LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for February 12, 2004A grumpy user's browser reviewAn LWN editor's job requires spending vast amounts of time each day operating a web browser. As a result, we have become very sensitive to browser features which make it easier to get things done - or which get in the way. In an effort to find a better tool for the creation of LWN, your editor decided to spend some serious time working with some of the current crop of web browsers. With luck, it was hoped, the least evil browser could be identified and used on into the future.One note before we get going: Konqueror is not included in this review. Konqueror is a highly capable browser (and file manager) which is worthy of consideration, but it suffers from one fatal flaw (from your editor's point of view): it will not run without the whole KDE infrastructure running behind it. Your editor is not currently a KDE user, so Konqueror is not an available option. This effort was motivated at this time in particular by the announcement of the Mozilla Firefox 0.8 release. Firefox is the new name for the browser formerly known as "Firebird." Those who are curious about the name change can peruse the "brand name FAQ" and this weblog entry describing the lengthy process involved in changing the browser's name. We'll start, however, with Galeon, which has been your editor's browser of choice for some time. Galeon has been slowly falling out of favor, however, since the 1.3 branch was begun and all the work that went into making 1.2.x a top-quality power user's browser was thrown away. Galeon 1.3 suffers from the GNOME "don't confuse those poor, helpless users by letting them configure things" disease - though it is possible to have more control if you know the proper secret gconf registry codes. Even so, some nice 1.2 features, such as the ability to configure the toolbar for maximal functionality in minimal space or remembering the preferred zoom level for each site, are still missing. The real problem with 1.3.x, however, is the seemingly endless series of Weird Bugs. The bookmark editor has not worked well for a long time, and rearranging bookmarks can result in strange little windows with URLs in them floating across the screen long after the user has moved on to other tasks. The "type ahead find death grip" has caused your editor to put his fist through more than one monitor while attempting to fill in web forms. The browser grows without limit; it usually has to be killed and restarted around when it hits 200MB or the entire system slows to a crawl. Despite all these complaints, Galeon has served well for a long time, and will be a hard browser to beat. The Mozilla Firefox 0.8 release is easy to download in binary form and install. The initial impression it made was not the greatest, however; Firefox appears to be unable to find or use the beautiful Bitstream Vera antialiased fonts that Galeon uses so happily. The result is an ugly, hard-to-read screen which is reminiscent of the old Netscape 4.x days. Firefox behaves this way on Debian sid and Red Hat Linux 9 systems. Comments from others suggest that this is a problem that can be overcome, but it is clearly not a straightforward thing to do. Update: as noted by a few commenters, the fix is to install the "gtk2+xft" version; it can be found on the FTP site but is not mentioned on the download page. The browser also makes an immediate impression, however, for its speed. Even when freshly started, current versions of Galeon are not so zippy on your editor's desktop. Firefox seems robust; a day's worth of serious browsing failed to turn up a single site which crashed the browser or which did not render properly. Most of the features one has come to expect in a modern browser (tabbed browsing, search fields, printing, bookmark editing, password management, javascript, history tracking with search, etc.) work well. Firefox gives a relatively high degree of control over things like popup windows and active content; there is a list of actions which can be allowed or denied to Javascript scripts, for example. Firefox has far more theme support than the other browsers reviewed. The browser's process size appeared to stabilize at "only" 98MB; huge by any rational standards, but Galeon has a hard time putting up its splash screen with that much space. Firefox appears to have a solid base at this point. That said, some things are missing. At the top of your editor's list is the ability to control image animation. One forgets how annoying the web can be with things bouncing around the screen; Firefox provides no evident way to turn animation off. The download manager is a little strange; it provides no way to place a file in an arbitrary directory at download time. Instead, you have to choose a single download directory via the configuration dialogs and everything will go there. By default, downloaded files go into the home directory. Control-T creates a new tab, as one might expect, but it comes up blank; Galeon's practice of bringing up the home page in new tabs seems preferable. All of the above items would appear to be fixable with a (relatively) small amount of effort. Firefox may not be ready to displace Galeon from your editor's desktop, but it's not far from that point either. Once this process was begun, it seemed logical to give Epiphany 1.07 a spin as well. Epiphany makes a first good impression; the toolbars are clean and don't take up a whole lot of space, and antialiased fonts are the rule. It's a nice-looking browser. Epiphany, like the other browsers, also offers the usual set of expected features. Epiphany's configuration dialog is the most sparse of the three browsers reviewed here. It does provide control over the toolbars, which is nice, but many other things are missing - including that all-important control over image animation. There also does not appear to be any sort of explicit control over popup windows. Another obnoxious little limitation with Epiphany is that it does not allow a URL to be "pasted" into the browser with the middle mouse button - a feature supported by both Galeon and Firefox. Epiphany 1.07 suffers from the "typeahead find death grip." Given that many users probably do not use the typeahead find feature at all, it sure would be nice to have an (obvious) way to turn it off. Epiphany also manifests some strange behavior when the user types a URL into the location field and there are multiple windows open: completion windows show up on each browser window and must be chased away individually. Epiphany grew to over 100MB during a day of testing, and appeared to be set to continue to inflate. It bloats far more slowly than Galeon, however. Beyond that, however, Epiphany seems stable; your editor could not make it crash. Epiphany is closer to Galeon than Firefox in rendering speed: generally good enough, but not strikingly fast. To try to get a handle on things, we ran an ultra-scientific test: see how long each browser takes to render a local copy of this page, which consists of a huge table listing vulnerabilities and alerts from 2003. Epiphany and Galeon consistently required about 6.5 seconds to present the page; Firefox can do it in 5.4. Perhaps the most striking realization from this whole exercise, however, is just how similar these three browsers are. The fact that they all use the Gecko rendering engine will certainly create a degree of uniformity, but the resemblance goes beyond that. Your editor often had to look carefully to see which browser was in use at any given time. To a great extent, they can be substituted for each other; the differences between them come down to little nits and pet peeves. One might well wonder why three groups of people are working so hard to build complex applications which resemble each other so strongly. If we are going to have multiple Gecko-based browsers, it would make some sense for them to differentiate themselves somehow. Why can't one of them be the power user's browser, providing full control over every aspect of its operation without fear of confusing the user with too many configuration options? Couldn't one of them be an experimental browser, trying out interesting new ways of presenting the web to users? We could dedicate one project to each of those goals, and still have one trying to do the Same Old Stuff in the best way possible. As it is, each of the three browsers reviewed is an advanced and capable application, but it is increasingly hard to find a reason to choose one over another.
SCO updateSCO and IBM had a new day in court on February 6, when a hearing was held to determine whether SCO had complied with IBM's motion to compel discovery. IBM's position is that SCO has failed to comply. As of this writing, the judge has not made a ruling. The preliminary indications from the transcript of the hearing (available on Groklaw, of course) do not bode well for SCO, however.IBM noted in court that SCO is no longer alleging any sort of disclosure of trade secrets on IBM's part. SCO did provide a small number of files and line numbers of Linux code which, it says, violates IBM's contract with SCO. These files were in the expected parts of the kernel: the read-copy-update code, the JFS filesystem, etc. In every case, the code in question was indisputably written by IBM, and is owned by IBM. Some of it is even patented by IBM. In other words, as we have noted in the past, SCO has been pushed back to one of its original claims: that it has the right to control the disclosure of any code which has ever breathed the same air as SYSV Unix. IBM sees this, of course, and isn't making it easy. From the hearing:
The notion is, Your Honor, that somehow IBM is prohibited from
disclosing that code because in some way it is derived from Unix
System Five. What we asked for in our responses is that they tell
us, if that is the theory, exactly where it is in Unix System Five
that the code derives from.
The point, of course, is that code independently written by IBM does not derive from SYSV Unix at all. This point has been fairly clear to people who have been paying attention for some time. For the rest (i.e. SCO and the bulk of the news media), IBM has to work to get the idea across. SCO has also requested permission to amend its complaint against IBM yet again. If this change is allowed, it will modify the case in some interesting ways. Much noise has been made in the wider media about the addition (finally) of a copyright infringement charge. This charge says nothing about IBM's contributions to Linux, however; instead, SCO claims infringement because IBM continues to distribute AIX despite having had its license "terminated" by SCO. Unless SCO can convince a court that IBM has breached its contracts with SCO, this charge will evaporate. The charges of export violations have been fleshed out. It seems that SCO has concluded that IBM's contracts never gave it the right to distribute Unix code in India. Since Linux is clearly available in India, SCO concludes that its contract has been breached yet again. Perhaps most amusing is the new claim of "interference with contract." Those who have been following this case will recall that Novell has made some interesting claims, including (1) that it still owns the Unix copyrights, and (2) that it has the right to keep SCO from terminating Unix licenses. SCO, it seems, sees the shadowy hand of IBM behind Novell's actions, and is now charging IBM with causing Novell to act the way it has. Novell's own interest in the success of Linux seemingly does not enter into this picture. Finally, as noted above, the latest version of the complaint deletes the charge of "misappropriation of trade secrets" which had appeared in earlier versions. Novell, meanwhile, has sent a new letter to SCO in an (undoubtedly IBM-directed) attempt to clarify its view of the "derived works" argument. Novell has dug up some old communications from AT&T regarding its interpretation of the Unix licenses and some changes the company made to make that interpretation more explicit:
AT&T then followed up by adding to section 2.01 a sentence
clarifying that AT&T "claims no ownership interest in any
portion of such a modification or derivative work that is not part
of a SOFTWARE PRODUCT." Even more clearly, the August 1985 edition
of $ echo explained that this "sentence was added to assure
licensees that AT&T will claim no ownership in the software
that they developed -- only the portion of the software developed
by AT&T."
SCO's view of derived works never did seem likely to stand up in Court, but Novell has thrown up yet another obstacle in SCO's path. Novell also pulls out its "override clause" from the asset purchase agreement:
Accordingly, pursuant to Section 4.16(b) of the Asset Purchase
Agreement, Novell hereby directs SCO to waive any purported right
SCO may claim to require Sequent (or IBM as its successor) to
treat Sequent Code as subject to the confidentiality obligations
or use restrictions of Sequent's SVRX license.
Novell directs SCO to take these actions by noon, MDT, February 11, 2004, and to notify Novell that it has done so by that time. That deadline has passed as of this writing. One assumes that SCO did not comply. Novell has also filed a motion to dismiss SCO's "slander of title" suit against it, and another motion to move the case (in case it is not dismissed) to federal court. For those who are curious about the Red Hat (Delaware) case: it remains on hold until the judge gets around to ruling on SCO's motion to dismiss the suit. The wheels of American justice never move particularly quickly, but Delaware seems to be especially slow. The Open Source Development Labs has published another paper on SCO by Eben Moglen; it is available in PDF format. This one is about the Novell suit:
Even if one is unsympathetic to SCO, one can't help but feel sorry
for the quandary its lawyers faced in deciding whether to sue
Novell. Had they not done so, their client's ultimate fate would
have been sealed. But suing Novell destroys SCO's licensing
campaign for the present just as fully.
Finally, Don Marti has noted that the Canopy Group has removed all mention of SCO from its web site and appears to be generally backing away from SCO. Perhaps Canopy, too, sees the end of the game on the horizon.
OSDL Looks at Linux for the Data CenterThe Open Source Development Labs (OSDL) released their second capabilities document for Linux last week, and is asking for input. The Data Center Linux (DCL) Technical Capabilities 1.0 document is about 119 pages long (available in PDF) and defines and rates Linux capabilities needed for Linux in the data center. The DCL Technical Capabilities document is, to say the least, comprehensive.This document has been quite some time in the making. The DCL working group was announced by OSDL in August, 2002. The document contains evaluations for hundreds of Linux features in eight categories; Scalability, performance, RAS (Reliability, Availability, Serviceability), manageability, clusters, standards, security and usability. The evaluations are ranked by maturity level, ranging from "investigation" for projects in the concept phase, to "completed" for features or projects that are available and fully adequate for customer needs. It provides quite a comprehensive picture of the state of Linux for use in the data center, and a roadmap of where it needs to go. We spoke with OSDL CEO Stuart Cohen and OSDL strategic marketing manager Lynn de la Torre about the capabilities document, how it was put together, and what OSDL plans to accomplish with the capabilities document. According to de la Torre, the DCL Technical Capabilities document is designed to help OSDL and its members "solidify our priorities," with regards to Linux usage in the data center, and to get feedback on the priorities listed. She noted that OSDL was interested from hearing from the community at large on the priorities as laid out in the document. We asked de la Torre how OSDL would try to see that the features outlined in the DCL Technical Capabilities document would be implemented, since OSDL doesn't have the resources to do all of the work itself. She said that it would be up to OSDL members and the community to work on the features needed for data center Linux.
What we're doing is trying to leverage our membership as much as
possible. Our membership is growing and we are trying to really drive it
from the point of view of the member companies. If we can all get on the
same page, if you will, that's probably the best way we've come up with so
far to do that.
De la Torre also acknowledged that the scope of this project was much more broad than the Carrier Grade Linux project:
Part of why we have to do a capabilities [document], in the first place and
why we think the first step is prioritization, is exactly for that reason,
which is that the data center is almost what I call 'boiling the ocean,'
it's so broad yet we've gone so deep in our analysis. 350 items is a pretty
large thing to look at, so obviously no technical project can address
something that big so that's why we especially feel that prioritization is
key to go forward.
She noted that OSDL is now looking for public feedback on its priorities for DCL. Anyone interested in participating in the working group can find the details here. She also said that the work done so far by OSDL's members indicates that Linux is ready for the data center, though more mature in some areas than others.
On edge and infrastructure, it's very mature. In database it's emerging and
in some areas it's almost completely there...the overall message is that
it's ready for the data center, especially if you look at 2.6 and some of
the functionality in 2.6.
Since the DCL working group is following a similar path to the Carrier Grade Linux working group, we asked Cohen how successful the CGL project has been:
I think it's been very successful. If you just look at the number of RFCs
around the world that telecommunications equipment manufacturers or
carriers have been issuing related to carrier grade initiatives, it's been
extensive. That work is really an outgrowth of work done by Nokia, Alcatel,
Ericsson, Cisco, MontaVista, so... a number of industry players have been
involved in that definition. That is the biggest reason that NTT joined,
and we have many carriers and other telecommunications equipment
manufacturers interested in participating because they want to take a
leadership position in putting together those requirements and
registrations and specifications going forward.
We also asked Cohen how OSDL's legal fund was progressing, and what happens to the money in the event that SCO doesn't sue anyone. Cohen said that OSDL has raised over $3 million so far with a goal of $10 million. If the money isn't used for legal fees, Cohen said that it will probably be kept in place until the board sub-committee in charge of the fund decides the "best use" for the fund. For those more interested in Linux on the desktop, OSDL has also announced a working group for the Linux desktop. This is in the early stages of development, and Cohen says that anyone is welcome to join, once the project has been officially launched. Cohen said that OSDL would be having the kick-off meeting for the desktop group next week. Like the CGL and DCL working groups, participation should be open to anyone through the mailing lists.
Security Brief items One thing we truly do betterThis EEYE alert describes what looks like a fairly run-of-the-mill Microsoft vulnerability. It is a buffer overflow in the ASN.1 library; the list of software affected includes a few small things like NT 4.0, Windows 2000, Windows XP, Internet Explorer, Outlook, IIS, etc. It is said to be difficult to exploit, but that is not a statement that will bring comfort to many.The interesting thing is that EEYE claims to have reported this vulnerability to Microsoft in July, 2003. Microsoft has only now responded with a fix. In other words, the company left its customers open to a known security bug for a good six months. Free software suffers from far too many security vulnerabilities as well. Some of them are truly serious. Many of them are embarrassing. But it is rare indeed for a hole to remain unclosed for such a long time. Free software developers will, almost without exception, respond to problems much more quickly than that. They know that, should they fail to respond, the community will simply fix the problem for them. We have a lot of ground to cover before our security is even remotely good enough, but that should not stop us from taking some pride in the things we do right.
New vulnerabilities gallery: code injection
libtool - Insecure handling of temporary files
mailman denial of service
mailman: cross-site scripting vulnerabilities
monkeyd: denial of service
mutt: buffer overflow
PHP setting leaks from .htaccess files on virtual hosts
XFree86: buffer overflow
Updated vulnerabilities apache: buffer overflows in mod_alias, mod_rewrite
apache2: Denial of Service vulnerability
bind: cache poisoning
crawl: buffer overflow
CUPS: denial of service
cvs: possible root compromise
ethereal: protocol dissector and other vulnerabilities
Filename disclosure vulnerability in fam
fetchmail may crash on specially crafted message
fileutils/wu-ftpd: denial of service
gaim: remote overflows
glibc: DNS stub resolvers contain buffer overflow vulnerability
GnuPG: ElGamal signing keys compromised
gtkhtml: malformed messages cause crash
iproute: local denial of service
kdepim: VCF file information reader vulnerability
kernel: privilege vulnerability on AMD64
kernel: local root exploit in 2.4.22
kernel-utils: setuid vulnerability
lftp buffer overflows
libpng, libpng3: buffer overflow
mc: arbitrary code execution
mikmod: buffer overflow
mod_python: denial of service vulnerability
mpg123: heap overflow
mpg321: format string vulnerability
mplayer: remotely exploitable buffer overflow vulnerability
Nessus NASL scripting engine security issues
netpbm: insecure temporary files
Net-SNMP: security bugs in versions before 5.0.9
nfs-utils xlog() off-by-one bug
openssh: timing attack leads to information disclosure
perl information leak
postfix: denial of service vulnerabilities
rsync - remotely exploitable heap overflow
Multiple-use vulnerability in Safe.pm
sane-backends: several vulnerabilities
screen: privilege escalation
slocate: buffer overflow
File overwrite vulnerability in tar and unzip
tcpdump: flaws in the ISAKMP decoding routines
Multiple vendor telnetd vulnerability
util-linux: information leak in the login program
vim - modeline vulnerability
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 kernel is 2.6.2. The most recent 2.6.3 prepatch is 2.6.3-rc2, which was released on February 9. This prepatch is large, with many changes merged; the big ones include more network driver cleanup work, a USB update (including the removal of the USB scanner code), the new DMA pool abstraction (covered in last week's LWN Kernel Page), an ACPI update, an NFS update, and more. See the long-format changelog for the details.The removal of the USB scanner code has concerned some readers. It was removed because it is broken and unmaintained, and because the accepted way of driving USB scanners in 2.6 is via the user-space libusb library. 2.6.3-rc1 was released on February 6. This one contained a lot of network driver cleanups, a number of gcc-3.5 fixes, various architecture updates, a big ALSA update, and more; once again, the long-format changelog has the details. Linus's BitKeeper tree contains some architecture updates, a filesystem scalability improvement, some CPU frequency control updates, and a few other fixes. The current tree from Andrew Morton, as of this writing, is 2.6.3-rc1-mm1. Recent additions include a lot of fixes, some performance improvements, but little in the way of new features. The current 2.4 kernel is 2.4.24; the first 2.4.25 release candidate was announced on February 5. The current stone-age kernel is 2.0.40, which was released by David Weinehall on February 8. It contains some security fixes, so if you have any systems still running 2.0 you may want to consider upgrading.
Kernel development news Bringing kgdb into 2.6The kernel development community has long been divided over the topic of interactive debuggers. Many hackers find debuggers to be an indispensable part of their development toolkits. Others claim that debuggers lead people to fix symptoms rather than problems; rather than use such a crutch, these people say, it is better to truly understand the code. Once you have "become one" with the code, finding bugs is not that hard.The latter view is held by Linus Torvalds, who explained his approach in very clear terms back in 2000:
You can use a kernel debugger if you want to, and I won't give you
the cold shoulder because you have "sullied" yourself. But I'm not
going to help you use one, and I would frankly prefer people not to
use kernel debuggers that much. So I don't make it part of the
standard distribution, and if the existing debuggers aren't very
well known I won't shed a tear over it.
The end result is that there has never been support for interactive debuggers in the mainline kernel - at least, for the more popular architectures. The 2.6 kernel is now Andrew Morton's turf, however, and Andrew is more open to the value of debugging tools. In fact, he has carried a version of the kgdb patch in his -mm tree for a long time. Might Andrew merge kgdb into the 2.6 kernel at some point? The answer from Andrew seems to be "maybe":
I wouldn't support inclusion of i386 kgdb until it has had a lot of
cleanup, possible de-featuritisification and some thought has been
applied to splitting it into arch and generic bits. It's quite a
lot of work.
In other words, there is no disagreement with the idea of merging kgdb, but the code needs some work first. Problems include a large number of #ifdefs, and the fact that the patch is relatively intrusive, touching many files. There are also objections to how the debugger works with the virtual memory subsystem, especially for the i386 architecture. All of these problems are probably solvable, given enough development time. The interest in a mainline kgdb is probably high enough that the cleanup work will happen, and kgdb may well be merged; a kgdb CVS repository has been established for those interested in this effort. An eventual merge into 2.6 seems unlikely to carry forward into 2.7, however.
How likely should likely() be?Newcomers to the kernel code base are often surprised by the appearance of (what seems to be) a bunch of calls to functions called likely() and unlikely(). These calls always appear in conditional tests, along these lines:
if (likely(some_condition)) {
/* Do something */
}
In fact, likely() and unlikely() are not function calls at all; instead, they are hints to the compiler. If the compiler knows that one outcome is far more likely than the other, it can optimize the code it generates accordingly. On some architectures, this information can also be encoded into the object code, where it will override the branch prediction normally done by the processor. David Woodhouse noted that the differing interpretation of these directives by different architectures makes it hard to know when likely() and unlikely() should be used. If the result of one of those directives is just a bit of code optimization, they should be used liberally whenever the programmer knows that one outcome will happen more often than the other. On some architectures, however, the cost of guessing wrong is fairly high, and these directives should only be used where the odds are overwhelmingly in favor of one outcome. David's proposal is to replace likely() and unlikely() with a new probable() macro:
probable(condition, percent)
Where "percent" is the programmer's estimation of how often the condition will evaluate true. Each architecture could then decide what to tell the compiler based on the given percentage. Rusty Russell has a more straightforward answer, saying that these directives should be rarely used.
Sometimes, unlikely()/likely() help code readability. But
generally it should be considered the register keyword of the
2000's: if the case isn't ABSOLUTELY CRYSTAL CLEAR, or doesn't show
up on benchmarks, disdain is appropriate.
The "disdain" approach seems more likely to be adopted than a new macro. There will be very few code paths where these directives will make a measurable difference. And the fact is that programmers often guess wrong about which code paths will be taken how often. David would also like to add a probability to the get_unaligned() macro, which is used to access data which might not have the alignment required by the processor. Some architectures can handle any alignment; on those, get_unaligned() expands to a direct pointer dereference. Others require that unaligned access be done via multiple, smaller fetches or stores. Of those, some architectures can fix up an unaligned access attempt in an exception handler, and others cannot. For architectures which can fix unaligned accesses, it might be faster to take an occasional exception if the probability of an unaligned access is small. Adding a probability to the get_unaligned() macro (and put_unaligned() as well) would allow each architecture to optimize those accesses. Whether the resulting performance improvement would justify the effort remains to be seen.
A warning for BSD pseudo terminal usersH. Peter Anvin wants to know if anybody is still using the old BSD pseudo terminal ("pty") interface. These devices show up on most systems as /dev/ptyXX; they were once used for applications like network logins. Most applications on most Linux systems have not used BSD ptys for some years now; instead, the newer /dev/pts devices are used.Peter is asking because he has plans for the pseudo terminal subsystem; he'd like to clean it up, make it more dynamic, and make use of the larger device numbers available in 2.6. The need to maintain compatibility with the BSD interface is, it seems, interfering with that work. So Peter would like to remove the BSD pty interface if possible. There have been a few complaints. The bootlogd utility used by some distributions apparently uses BSD terminals in some cases. Truly old systems may still use the old interface for network logins or terminal emulator windows; this is not functionality that one breaks lightly. Peter may yet find a way to maintain BSD pty support while making his other changes. Even so, the BSD pty interface may be headed toward the end of its life sometime in the 2.7 development series.
Safe sysfs supportIt has long been intended that the sysfs virtual filesystem would contain information about all of the hardware (and more) installed on a given system. Implementation of this intention has lagged in places, however, and there are still parts of the system which lack sysfs support. One of those areas is the frame buffer device code. In an attempt to fill in that gap, James Simmons recently posted a patch adding sysfs support for frame buffer devices; this patch was merged into 2.6.3-rc1.There is only one problem with this patch: it can oops the kernel when frame buffer driver modules are unloaded. The problem is the same one which has afflicted other subsystem sysfs implementations: lifecycle rules. Once a data structure has been exposed via sysfs, user space can hold references to that structure indefinitely. Open sysfs files can persist long after the underlying device has been removed from the system, and long after the relevant module has been unloaded. If the behavior of sysfs-exposed data structures has not been carefully laid out, the kernel can be left holding references to structures or code which no longer exist. This sort of problem hit the networking subsystem hard. Once net_device structures were exposed via sysfs, it was no longer possible to allow individual network drivers to control what the lifecycle of those structures is. As a result, it is now necessary to allocate all net_device structures dynamically, and to let the networking subsystem decide when and how to free those structures. The networking code is also very careful not to access any module code after a net_device has been shut down. The end result is that net_device structures can persist in the system long after the module which created them has been removed. It all works, but the cost was a lengthy cleanup operation which has only now reached something close to completion. The frame buffer patches attempted to do things right from the beginning by making the fb_info structure into a dynamic object. A support function exists to allocate the structure, and it is automatically freed when the last reference is removed. The only problem is that the frame buffer drivers do not use this interface; they allocate and destroy fb_info structures on their own. As a result, in the 2.6.3-rc1 (and -rc2) kernel, fb_info structures can be freed twice (or staticly-allocated structures can be freed once). That sort of error tends to create displays on the frame buffer that the user does not want to see. Fixing this problem requires updating every frame buffer driver to use dynamically-allocated fb_info structures. James has stated his intent to make this change. In the mean time, the "stable" kernel release candidate has a known problem which will require a wide-ranging set of changes to fix. Al Viro, a master of this sort of transition, has grumbled that these changes should have been done in the opposite order, so as to avoid breaking things. Others have complained that this sort of change is too big for a stable kernel series and should have waited for 2.7. Yet another approach, however, would be to use the "class_simple" interface, which was merged in 2.6.2-rc1. This interface makes it easy to retrofit a /sys/class interface into existing drivers without having to deal with some of the more complex lifecycle issues. The interface is straightforward; one starts by creating a class:
struct class_simple *class_simple_create(struct module *owner,
char *name);
The owner argument should almost always be passed as THIS_MODULE; the name will show up under /sys/class. The resulting class can be removed at some later time with:
void class_simple_destroy(struct class_simple *class);
Entries for individual devices can be added with:
struct class_device *class_simple_device_add(struct class_simple *class,
dev_t dev,
struct device *device,
const char *fmt, ...);
Here, class is the class which was created above, dev is the device number for the device, device is a struct device structure for this device (it can be NULL), and the rest is a printk()-style format string to create the name for the entry. The result (on success) is a sysfs directory with exactly one attribute: a file called dev which contains the device number. That is adequate for a tool like udev to create corresponding device nodes. The entry can be removed, of course:
void class_simple_remove(dev_t dev);
The whole thing works without maintaining references into the calling driver, so most of the lifetime rule issues are avoided. More recent changes to the class_simple interface include (in 2.6.3-rc) hotplug support.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Janitorial
Architecture-specific
Security-related
Benchmarks and bugs
Page editor: Jonathan Corbet Distributions News and Editorials Slackware-based Live CDs: SLAX and STUXAs live CDs go, there is plenty to choose from, especially if you are a Debian user, and to a lesser extent, a Red Hat or Mandrake user. But what if your expertise lies in Slackware? Are there any Slackware-based live CDs to carry around and use in case of emergency? Well, the Slackware installation CD itself does serve as a bootable live CD, with basic rescue functions in runlevel 1, but that's not much fun. Instead, Slackware users could consider either SLAX or STUX as a full-featured live CD based on the original work of Patrick Volkerding's famous distribution.SLAX-Live CD (formerly Slackware-Live and only recently renamed to SLAX, due to trademark issues over the name "Slackware") is the better known product of the two. It is developed by Tomas Matejicek in the Czech Republic. After perusing the project's web site and the final product, it becomes obvious that a lot of design effort has been expended to create an aesthetically pleasing distribution. Similarly, much thought has also gone into the selection of included applications, especially since the downloadable ISO image is less than 200MB in size. This makes SLAX useful as a multimedia distribution - on a computer with as little as 256MB of RAM, the entire CD content can be loaded into memory, freeing the CD- or DVD-ROM drive to play media disks with MPlayer (the libdvdcss library is included). Choosing to copy SLAX into RAM is only one of the several available options at boot time. Others include loading the IDE CD-ROM drive with SCSI emulation enabled (for burning CDs), disabling probing for USB or other hotpluggable devices and passing of other hardware and screen related parameters to the kernel. The system then proceeds with a normal boot-up and hardware auto-detection routine. As a proper Slackware-based system, it boots into command line mode and awaits the user to log in. Once done, the user has a choice to run one of the two graphical user interfaces: command "gui" will start up a full KDE session (the latest version of SLAX comes with beta2 of KDE 3.2), while typing "guifast" will launch Fluxbox, suitable for machines with limited processing power. Given the small size of the CD, the number of included applications is on the low side, although the most common KDE applications, as well as KOffice, are all present. Konqueror is the only available graphical web browser, while Kopete is the default instant messenger. You won't find OpenOffice.org, Mozilla, Emacs or Gimp on the CD. One of the more interesting aspects of SLAX is that the author provides instructions and a set of scripts to build a custom CD; these can be applied to any Linux distribution, not just Slackware. The project's web-based user forum is very active, making it the best place to seek help. In contrast to SLAX, STUX GNU/Linux is a fairly new project, created by Giacomo Picconi in Italy. There are two live CDs on offer. The first one (called "STUX") is a full-featured 650MB CD with a complete KDE (including all of the internationalization files), GNOME, WindowMaker, OpenOffice and other major application one would expect to find in a Linux distribution. The second product (called "DINO-STUX") is a small CD reduced to 255MB of data with KDE, KOffice, Mozilla, Samba and Xine, but not much else beyond the base system. Like SLAX, the STUX project also provides tools for building a custom bootable CD image from an existing Linux installation. An interesting point of STUX is the availability of additional packages directly from the distribution's web site. These can be downloaded from within STUX, installed on a hard disk partition and executed from the main menu. The current list of packages is not very long yet, but it should be of interest to gamers as it includes the NVIDIA driver, WINE and a number of free games or playable game demos: Quake I - III, Unreal Tournament, Doom, and Return to Castle Wolfenstein. The list of available packages is updated frequently and the author welcomes suggestions for package inclusion. While talking about Slackware-based live CDs, there are two other related projects worth mentioning. The first is LinuxNetwosix, a specialist live CD designed for system recovery, forensic analysis, penetration tests and other security-related tasks. Created by a 17-year old Italian programmer Vincenzo Ciaglia, LinuxNetwosix 1.0, with kernel 2.6.1 was released and provided for free download last month. The second project is a Slackware-based live USB, called RUNT (an acronym for ResNet USB Network Tester) and designed to run from a 128MB USB pen drive. Developed by the North Carolina State University, RUNT is a complete Slackware Linux on a USB, capable of autoconfiguring networks via DHCP. A boot floppy is required to load the USB kernel modules before loading the rest of the system from the USB pen drive. To sum up: with its good looks, relative maturity and an active user community, SLAX is probably the most likely candidate for being that perfect Slackware-based live CD to carry around in a wallet. It even fits on one of those 80mm mini CDs.
Distribution News Debian GNU/LinuxThe Debian Weekly News for February 10, 2004 is out. This week's topics include the project UTF-8; LILO support for device mapper; KDE support in UserLinux; GCC transition status; aging of "experimental" packages; XFree86 license problems; and more.DebConf4 registration is open. This is the 5th annual Debian Conference, to be held in Porto Alegre, Brazil, May 26 to June 2, 2004.
EnGarde Secure LinuxGuardian Digital has announced a new release of EnGarde Secure Linux with an available 2.6 kernel and lots of other new features.The Guardian Digital Newsletter for February 10, 2004 is out. This issue looks at some of Guardian Digital's small business solutions; the new EnGarde Secure Linux; the new Secure Mail Suite Reviewer's Guide; and more.
Fedora CoreA new schedule has been posted for Fedora Core 2. The delayed "test 1" release is now planned for February 12.Update notices for Fedora Core 1:
Gentoo Weekly Newsletter - Volume 3, Issue 6Here is the Gentoo Weekly Newsletter for the week of February 9, 2004. This week's edition has a call for a dialup developer, introduces a new gentoo-science mailing list and some international forums, and more.
Slackware LinuxThis week the slackware-current changelog has details about upgrades to many GNOME and KDE packages, as well as GIMP, ALSA and several other programs. Also QT 3.3 is in testing, as is Linux kernel 2.6.2.
New Distributions Rox OSRox OS is a Linux distribution which is being designed around bringing a simpler experience to home users. Initially Rox OS will build upon the idea of application directories (AppDirs), that allow for easy drag and drop installation of applications and system utilities, and a simplified file system hierarchy.
Minor distribution updates Buffalo LinuxBuffalo Linux has released v1.1.3 with major feature enhancements. "Changes: The changes in this version are directed towards sysadmins. It can now directly install RPM, deb, and Slackware tgz packages, and also supports bz2 and tar.gz on the fly. The kernel has been upgraded to 2.6.2. The 'newkernel' build feature has been ported to kernels 2.4.24 and 2.6.2. A new Buffalo ISO feature has been added for creating a specialized install CD incorporating both kernel and software package changes."
Compact Flash Linux ProjectCompact Flash Linux Project has released v0.1.3 with minor feature enhancements. "Changes: This release adds a PostgreSQL client. Some minor bugs have been fixed. Busybox 1.00-pre7 is used. Pppd with radius now accounts for traffic in 64 bits. The PCMCIA configuration method was wrong and has been fixed."
KNOPPIXKNOPPIX has released v20040209 with minor feature enhancements.
Linux LiveCDLinux LiveCD has released v1.9.0 with major feature enhancements. "Changes: The Webmin Web Manager and the Shorewall Firewall were added. Linux kernel 2.4.24 is now used. A driver for BeWAN PCI ADSL is included. The documentation in /opt/doc was updated."
QuantianQuantian v0.4.9.3 has been released, with lots of new packages.
Recovery Is Possible!RIP has released v7.1 and v7.2. "Changes: The kernel and some of the software have been updated. The program captive-ntfs has been added to enable read-write mounting of NTFS WinXP partitions. The UDF filesystem support in the kernel was updated, and LVM2 device-mapper support was added to the kernel. There are also a couple of software updates."
slimlinuxslimlinux has released v0.6.0 with minor feature enhancements. "Changes: This release adds mutt 1.0 with IMAP instead of smtpclient and fetchpop. BusyBox is updated to 1.00-pre7 and retawq to version 0.2.2."
ThinTUXThinTUX has released v0.11 with documentation now available in English.
Distribution reviews Linux gets small: LNX-BBC and DamnSmall Linux (Linux.com)Linux.com looks at two small distributions, LNX-BBC and DamnSmall Linux. "These two BBCs are clearly meant for two different purposes. LNX-BBC is the power tool for experienced sysadmins involved in hardcore rescue operations, while DamnSmall is a reasonably friendly miniature general purpose system. If I had a system that required serious network diagnosis or intrusion analysis, I would choose LNX-BBC because of its superb toolkit. If I had a system that needed simple edits to files or just an alternate operating environment, I'd probably go with DamnSmall."
Arch Linux: An End To My Distro Shuffle? (OSNews)OSNews test drives Arch Linux. "Now here's the best part of running Arch Linux, the whole frigging thing just works! Installing XFCE automatically installed everything I needed for XFree86. Fonts are anti-aliased and sized well in both Mozilla and Sylpheed, two programs which typically look hideous in most other distributions I've tried. Getting my sound card working was as simple as installing the alsa-driver with pacman, adding the sound card driver to the list of drivers to load and adding a couple permission lines to another configuration file. Which leads me to another nice feature about Arch. Most configuration only has to be done in a handful of files which are well documented in the installation instructions. No hunting through mailing list archives to get your system up and running."
Spawn of Debian faceoff: final chapter (Linux.com)Linux.com concludes the "Spawn of Debian faceoff" series. "One thing is certain, Debian provides the DNA for some excellent Linux distributions. Mepis emerged as the final victor with a rating of 92. LindowsOS came in second, with an 88, barely nosing out Xandros who scored 87. LibraNet rounded out the field with an 80. Another thing for certain: just looking at the score doesn't begin to do justice to the distributions. They are all very good. In that spirit, I am going to make some special awards that go above and beyond the criteria used for comparison."
Page editor: Rebecca Sobol Development MJPEG Tools for working with Video on LinuxMJPEG Tools is a set of tools for working with video under Linux.
The mjpeg programs are a set of tools that can do recording of videos and playback, simple cut-and-paste editing and the MPEG compression of audio and video under Linux.
Recording is supported for the Zoran based cards like the Buz (Iomega), DC10 (MIRO, Pinnacle), Matrox Marvel cards and the LML33 (Linux Media Labs).
Some of the video operations that can be performed by MJPEG Tools include:
Some still-frame examples show a few examples of the quality that can be achieved from the captured video. Version 1.6.2 of MJPEG Tools was recently announced, change information is in the source code.
System Applications Audio Projects ALSA 1.0.2c releasedVersion 1.02c of the ALSA sound driver is out. The change notice says: "More fixes for compilation problems".
Ogg TrafficThe February 9, 2004 edition of Ogg Traffic is out with the latest Ogg Vorbis audio compression software news.
Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include support for the Fedora Core distribution, new versions of Libsndfile, and several Common Lisp Music components.
Database Software PostgreSQL Weekly NewsThe PostgreSQL Weekly News for February 9, 2004 is available. "There are a number of updates for proposed features for 7.5, but first let's take a look through the list of changes committed to code this past week."
Embedded Systems BusyBox 1.0.0-pre7 releasedBusyBox version 1.0.0-pre7 has been released. "There was a bug in -pre6 that broke argument parsing for a number of applets, since a variable was not being zeroed out properly. This release is primarily intended to fix that one problem. In addition, this release fixes several other problems, including a rewrite by mjn3 of the code for parsing the busybox.conf file used for suid handling, some shell updates from vodz, and a scattering of other small fixes."
Mail Software Siesta Mailing List ManagerSimon Wistow looks at Siesta, a Perl-based mailing list manager program. "By some quirk of fate Greg McCarroll, Richard, and I were all simultaneously 'resting' between jobs. Being fun-loving, crazy people we decided that the most constructive use of time was to congregate at Greg's, drink his booze, and watch Kevin Smith films. Instead, we wrote a mailing list manager. Well, I say "instead", but we managed to do the other stuff too, which explains the Jay-and-Bob-themed test suite."
Printing LPRng 3.8.25 releasedVersion 3.8.25 of the LPRng print system has been released. Change information is in the source code.
Telecom Linux UntetheredBrian Jepson writes about successes and failures involving Linux and wireless modems. "I had a data connection up not long ago with my Merlin G100 for 1 hour and 45 minutes, and experienced 5.2 Kilobytes per second (just over 40kbps) on a sustained download of an 8-megabyte compressed file. I used to go out of my mind when I tried that with a Bluetooth connection on either my Nokia 3650 or Sony Ericsson T68i. But I still swear by Bluetooth for things like sync, remote control, or transferring applications, ring tones, or wallpaper."
Web Site Development Introducing LAMP Tuning Techniques (O'ReillyNet)Adam Pedersen shows how to tune LAMP (Linux-Apache-MySQL-PHP/Perl/Python) applications on O'Reilly. "I'm getting to know far more about servers than I ever wanted to, after hundreds of hours of Google research trying to squeeze/beat performance out of Apache. I do have 15 years programming experience in other areas, and I've reached the conclusion that the only experts in Apache/Linux are the programmers who wrote (and poorly documented) all this stuff. So I've gathered everything I could learn after countless hours of frustration and I'm writing this up in return for the immense amount of help I've received from the documentation of others."
Client and server-side templating with Velocity (IBM developerWorks)Sing Li writes about the Velocity template processor on IBM's developerWorks. "Velocity is a versatile, open source templating solution that can be used standalone in report generation/data transformation applications, or as a view component in MVC model frameworks. In this article, Sing Li introduces Velocity and reveals how you can integrate its template-processing capabilities into your own client-side standalone application, server-side Web application, or Web services."
Tiki 1.8 -Polaris- released (SourceForge)Version 1.8 of Tiki, a web wiki, is available. "Main new features and enhancements: - Databases suported: MySql, PostgreSQL, Oracle, Sybase; - Switch from PEAR::DB to adodb; - Mapserver; - Integrator: Integrate other applications in tiki; - New database independent search engine (use the "search_new" module); - Enhancements in installer, articles, forums, newsletters and wiki, including some new plugins and modules;"
Documentation Documenting your project using the Eclipse help system (IBM developerWorks)Arthur Barr shows how to use Eclipse for documentation purposes. "The Eclipse Platform, which provides a very powerful IDE, includes its own help system based on an XML table-of-contents referencing HTML files. What isn't immediately obvious is that you don't have to write Eclipse plug-ins to use it. Any project can use a cut-down version of the platform to provide professional, easy-to-use, and searchable documentation."
Miscellaneous GNOME System Tools 0.32.0 is out! (GnomeDesktop)Version 0.32.0 of GNOME System Tools has been announced. "A new GNOME System Tools release is out! The g-s-t are cross-platform configuration utilities for unix/linux, among lots of other good stuff, this new release has been mostly dedicated to some UI polishing, fixing a BE/FE communication bug and adding support for PLD 1.1 and 1.99".
Desktop Applications Audio Applications Audacity 1.2.0-pre4 releasedVersion 1.2.0-pre4 of Audacity, an audio editor, is out. "This version fixes many minor bugs found in Audacity 1.2.0-pre3. This is a "release candidate" version. If no new bugs are found, we will release the new stable version 1.2.0 later this month."
WaveSurfer 1.6.2 releasedVersion 1.6.2 of the WaveSurfer audio editor has been released. See the Change History document for details.
Desktop Environments GNOME Desktop & Developer platform 2.4.2 released (GnomeDesktop)GNOME version 2.4.2 has been announced. "On behalf of the GNOME foundation, the release team and all the various maintainers, documenters, translators and bughunters I have the honor of announcing a new point release from the stable series of 2.4.x releases of the GNOME Desktop and developer platform."
GNOME SummaryThe GNOME Summary is out for February 1-7, 2004. Take a look for the latest GNOME desktop news. "This weeks GNOME summary contains news about the new Sound Juicer release, "Vino", the Solutions Linux Gnome Exhibit in Paris, and major changes to jhbuild."
Release: gTask v0.1 (GnomeDesktop)The initial release of gTask has been announced. "gTask is a daemon and client library that allows programs to communicate the progress of certain long running operations (ie downloading files, printing, etc) to a central daemon. This is the first stable release of the core and user interface libraries."
KDE-CVS-Digest (KDE.News)The February 6, 2004 KDE-CVS-Digest is available. Here's the intro: "KStars now has constellation lines. Gwenview is now a KPart, for embedded use in Konqueror. Plus many bug fixes and improvements in KMail and Konqueror."
Desktop Publishing CL-PDF 2.1 and cl-typesetting 0.70 releasedTwo new Lisp-based PDF packages have been announced. "CL-PDF is a Common Lisp library for generating documents in Adobe Acrobat format. It is a standalone library that does not need any Adobe or third-party tools.""cl-typesetting is a complete typesetting system written in Common Lisp, and it is based on CL-PDF for the direct generation of PDF documents. It is intended as an alternative to the TeX typesetting system."
Electronics Gnucap 0.34 releasedVersion 0.34 of Gnucap, a circuit analysis program, is out. "This is primarily a bug fix and compatibility release."
XCircuit 3.2.7 (development) availableDevelopment version 3.2.7 of the XCircuit electronic schematic drawing package is out. "XCircuit-3.2 is the development version of XCircuit. Current work includes the integration of automatic schematic capture (ASG) with Stephen Frezza of Gannon University, and the addition of comprehensive "undo" and "redo" functions. This should keep us occupied for a while."
Financial Applications GNUe TrafficThe February 4, 2004 edition of GNUe Traffic is out with the latest GNU Enterprise news. ""
Games WorldForge Weekly NewsThe February 6, 2004 edition of the WorldForge Weekly News is out with the latest development news from the WorldForge game project.
GUI Packages New FLTK SoftwareThe latest new software releases for FLTK, the Fast Light Toolkit, include new versions of the Table widget, TesselSphere, IFLTK from the Colorado Eiffel Users Group, and SPTK.
The Tk Canvas Widget (Linux Journal)Derek Fountain introduces the Tk Canvas Widget in the Linux Journal. "The canvas widget in the Tk graphical user interface toolkit is a free software tool used to present graphical data. Like the Tk text widget, which I discussed in my previous article, the canvas widget is accessible from most modern scripting languages, including Tcl, Perl and Python. It provides those languages with a best of breed facility for structured graphics work."
Interoperability Samba 3.0.2 Available for DownloadSamba 3.0.2 is the latest stable release of Samba. This is the version that all production Samba servers should be running to take advantage of all current bug fixes.
Vstserver 0.3.1 releasedVersion 0.3.1 of vstserver is out. "Vstserver is a program that must be running when using programs using vstlib. Vstlib is a library that can be used by programs to run windows vst audio plugins under i386linux/i386freebsd/i386solaris/i386etc."
Wine TrafficThe February 3, 2003 edition of Wine Traffic has been published and features a WineConf 2004 Summary.
Mail Clients Two Critical Bugs in KMail 1.6 Detected (KDE.News)Two critical bugs have been found in KMail 1.6. One is related to POP filters and the other to spam filtering and both cause mail loss. They are fixed in CVS and patches are linked on the KDE 3.2 Info Page.
Mozilla Thunderbird 0.5 Released (MozillaZine)Version 0.5 of the Mozilla Thunderbird email and newsgroup application has been released. "This release features Palm address book synchronisation, IMAP performance improvements, better LDAP support, enhanced Netscape 4.x migration, spell check/dictionary improvements, and many other bug fixes and minor tweaks."
Medical Applications OpenEMR with new Practice Management and Reporting Features (LinuxMedNews)LinuxMedNews looks at the latest version of OpenEMR, a medical record system. "OpenEMR now incorporates PostCalendar from PostNuke, and phpMyAdmin for reporting. Create a report with phpMyAdmin, save it and create a web link for the report."
Multimedia Release: GStreamer 0.7.4 ''Wooden Slugs'' (GnomeDesktop)A new development release of the GStreamer streaming-media framework has been announced. "The goal of this release series is to stabilize towards a 0.8 release series which will be part of the GNOME 2.6 releases and hopefully eventually KDE 4.x."
Rhythmbox 0.70 Released (GnomeDesktop)Rhythmbox 0.70, a music player, is out. "This is the first release in the Rhythmbox development series, featuring numerous new features thanks to new developments in the latest development release of Gstreamer."
Music Applications lakai 0.1 releasedThe initial release of lakai, a Linux utility for communicating with an Akai S2000 sampler, is out. "Right now, everything is just shell-based, no GUI yet, and the tools are rather rudimentary, the source is ugly and sprinkled with TODOs and printf's etc. pp., but at least it WorksForMe(tm)."
liblrdf v0.3.5 releasedVersion 0.3.5 of liblrdf is available.
Office Suites OpenOffice.org developers digestWeek 5, 2004 of the OpenOffice.org developers digest has been published.
Digital Photography Building Panoramic Images in The GIMP (Linux Journal)Andrew Burton shows how to use the GIMP to combine multiple photographs into a panoramic image on Linux Journal. "There are two ways to use The GIMP to create a panoramic photo, easy and hard. The hard way is to set up layers out of the different photos, edit filter and layer masks, mess about with transparency and layer them together, manually. The easy way is to use Pandora. Pandora is a plugin for The GIMP that takes photos and tries to match the edges of the photos together, using a best guess at where one photo ends and the next begins."
Video Applications xawdecode [xdTV] 1.9.0 (SourceForge)xawdecode version 1.9.0 is available. "Featuring: Better Lirc support for remotes: new eventmap support added, new xawdecode_cmd commands added; Better methods to schedule records with At and Cron, xdTV can now record AVI files without any codec installed, xdTV become a simple Xvid / uncompressed AVI player, xawdecode TV server and Client : Streaming possibilities through HTTP, and a lot of updates and fixes".
Languages and Tools Caml Caml Weekly NewsThe February 10, 2004 Caml Weekly News is available with the week's Caml language news.
Java Using JUnit With Eclipse IDE (O'ReillyNet)Alexander Prohorenko and Olexiy Prohorenko explore JUnit on O'Reilly. "This article is going to introduce you to JUnit, a tool for project testing and debugging. After introducing the theory of test-driven development, we'll move on to a step-by-step explanation of how you can create your JUnit tests with the help of the popular Eclipse IDE. We'll show how something as simple as a Hello World program can be exposed to a JUnit test."
Eye on performance: Exceptions to exceptions (IBM developerWorks)Jack Shirazi and Kirk Pepperdine explain performance tuning for Java exceptions on IBM's developerWorks. "Java performance enthusiasts Jack Shirazi and Kirk Pepperdine, Director and CTO of JavaPerformanceTuning.com, follow performance discussions all over the Internet to see what's troubling developers. In this month's stop at the JavaRanch, they counter the campfire stories about exceptions with a detailed look at the story behind the story."
Perl Perl 5.005_04 RC1 (use Perl)Version 5.005_04 RC1 of Perl has been announced. Change information is in the source code.
This Week on perl5-porters (use Perl)The January 26 - February 8, 2004 edition of This Week on perl5-porters is available. "This week, a very special summary indeed, because it actually covers two weeks. Two quiet weeks, that is. Read below for new proposals to the Perl 5 language, to its packaging, and for selected bugs and fixes."
This week on Perl 6 (O'Reilly)The February 1, 2004 edition of This week on Perl 6 is out with the latest Perl 6 discussions.
PHP PHP Weekly Summary for February 10, 2004The PHP Weekly Summary for February 10, 2004 is out. Topics include: Enable bcmath by default, HTTP digest authentication in PHP 5, PHP on Netware, SOAP extension, PHP 5.0.0 RC1.
Python When Pythons Attack (O'ReillyNet)Mark Lutz gives some advice to Python programmers on O'Reilly. "Mark Lutz, coauthor of the recently released Learning Python, 2nd Edition, offers tips, gleaned from his first-hand experience as a Python trainer, on the most common programming and coding mistakes that new Python programmers make. For seasoned Python programmers, Mark offers tips on working with Python's larger features, such as datatypes, functions, modules, and classes."
Tcl/Tk Dr. Dobb's Tcl-URL!Dr. Dobb's Tcl-URL! is out for February 11, 2004. Take a look for lots of links to new Tcl/Tk articles.
XML An Introduction to FOAF (O'Reilly)Leigh Dodds introduces FOAF on O'Reilly. "The FOAF ("Friend of a Friend") project is a community driven effort to define an RDF vocabulary for expressing metadata about people, and their interests, relationships and activities. Founded by Dan Brickley and Libby Miller, FOAF is an open community-lead initiative which is tackling head-on the wider Semantic Web goal of creating a machine processable web of data."
Miscellaneous Kodos 2.4.0 ReleasedVersion 2.4.0 of Kodos, a Python-based regular expression tool, is out. "The widget used for the "Group" tab has been changed to allow for the proper display of matches that span multiple lines."
Page editor: Forrest Cook Linux in the news Recommended Reading Kernel comparison: Web serving on 2.4 and 2.6 (developerWorks)developerWorks reports on IBM's kernel benchmarking work. "We've shown that, using a typical test scenario -- Apache/WPT on an 8-way SMP IBM xSeries system -- the Apache server has better scalability and performance on the 2.6 kernel compared to the 2.4 kernel. On the same system under the same workload, the Apache server with 2.6.0-test5 kernel more effectively used system resources and served 5 times more Web pages than the 2.4.18 kernel did."
Red Hat CTO: Can Eclipse End 'Java Apartheid'? (eWeek)eWeek covers an EclipseCon keynote by Red Hat CTO Michael Tiemann. "Tiemann also spoke of the divisiveness between the Java community and the open-source community, claiming that to be one reason Sun Microsystems Inc.'s NetBeans open-source development platform has not taken off and been accepted by as many developers as has the Eclipse open-source development platform."
On the ALSA Track (Linux Journal)The Linux Journal has posted an introduction to the ALSA sound system by Dave Phillips. "Like Linux itself, ALSA began with rather modest goals: Jaroslav [Kysela] simply wanted more out of his Gravis UltraSound soundcard than the existing API could deliver, and he was willing and able to meet the demands of the task. Like Linus Torvalds, Jaroslav eventually found himself at the center of a group of talented developers, all dedicated to the development of a superior audio API for Linux."
Trade Shows and Conferences Sun explains open source at EclipseCon (NewsForge)Here is Joe Barr's latest report from EclipseCon. "Simon Phipps, formerly an IBM employee and for the last two years Chief Technology Evangelist for Sun Microsystems, gave his EclipseCon keynote address Thursday. As you might expect, he took exception to a couple of remarks from Wednesday morning's keynoter, Michael Tiemann of Red Hat. Phipps's talk was on "The Business of Open Source." It was interesting, almost a through-the-looking-glass experience, to hear a suit from Sun stand on a stage and try to explain open source to an audience of mostly proprietary developers. It should be noted that the ballroom where the keynote was given was not far from Disney's Fantasyland."
The SCO Problem Leave poor SCO alone... the poor little lambs (Inquirer)The Inquirer has a long and cynical article on SCO's legal and press campaigns. "Smart money says that SCO will walk out of the courtroom today clutching their backsides, unable to sit down for weeks because of the chewing out they get. Emergency rooms around the world will be filled with people if SCO produces what it claims to have, and people will be so stunned they fall over and hit their heads. Personally, I expect nothing, or at least nothing said, in volumes of obfuscation. With that background, imagine the odds of SCO taking today to launch what appears to be a very lucrative set of claims against IBM. Golly. I would say it is without precedent, but it isn't."
Perth company gives SCO Australia deadline (The Age)The Age covers Leon Brooks's ongoing challenge to SCO's claims. A new letter has been sent by registered mail: "'Take notice that such claims are fraudulent, and unless they are retracted as publicly as they were made, CyberKnights Pty Ltd will vigorously pursue a conviction of fraud against TSG-ANZ,' it said."
Companies Novell/SUSE Saga Part II (KDE.News)KDE.News covers details from the recent Novell/SUSE deal. "As a followup to our previous Novell/SUSE article, we have further good news. Following the completion of the acquisition of SUSE by Novell, SUSE CEO Richard Seibt, who had previously expressed a strong commitment to KDE, has been promoted to president of Novell-EMEA and is now in a position to not only to maintain SUSE's strong KDE support but also to help deploy it more widely around the world."
Linux Adoption German finance unit chooses Linux (News.com)News.com is carrying a Reuters article on another European governmental shift toward Linux. "IBM said that the finance ministry department, which is responsible for paying public sector employees and for managing certain taxes, installed two large IBM mainframe computers that run both IBM's operating system and Linux." Of course, the article also carries the obligatory SCO paragraph.
Munich Open Source Plows Ahead (Wired)Wired takes a look at the difficulties encountered by the Munich administration as it switches over to free software. "Reports in Computerwoche also stated that local vendors who currently code applications for the city were experiencing problems in developing applications for the open-source operating system, since they are more familiar with Windows than Linux. Munich may opt to install an emulation program on city workers' computers that will allow Windows applications to run on Linux."
Legal Lindows.com wins oneHere's another press release from Lindows.com on its ongoing trademark battle with Microsoft. The company states that it has won a ruling in U.S. District Court that "windows" is a generic term and that no amount of marketing can change that. The fight now moves up to the appeals court level.
Interviews Another set of FOSDEM interviewsThe FOSDEM organizers have posted three more interviews with people who will be speaking at the event. They are Bill Haneman (on GOK and accessibility), Matthias Brossard (Cryptonit), and Dave Cross (Perl).
Reviews Automating Security with GNU cfengine (Linux Journal)Linux Journal looks at the sysadmin tool, cfengine. "Once cfengine is installed (from www.cfengine.org) and running, making changes to your group of systems becomes almost as easy as changing a single system. This gives you more time to decide what to do and how to do it, something that remains the primary responsibility of an administrator to this day."
Introduction to the Firebird Database (Linux Journal)Linux Journal takes a look at the Firebird database. "Firebird originally started its life as the Borland InterBase database. As the product reached version 6.0, Borland decided Borland the product was going to be aged out, and so the code was released under an open-source license. Later on, however, Borland apparently had a change of mind about aging out the product. To this day, internally, Borland continues to develop the InterBase database, with the latest version being 7.1. Firebird 1.0 essentially was the open-source code behind InterBase 6.0. As of this writing, the first major development effort of the Firebird branch is Firebird 1.5."
Review of Mozilla Firefox 0.8 from the Perspective of a Galeon User (MozillaZine)MozillaZine points to this article by Dave Whitinger, reviewing Mozilla Firefox 0.8. "Has Mozilla Firefox finally broken the speed and stability barriers in order to bring about a browser change to this long-time Galeon user? After all this time, Firefox finally won me over and caused me to change my regular web browser."
KDE is so cool because... (NewToLinux)NewToLinux.org has a series of articles looking at different features in KDE. So far there are three complete articles: Managing Websites, Extending Konqueror with View Profiles, and Using KPrinter in Any App.
Page editor: Forrest Cook Announcements Non-Commercial announcements Linux Crypto Software Gets FIPS 140-2 ValidationThe US and Canadian governments have approved MOVEit Crypto Linux by Standard Networks as fully meeting the stringent requirements of Federal Information Processing Standard 140-2. This makes MOVEit Crypto one of the first FIPS 140-2 validated cryptographic software products available for Linux.
New Dazuko brings more security to Linux operating systemsThe "Dazuko" kernel module, developed by the open source community together with the German security specialists H+BEDV Datentechnik GmbH, is now available for the FreeBSD operating system. This module provides on-access virus scanners as well as other 3rd-party security tools can be integrated with Linux and now FreeBSD.
New Evans Data Study Reports on North American Software Development PopulationsEvans Data Corporation's new North American Developer Population Study finds that there are more than 1.1 million developers in North America spending at least some of their time working on Open Source development projects.
Keel 2.0 releasedVersion 2.0 of the Keel framework has been announced. "Founders of the open source Keel framework today released Keel 2.0 to the development community. This new version is an upgrade from version 1.0 and dramatically improves the development process for web-based applications. Keel 2.0 is a Java server side meta-framework or "framework of frameworks" that provides standard interfaces for a variety of other open source frameworks and components."
opensurveypilot updateA new version of opensurveypilot, a web-based voting system, is under active development. Version 1.2 is planned for release in May, 2004.
Call for Participation: Rural eDisease Management (LinuxMedNews)LinuxMedNews has published a call for help from the Open Source community for the development of a Rural eDisease Management system.
Commercial announcements MontaVista 2003 ResultsMontaVista Software, Inc. announced it has ended its 2003 fiscal year with revenue growth of 77 percent over the previous year and became cash flow positive in the fourth quarter of 2003.
New Books "Java Examples in a Nutshell, Third Edition" Released by O'ReillyO'Reilly has published Java Examples in a Nutshell, Third Edition by David Flanagan.
New Linux Programming BookJonathan Bartlett has written a book on Linux programming. "It is an introduction to computer science using Linux assembly language. Assembly language was chosen because by learning assembly language you learn how the computer itself operates, not how an individual language operates." The book is available online and in printed form.
'C++ GUI Programming with Qt 3' Book (KDE.News)KDE.News has an announcement for a new book on Qt by Jasmin Blanchette and Mark Summerfield. "Perhaps the recent KDE and Qt releases made you want to contribute to KDE or to start your own Qt/KDE application? Then you may be interested in the new "C++ GUI Programming with Qt 3" book, the first official Trolltech guide to Qt 3.2 programming."
New security book publishedThe book "Security Assessment: Case Studies for Implementing the NSA IAM" has been published.
Resources Free version of HOOPS Stream Toolkit releasedA free version of the HOOPS Stream Toolkit has been announced. "The OpenHSF Initiative today made available the free source-code version of the HOOPS Stream Toolkit (HOOPS/Stream) v10.0, the import/export SDK for the HSF format." HSF is used for sharing engineering graphics.
LDP Weekly NewsThe Linux Documentation Project Weekly News for February 4, 2004 is out with the week's new documentation. "The Hardware HOWTO, by Steven Pritchard, has finally been updated after a long period of inactivity."
LDP Weekly NewsThe Linux Documentation Project Weekly News for February 11, 2004 is available with the latest new documentation releases.
LPI News-letter January 2004Here is the monthly newsletter from the Linux Professional Institute. This issue looks at Evan Leibovitch's article about the United Nations conference, LPI looks at Level 3 tasks, translations, and several other topics.
OSDL releases Linux Technical Capabilities 1.0The Open Source Development Labs has announced the release of the "Data Center Linux Technical Capabilities" document, and is asking for feedback from the community. It's another shopping list from OSDL's members, of course; they are presumably hoping that, by opening up the process of creating the requirements document, they can bring about a better reception for Data Center Linux than the Carrier Grade Linux effort got.
New Linux Audio SoftwareDave Phillips has updated his list of Linux audio applications and resources on linux-sound.org.
Contests and Awards Perl Accepted For BCS Programming Competition (use Perl)According to Use Perl, Perl is now allowed as a language choice for the BCS programming competition. "For the first time ever, the British Computer Society have been convinced to allow competitors in their annual UK programming competition to code entries in Perl. Entry for the first round closes on the 20th February."
QtForum.org Announces Qt Developer Contest (KDE.News)A Qt Developer Contest has been announced. "QtForum.org, the independent Qt community Website launched October 2003, today announced the QtForum.org Developer Contest. The subject for the contest is edutainment." Several cash prizes will be awarded.
ActiveState Perl Haiku ContestThe winners of the ActiveState Perl Hiaku contest have been announced. We like this one:"ugliness that grows into beauty inside of your favorite shell"
Upcoming Events Maddog and Stallman at the GNU/Linux SummitThis year's GNU/Linux Summit presents top speakers Jon "Maddog" Hall and Richard Stallman. The GNU/Linux Summit will be held February 26 - 27, 2004 in Helsinki, Finland.
Free Software 2004 (Register)The Register reports that the Free Software Forum 2004 call for papers is out. Proposals are due by March 7, 2004.
Open Source in Government ConferenceThe Open Source in Government Conference will be held in Washington, DC on March 15-17, 2004.
Linux Installfest workshop in Davis, CAThe Linux Users' Group of Davis will hold another Linux installfest on February 15th in Davis, CA.
Call for Participation for Nordic Perl Workshop (use Perl)A call for papers and open registration have been announced for the Nordic Perl Workshop 2004. The event will take place in Copenhagen, Denmark on March 27 and 28, 2004. Papers are due in by February 15.
PyCon 2004 - Second Annual Python Developers ConferenceA press release has been sent out for PyCon 2004, the second annual Python developers conference. "PyCon 2004, the second annual Python developers conference, will be held at George Washington University's Cafritz Conference Center in Washington DC on March 24-26, 2004. Mitchell Kapor, founder of Lotus Development Corporation and the Open Source Applications Foundation, will be the keynote speaker."
LinuxWorld Conference & Expo Opens Call For PapersIDG World Expo has issued a Call for Papers for the LinuxWorld Conference & Expo, taking place at San Francisco's Moscone Center, August 2-5, 2004. Proposals are due by February 27, 2004.
Events: February 12 - April 8, 2004
Web sites Planet Lisp's new URLThe Planet Lisp site has been moved to a new URL.
Perl Beginners' Site News and Activity (use Perl)Use Perl mentions a need for help on the Perl Beginner's Site. "We could use more book reviews and more links. The Wiki is based on an implementation which is a non-portable JavaScript hell and unreliable. (We are planning to switch to TWiki or something else soon). Finally, it is posssible that the site's design is too conventional and unattractive and as such could use a re-structuring of the page."
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Page editor: Forrest Cook Letters to the editor usage of "Free" in RHEL article
Hi,
BBC faux pas
Hi, Stephen; I have no direct email address for you, so I post this here
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||