LWN Weekly Edition
Leading itemsSecurity
Kernel development
Distributions
Development
Linux in the news
Announcements
Letters to the editor
->Multipage format
This page
Previous weekFollowing week
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for April 8, 2004The first X.Org releaseThe X.Org Foundation has announced the release of X11R6.7. This is, in some sense, a relatively minor release
with little in the way of new features (see the release
notes for the details). It is, however, a milestone in the development
of the X Window System, and worthy of note.
Readers of LWN will be familiar with the tensions which have stressed the XFree86 project over the last year. There have long been disagreements over how the development of X should be managed, and core developers have been leaving the project for some time. The issue came to a head with the the adoption of the XFree86 1.1 license, which is widely seen as being incompatible with the GPL. That move led to the formation of the X.org Foundation under the umbrella of FreeDesktop.org. It also led to many distributors saying that they would not incorporate the XFree86 4.4 release. The X11R6.7 release is the first official release from X.Org, though some distributions (e.g. Fedora Core 2 Test 2) have incorporated pre-release versions from the Foundation. It is intended to be a transitional release, a way for distributors to move over to the new code base. As such, it deliberately does not include much in the way of radical new changes. There will be a couple more X11R6.x releases this year which will add more new stuff. The real plan for the future, however, is to split the X release into a number of components, including the server, client libraries, and applications. This split will allow each part of the system to progress at its own pace; it will be possible to release support for the latest graphics hardware without dragging along all of the applications as well. The X hackers have all kinds of schemes for reworking the server and the X protocol to better support modern 3D hardware to to get Linux, finally, out of its old, two-dimensional world. Conventional wisdom says that forks in free software projects are a bad thing. But one of the valuable aspects of free software is that it can be forked. The X fork looks like a necessary one; with luck it will lead to a reinvigorated development process and good things for the future Linux desktop.
First SELinux impressionsWith the recent release of the second Fedora Core 2 test, many users are getting their first exposure to Security Enhanced Linux (SELinux). We decided to take a look at SELinux in Fedora Core to give readers a taste of what's to come.SELinux introduces new layers of security, enforced by the kernel, in addition to the standard Discretionary Access Control (DAC) model that Linux users are already familiar with. The DAC model applies security based only on a user's identity and the permissions associated with files and processes. SELinux adds Mandatory Access Control (MAC) over processes and files based on a policy set by the administrator, rather than based solely on user or process identity. SELinux also provides Type Enforcement (TE) for files and devices, otherwise known as "objects," and Role-Based Access Control for users and processes. TE in conjunction with Role-Based Access Control (RBAC) provides the ability to set policies based on the type of object, rather than its DAC permissions. The practical upshot of this is that a user or process must not only have the appropriate DAC permissions to access an object, but also must meet the RBAC requirements to access an object. It's important to note that SELinux does not do away with the standard DAC model. For example, if a normal user attempts to execute a file owned by root with the mode 500, they will be denied the ability to do so without SELinux features coming into play. However, SELinux goes beyond that level of control. For example, an administrator can set policy that prevents a user from granting access to files to other users even if that user owns the file. To paraphrase Spider Man's tagline, with great power comes great complexity. Getting up to speed with SELinux tools and policy will take some time. While SELinux gives an administrator a greatly enhanced security toolbox, it also complicates the job of administrating a system. The integration of SELinux adds a number of new programs and configuration files for the administrator to familiarize themselves with, as well as adding new options to familiar programs like ps and ls. It is safe to say that the syntax for SELinux's policy configuration files is less than user-friendly. Administrators who plan to tweak the SELinux policy settings should plan to set aside a fair amount of time to learn the syntax and procedure for updating policy. To edit a system's policy requires the administrator to edit one or more of dozens of configuration files under /etc/security/selinux/src/policy, then compile and load the new policy using make. Users should also be aware that the additional security checks involved with SELinux may come at the price of a performance impact. The Fedora SELinux FAQ notes that SELinux decreased performance by 7% for "completely untuned code" when SELinux was last tested and may have become worse due to changes made since then. Of course, a 7% drop in system performance is generally considered preferable to a 100% compromised system. Administrators considering SELinux should note that it may limit their choice of filesystems, at least with Fedora's implementation. The popular ReiserFS in Fedora does not support file labeling, making it unsuitable for use with SELinux. This writer also found that the ability to turn enforcement on and off, using "setenforce" is quite invaluable during SELinux testing. It is possible to disable logins to a system simply by setting /etc/passwd's security context incorrectly. For those who don't want to jump into SELinux with both feet, setting the enforcement policy to "permissive" will cause the system to print warnings whenever access to an object would have been denied, but to not restrict any access beyond what the traditional discretionary controls dictate. For the most part, the end-user experience is, with luck, largely unchanged. Though some users have reported problems with various end-user applications not working with SELinux enabled, this writer did not encounter any problems using FC2 on the desktop or at the shell for normal work. Despite its complexity, SELinux shows a great deal of promise for improving the overall security of Linux systems. It seems likely that the tools for creating and customizing SELinux will improve over time and make the task less difficult. Even at the current level of complexity, it would be well worth an administrator's time to learn and deploy SELinux for systems that are directly connected to the Internet or other hostile environments.
Motion in Red Hat v. SCOAfter a lengthy period of inactivity, there has finally been a bit of movement in Red Hat's lawsuit against SCO. The news is mixed.SCO's motion to dismiss the case was denied; Judge Robinson reached the reasonable conclusion that Red Hat did, indeed, have reason to fear a lawsuit from the SCO Group. So the case will go forward; SCO will not be able to shake it quite so quickly. This case will not go forward anytime soon, however. Instead, it has been put on hold until the IBM case is worked out. Both sides have to file every 90 days giving their view of the state of the IBM case. If that case looks like it is not going anywhere, the court may restart the Red Hat case. For now, however, the Red Hat suit is suspended. Given the speed at which things have moved in this case to date, it may be hard to tell the difference. This ruling does, however, free SCO from the need to fight on this front for now; SCO can concentrate its resources on the IBM, Novell, DaimlerChrysler, and AutoZone suits. Plus any others that SCO might, in its wisdom, decide to file. That should be enough to keep the lawyers busy for a while. (See Groklaw for more information).
The User-Accessible Filesystem Hierarchy StandardThe User-Accessible Filesystem Hierarchy Standard is a proposed standard which has recently been put forward for wider review. The problem this standard attempts to address is: how do users of desktop Linux systems install software for their personal use without using the root password or hosing the system? The problem is real enough; as Linux shows up on more desktops, and more interesting applications become available, people will want to be able to do their own installations. Anything which can make those installations easier and safer should encourage desktop Linux adoption. It is not clear that this proposal will do the trick, however.The UAFHS states that every user should have a directory (.system) in their home directory for the installation of personal software. This directory would have the usual subdirectories: .system/bin, .system/lib, etc. The placement of software there would contain it within one subtree and make it easy to find. The standard also suggests the creation of a .config directory under the home directory and moving all application configuration files there. The next problem is that users of a shared system may want to install software for others to use as well. To that end, the standard says that /home/shared/.system should be available and writable for all users. The authors seem to have anticipated one of the possible complaints with this setup:
An additional concern regarding security is that all users will be
able to easily install programs. This is not a security flaw, and
is in fact a way to strengthen security. All users are already
capable of installing software, it is merely difficult.
The argument here seems to be that, since the root password will not be required for software installation, the system will be more secure. The simple fact, however, is that making it easy for unprivileged users to install programs into the path of other users is not the best way to secure a system. This sort of mechanism could easily become a favored way of escalating access to a user account into a full root compromise. This standard also fails to address the real issue. Unprivileged users who want to install software are not much concerned about where it is going to go. They will be far more interested in easy management of installed software. Mixing packages together into one big directory tree does little to help somebody who wants to get rid of things in response to the inevitable "no space left on device" or "quota exceeded" message. This standard says "put software over there," but does not concern itself with how users will actually manage that software. Making software installation easier is a worthy goal. Part of achieving that goal can even be the designation of a target directory for installations. But anybody who wants to concern themselves with making this aspect of desktop Linux easier really needs to be dealing with the package management issue. Creating a version of rpm or dpkg which can do per-user package management could be harder than writing up a proposed standard, but it would do far more to address the issue at hand.
Legislative fun worldwideLinux Australia has published a lengthy position paper on the free software implications of the recently negotiated "free trade agreement" (FTA) with the United States. This agreement uses the trade treaty approach to bring American-style anti-circumvention and software patents to Australia. Linux Australia is now working to prevent the adoption of the FTA, and is looking for help. Among other things, there is an online petition to be signed, but the first priority for Australians is probably to contact their members of Parliament. See the Linux Australia FTA page for more information.Meanwhile, on the European front: there will be a two-day gathering at the European Parliament in Brussels starting April 14 in an attempt to, once again, stop the threat of software patents in Europe; see this press release and the demonstration home page for details. The European Parliament voted against patents on software, but the European Commission and Council of Ministers have the last word - and they are considering a very different course of action. If Europe is going to avoid the imposition of U.S.-style software patents, Europeans will have to make their voices heard. In the U.S., the House of Representatives is busily addressing our pressing national problems by considering the Piracy Deterrence and Education Act (PDEA - available in PDF format). This act calls for the FBI to "facilitate the sharing among law enforcement agencies, Internet service providers, and copyright owners" of information related to file sharing. The Attorney General's office is to set up an "education program" on "the value of copyrighted works and the effects of the theft of such works on those who create them," along with the security risks of file sharing. Most fun of all, however, is the provision for three-year jail sentences for anybody convicted of sharing a single file valued (by the copyright owner) at over $1000. The PDEA has passed the House Judiciary Intellectual Property Subcommittee; no word on when it may be voted on by the entire House.
Security Brief items Red Hat Linux: the end is nearFor those who haven't been paying attention: Red Hat has sent out a reminder that the end of an era is approaching. After April 30, Red Hat will no longer produce security updates for Red Hat Linux 9, the last product in the Red Hat Linux line. If you have systems running Red Hat Linux, you should be well into the execution of your migration plan. We have been getting enough mail asking for articles about Red Hat Linux alternatives, however, that we suspect many sites have not yet figured out what they are going to do.For those still in the planning process, here is a quick summary of alternatives to letting your Red Hat Linux systems go unpatched:
The one option we don't recommend is "do nothing and hope for the best." Many Red Hat Linux users will find this transition inconvenient and annoying. But this whole episode demonstrates one of the great strengths of free software: Red Hat Linux users have several entirely viable alternatives available to them. Users of proprietary operating systems tend not to be so lucky.
Joint Statement about GNU/Linux SecurityDebian, Mandrake, Red Hat, and SUSE have joined together to give a common statement about the Forrester report entitled "Is Linux more Secure than Windows?". "Despite the report's claim to incorporate a qualitative assessment of vendor reactions to serious vulnerabilities, it treats all vulnerabilities as equal, regardless of their risk to users. As a result, the conclusions drawn by Forrester have extremely limited real-world value for customers assessing the practical issue of how quickly serious vulnerabilities get fixed."
New vulnerabilities clamav: denial of service
fte buffer overflows
heimdal cross-realm vulnerability
interchange missing input sanitizing
racoon: failure to verify signatures
shar: buffer overflow
xine-ui - insecure temporary file creation
Updated vulnerabilities courier - Remote buffer overflow vulnerabilities
emil: Buffer overflow and format string vulnerabilities
ethereal - multiple vulnerabilities
Filename disclosure vulnerability in fam
fetchmail may crash on specially crafted message
gtkhtml: malformed messages cause crash
iproute: local denial of service
kdelibs: cookie disclosure
kdepim: VCF file information reader vulnerability
kernel: local root exploit in 2.4.22
Linux kernel 2.2.10 failing function and TLB flush vulnerability
kernel-utils: setuid vulnerability
libpng, libpng3: buffer overflow
libxml2 - arbitrary code execution
mailman denial of service
mc: arbitrary code execution
metamail: integer and buffer overflows
mikmod: buffer overflow
mod_python: denial of service vulnerability
monit: buffer overflow and DOS
mozilla: multiple vulnerabilties
mpg321: format string vulnerability
mplayer: remotely exploitable buffer overflow vulnerability
Nessus NASL scripting engine security issues
netpbm: insecure temporary files
oftpd - denial of service
openldap: denial of service
openssh: timing attack leads to information disclosure
OpenSSL: denial of service vulnerabilities
pam-pgsql - missing input sanitizing
perl information leak
postfix: denial of service vulnerabilities
PWLib: possible Denial of Service
python: buffer overflow
samba privilege escalation
squid - vulnerability in URL decoding
sysstat: temporary file vulnerability
File overwrite vulnerability in tar and unzip
tcpdump: flaws in the ISAKMP decoding routines
tcpdump: ISAKMP payload handling denial-of-service vulnerabilities
Multiple vendor telnetd vulnerability
util-linux: information leak in the login program
Page editor: Jonathan Corbet Kernel development Brief items Kernel release statusThe current 2.6 kernel is 2.6.5, which was announced by Linus on April 3. Changes since -rc3 include another ALSA update, some architecture updates, and various fixes.Linus's BitKeeper repository has no new patches; he is off the net for the week. In its place, Andrew Morton has put together a "merge candidate" tree, the current release of which is 2.6.5-mc2. This tree contains the laptop mode patches, a set of ReiserFS updates, IPv6 support for SELinux, the lightweight auditing framework (see below), the POSIX message queues patch, the fcntl() file_operations method (covered here last month), some virtual memory improvements, non-exec stack support, various architecture updates, and lots of fixes - 207 patches in all. The current -mm tree is 2.6.5-mm2; recent additions to -mm include some software suspend fixes, an autofs4 update, and more fixes. The 4G/4G virtual memory patch has been dropped for now; it was suspected of causing some problems, and it gets in the way of the other virtual memory work being done. The current 2.4 prepatch is 2.4.26-rc2, which was released by Marcelo on April 5. This patch adds a relatively small number of fixes, including adds some IDE updates, and an XFS update.
Kernel development news A new device naming schemeA recent posting on linux-kernel announced the creation of a new mailing list, hosted at OSDL, for the discussion of device naming schemes. The Linux Standard Base does not currently specify device names, but its maintainers would like to change that. To that end, they are seeking input on how devices should be named on Linux systems.The discussion, so far, has centered around a proposal (available in PDF format) from SUSE. Its purpose is to create a set of persistent device names which will remain valid even in a hotpluggable world where the hardware configuration can change at any time. To that end, the proposal creates a version of /dev which is radically different from anything seen on current Linux systems. All of the current device names found in /dev are relegated to the category of "compatibility names." They will still exist, but the proposal suggests that they should be maintained by udev, rather than being a static part of the system. The new names, instead, will all be found in subdirectories under /dev. Disks will be in /dev/disk (with a "k"), and the obvious things will be found in other directories, such as /dev/printer, /dev/cdrom (these, evidently, are not "disks"), or /dev/modem. The proposal calls for another level of subdirectories before you find any actual device names. Each of the /dev subdirectories would be further divided into by-path, which names each device by how it is connected to the system; by-serial, which uses the device's model name and serial number; by-uuid, which uses a device's "universal unique identifier"; and by-label, which uses a device's filesystem label. Thus, a system's root partition might have all of the following names:
The use of multiple names for the same device does not sit well with everybody; fears have been expressed that it could confuse users and applications which perform user-space locking by device name. The by-path names were received critically; since the path can change on a modern system, those names will never be persistent. There were also complaints about by-label and by-uuid; those names are meant to allow Linux systems to find and mount disks regardless of their position in the device hierarchy, but the mount utility already implements that functionality. While there have been complaints about the SUSE proposal, there have not, thus far, been a lot of alternatives put forward. Something, however, is clearly going to have to change. A Fedora Core 2 Test 2 system has almost 19,000 entries under /dev; this mass of names can only get larger and increasingly unmaintainable. And it fails to address the dynamic nature of devices in modern systems. Device naming looks to be an interesting issue for some time to come.
Capabilities in 2.6The kernel capability mechanism gives (relatively) fine-grained control over what actions any given process can perform. The various capabilities include the ability to override file permissions, send signals to other processes, bind to low-numbered ports, and many other tasks. There have been visions over the years of exporting capabilities to user space and eliminating the "all-powerful superuser" concept, but none of those visions have been implemented in any sort of widely-distributed sort of way.One of the capabilities is called CAP_IPC_LOCK; it gives a process the ability to lock a region of virtual memory into physical RAM. This capability needs to be controlled; otherwise a rogue process could lock up all of physical memory and effectively shut down the system. There are, however, legitimate reasons for giving this capability to normal users. Programs which handle encryption (such as gpg) would like to lock in some of their memory so that passphrases and clear text do not get written out to swap. Systems like Oracle need the capability to lock in their shared segments (since they do their own paging, essentially) and to be able to allocate large page "hugetlb" segments. To this end, Andrea Arcangeli posted a patch which allows the system administrator to disable CAP_IPC_LOCK checking via a sysctl variable. With those checks disabled, any non-privileged process can lock pages into memory or allocate large-page shared memory segments. Andrea asked for the patch to be incorporated into the 2.6 mainline. The patch inspired some thinking on how best to make certain capabilities available to users. There has been a patch in circulation for a while which simply opens up memory locking to everybody, but which puts a resource limit on the number of pages which can be locked. The default limit is a single page, which works for gpg but which does not easily threaten the system as a whole. With a suitably adjusted limit, this patch should work for Oracle as well - but it does not address the large-page shared memory issue. William Lee Irwin put together a different patch which allows the administrator to turn off checks for any capability via a set of sysctl variables. It differs from Andrea's patch in its generality, but also by virtue of using the security module framework rather than direct changes to the kernel core. Some people seemed to like this patch better, though there was some nervousness about its overall security which led William to add a strong comment and a lockdown capability to the patch. Given that the whole idea behind capabilities was to be able to give specific capabilities to individual users, however, some developers wondered why the current system couldn't be used. To this end, Andrew Morton looked into hacking login to enable it to give capabilities to users. He was not impressed with what he found once he started trying to work with kernel capabilities:
It turns out that the whole "drop capabilities and then run
something" thing does not work in either 2.4 or 2.6. And hasn't
done since forever. What we have in there is no more useful than
suser()...
I must say that I'm fairly disappointed that we developed and merged all that fancy security stuff but nobody ever bothered to fix up the existing simple capability code. Particularly as, apparently, the new security stuff STILL cannot solve the extremely simple Oracle-wants-CAP_IPC_LOCK requirement. It was pointed out that SELinux can, in fact, solve this problem. But that will be little comfort to those who are not yet ready to adopt SELinux for their production systems. The problem may originate from the fact that the visions of fully capability-driven systems involve assigning capabilities to all executables and having a process's capabilities tweaked every time a new program is run. That part of the system has never been merged into the mainline, partly because nobody has ever really figured out how to deal with system administration when every file has another 32 permissions bits added onto it. The end result, in any case, is that the capability subsystem has never worked quite as it should. Given that Andrew is the gatekeeper, chances are good that some sort of fix for that problem will get into the kernel before any sort of more complicated solution to the problem of giving capabilities to users.
The lightweight auditing frameworkOne of the patches in Andrew Morton's "merge candidate" tree is the lightweight audit framework. This patch, written by Rik Faith, is intended to be a way for the kernel to get various types of audit information out to user space without slowing things down, especially when auditing is not being used. The framework is meant to serve as a complement to SELinux; it is already being shipped as a part of the Fedora Core 2 test 2 kernel.There are two kernel-side components to the audit code. The first is a generic mechanism for creating audit records and communicating with user space. All of that communication is performed via netlink sockets; there are no new system calls added as part of the audit framework. Essentially, a user-space process creates a NETLINK_AUDIT socket, writes audit_request structures it, and reads back audit_reply structures in return. The generic part of the audit mechanism can control whether auditing is enabled at all, perform rate limiting of messages, and handle a few other tasks. On the kernel side, it provides a printk()-like mechanism for sending messages to user space. This code also implements a user-specified policy on what happens if memory is not available for auditing; truly paranoid administrators can request that the kernel panic in such situations. The audit patch includes some SELinux tweaks to make it use the audit functions rather than printk() when it has something to log. The audit logging code expects an audit daemon to be running to accept messages via the netlink socket. Code for an example daemon is available in Rik's Red Hat web area. Should there be no daemon running, log messages are simply passed to printk() instead. In addition to the generic support code, the audit patch includes a mechanism for auditing system calls. One gets the sense that this was the real purpose for the patch. System call auditing is off by default, but a suitably privileged user-space process can turn it on and load a whole set of rules describing what should be logged. Rules can test on various attributes of the calling process, including its process ID, user and group ID (both "real" and "effective"), etc. Rules can also be set to fire on accesses to particular devices or files. Finally, there are also tests on specific system call arguments, whether the call succeeds, or for a specific return value. Included with the audit daemon is an auditctl utility which can be used for setting and tweaking rules. The audit mechanism will give system administrators a new tool for looking at what is going on between user space and the kernel. With the addition of some user-space utilities, it could become a powerful facility for tracking down system problems and security issues - or for any number of big-brotherish applications. Expect to see it in 2.6.6.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet Distributions News and Editorials Which is the best distribution?An email from an editor of an online business publication asked a simple question: what is the best Linux distribution for deploying on personal, small business and enterprise desktops, and personal, small business and enterprise servers? Based on user experiences and feedback over the last couple of years, online discussions and general trends among the major Linux distributions, the following would be my recommendations.Personal desktop OS. Xandros Desktop or LindowsOS for not-technical users, and Mandrakelinux or SUSE LINUX for the rest. Both Xandros and LindowsOS have succeeded in bringing the Linux desktop closer to the masses, with many user-friendly enhancements, excellent hardware autodetection and support for popular consumer hardware, such as digital cameras, scanners and wireless network cards. They are excellent for general computing tasks. Those users who need more power will be better off with either Mandrakelinux or SUSE LINUX. These two distributions are a lot more powerful and complete than either Xandros or LindowsOS, and both can be obtained for free from the Internet. Some would argue that Fedora Core should also be considered in this category. However, its lack of out-of-the-box multimedia support, as well as the obvious tendency of its developers to concentrate on enterprise-level features, such as scalability and SELinux, would make Fedora Core a better choice for the enterprise desktop than personal desktop. Small business desktop OS. Fedora Core and SUSE LINUX are both excellent choices. For a small company with a limited IT budget, SUSE LINUX is probably the best choice - it can be downloaded for free and it is one of the most complete and well-designed distributions on the market. Fedora Core 1 has to be the second favorite, its only drawback being its current transition to Linux kernel 2.6 with SELinux functionality, which is far from smooth. Xandros Business Desktop is also an excellent product, but at US$495 for a 5-license pack, it is too expensive to compete effectively with the other two, especially while the company still lacks brand recognition and official support from major hardware vendors. Most recent releases by Mandrakesoft had a reputation for being somewhat buggy, which makes Mandrakelinux a less appealing candidate for a small business desktop, at least until the company improves its quality control mechanisms. Enterprise-level desktop OS. A lot depends on the company's IT budget and the level of desired integration with the rest of its computing infrastructure. If money is no object, it would be wise to get in touch with both Red Hat and SUSE and obtain a quote for a complete solution. If money is tight, Fedora Core is a very good choice - free and well supported by the Fedora community. Having said that, it would be unfair to exclude other vendors - Mandrakesoft is recovering from a financial disaster, so it might be willing to offer an equivalent package for a fraction of the cost of Red Hat or SUSE solutions. Another option is Sun Java Desktop System (based on SUSE), but we don't hear much about this comparatively new product so it is harder to voice an informed opinion. Personal server OS. Debian or Slackware are the hardest to beat. Besides being free, both of them have a reputation as the most solid, reliable and trustworthy Linux operating systems on the market. Their development models ensure superior quality control and both of them enjoy unparalleled community support from many web sites and user communities. Debian has always been the best distribution in terms of upgradeability to new releases, but the inclusion of the "swaret" tool in the latest Slackware means that Slackware can now also be upgraded with one command. Needless to say, both Debian and Slackware pride themselves in providing timely security updates. Small business server OS. Same as above. Although Red Hat Linux and its newly launched Fedora Core are still the dominant Linux operating systems in most server rooms around the world, the company has alienated many users by unpopular policy changes, pushing them towards its more expensive enterprise products. On the other hand, Debian and Slackware have been around for a long time and major policy changes are unlikely. For a small business on a tight budget there really is no reason to spend money on a operating system running its servers, except perhaps in some special circumstances. Enterprise-level server OS. If money is no object and the company requires solid hardware support or the services of Oracle and other third-party commercial applications, then it is probably best to get in touch with either Red Hat or SUSE. In fact, Red Hat and SUSE are the only two Linux distributions which are officially certified and supported by Oracle. Enterprises on a tighter budget could possibly consider deploying Debian on their servers. If support is needed, Red Hat and SUSE are in the best position to offer it, albeit at a price. Third-party commercial support is also available for Debian. Slackware is somewhat less appealing in this category, simply because it might be a lot harder to find support and personnel familiar with the distribution. As always, these kinds of comparisons are bound to raise some controversy and many will no doubt disagree with the choices. Nevertheless, writing things down this way has resulted in an interesting conclusion: SUSE seems to be providing the widest range of products for a variety of scenarios. These vary from its biannual SUSE LINUX releases and specialized Linux Desktop and Office Desktop solutions, to the company's Standard, Enterprise and Openexchange server products. It also has the backing of Novell and its long marketing arm to take on Red Hat. Are the prices too steep? In that case, serious consideration could be given to deploying Debian, especially on servers.
Distribution News Debian GNU/LinuxThe Debian Weekly News for April 6, 2004 contains the final call for DPL votes, a call for DebConf talk ideas, a request for hotplug support, search for packages in the snapshot archive, a few April Fools pranks, and more.The Debian Project has announced that Debian Security Advisories (DSA) have been declared CVE-compatible. "In an effort to cooperate with the Common Vulnerabilities and Exposures (CVE) project to standardise the names for all publicly known vulnerabilities and security exposures, new security advisories[3] have carried CVE names since June 2002. Debian formally applied for CVE compatibility in May 2003." Once known as Debian Internal projects, Custom Debian Distributions are alive and well. Custom Debian Distributions provide a solution for special groups of target users with different skills and interests. Here's an update on the preparation of stable Debian 3.0r3, which now includes several updated kernel packages. The final call for votes in the Debian Project Leader election, is out. All votes must be received by April 10, 2004.
Fedora CoreThe April 1st issue of the Fedora News Updates is available, with news about Fedora Core 2 test 2, the new X.org X11 implementation, SELinux revisited, and several other topics.Fedora has fixed several bugs in gnome-session. This FC1 gaim update solves the history plugin crash, makes Yahoo protocol work, and has "hundreds of other fixes".
Gentoo Weekly Newsletter - Volume 3, Issue 14The Gentoo Weekly Newsletter for the week of March 29, 2004 is available. Gentoo is seeking additional kernel developers and newsletter contributors.
Xandros Launches Business Desktop as Business 30-Day Trial EditionXandros has launched a 30-day evaluation version of the Desktop OS Business Edition. The 30-day evaluation version of the Desktop OS Business Edition is fully functional for 30 days and includes a PDF of the abridged User Guide. The guide includes instructions on installing and configuring Xandros Desktop OS as well as procedures for using the Windows networking capabilities.
Trustix Secure Enterprise Linux 2Trustix has announced a range of pricing models for Trustix Secure Enterprise Linux.
GNOME 2.6 Release available for FreeBSD (GnomeDesktop)Footnotes announces the GNOME 2.6 Release is now available for FreeBSD.
Mandrakelinux update to fileutilsThe version of ls bundled with fileutils and, in later versions of Mandrakelinux, coreutils would segfault on listing directories with a large number of files in them, on the amd64 platform. The updated packages correct the problem.
Slackware LinuxThere are plenty of upgrades this week, according to the slackware-current changelog, including the 2.6.5 kernel in testing.
New Distributions VigyaanVigyaan is a new special-purpose live CD distribution that serves as an electronic workbench for computational biology and computational chemistry. It has been designed to meet the needs of both beginners and experts, with ready to use modeling software. VigyaanCD v0.1 is based on KNOPPIX v3.3. VigyaanCD v0.1-beta was released on March 22, 2004.
Minor distribution updates CDLinuxCDLinux has released stable v0.4.8 with minor bugfixes. "Changes: This release fixes a mount failure problem on some sluggish USB devices. It fixes some bugs in the dhcpcd, iptables, nic-detect, and kernel-module packages. There are many package updates."
Inside Security Rescue ToolkitINSERT has released v1.2.7 with major feature enhancements. "Changes: Using the Multivalent PDF Tools, the included information material was compressed to about half the original size. This made room for avscan (a GUI for clamav) and freshclam. A few small but quite useful tools were also added, including BashBurn, iftop, and bash-programmable-completion. Memtest was updated to its latest version, as was the clamav virus database."
LinVDRLinVDR has released v0.6 with major feature enhancements. "Changes: Kernel 2.6.4 is now used. ACPI support was improved. Several new plugins and patches were added, including graphic LCD, improved OSD, serial buttons, signal strength, vbox, and media detection. The installation system is now faster and smaller and allows user interaction on any state of installation."
MoviXMoviX has released v0.8.3 with minor bugfixes. "Changes: A boot bug has been fixed, so it now boots again from nearly any boot device you can think of. When booting from the hard drive, you get full features with as little as 64MB of RAM. You can automatically install it on disk partitions. French and Russian translations have been improved. Pre-made international ISO images are available in the downloads page."
Recovery Is Possible!RIP has released v8.1. "Changes: The kernel and some software have been updated."
SLAXSLAX Linux has released v4.0.4 with major feature enhancements. "Changes: This release added Xfree 4.4.0, KDE 3.2.1, floppy tools, K3B 0.11.9, and an 845patch boot option for Intel's i845G chipset. The lang= functionality was removed and a load=... boot option that loads all specified modules from the /optional/ directory (eg. load=wine,xmms,lang_fr) was implemented. smbmount was fixed, as were FTP upload directory permissions."
Distribution reviews A quick look at the SUSE 9.1 beta (linux.com)Linux.com takes a look at SUSE Linux 9.1 beta. "OK, so things didn't work perfectly. That's fine. This is a beta. Bugs are expected. Work will be done before it goes gold. Most of the problems I ran into were the result of trying to swim upstream by using Gnome instead of KDE. I expect the glitches will be gone by the time SUSE 9.1 ships. That said, there were still a couple of things I didn't care for."
Just About Right: Revisiting Mandrake 9.2 and Fedora Core 1 (OfB.biz)Open for Business evaluates Mandrake Linux 9.2 and Fedora Core 1. "Fortunately, while neither Fedora Core 1 or Mandrake Linux 9.2 are where we would have liked to have seen them, their successors are just around the corner. Fedora Core 2 is nearly out, and Mandrake Linux 10.0 Official Edition will be out in May."
Page editor: Rebecca Sobol Development Bacula - The Network Backup SolutionBacula is a cross-platform backup solution that licensed under version 2 of the GPL.
Bacula is a set of computer programs that permit you (or the system administrator) to manage backup, recovery, and verification of computer data across a network of computers of different kinds. In technical terms, it is a network client/server based backup program. Bacula is relatively easy to use and efficient, while offering many advanced storage management features that make it easy to find and recover lost or damaged files.
Bacula is a cross-platform project. The server side works on Linux, Solaris, and FreeBSD. The client side works on the above server platforms plus other Unix variants, Irix, MacOS X, and many versions of Windows. Bacula has a fairly length list of features including:
Stable version 1.34.0 of Bacula was recently announced, the code is available on the GNU Directory Listing. If you are looking for an open-source solution for performing network backup functions, Bacula looks like a good package to consider.
System Applications Audio Projects ALSA 1.04 releaseVersion 1.04 of the ALSA sound driver is available with "mostly bug-fixes and cleanups".
Planet CCRMA ChangesThe latest changes from the Planet CCRMA audio utility packaging project include new versions of Spiral Synth Modular, Rosegarden 4, Noteedit, Hydrogen, Specimen, Timemachine, the Caps LADSPA Plugins, STK, Unison, Ocaml, Lablgtk1, Libsndfile, and Libsamplerate.
Database Software Release 2.3 of DbForms is available (SourceForge)Bug fix release 2.3 of DbForms has been announced. "Tired of writing same code again and again? Try DbForms! DbForms is a Java (Servlet,JSP/Taglib) - based Rapid Application Development environment which enables developers to build web based database applications in _very_ short time."
libgda/libgnomedb 1.1.1 releasedVersion 1.1.1 of libgda/libgnomedb, a database development framework for the GNOME environment, is out. "This is another development release in the road to 1.2, which will be the next stable release, and which shows a preview of the new features getting into the 1.2 final release. It is not intended for production use, but by people wanting to experiment with the new features and to help on the development."
libgdamm 1.3.2 releasedVersion 1.3.2 of libgdamm is out with some new features. "libgdamm provides C++ wrappers for libgda for use with gtkmm. libgda is a generic database API with several database provider implementations."
Mergeant 0.50 releasedVersion 0.50 of Mergeant is available. "Mergeant is a database user and administration tool based on GNOME-DB. It allows users to easily manage any database supported by GNOME-DB. This is a development release, the first one after the splitting of Mergeant into libmergeant and the GUI frontend, resulting in a much better architecture."
PL/R - R Procedural Language for PostgreSQLVersion 0.6.0 alpha of PL/R, the R Procedural Language for PostgreSQL, is available. This version features bug fixes, support for the latest versions of PostgreSQL, and improved documentation.
PostgreSQL Weekly NewsThe April 5, 2004 edition of the PostgreSQL Weekly News has been published.
Filesystem Utilities ntfsprogs 1.9.1 released (SourceForge)Version 1.9.1 of ntfsprogs has been announced. "This release is a minor update featuring a mostly rewritten ntfsinfo, mkntfs now creates bootable volumes, some 64-bit architecture fixes and lots of cleanups. Update is recommended for people using 64-bit architectures."
Mail Software New milter.org releasesThe milter.org site lists new versions of milter-spamc, milter-sender and milter-gris.
Web Site Development Gallery v1.4.3 Release Candidate 1 Available! (SourceForge)Version 1.4.3 Release Candidate 1 of Gallery, a web-based photo management system, is available. "This version is a combination of lots of bugfixes and several new features: Lots of bug fixes, minor feature enhancements, and increased security; Gallery works when register_globals is turned off; GeekLog, phpBB2, MamboCMS, and NSNnuke integration; Image watermarking; Fullscreen fit-to-screen slideshow."
Photo Galleries with Mason and Imager (O'Reilly)Casey West makes a photo gallery with Perl's HTML::Mason on O'Reilly. "Creating a photo gallery is usually considered a daunting task. Lots of people have tried it, not many have succeeded. One of the reasons for so many similar projects is that they don't often integrate well into an existing web site. In this article we're going to build a photo gallery using two important components, Mason and Imager. Writing our gallery in Mason will make it much easier to integrate into an existing web site."
Krang v1.014 released (use Perl)Version 1.014 of Krang, an Open Source web publishing system, has been announced. "Krang v1.014, the first public release, is now available. Krang is an Open Source web-publisher / content-management system designed for large-scale magazine-style websites. It is a 100% Perl application using Apache/mod_perl and MySQL, as well as numerous CPAN modules."
Web Services Web services programming tips and tricks: Roundtrip issues in Java coding conventionsRussell Butek and Richard Scheuerle, Jr. present some web services programming tips on roundtripping and data integrity in an IBM developerWorks article. "Java APIs for XML-Based Remote Procedure Call's (JAX-RPC's) Java-to-WSDL/WSDL-to-Java mapping rules do not try to preserve Java constructs during roundtripping. Many constructs are preserved, but not all. This tip describes, in particular, why following Java coding conventions is very important to maintaining the ability to roundtrip."
Desktop Applications Audio Applications abcde 2.1.16 releasedVersion 2.1.16 of abcde, a CD ripping and writing utility, is out with lots of new features.
Muine 0.5.1 announcedVersion 0.5.1 of Muine is out with new backends, bug fixes, improved translations, and more. "Muine is a new music player using some new UI ideas. The idea is that it will be much easier and comfortable to use than the iTunes model, which is used by both Rhythmbox and Jamboree."
Rhythmbox 0.7.2 releasedVersion 0.7.2 of Rhythmbox, a music management system, is out. "Here's a new version in the Rhythmbox development series. We're rapidly approaching 0.8.0. A lot of bugs have been fixed."
Data Visualization DiaCanvas 2.0.12.0 releasedVersion 2.0.12.0 of DiaCanvas, the GTK/Gnome diagramming widget, is out with an improved API, better Python support, and memory leak fixes.
EarthSight 1.0Version 1.0 of EarthSight, has been announced. "EarthSight is an Earth viewer application using NASA satellite imagery". A Linux version is forthcoming.
PyX 0.6.1 was releasedVersion 0.6.1 of PyX, the Python graphics package is available. The Change Log file lists a bug fix and new documentation.
Desktop Environments GNOME Platform Bindings: Release Candidate (2.5.7) (GnomeDesktop)Version 2.5.7 of the GNOME Platform Bindings are available. "murraycu writes "This is the last development release before our totally ABI/API-stable 2.6.0 release on April 12th. Please note that the GNOME Platform Bindings are now in API freeze, so only very important API changes will be allowed before the fully-frozen GNOME Platform Bindings 2.6.0 release, on April 12th."
Revelation 0.3.0 revealedVersion 0.3.0 of Revelation, a password manager for the GNOME 2 desktop, has been released. This version features an integrated password generator, password hiding, ui improvements, code cleanup, and more.
KDE-CVS-Digest (KDE.News)The April 2, 2004 edition of the KDE-CVS-Digest is online. Here's the content summary: "KStars adds ability to use V4L devices. KPilot adds interface to Python and Perl conduits. Kontact adds groupware configuration wizards for Kolab and eGroupware. KWord and KSpread support OpenOffice format natively."
Quick Lounge Applet 2.1.1 released (GnomeDesktop)Version 2.1.1 of the Quick Lounge Applet for GNOME is available. "The Quick Lounge Applet is an applet for the GNOME desktop similar to quick launch for Windows."
New software releases (GnomeDesktop)GnomeDesktop.org has a multiple announcement for new GNOME software. "New releases of the GRAMPS genealogy program, GNOME-IOR 0.3 a GUI for CORBA object reference parsing and object lifeness tests, and the Gnomoradio peer-to-peer music playing system are now available."
Electronics XCircuit 3.2.15 releasedVersion 3.2.15 of XCircuit, an electronic schematic drawing package, is available. Change information is in the source code.
Games New PyGame releasesThe PyGame site lists new versions of KCB, a coloring book application, and LEISERSELT, a game involving snowballs.
GUI Packages Tutorial: Custom Widgets using PyQt (KDE.News)Roberto Alsina has announced the availability of a tutorial on using PyQt. "Everyone who has programmed an application knows that sometimes you create a gadget that can be reused in other situations, and that code reuse is good. In the specific case of GUI applications, often what you would want to reuse is a widget. I wrote a short tutorial explaining how to create easy-to-reuse custom widgets using PyQt."
gtkmm 2.2.11 releasedVersion 2.2.11 of gtkmm, a C++ interface to GTK+, is out." gtkmm 2.2.10 had an incorrect configure-time test, that mistakenly disabled some template code for gcc, used to convert from intermediate C++ containers to STL containers."
SLgtk 0.5.6 and Vwhere 1.2.0 releasedVersion 0.5.6 of SLgtk, an S-Language binding to Gtk2 and GtkExtra, is out. Version 1.2.0 of Vwhere is also included. "SLgtk also includes a visual version of the powerful S-Lang "where" command, extensions to and performance enhancements for several GtkExtra widgets, and a pixbuf loader for the FITS image file format widely used within astronomy."
wxPython 2.5.1.5 releasedVersion 2.5.1.5 of the wxPython GUI toolkit has been announced. "The changes in this version are too numerous to list here, please see the following websites for more details. If you are upgrading from 2.4.x then please do read the MigrationGuide fully before as there are some backwards incompatible changes."
Instant Messaging Gaim 0.76 Released! (GnomeDesktop)Version 0.76 of the Gaim instant messaging client is available with lots of changes. "To prove even further that Gaim isn't dead, you should read the ChangeLog, which is quite extensive."
GnomeICU 0.99.5 released (GnomeDesktop)GnomeICU version 0.99.5 is out. "Its been a long year since the last release, but GnomeICU is not dead... GnomeICU is a Gnome fully featured ICQ client. We are slowly moving towards GnomeICU 1.0, the full ICQ release. This is an intermediate release, so that you, as our beloved users, can enjoy all of the bug fixes that are in our CVS."
Interoperability Samba 3.0.3pre2 Available for DownloadVersion 3.0.3pre2 of Samba has been released. "This is the second preview release of the Samba 3.0.3 code base and is provided for testing only. This release is *not* intended for production servers. Use at your own risk. There have been several bug fixes since the 3.0.2a release that we feel are important to make available to the Samba community for wider testings."
Wine TrafficIssue #248 of Wine Traffic is online with the latest Wine project news.
Mail Clients Perdition 1.14 releasedPerdition 1.14, a Mail Retrieval Proxy, is out. Here are the changes: "Various minor bug fixes and feature enhacements. In particular pid file creation on FreeBSD (and possibly others) has been fixed. A segmentation fault problem in the ldap module has been resolved. And enhanced logging".
Office Suites ooo-build 1.1.52 is availableBuild 1.1.52 of OpenOffice.org is out. "This package contains the Gnome integration work for OpenOffice.org, and a much simplified build wrapper, making an OO.o build / install possible for the common man. It is a staging ground for up-streaming patches to OO.o. The major change in this release is targetting OO.o 1.1.1, which includes a number of bug fixes - particularly a fix for the "occasionally you loose random images" nasty that people suffered too long."
Science JChemPaint 1.9.11 is out (SourceForge)Version 1.9.11 of JChemPaint, a Java 2 program for drawing chemical structures, is available. "This release is mostly a bug fix release, and also includes other minor improvements, like a more efficient Rendering engine and a GUI periodic table for selecting the drawing element."
Web Browsers Mozilla 1.7 to Become New Long-Lived Stable Branch (MozillaZine)MozillaZine reports that the stable Mozilla 1.4 branch will be replaced by the new stable Mozilla 1.7 branch. Mozilla Firefox 1.0, a new milestone of Mozilla Thunderbird, a new Camino release and several third party Mozilla based products will be based on Mozilla 1.7.
Replacing DHTML Menus with XUL (MozillaZine)MozillaZine mentions a new article on XUL by Nigel McFarlane. "I've written another article highlighting the features of Mozilla. To the best of my knowledge this is the first 'dirty XUL trick' that might appeal to web developers. It's nice to see that the Mozilla styling and layout systems are robust enough to support this kind of fiddling. It would be wonderful to see a full Web toolkit of XBL objects spring up to replace the junk we do in Dynamic HTML."
Mozilla and the potential for interaction (O'Reilly)Jono Bacon discusses web programming and XUL on O'Reilly. "I have been playing with XUL recently and I have been really motivated with the potential for building truly interactive system type web applications. You only need to take a look at the Amazon application that is bandied around by pro-XUL hackers to see an example of what is possible with it."
Word Processors AbiWord 2.0.6 Released (GnomeDesktop)Version 2.0.6 of AbiWord is out. "The AbiWord development team is happy to release version 2.0.6 of AbiWord. This release solves quite some problems reported against the previous versions of AbiWord, and fixes for example the longstanding Copy & Paste bug."
Miscellaneous GanttProject 1.9.11 (SourceForge)Version 1.9.11 of GanttProject has been announced. "GanttProject is a project management tool written in Java. Release 1.9.11 is a bugfix/usability release although there are some new features."
SC-Track Roundup 0.6.8 releasedVersion 0.6.8 of Roundup, a Python-based issue tracker is out. "I'm pleased to announce Roundup 0.6.8, a maintenance release which fixes some bugs".
Languages and Tools C Self-Diagnostic APIs: Software Quality's Next Frontier (Linux Journal)Steve Graves writes about Self-Diagnostic APIs under C and C++ in a Linux Journal article. "With embedded software adding intelligence to so many everyday objects, it seems remarkable that the tools used to create these programs aren't smarter when it comes to catching highly destructive bugs. In assigning blame for such errors, one culprit lies in the application programming interfaces (APIs) provided by software publishers."
Caml Caml Weekly NewsThe March 30 - April 6, 2004 edition of the Caml Weekly News is available with the latest Caml language articles.
New Caml SoftwareThe latest new Caml software includes OCaml-TDL, an OCaml library for dealing with TODO lists in XML format, and Contfrac, an OCaml module for working with continuous fractions.
Java MX4J 2.0.1 released (SourceForge)Version 2.0.1 of MX4J is available. "MX4J 2.x is an implementation of JMX 1.2.1 and JSR 160 (JMX Remote API) 1.0. MX4J is an Open Source implementation of the Java Management Extensions technology, for both JSR 3 (JMXTM) and JSR 160 (JMX Remote API). MX4J 2.0.1 is a bug fix release."
Java and Sound, Part 1 (O'ReillyNet)O'Reilly has published part one in a series on sound with Java by David Flanagan. "Where can you learn how to play simple audio clips with the java.applet.AudioClip class, as well as how to use the javax.sound.sampled and javax.sound.midi packages to do such things as load and play sound clips, and monitor and change the playback position within a clip? In these first excerpts in a two-part series of excerpts from Chapter 17 ("Sound") of Java Examples in a Nutshell, 3rd Edition."
Bug Prevention with Code Generation: A J2EE Case Study (O'ReillyNet)O'Reilly is running an article on J2EE bug detection by Francesco Aliverti-Piuri. "If you had to drill 12,000 holes, would you prefer a manual drill, or its automated equivalent? Francesco Aliverti-Piuri describes using code generation for discovering bugs in a J2EE example."
Taming Tiger: Formatted output (IBM developerWorks)John Zukowski discusses the use of Tiger for working with C printf statements in Java. "Tiger brings printf-style formatted output to the world of Java programming; and this month, columnist John Zukowski discusses all facets of the C-inspired support for printf and format strings."
JSP Developing Applications with KJSEmbed (KDE.News)KDE.News points to an article series on KJSEmbed development. "KJSEmbed is the KDE JavaScript engine with bindings for Qt/KDE. These bindings allow people to create scripts that can tightly integrate into KDE quickly with simple JavaScript. This article goes through the process of how to build a core script, add database connectivity and to add GUI control."
Perl Perl 5.8.4 RC1 is out (use Perl)Version 5.8.4 RC1 of Perl has been released. "This is a regular maintenance release for perl 5.8.x, providing bug fixes and integrating module updates from CPAN."
This Week on perl5-porters (use Perl)The March 29 - April 5, 2004 edition of This Week on perl5-porters is online. "Elizabeth Mattijsen writes "With a little delay comes this week the weekly Perl 5 Porters Summary from the centre of reality that is Echt, the Netherlands. About 250 messages were posted in the last week. A lot was said about documentation. And a Release Candidate was released! Well, technically not inside the week, but inside of the bounds of this summary, anyway.""
This week on Perl 6The March 28, 2004 edition of This week on Perl 6 is online. "... and we're back! Another interesting week in Perl 6. Your Summarizer even wrote some [parrot] code and it's been simply ages since he did that. In accordance with ancient custom, we'll start the summary with perl6-internals."
PHP PHP 4.3.6RC2 releasedRelease Candidate 2 of PHP version 4.3.6 is available. "This release addresses 2 major bugs introduced in the 4.3.5 release. One of these bugs caused problems when loading dynamic extensions on Windows and thread-safe (ZTS) builds and the other involves incorrect handling of daylight savings time. A few other minor bugs were fixed as well."
PHP Weekly Summary for April 7, 2004The PHP Weekly Summary for April 7, 2004 is out. Topics include: PHP 4.3.6, PHP 5 RC2, mysqli not in sync, CLI and STDIN/OUT/ERR, and Bundling libxml.
PostScript GGV 2.6.0.1 is availableVersion 2.6.0.1 of the GGV PostScript previewer is available. "As some of you might have noticed, 2.6.0 sometimes used an indecent amount of time to start, due to do a number of dumb existance checks on recent files when starting up; if those files were not local, this lasted and lasted and lasted and then it lasted some more. therefore the checks were eliminated."
Python Dr. Dobb's Python-URL!The Dr. Dobb's Python-URL for April 5, 2004 is out; with this week's news and links.
Two Python new-style objects articlesShalabh Chaturvedi has published two articles on new-style objects for Python 2.2 and later.
'Dive into Python' versions 4.8 and 4.9Mark Pilgrim has published versions 4.8 and 4.9 of his online book Dive into Python. "Version 4.8 finished the chapter on dynamic functions and fixed some broken links. Version 4.9 splits the chapter introducing unit testing into two, finishes the chapter on regression testing, and fixes some typos in the chapter on dynamic functions." (Found on the Daily Python-URL.)
Smalltalk Two new versions of SqueakTwo new versions of the Unix Squeak smalltalk implementation are available. Versions 3.7b-5 and 3.6.3 are out, both feature numerous bug fixes.
Tcl/Tk Dr. Dobb's Tcl-URL!The April 5, 2004 edition of Dr. Dobb's Tcl-URL! is available with the week's Tcl/Tk article links.
XML Use XML namespaces with care (IBM developerWorks)Uche Ogbuji writes about XML namespace issues on IBM's developerWorks. "XML namespaces are an imperfect solution to a difficult problem. From basic information architecture to difficulties with APIs, namespaces can open up rather painful gotchas if used carelessly. In this article, Uche Ogbuji covers some of the more important design principles which, if followed, can minimize problems with namespaces."
Using libferris with XMLBen Martin explains XML and libferris, a user-mode virtual filesystem, on O'Reilly's XML.com. "This article presents the benefits of using libferris with your XML applications. libferris presents a uniform interface to hierarchical data. This data can be persisted using many providers including the filesystem, an RDBMS, or even XML."
Version Control darcs version 0.9.18Version 0.9.18 of the darcs revision control system is available. "'darcs' is an advanced revision control system along the lines of CVS or arch. It has two particularly distinctive features which differ from other revision control systems: each copy of the source is a fully functional branch, and underlying it is a consistent and powerful theory of patches (the latter being darcs' most important feature)."
Page editor: Forrest Cook Linux in the news Recommended Reading Commercial Linux (InfoWorld)InfoWorld gives some suggestions on how to turn Linux into a successful desktop product. "Don't pull anything out of the OS to reduce intimidation. Don't rip out any capabilities for fear that a timid user will stumble over them and think Linux is some kind of Frankenstein. Instead, vendors should make the system's most-used capabilities more accessible and guide customers through the process of deciding what they need to learn at each stage of development and deployment."
Sitting for the RHCE (NewsForge)Here's a NewsForge article recounting one person's experience taking the Red Hat Certified Engineer exam. "To my knowledge, there are only two IT industry certifications that require a candidate to set up and repair an actual running system. Red Hat's is one of them; the other is a Cisco exam. There are no multiple-choice questions to answer; you spend the entire session repairing a broken system and then building a new one from scratch. At the end of the day, the things you've been asked to do either work, or they do not -- and you pass or fail on that basis alone. It's not as easy as it sounds. The failure rate hovers around 40%."
Fork in Linux Road? (eWeek)eWeek revisits Linux fragmentation fears, and finds them unfounded. "When Unix forked, each variant had a different kernel. In other words, the core code of each Unix system was unique, which often resulted in incompatibilities and difficult cross-platform application integrations. In contrast, the Linux kernel is tightly controlled by Linus Torvalds and some core Linux code keepers. As long as these people are around, there is little chance that the Linux kernel will fork like the Unix kernel did. The only differences among Linux distributions in terms of kernel is which version of the kernel each is based on."
Trade Shows and Conferences PyCon 2004: Making Python Faster and Better (O'Reilly)Kendall Grant Clark reports on the recent PyCon event in Washington, DC. "One of the issues Guido talked about during his keynote is the development of Python 2.4, which will feature real, hard-won performance gains, many of which are due to the fine work of Raymond Hettinger. Armin Rigo -- of Psyco and PyPy fame -- is also working to reduce the costs function calls by reducing the size of stack frames. The expected relative performance of 2.4 versus 2.3 was the first occurrence of the performance motif at PyCon; we'll see it return in the discussion of IronPython, Starkiller, and PyPy."
The SCO Problem SCO Loses Motion to Dismiss Red Hat Complaint (Groklaw)Groklaw reports that, as expected, SCO's motion to dismiss the Red Hat suit has been denied. That suit will go forward, but slowly: "The judge has also stayed any further activity in the Red Hat case until after the IBM case in Utah is resolved, unless things get bogged down there."
Companies Asian Linux goes into beta (Star TechCentral)The Star covers the release of Asianux 1.0 Beta. "The Asianux Certification Programme aims to help software vendors and hardware vendors certify their products through an application programme, access to a variety of resources, including the latest Asianux version, technical information and support, as well as early access to Red Flag and Miracle Linux products."
Sun plans Solaris subscription pricing (News.com)Sun Microsystems is working to counter competitive pressures from Linux, according to this article. ""I think we need to come up with a subscription price for Solaris that allows it to become a lot more transparently competitive with Red Hat," Schwartz said. The subscription plan will make it clear that Solaris costs less than Linux and will dovetail with Sun's argument that its version of Unix performs better as well. And Red Hat can't throw in a free server as part of a software promotion the way Sun can."
Tadpole to offer Linux-based Opteron notebooksThe market for Linux on laptop systems is, perhaps, finally beginning to develop. Tadpole has announced a forthcoming notebook based on the AMD Opteron processor and Sun's "Java Desktop" system. Availability is later in this quarter.
Linux Adoption Linux on desktop gaining in OS race (Mercury News)Dan Gillmor is rethinking his position on desktop Linux in this Mercury News column. "It looks like I'm going to have to reconsider something I'd been taking for granted -- that Linux on the desktop, and especially the laptop, was a non-starter in the operating systems race. While I wasn't paying sufficient attention, the proverbial tortoise has been playing some serious catch-up."
Desktop Guerrilla Tactics: a Portable Thin Client Approach (Linux Journal)Linux Journal looks at the process of rolling out a desktop Linux pilot project. "So, here was the challenge: how could we bring Linux quickly onto the desktop to penetrate the users' defenses? Just as importantly, how could we take Linux out of the environment in case the opposition proved overwhelming? We would have to take a guerrilla approach to conquering the desktop."
Legal House panel approves copyright bill (News.com)News.com covers more legislative fun, this time on the House side of the capitol. "One section that first surfaced last year punishes an Internet user who makes available $1,000 in copyrighted materials with prison terms of up to three years and fines of up to $250,000. If the PDEA became law, prosecutors would not have to prove that $1,000 in copyrighted materials were downloaded--they would need only to show that those files had been publicly accessible in a shared folder."For an interesting contrast, see this Globe and Mail article on a ruling by the Federal Court of Canada that ISPs cannot be forced to reveal the names of file swappers. "As part of his ruling, the judge found that simply downloading a song or having a file available on peer-to-peer software such as Kazaa doesn't constitute copyright infringement."
Triple setback for music giants' global jihad (Register)The Register reports on the general failure of the recording industry's efforts to shut down peer-to-peer music sharing. "The music industry's war on file swapping has suffered major three setbacks in recent weeks, and today's rebuff by a Canadian federal court is only the latest tactical defeat. We're now seeing indications that not only are the legal threats not working, but neither are the carrots of "legitimate" music download services, which even after a year of hype, comprise less than half of one per cent of the "illegal" P2P downloads every day."
Interviews The People Behind KDE: Wilbert Berendsen (KDE.News)KDE.News introduces this interview with Wilbert Berendsen. "I'm the webmaster of www.kde.nl and translated substantial parts of KDE 3.2 to Dutch. I also am a KDE user and occasionally report bugs :-)"
Interview with the author of KSirtet, Nicolas HadacekKDE.nl has an English translation of an interview with Nicolas Hadacek, author of KSirtet, a game that resembles Tetris.
OSDL CEO: Linux is coming and Portland is its capital (NewsForge)NewsForge talks with Stuart Cohen, chief executive officer of the Open Source Development Labs. "Fans of the penguin love to talk about their assault on Windows, but the worldwide growth of Linux and open source is coming at the expense of Unix, according to Cohen."
The XML.com Interview: Jeff Barr (O'Reilly)O'Reilly has an interview with Amazon.com's Jeff Barr. "As part of XML.com's ongoing series of interviews with personalities from the XML world, I talked to Jeff about XML, web services and Amazon."
Resources OpenOffice.org Off-the-Wall: Style Is Everything, Right? (Linux Journal)The Linux Journal has posted a guide to working with OpenOffice styles. "Most word processors offer character and paragraph styles, but OpenOffice.org also includes frame, page and numbering styles. Even more importantly, OpenOffice.org extends the concept of styles to other applications. Impress, for example, has a system of styles, whereas PowerPoint, its MS Office equivalent, has none. The same is true of OOo's Calc and MS Excel. Once you understand why you should use styles and when, you'll find OpenOffice.org's tools for managing and applying styles second to none."
Open Source Software: What Is It and How Does It Work? - By Dr. Ben Kremer (Groklaw)Groklaw republishes an essay by Dr. Ben Kremer on open source and the GPL. "The hardest conceptual problem about open source software is how to ensure people play by the rules. There are many models, but the most common is to require any person who redistributes an open source program (whether in its original form, or with any changes they have made) to also redistribute the accompanying source code."
Reviews Linux on the GameCube (O'ReillyNet)O'ReillyNet looks into a Linux port to the GameCube and talks with the developers. "The GameCube port of Linux works by transferring the code to the console's hardware via an exploit in the game Phantasy Star Online. Another method involves a hardware hack to the console, replacing the GC's serial BIOS chip with an Complex Programmable Logic Device (CPLD), to allow users to start a binary through the network adapter."
Linux on IPod: 2.4.24 Kernel Available (LinuxWorld)LinuxWorld Magazine notes the release of the Linux on iPod 2.4.24 kernel. "The project's overall goals are "to make a fully functional Linux from the iPod that will be able to play a greater variety of formats, have better features and even be compatible with external hardware like flash card readers so you can copy your camera photos directly to your Linux iPod.""
EmPOWERing the Linux developerIBM developerWorks covers various enterprise Linux distributions that run on POWER architecture. "With offerings from affordable two-way servers to vertically scaled super computers to the cutting-edge JS20 BladeCenter, POWER-based machines run the gamut of size and scale, always exceeding the expectations placed on enterprise-class hardware. The opportunity to run Linux or AIX, along with innovative configurations such as Dynamic Logical Partitioning, provides a unique platform for development and deployment of applications that feed on the POWER architecture's performance. This article will arm you with the tools and knowledge you need to make the most of your code and the POWER platform."
A taste of Wine (developerWorks)developerWorks looks at Wine and how to use it to run Windows applications. "Since Wine supports the running of Windows executables, it would be natural to assume that you can install a program from scratch using the program installer. Unfortunately, that is rarely the case."
Page editor: Forrest Cook Announcements Non-Commercial announcements Finnish Software Entrepreneurs Vote NO to Software PatentsThe Finnish Software Entrepreneurs Society voiced their opinion on European software patents. "The Software Entrepreneurs Society, an association of the owners of Finnish software houses, rejected the idea of software patents in a discussion forum in Helsinki last Monday. Over 60% of the software entrepreneurs attending the forum voted "no" to software patents in Europe."
Perl Monger Leadership Changes (use Perl)Use Perl reports on several Perl Monger group leader changes.
Serhiy Brytskyy Taking Over From Henrik Lynggaard as MozillaTranslator Project Lead (MozillaZine)The head of the MozillaTranslator is passing the torch to another developer. "Henrik Lynggaard writes: "MozillaTranslator (the Java program to help translate Mozilla) is now changing hands. After having been semi-dormant for the last year since I have not had the time to actively maintain it, I have now decided to step down as project lead. The project is now in the hands of Serhiy Brytskyy, who is actively maintaining it.""
Commercial announcements CadSoft Eagle version 4.11r2CadSoft has released version 4.11r2 of Eagle, a CAD system for designing printed circuit boards. A free version of the software is available for non-commercial use.
gumstix Introduces Tiny Linux Boards and ComputersTiny commercially available Linux boards and computers were officially introduced by gumstix, inc., a start-up that produces and sells high performance Single Board Computers (SBCs) and peripherals. Based on Intel's PXA255 processor with Xscale technology, gumstix tiny boards measure 20mm x 80mm x 8mm.
KDE Executor 2.0 beta releasedBeta version 2.0 of the KDE Executor, record and playback tool for Qt and KDE applications, has been released. "Today, Klarälvdalens Datakonsult AB released the first beta version of KD Executor 2.0; our tool for testing and automation. We are proud to make available a free version of this to the KDE community. (Free as in beer, not as in speech)."
LynuxWorks Introduces Industry's First Embedded Linux 2.6 OfferingLynuxWorks has claimed that they are the first company to bring the Linux 2.6 kernel to an embedded platform.
Sharp's New Zaurus HandheldHere's a press release for the Sharp Zaurus SL-6000, a Linux-based handheld with a VGA screen. "For fast wireless access to corporate data, the Zaurus SL-6000 has built-in 802.11b network capability. It includes extensive protected flash memory, a built-in, sliding QWERTY keyboard and is readily expandable with both Compact Flash(TM) and SD expansion slots."
The Yankee Group on Linux deployment costsLaura DiDio strikes again in this Yankee Group press release on a recent survey on deployment costs. "In large enterprises, a significant Linux deployment or total switch from Windows to Linux, would be three to four times more expensive and take three times as long to deploy as an upgrade from one version of Windows to newer Windows releases." The PR actually isn't saying anything all that earthshaking: a complete switch to a new system is, at the outset, more expensive than staying with what you have. Strangely, that's not how the rest of the press is reporting it, though.
Press releases from ClusterWorld Expo 2004Here are a few of the press releases that are coming from ClusterWorld:
Linux Networx sells a cluster in JapanLinux Networx (a Canopy company, incidentally) has sent out a press release proclaiming its sale of a 556-processor cluster to the Japanese National Institute of Advanced Industrial Science and Technology. It will join the "supercluster" already there and help out by processing some of the "smaller jobs."
Resources April 2004 Web Server SurveyThe Netcraft Web Server Survey, with information up to April 1, 2004 is online.
GNOME 2.6 Desktop documentationA new set of GNOME desktop documents are available. "The GNOME 2.6 Desktop User Guide, System Administration Guide, and Accessibility Guide are available now in various formats from http://www.gnome.org/learn."
Announcing publication of Austin Group TC2A new Technical Corrigendum has been published. "IEEE and The Open Group publish Second Technical Corrigendum to POSIX 1003.1-2001 and the Single UNIX Specification Version 3. We are pleased to announce the publication of Technical Corrigendum No. 2."
Contests and Awards The Second PHP Programming MarathonThe Second PHP Programming Marathon, an online competition, will take place on April 24, 2004.
Event Reports CeBIT: KDE Impresses At World's Largest Computer Expo (KDE.News)KDE.News covers the activity at the KDE booth during CeBIT in Hannover, Germany this March. "Some developers used the opportunity to fix bugs as they were reported or at least assisted and motivated people to file bugs reports or to search for already existing ones and comment and vote for them."
Upcoming Events Next Week's MySQL Users Conference & Expo to be Hub of MySQL and Open Source NewsMySQL AB has provided a preview of the news announcements and top attractions expected at next week's MySQL Users Conference & Expo.
Montreal Perl Mongers Meeting (use Perl)The Montreal Perl Mongers will be meeting on April 8, 2004.
XML Europe 2004The XML Europe 2004 conference will be held in Amsterdam, the Netherlands on April 18-21, 2004.
Desktop Presentation at Linux User & Developer Expo 2004 (KDE.News)Jono Bacon will speak at the Linux User & Developer Expo. "Just a quick note to let you know that I will be doing a presentation about the potential for Linux as a desktop platform at this year's Linux User & Developer Expo in London on April 20th from 15:25 - 15:55. The talk is entitled "Linux as a viable desktop platform" and I will be covering a number of subjects to do with desktop Linux, of which KDE plays a big part. I will also be discussing GNOME, FreeDesktop.org, Project Utopia and other technologies in the presentation."
Linux Installfest workshop in Davis - Sunday, April 18thThe Linux Users' Group of Davis will be holding another Linux Installfest workshop in Davis, CA on April 18, 2004.
14-15 April 2004: Brussels is the Hub to go (KDE.News)KDE.News reports on an upcoming Linux install-fest in Brussels. "Most European legal frame related to new technologies is cooked up at Brussels. Its future members will decide on the patentability of software, on data privacy issues, TPRM, and so on. On 14th and 15th April a conference and Linux User Group event chaired by Daniel Cohn-Bendit (member of European parlament) takes place. Join an install party within European Parliament (and bring your favorite MEP with you). Attend a panel with eg. Alan Cox, Georg Greve, Jon Lech Johansen (of decss fame)."
International XUL Meetup Days Announced (MozillaZine)A series of International XUL Meetup Day events have been announced. "Now you can join and link up with fellow XUL coders and designers at local cafes (and other places) in 612 cities across 51 countries. Every 1st Tuesday of every month is now officially International XUL Meetup Day! Meetup with other local XML User Interface Language (XUL) coders and designers to discuss the future of the rich internet for everyone."
KDE Community World Summit 2004 'aKademy' (KDE.News)The KDE Community World Summit 2004 (aKademy) conference has been announced. "The first edition of this new international event will be held in Ludwigsburg, Germany, near Stuttgart. Taking place from August 21st to 29th 2004, the Summit will include an exciting program of talks, presentations, tutorials and joint development, bug-fixing, design and polishing work on the leading Linux and Unix desktop environment."
Events: April 8 - June 3, 2004
Software announcements This week's software announcementsHere are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
Miscellaneous April is Mozilla International Month (MozillaZine)April has been designated Mozilla International Month. "The primary aims are to promote and educate about the localisation (l10n) and internationalisation (i18n) capabilities of Mozilla software, and to show how truly global the software can be and the community is."
Page editor: Forrest Cook Letters to the editor An LWN subscription vulnerability
Hello All,
Page editor: Jonathan Corbet
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![[Bacula]](/images/ns/bacula.jpg)
The project's motto is somewhat amusing:
It comes by night and sucks the vital essence from your computers.
[Insert evil laugh here.]