOME Foundation electionThe first announcement for the 2003 GNOME Foundation Board election has gone out. If you are not a member of the Foundation, and you would like to vote, you have until the end of October to sign up. Nominations for Board members must be received by November 7.
Commercial announcements MailStripper 1.1.1 releasedEridani has announced version 1.1.1 of MailStripper, an email spam filtering application.
IBM and Reuters turn to Linux for support of Reuters Market Data SystemThe latest IBM press release announces support for Reuters Market Data System (RMDS) on IBM eServer xSeries and BladeCenter hardware running Linux.
Lindows.com launches developer programLindows has announced a new program intended to inspire developers to create applications for the LindowsOS distribution. To that end, the company has created a new "LindowsDeveloper edition" and a free publication service. There is also a mechanism for getting applications integrated into the "Click-N-Run Warehouse."
SCO gets $50 millionThe SCO Group has announced the receipt of $50 million in financing from BayStar Capital. "The increase in cash will significantly enhance the overall financial strength of SCO while providing substantial additional funding for business objectives including future UNIX and SCOx Web Services software development, new strategic partnerships, and protection of the Company's UNIX intellectual property and related programs." Those of you who have been missing the always-amusing SCO teleconferences will be glad to know that one is happening today (Friday) at 12:00 US/Eastern time.
Notes from the SCO conference callThe SCO conference call followed the usual lines; everything is going great for SCO. Some of the more interesting points: the $50 million from BayStar will be expensive; after a year it requires an 8% dividend. That dividend will increase 2% per year up to a maximum of 12%. SCO is pleased with its discussions with SGI; the removal of 200 lines of code by SGI was presented as a victory. No mention of XFS. Darl McBride said that they didn't see starting any other potential litigation against Unix vendors, but that they have several thousand customers with end-user Unix licenses. SCO apparently sees some opportunity to go after those end-user licensees for their use of Linux. Once again, it is made clear that SCO is not a good company to sign a contract with.The 8K filing on the BayStar deal is now available; we'll be looking at it shortly. Update: that look is now complete; click below (subscribers only) for our summary.
Breakthrough Results with SGI Altix at NASA AmesHere's a press release (click below) from SGI about large-scale SGI Altix 3000 systems, running Linux, that have been generating breakthrough performance results on scientific applications at NASA Ames Research Center.
SuSE Openexchange server 4.1SuSE has announced the forthcoming release of OpenExchange 4.1, its "complete messaging and groupware package." New features include a WebDAV interface, support for calendar and contact information, and more.
Resources EDRI-gram newsletterThe October 22 EDRI-gram newsletter is available, with coverage of issues relevant to digital civil rights in Europe. Topics this time around include pan-European anti-spam measures, the pending intellectual property enforcement directive (and the 199 amendments which have been filed so far), the proposed EU-wide health care identity card, and several others.
The IDA Open Source Migration GuidelinesIDA (Interchange of Data between Administrations) has published recommendations on how to migrate to Open Source Software (OSS)-based solutions. "These guidelines have been designed to help public administrators decide whether a migration to OSS should be undertaken and describe, in broad technical terms, how such a migration could be carried out. They are based on practical experience of a limited number of publicly available case studies, and cover a wide range of management and technical concerns." (Thanks to A.Ismael Olea González)
LDP Weekly NewsThe October 22, 2003 edition of the Linux Documentation Project Weekly News is out. Take a look for the latest documentation updates.
Event Reports ILC 2003 proceedings availableThe news and reports from the ILC 2003 International Lisp Conference are available.
Second Netfilter Development WorkshopA web site has been put together to document the 2nd netfilter developer workshop which took place in Budapest, Hungary on August 18 and 19, 2003 Thanks to Harald Welte.
Upcoming Events ApacheCon 2003 speakers announcedThe Apache Software Foundation has sent out a press release listing the speakers for ApacheCon 2003, which is happening November 16 to 19 in Las Vegas (next to Comdex). The keynote speakers will be Chris Pirillo and Doc Searls; many other speakers are on the schedule, see the PR for the full list.
EclipseCon 2004 announcedThe EclipseCon 2004 has been announced. "Eclipse, the open community and consortium for universal tools integration, announces EclipseCon, a new technical conference that will take place February 2-6, 2004 in Anaheim, CA. Produced and managed by Eclipse consortium member the Object Management Group, EclipseCon brings together the Eclipse ecosystem: developers, software architects, technical managers, systems integrators, thought leaders, and other software development tools producers and consumers using or interested in learning about Eclipse technology."
SANE 2004 Call for PostersThe 4th International SANE Conference is less than a year away. The next System Administration and Network Engineering Conference will be held September 27 - October 1, 2004 at the RAI Centre in Amsterdam, The Netherlands. This is a call for Posters. "The SANE Posters provide an excellent forum for authors to present their work in an informal and interactive setting. Posters are ideal for presenting speculative, late-breaking results or for giving an introduction to interesting, innovative work. Posters are intended to provide authors and participants with the ability to connect with each other and to engage in discussions about the work."
YAPC::NA::2004 Dates Set (use Perl)According to Use Perl, the YAPC::NA::2004 conference will be held in Buffalo, NY on June 16-18, 2004.
Events: October 23 - December 18, 2003
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||